reduce boilerplate implementing comparisons for user-defined types #6
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cosmicexplorer
force-pushed
the
expand-constant-time-cmp
branch
2 times, most recently
from
3bb8d59 to
eb31e20
Compare
cosmicexplorer
changed the title
ConstantTime{Less,Greater} for slicesIteratedOperation to apply comparisons lexicographically
cosmicexplorer
commented
Jul 1, 2022
| /// impl ConstantTimeGreater for S { | ||
| /// fn ct_gt(&self, other: &Self) -> Choice { | ||
| /// let mut x = IteratedGreater::initiate(); | ||
| /// x.apply_gt(&(self.len as u64), &(other.len as u64)); |
There was a problem hiding this comment.
When #7 is merged, this can just be:
Suggested change
| /// x.apply_gt(&(self.len as u64), &(other.len as u64)); | |
| /// x.apply_gt(&self.len, &other.len); |
cosmicexplorer
changed the title
IteratedOperation to apply comparisons lexicographically
cosmicexplorer
changed the title
cosmicexplorer
changed the title
cosmicexplorer
changed the title
cosmicexplorer
changed the title
cosmicexplorer
force-pushed
the
expand-constant-time-cmp
branch
3 times, most recently
from
138437d to
c0a3e55
Compare
cosmicexplorer
force-pushed
the
expand-constant-time-cmp
branch
from
c0a3e55 to
8533dce
Compare
|
This repo is unmaintained, use the original instead: https://github.com/dalek-cryptography/subtle. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
In signalapp/libsignal#469, we discussed having to hand-roll a constant-time comparison function for a public key with a slice of bytes and an enum tag. After seeing dalek-cryptography#78 where we implement
ConstantTimeEqfor slices, I realized we could extend this method of iterated constant-time computation to make it more fluent to implement comparison operations for structs with multiple fields.Proposed Solution
IteratedOperationandIteratedEqto modularize the approach used in the existingConstantTimeEqimpl for slices.ConstantTimeGreaterover a collection of elements asIteratedGreater.ConstantTimeGreaterfor slices usingIteratedGreater.Convertibletrait which implementsConstantTime{Eq,Greater,Less}for structs which can be cheaply converted into a constant-time comparable type.Result
ConstantTimeOrdwill be implemented automatically for slices if/when define and implementConstantTime{Partial,}Ordtraits #5 is merged.