From 04b8330d0a719b7f312207e7098c44f55a25fe39 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 18 Nov 2013 15:16:29 -0800 Subject: Use an instruction that is more likely to be constant time on a modern x86 CPU --- cryptography/hazmat/primitives/padding.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cryptography/hazmat/primitives/padding.py b/cryptography/hazmat/primitives/padding.py index f1c64f4d..bc7a768d 100644 --- a/cryptography/hazmat/primitives/padding.py +++ b/cryptography/hazmat/primitives/padding.py @@ -28,7 +28,7 @@ _lib = _ffi.verify(""" /* Returns the value of the input with the most-significant-bit copied to all of the bits. */ static uint8_t Cryptography_DUPLICATE_MSB_TO_ALL(uint8_t a) { - return -(a >> (sizeof(uint8_t) * 8 - 1)); + return (1 - (a >> (sizeof(uint8_t) * 8 - 1))) - 1; } /* This returns 0xFF if a < b else 0x00, but does so in a constant time -- cgit v1.2.3