Choice in subtle

Choice in subtle - Rust

pub struct Choice(/* private fields */);

Expand description

The Choice struct represents a choice for use in conditional assignment.

It is a wrapper around a u8, which should have the value either 1 (true) or 0 (false).

The conversion from u8 to Choice passes the value through an optimization barrier, as a best-effort attempt to prevent the compiler from inferring that the Choice value is a boolean. This strategy is based on Tim Maclean’s work on rust-timing-shield, which attempts to provide a more comprehensive approach for preventing software side-channels in Rust code.

The Choice struct implements operators for AND, OR, XOR, and NOT, to allow combining Choice values. These operations do not short-circuit.

Source §

Source

Unwrap the Choice wrapper to reveal the underlying u8.

§Note

This function only exists as an escape hatch for the rare case where it’s not possible to use one of the subtle-provided trait impls.

To convert a Choice to a bool, use the From implementation instead.

Source §

The resulting type after applying the & operator.

Source §

The resulting type after applying the | operator.

Source §

The resulting type after applying the ^ operator.

Source §

Select a or b according to choice. Read more

Source §

Conditionally assign other to self, according to choice. Read more

Source §

Conditionally swap self and other if choice == 1; otherwise, reassign both unto themselves. Read more

Source §

Convert the Choice wrapper into a bool, depending on whether the underlying u8 was a 0 or a 1.

§Note

This function exists to avoid having higher-level cryptographic protocol implementations duplicating this pattern.

The intended use case for this conversion is at the end of a higher-level primitive implementation: for example, in checking a keyed MAC, where the verification should happen in constant-time (and thus use a Choice) but it is safe to return a bool at the end of the verification.

Source §

Converts to this type from the input type.

Source §