implement ConstantTimeLess for slices

Author: cosmicexplorer

src/lib.rs

@@ -341,8 +341,8 @@ impl<T: ConstantTimeEq> ConstantTimeEq for [T] {
     /// Since arrays coerce to slices, this function works with fixed-size arrays:
     ///
     /// ```
-    /// # use subtle::ConstantTimeEq;
-    /// #
+    /// use subtle::ConstantTimeEq;
+    ///
     /// let a: [u8; 8] = [0,1,2,3,4,5,6,7];
     /// let b: [u8; 8] = [0,1,2,3,0,1,2,3];
     ///
@@ -359,7 +359,7 @@ impl<T: ConstantTimeEq> ConstantTimeEq for [T] {
         // Short-circuit on the *lengths* of the slices, not their
         // contents.
         if len != _rhs.len() {
-            return Choice::from(0);
+            return Choice::of_bool(false);
         }
 
         let mut x = IteratedEq::initiate();
@@ -938,7 +938,7 @@ generate_unsigned_integer_greater!(u64, 64);
 #[cfg(feature = "i128")]
 generate_unsigned_integer_greater!(u128, 128);
 
-impl<T: ConstantTimeGreater + ConstantTimeEq> ConstantTimeGreater for [T] {
+impl<T: ConstantTimeGreater> ConstantTimeGreater for [T] {
     /// Compare whether one slice of `ConstantTimeGreater` types is greater than another.
     ///
     /// # Note
@@ -953,8 +953,8 @@ impl<T: ConstantTimeGreater + ConstantTimeEq> ConstantTimeGreater for [T] {
     /// Since arrays coerce to slices, this function also works with fixed-size arrays:
     ///
     /// ```
-    /// # use subtle::ConstantTimeGreater;
-    /// #
+    /// use subtle::ConstantTimeGreater;
+    ///
     /// let a: [u8; 8] = [0,1,2,3,4,5,6,7];
     /// let b: [u8; 8] = [0,1,2,3,0,1,2,3];
     ///
@@ -973,10 +973,10 @@ impl<T: ConstantTimeGreater + ConstantTimeEq> ConstantTimeGreater for [T] {
         match len.cmp(&_rhs.len()) {
             Ordering::Equal => (),
             Ordering::Less => {
-                return Choice::from(0);
+                return Choice::of_bool(false);
             }
             Ordering::Greater => {
-                return Choice::from(1);
+                return Choice::of_bool(true);
             }
         }
 
@@ -1099,3 +1099,54 @@ impl LexicographicIteratedLess {
         *was_gt |= b.ct_lt(&a);
     }
 }
+
+impl<T: ConstantTimeLess> ConstantTimeLess for [T] {
+    /// Compare whether one slice of `ConstantTimeLess` types is greater than another.
+    ///
+    /// # Note
+    ///
+    /// This function short-circuits if the lengths of the input slices are different.  Otherwise,
+    /// it should execute in time independent of the slice contents.  When the slice lengths differ,
+    /// this implementation applies the [shortlex] ordering scheme, which sorts shorter slices
+    /// before longer slices without checking the contents.
+    ///
+    /// [shortlex]: https://en.wikipedia.org/wiki/Shortlex_order
+    ///
+    /// Since arrays coerce to slices, this function also works with fixed-size arrays:
+    ///
+    /// ```
+    /// use subtle::ConstantTimeLess;
+    ///
+    /// let a: [u8; 8] = [0,1,2,3,0,1,2,3];
+    /// let b: [u8; 8] = [0,1,2,3,4,5,6,7];
+    ///
+    /// let a_lt_a = a.ct_lt(&a);
+    /// let a_lt_b = a.ct_lt(&b);
+    ///
+    /// assert_eq!(a_lt_a.unwrap_u8(), 0);
+    /// assert_eq!(a_lt_b.unwrap_u8(), 1);
+    /// ```
+    #[inline]
+    fn ct_lt(&self, _rhs: &[T]) -> Choice {
+        let len = self.len();
+
+        // Short-circuit on the *lengths* of the slices, not their contents. Here we apply shortlex
+        // ordering, sorting shorter slices before longer ones.
+        match len.cmp(&_rhs.len()) {
+            Ordering::Equal => (),
+            Ordering::Less => {
+                return Choice::of_bool(true);
+            }
+            Ordering::Greater => {
+                return Choice::of_bool(false);
+            }
+        }
+
+        let mut x = LexicographicIteratedLess::initiate();
+        for (ai, bi) in self.iter().zip(_rhs.iter()) {
+            x.apply_lt(ai, bi);
+        }
+
+        x.extract_result()
+    }
+}