Why is volatile used in this libsodium function?

Asked Jan 25 '23 at 17:52

Active Jan 25 '23 at 17:52

Viewed 53 times

I'm trying to understand this function sodium_is_zero from the cryptography library libsodium (https://github.com/jedisct1/libsodium):

https://github.com/jedisct1/libsodium/blob/master/src/libsodium/sodium/utils.c#L256-L266

int
sodium_is_zero(const unsigned char *n, const size_t nlen)
{
    size_t                 i;
    volatile unsigned char d = 0U;

    for (i = 0U; i < nlen; i++) {
        d |= n[i];
    }
    return 1 & ((d - 1) >> 8);
}

Could anyone explain to me why d is volatile and what purpose volatile is serving here?

asked Jan 25 '23 at 17:52

Ryan Burn

2,126
1
14
35

2

To thwart [timing attacks](https://en.wikipedia.org/wiki/Timing_attack)??? – ikegami Jan 25 '23 at 17:55
@ikegami Quite possible. My quick perusal certainly seems to indicate the use of `volatile` in that library is quite purposeful. – Andrew Henle Jan 25 '23 at 17:58
https://github.com/jedisct1/libsodium/commit/1f826df2d49cda53f8fc3c3642bbfd9504e62614 is not helpful. Send an email to the author, if anything I would expect `n` to point to volatile. – KamilCuk Jan 25 '23 at 18:55

Why is volatile used in this libsodium function?

0 Answers0