On Wed, Dec 09, 2015 at 11:04:35PM +0000, Matt Caswell wrote:
> unsigned char c = op(a, b);
> if (is_true && c != CONSTTIME_TRUE_8) {
> printf( "Test failed for %s(%du, %du): expected %u "
> "(TRUE), got %u at line %d\n", op_name, a, b,
> CONSTTIME_TRUE_8, c,__LINE__);
It is best to not leave "c" to the vagaries of stdarg argument
handling. Rather, it would better to explicitly convert it to an
unsigned long, and print that.
> Test failed for constant_time_eq_8(0u, 0u): expected 255 (TRUE), got
> 4294967295 at line 85
> That big number in the output is actually 0x7FFFFFFF in hex.
Actually it is 0xffffffff, that is a 32-bit "-1".
> Please someone correct me if I'm wrong but doesn't the C spec guarantee
> that a "char" is 8 bits? In which case how can the value of "c" be
> greater than 255?????
Well, it isn't greater, but the integral promotion for printf seems
to forget that c is unsigned.
> BTW can we modify the code above to print the value of sizeof(c)?
That is 1 by definition. What we don't know on sufficiently odd
systems is whether a char is 8 bits or not. The unit for sizeof
is chars not bytes. So there's no point printing that. You might
be interested in the CHAR_BIT macro from <limits.h> instead, but
I don't think that's relevant at this time.
--
Viktor.
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
