Struct timing_shield::TpI32
[−]
[src]
pub struct TpI32(_);
A number type that prevents its value from being leaked to attackers through timing information.
Use this type's protect
method as early as possible to prevent the value from being
used in variable-time computations.
Unlike Rust's built-in number types, rust-timing-shield
number types have no overflow
checking, even in debug mode. In other words, they behave like Rust's
Wrapping types.
Additionally, all shift distances are reduced mod the bit width of the type
(e.g. some_i64 << 104
is equivalent to some_i64 << 40
).
// Protect the value as early as possible to limit the risk let protected_value = TpU8::protect(some_u8); let other_protected_value = TpU8::protect(some_other_u8); // Do some computation with the protected values let x = (other_protected_value + protected_value) & 0x40; // If needed, remove protection using `expose` println!("{}", x.expose());
Methods
impl TpI32
[src]
fn protect(input: i32) -> Self
Hide input
behind a protective abstraction to prevent the value from being used
in such a way that the value could leak out via a timing side channel.
let protected = TpU32::protect(secret_u32); // Use `protected` instead of `secret_u32` to avoid timing leaks
fn as_u8(self) -> TpU8
Casts from one number type to another, following the same conventions as Rust's as
keyword.
fn as_u16(self) -> TpU16
Casts from one number type to another, following the same conventions as Rust's as
keyword.
fn as_u32(self) -> TpU32
Casts from one number type to another, following the same conventions as Rust's as
keyword.
fn as_u64(self) -> TpU64
Casts from one number type to another, following the same conventions as Rust's as
keyword.
fn as_i8(self) -> TpI8
Casts from one number type to another, following the same conventions as Rust's as
keyword.
fn as_i16(self) -> TpI16
Casts from one number type to another, following the same conventions as Rust's as
keyword.
fn as_i64(self) -> TpI64
Casts from one number type to another, following the same conventions as Rust's as
keyword.
fn rotate_left(self, n: u32) -> Self
Shifts left by n
bits, wrapping truncated bits around to the right side of the
resulting value.
If n
is larger than the bitwidth of this number type,
n
is reduced mod that bitwidth.
For example, rotating an i16
with n = 35
is equivalent to rotating with n = 3
, since 35 = 3 mod 16
.
fn rotate_right(self, n: u32) -> Self
Shifts right by n
bits, wrapping truncated bits around to the left side of the
resulting value.
If n
is larger than the bitwidth of this number type,
n
is reduced mod that bitwidth.
For example, rotating an i16
with n = 35
is equivalent to rotating with n = 3
, since 35 = 3 mod 16
.
fn expose(self) -> i32
Remove the timing protection and expose the raw number value. Once a value is exposed, it is the library user's responsibility to prevent timing leaks (if necessary).
Commonly, this method is used when a value is safe to make public (e.g. when an
encryption algorithm outputs a ciphertext). Alternatively, this method may need to
be used when providing a secret value to an interface that does not use
timing-shield
's types (e.g. writing a secret key to a file using a file system
API).
Trait Implementations
impl Clone for TpI32
[src]
fn clone(&self) -> TpI32
Returns a copy of the value. Read more
fn clone_from(&mut self, source: &Self)
1.0.0
Performs copy-assignment from source
. Read more
impl Copy for TpI32
[src]
impl Not for TpI32
[src]
type Output = TpI32
The resulting type after applying the !
operator
fn not(self) -> TpI32
The method for the unary !
operator
impl Add<TpI32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the +
operator
fn add(self, other: TpI32) -> TpI32
The method for the +
operator
impl Add<i32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the +
operator
fn add(self, other: i32) -> TpI32
The method for the +
operator
impl Sub<TpI32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the -
operator
fn sub(self, other: TpI32) -> TpI32
The method for the -
operator
impl Sub<i32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the -
operator
fn sub(self, other: i32) -> TpI32
The method for the -
operator
impl Mul<TpI32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the *
operator
fn mul(self, other: TpI32) -> TpI32
The method for the *
operator
impl Mul<i32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the *
operator
fn mul(self, other: i32) -> TpI32
The method for the *
operator
impl BitAnd<TpI32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the &
operator
fn bitand(self, other: TpI32) -> TpI32
The method for the &
operator
impl BitAnd<i32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the &
operator
fn bitand(self, other: i32) -> TpI32
The method for the &
operator
impl BitOr<TpI32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the |
operator
fn bitor(self, other: TpI32) -> TpI32
The method for the |
operator
impl BitOr<i32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the |
operator
fn bitor(self, other: i32) -> TpI32
The method for the |
operator
impl BitXor<TpI32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the ^
operator
fn bitxor(self, other: TpI32) -> TpI32
The method for the ^
operator
impl BitXor<i32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the ^
operator
fn bitxor(self, other: i32) -> TpI32
The method for the ^
operator
impl Shl<u32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the <<
operator
fn shl(self, other: u32) -> TpI32
The method for the <<
operator
impl Shr<u32> for TpI32
[src]
type Output = TpI32
The resulting type after applying the >>
operator
fn shr(self, other: u32) -> TpI32
The method for the >>
operator
impl AddAssign<TpI32> for TpI32
[src]
fn add_assign(&mut self, rhs: TpI32)
The method for the +=
operator
impl AddAssign<i32> for TpI32
[src]
fn add_assign(&mut self, rhs: i32)
The method for the +=
operator
impl SubAssign<TpI32> for TpI32
[src]
fn sub_assign(&mut self, rhs: TpI32)
The method for the -=
operator
impl SubAssign<i32> for TpI32
[src]
fn sub_assign(&mut self, rhs: i32)
The method for the -=
operator
impl MulAssign<TpI32> for TpI32
[src]
fn mul_assign(&mut self, rhs: TpI32)
The method for the *=
operator
impl MulAssign<i32> for TpI32
[src]
fn mul_assign(&mut self, rhs: i32)
The method for the *=
operator
impl BitAndAssign<TpI32> for TpI32
[src]
fn bitand_assign(&mut self, rhs: TpI32)
The method for the &=
operator
impl BitAndAssign<i32> for TpI32
[src]
fn bitand_assign(&mut self, rhs: i32)
The method for the &=
operator
impl BitOrAssign<TpI32> for TpI32
[src]
fn bitor_assign(&mut self, rhs: TpI32)
The method for the |=
operator
impl BitOrAssign<i32> for TpI32
[src]
fn bitor_assign(&mut self, rhs: i32)
The method for the |=
operator
impl BitXorAssign<TpI32> for TpI32
[src]
fn bitxor_assign(&mut self, rhs: TpI32)
The method for the ^=
operator
impl BitXorAssign<i32> for TpI32
[src]
fn bitxor_assign(&mut self, rhs: i32)
The method for the ^=
operator
impl ShlAssign<u32> for TpI32
[src]
fn shl_assign(&mut self, rhs: u32)
The method for the <<=
operator
impl ShrAssign<u32> for TpI32
[src]
fn shr_assign(&mut self, rhs: u32)
The method for the >>=
operator
impl TpEq<TpI32> for TpI32
[src]
fn tp_eq(&self, other: &TpI32) -> TpBool
Compare self
with other
for equality without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
fn tp_not_eq(&self, other: &TpI32) -> TpBool
Compare self
with other
for inequality without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
impl TpEq<i32> for TpI32
[src]
fn tp_eq(&self, other: &i32) -> TpBool
Compare self
with other
for equality without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
fn tp_not_eq(&self, other: &i32) -> TpBool
Compare self
with other
for inequality without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
impl TpOrd<TpI32> for TpI32
[src]
fn tp_lt(&self, other: &TpI32) -> TpBool
Compute self < other
without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
fn tp_gt(&self, other: &TpI32) -> TpBool
Compute self > other
without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
fn tp_lt_eq(&self, other: &TpI32) -> TpBool
Compute self <= other
without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
fn tp_gt_eq(&self, other: &TpI32) -> TpBool
Compute self >= other
without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
impl TpOrd<i32> for TpI32
[src]
fn tp_lt(&self, other: &i32) -> TpBool
Compute self < other
without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
fn tp_gt(&self, other: &i32) -> TpBool
Compute self > other
without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
fn tp_lt_eq(&self, other: &i32) -> TpBool
Compute self <= other
without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
fn tp_gt_eq(&self, other: &i32) -> TpBool
Compute self >= other
without leaking the result. Important: if either input is not a timing-protected type, this operation might leak the value of that type. To prevent timing leaks, protect values before performing any operations on them. Read more
impl TpCondSwap for TpI32
[src]
fn tp_cond_swap(condition: TpBool, a: &mut TpI32, b: &mut TpI32)
Swap a
and b
if and only if condition
is true. Read more