subtle feature

tarcieri · tarcieri · commit 4d82669952bb · 2025-04-20T08:44:40.000-06:00
Adds an off-by-default optional crate feature to support `subtle` traits
including `ConstantTimeEq` and `ConditionallySelectable`
diff --git a/.github/workflows/hybrid-array.yml b/.github/workflows/hybrid-array.yml
@@ -40,6 +40,7 @@ jobs:
       - run: cargo build --no-default-features --target ${{ matrix.target }} --features bytemuck
       - run: cargo build --no-default-features --target ${{ matrix.target }} --features extra-sizes
       - run: cargo build --no-default-features --target ${{ matrix.target }} --features serde
+      - run: cargo build --no-default-features --target ${{ matrix.target }} --features subtle
       - run: cargo build --no-default-features --target ${{ matrix.target }} --features zeroize
       - run: cargo build --no-default-features --target ${{ matrix.target }} --all-features
 
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -22,6 +22,7 @@ typenum = { version = "1.17", features = ["const-generics"] }
 # optional dependencies
 bytemuck = { version = "1", optional = true, default-features = false }
 serde = { version = "1", optional = true, default-features = false }
+subtle = { version = "2", optional = true, default-features = false }
 zeroize = { version = "1.8", optional = true, default-features = false }
 
 [dev-dependencies]
diff --git a/src/lib.rs b/src/lib.rs
@@ -133,6 +133,9 @@ use typenum::{Diff, Sum};
 #[cfg(feature = "bytemuck")]
 use bytemuck::{Pod, Zeroable};
 
+#[cfg(feature = "subtle")]
+use subtle::{Choice, ConditionallySelectable, ConstantTimeEq};
+
 #[cfg(feature = "zeroize")]
 use zeroize::{Zeroize, ZeroizeOnDrop};
 
@@ -854,6 +857,41 @@ where
 {
 }
 
+#[cfg(feature = "subtle")]
+impl<T, U> ConditionallySelectable for Array<T, U>
+where
+    Self: Copy,
+    T: ConditionallySelectable,
+    U: ArraySize,
+{
+    #[inline]
+    fn conditional_select(a: &Self, b: &Self, choice: Choice) -> Self {
+        let mut output = *a;
+        output.conditional_assign(b, choice);
+        output
+    }
+
+    fn conditional_assign(&mut self, other: &Self, choice: Choice) {
+        for (a_i, b_i) in self.iter_mut().zip(other) {
+            a_i.conditional_assign(b_i, choice)
+        }
+    }
+}
+
+#[cfg(feature = "subtle")]
+impl<T, U> ConstantTimeEq for Array<T, U>
+where
+    T: ConstantTimeEq,
+    U: ArraySize,
+{
+    #[inline]
+    fn ct_eq(&self, other: &Self) -> Choice {
+        self.iter()
+            .zip(other.iter())
+            .fold(Choice::from(1), |acc, (a, b)| acc & a.ct_eq(b))
+    }
+}
+
 #[cfg(feature = "zeroize")]
 impl<T, U> Zeroize for Array<T, U>
 where
diff --git a/tests/subtle.rs b/tests/subtle.rs
@@ -0,0 +1,29 @@
+//! Tests for `subtle` crate integration.
+
+#![cfg(feature = "subtle")]
+
+use hybrid_array::{Array, typenum::U3};
+use subtle::{Choice, ConditionallySelectable, ConstantTimeEq};
+
+#[test]
+fn constant_time_eq() {
+    let a: Array<u8, U3> = Array([0, 0, 0]);
+    let b: Array<u8, U3> = Array([1, 2, 3]);
+
+    assert!(bool::from(a.ct_eq(&a)));
+    assert!(!bool::from(a.ct_ne(&a)));
+    assert!(!bool::from(a.ct_eq(&b)));
+    assert!(bool::from(a.ct_ne(&b)));
+}
+
+#[test]
+fn conditional_select() {
+    let a: Array<u8, U3> = Array([0, 0, 0]);
+    let b: Array<u8, U3> = Array([1, 2, 3]);
+
+    let c = Array::conditional_select(&a, &b, Choice::from(0));
+    assert_eq!(a, c);
+
+    let d = Array::conditional_select(&a, &b, Choice::from(1));
+    assert_eq!(b, d);
+}
