core/crypto/_subtle: Refactor out common helpers

author: Yawning Angel <yawning@schwanenlied.me> 2026-01-02 23:59:38 +0900
committer: Yawning Angel <yawning@schwanenlied.me> 2026-01-28 22:20:03 +0900
commit: 6bbd060352dc0aba41594362c9b82bda636fedde (patch)
tree: df58032e0363da7eec872ab9ed4e7070d642887a /core/crypto/crypto.odin
parent: 429e8a46dba047833087f22bddd8d03519929258 (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/core/crypto/crypto.odin b/core/crypto/crypto.odin
index 7ccf126e6..435c5daaf 100644
--- a/core/crypto/crypto.odin
+++ b/core/crypto/crypto.odin
@@ -2,6 +2,7 @@
 package crypto
 
 import "base:runtime"
+import subtle "core:crypto/_subtle"
 import "core:mem"
 
 // HAS_RAND_BYTES is true iff the runtime provides a cryptographic
@@ -44,7 +45,17 @@ compare_byte_ptrs_constant_time :: proc "contextless" (a, b: ^byte, n: int) -> i
 
 	// After the loop, v == 0 iff a == b.  The subtraction will underflow
 	// iff v == 0, setting the sign-bit, which gets returned.
-	return int((u32(v)-1) >> 31)
+	return subtle.eq(0, v)
+}
+
+// is_zero_constant_time returns 1 iff b is all 0s, 0 otherwise.
+is_zero_constant_time :: proc "contextless" (b: []byte) -> int {
+	v: byte
+	for b_ in b {
+		v |= b_
+	}
+
+	return subtle.byte_eq(0, v)
 }
 
 // rand_bytes fills the dst buffer with cryptographic entropy taken from
author	Yawning Angel <yawning@schwanenlied.me>	2026-01-02 23:59:38 +0900
committer	Yawning Angel <yawning@schwanenlied.me>	2026-01-28 22:20:03 +0900
commit	6bbd060352dc0aba41594362c9b82bda636fedde (patch)
tree	df58032e0363da7eec872ab9ed4e7070d642887a /core/crypto/crypto.odin
parent	429e8a46dba047833087f22bddd8d03519929258 (diff)