Make mbedtls_cf_size_mask_lt function static The mbedtls_cf_size_mask_lt is solely used as an auxiliary function for mbedtls_cf_size_mask_ge. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

commit: 2c5ed2244b37776d72ab35f5bf1d7d02872ce6c6 [log] [tgz]
author: Gabor Mezei <gabor.mezei@arm.com> Mon Oct 18 16:05:50 2021 +0200
committer: Gabor Mezei <gabor.mezei@arm.com> Thu Nov 11 11:04:52 2021 +0100
tree: 439fafa1b6169cf24fa90d5c685ce769e30e15aa
parent: d5a392aa2ca8e5db0e50c731ea1747046a0652d1 [diff] [blame]
diff --git a/library/constant_time.c b/library/constant_time.c
index 98f69db..84d961c 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c

@@ -103,8 +103,20 @@
 
 #endif /* MBEDTLS_BIGNUM_C */
 
-size_t mbedtls_cf_size_mask_lt( size_t x,
-                                size_t y )
+/** Constant-flow mask generation for "less than" comparison:
+ * - if \p x < \p y, return all-bits 1, that is (size_t) -1
+ * - otherwise, return all bits 0, that is 0
+ *
+ * This function can be used to write constant-time code by replacing branches
+ * with bit operations using masks.
+ *
+ * \param x     The first value to analyze.
+ * \param y     The second value to analyze.
+ *
+ * \return      All-bits-one if \p x is less than \p y, otherwise zero.
+ */
+static size_t mbedtls_cf_size_mask_lt( size_t x,
+                                       size_t y )
 {
     /* This has the most significant bit set if and only if x < y */
     const size_t sub = x - y;
commit	2c5ed2244b37776d72ab35f5bf1d7d02872ce6c6	[log] [tgz]
author	Gabor Mezei <gabor.mezei@arm.com>	Mon Oct 18 16:05:50 2021 +0200
committer	Gabor Mezei <gabor.mezei@arm.com>	Thu Nov 11 11:04:52 2021 +0100
tree	439fafa1b6169cf24fa90d5c685ce769e30e15aa
parent	d5a392aa2ca8e5db0e50c731ea1747046a0652d1 [diff] [blame]