classify
Mark a value as sensitive or secret, helping to detect potential side-channel vulnerabilities.
When Valgrind is enabled, this function allows for the detection of conditional jumps or lookups that depend on secrets or secret-derived data. Violations are reported by Valgrind as operations relying on uninitialized values.
If Valgrind is disabled, it has no effect.
Use this function to verify that cryptographic operations perform constant-time arithmetic on sensitive data, ensuring the confidentiality of secrets and preventing information leakage through side channels.
Function parameters
Parameters
- ptr:anytype
Compares two arrays in constant time (for a given length) and returns whether they are equal.
Functions
- eql
- Compares two arrays in constant time (for a given length) and returns whether they are equal.
- compare
- Compare two integers serialized as arrays of the same size, in constant time.
- add
- Add two integers serialized as arrays of the same size, in constant time.
- sub
- Subtract two integers serialized as arrays of the same size, in constant time.
- classify
- Mark a value as sensitive or secret, helping to detect potential side-channel vulnerabilities.
- declassify
- Mark a value as non-sensitive or public, indicating it's safe from side-channel attacks.
Source
Implementation
pub fn classify(ptr: anytype) void {
markSecret(ptr, .classify);
}