Matthias J. Kannwischer
há 5 anos
23 ficheiros alterados com 164 adições e 164 eliminações
Visualização em 2 colunas
Opções das diferenças
-
+1 -1crypto_kem/newhope1024cca/META.yml
-
+0 -0crypto_kem/newhope1024cca/clean/LICENSE
-
+1 -1crypto_kem/newhope1024cca/clean/Makefile
-
+1 -1crypto_kem/newhope1024cca/clean/Makefile.Microsoft_nmake
-
+15 -0crypto_kem/newhope1024cca/clean/api.h
-
+34 -34crypto_kem/newhope1024cca/clean/cpapke.c
-
+3 -3crypto_kem/newhope1024cca/clean/cpapke.h
-
+9 -9crypto_kem/newhope1024cca/clean/kem.c
-
+6 -6crypto_kem/newhope1024cca/clean/ntt.c
-
+14 -0crypto_kem/newhope1024cca/clean/ntt.h
-
+2 -2crypto_kem/newhope1024cca/clean/params.h
-
+20 -20crypto_kem/newhope1024cca/clean/poly.c
-
+32 -0crypto_kem/newhope1024cca/clean/poly.h
-
+3 -3crypto_kem/newhope1024cca/clean/precomp.c
-
+1 -1crypto_kem/newhope1024cca/clean/reduce.c
-
+8 -0crypto_kem/newhope1024cca/clean/reduce.h
-
+2 -2crypto_kem/newhope1024cca/clean/verify.c
-
+12 -0crypto_kem/newhope1024cca/clean/verify.h
-
+0 -15crypto_kem/newhope1024ccakem/clean/api.h
-
+0 -14crypto_kem/newhope1024ccakem/clean/ntt.h
-
+0 -32crypto_kem/newhope1024ccakem/clean/poly.h
-
+0 -8crypto_kem/newhope1024ccakem/clean/reduce.h
-
+0 -12crypto_kem/newhope1024ccakem/clean/verify.h
crypto_kem/newhope1024ccakem/META.yml → crypto_kem/newhope1024cca/META.yml
Ver ficheiro
| @@ -1,4 +1,4 @@ | |||
| name: NewHope1024CCAKEM | |||
| name: NewHope1024CCA | |||
| type: kem | |||
| claimed-nist-level: 5 | |||
| length-public-key: 1824 | |||
crypto_kem/newhope1024ccakem/clean/LICENSE → crypto_kem/newhope1024cca/clean/LICENSE
Ver ficheiro
crypto_kem/newhope1024ccakem/clean/Makefile → crypto_kem/newhope1024cca/clean/Makefile
Ver ficheiro
| @@ -1,6 +1,6 @@ | |||
| # This Makefile can be used with GNU Make or BSD Make | |||
| LIB=libnewhope1024ccakem_clean.a | |||
| LIB=libnewhope1024cca_clean.a | |||
| HEADERS=api.h cpapke.h ntt.h params.h poly.h reduce.h verify.h | |||
| OBJECTS=cpapke.o kem.o ntt.o poly.o precomp.o reduce.o verify.o | |||
crypto_kem/newhope1024ccakem/clean/Makefile.Microsoft_nmake → crypto_kem/newhope1024cca/clean/Makefile.Microsoft_nmake
Ver ficheiro
| @@ -1,7 +1,7 @@ | |||
| # This Makefile can be used with Microsoft Visual Studio's nmake using the command: | |||
| # nmake /f Makefile.Microsoft_nmake | |||
| LIBRARY=libnewhope1024ccakem_clean.lib | |||
| LIBRARY=libnewhope1024cca_clean.lib | |||
| OBJECTS=cpapke.obj kem.obj ntt.obj poly.obj precomp.obj reduce.obj verify.obj | |||
| CFLAGS=/nologo /I ..\..\..\common /W4 /WX | |||
+ 15
- 0
crypto_kem/newhope1024cca/clean/api.h
Ver ficheiro
| @@ -0,0 +1,15 @@ | |||
| #ifndef PQCLEAN_NEWHOPE1024CCA_CLEAN_API_H | |||
| #define PQCLEAN_NEWHOPE1024CCA_CLEAN_API_H | |||
| #define PQCLEAN_NEWHOPE1024CCA_CLEAN_CRYPTO_SECRETKEYBYTES 3680 | |||
| #define PQCLEAN_NEWHOPE1024CCA_CLEAN_CRYPTO_PUBLICKEYBYTES 1824 | |||
| #define PQCLEAN_NEWHOPE1024CCA_CLEAN_CRYPTO_CIPHERTEXTBYTES 2208 | |||
| #define PQCLEAN_NEWHOPE1024CCA_CLEAN_CRYPTO_BYTES 32 | |||
| #define PQCLEAN_NEWHOPE1024CCA_CLEAN_CRYPTO_ALGNAME "NewHope1024-CCAKEM" | |||
| int PQCLEAN_NEWHOPE1024CCA_CLEAN_crypto_kem_keypair(unsigned char *pk, unsigned char *sk); | |||
| int PQCLEAN_NEWHOPE1024CCA_CLEAN_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk); | |||
| int PQCLEAN_NEWHOPE1024CCA_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *ct, const unsigned char *sk); | |||
| #endif | |||
crypto_kem/newhope1024ccakem/clean/cpapke.c → crypto_kem/newhope1024cca/clean/cpapke.c
Ver ficheiro
| @@ -18,7 +18,7 @@ | |||
| **************************************************/ | |||
| static void encode_pk(unsigned char *r, const poly *pk, const unsigned char *seed) { | |||
| int i; | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tobytes(r, pk); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_tobytes(r, pk); | |||
| for (i = 0; i < NEWHOPE_SYMBYTES; i++) { | |||
| r[NEWHOPE_POLYBYTES + i] = seed[i]; | |||
| } | |||
| @@ -35,7 +35,7 @@ static void encode_pk(unsigned char *r, const poly *pk, const unsigned char *see | |||
| **************************************************/ | |||
| static void decode_pk(poly *pk, unsigned char *seed, const unsigned char *r) { | |||
| int i; | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frombytes(pk, r); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_frombytes(pk, r); | |||
| for (i = 0; i < NEWHOPE_SYMBYTES; i++) { | |||
| seed[i] = r[NEWHOPE_POLYBYTES + i]; | |||
| } | |||
| @@ -53,8 +53,8 @@ static void decode_pk(poly *pk, unsigned char *seed, const unsigned char *r) { | |||
| * - const poly *v: pointer to the input polynomial v | |||
| **************************************************/ | |||
| static void encode_c(unsigned char *r, const poly *b, const poly *v) { | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tobytes(r, b); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_compress(r + NEWHOPE_POLYBYTES, v); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_tobytes(r, b); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_compress(r + NEWHOPE_POLYBYTES, v); | |||
| } | |||
| /************************************************* | |||
| @@ -67,8 +67,8 @@ static void encode_c(unsigned char *r, const poly *b, const poly *v) { | |||
| * - const unsigned char *r: pointer to input byte array | |||
| **************************************************/ | |||
| static void decode_c(poly *b, poly *v, const unsigned char *r) { | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frombytes(b, r); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_decompress(v, r + NEWHOPE_POLYBYTES); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_frombytes(b, r); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_decompress(v, r + NEWHOPE_POLYBYTES); | |||
| } | |||
| /************************************************* | |||
| @@ -80,7 +80,7 @@ static void decode_c(poly *b, poly *v, const unsigned char *r) { | |||
| * - const unsigned char *seed: pointer to input seed | |||
| **************************************************/ | |||
| static void gen_a(poly *a, const unsigned char *seed) { | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_uniform(a, seed); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_uniform(a, seed); | |||
| } | |||
| @@ -94,7 +94,7 @@ static void gen_a(poly *a, const unsigned char *seed) { | |||
| * Arguments: - unsigned char *pk: pointer to output public key | |||
| * - unsigned char *sk: pointer to output private key | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_keypair(unsigned char *pk, | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_keypair(unsigned char *pk, | |||
| unsigned char *sk) { | |||
| poly ahat, ehat, ahat_shat, bhat, shat; | |||
| unsigned char z[2 * NEWHOPE_SYMBYTES]; | |||
| @@ -106,16 +106,16 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_keypair(unsigned char *pk, | |||
| gen_a(&ahat, publicseed); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sample(&shat, noiseseed, 0); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_ntt(&shat); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sample(&shat, noiseseed, 0); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_ntt(&shat); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sample(&ehat, noiseseed, 1); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_ntt(&ehat); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sample(&ehat, noiseseed, 1); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_ntt(&ehat); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_mul_pointwise(&ahat_shat, &shat, &ahat); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_add(&bhat, &ehat, &ahat_shat); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_mul_pointwise(&ahat_shat, &shat, &ahat); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_add(&bhat, &ehat, &ahat_shat); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tobytes(sk, &shat); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_tobytes(sk, &shat); | |||
| encode_pk(pk, &bhat, publicseed); | |||
| } | |||
| @@ -132,33 +132,33 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_keypair(unsigned char *pk, | |||
| * - const unsigned char *coin: pointer to input random coins used as seed | |||
| * to deterministically generate all randomness | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_enc(unsigned char *c, | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_enc(unsigned char *c, | |||
| const unsigned char *m, | |||
| const unsigned char *pk, | |||
| const unsigned char *coin) { | |||
| poly sprime, eprime, vprime, ahat, bhat, eprimeprime, uhat, v; | |||
| unsigned char publicseed[NEWHOPE_SYMBYTES]; | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frommsg(&v, m); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_frommsg(&v, m); | |||
| decode_pk(&bhat, publicseed, pk); | |||
| gen_a(&ahat, publicseed); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sample(&sprime, coin, 0); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sample(&eprime, coin, 1); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sample(&eprimeprime, coin, 2); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sample(&sprime, coin, 0); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sample(&eprime, coin, 1); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sample(&eprimeprime, coin, 2); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_ntt(&sprime); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_ntt(&eprime); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_ntt(&sprime); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_ntt(&eprime); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_mul_pointwise(&uhat, &ahat, &sprime); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_add(&uhat, &uhat, &eprime); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_mul_pointwise(&uhat, &ahat, &sprime); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_add(&uhat, &uhat, &eprime); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_mul_pointwise(&vprime, &bhat, &sprime); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_invntt(&vprime); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_mul_pointwise(&vprime, &bhat, &sprime); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_invntt(&vprime); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_add(&vprime, &vprime, &eprimeprime); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_add(&vprime, &vprime, &v); // add message | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_add(&vprime, &vprime, &eprimeprime); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_add(&vprime, &vprime, &v); // add message | |||
| encode_c(c, &uhat, &vprime); | |||
| } | |||
| @@ -175,18 +175,18 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_enc(unsigned char *c, | |||
| * - const unsigned char *c: pointer to input ciphertext | |||
| * - const unsigned char *sk: pointer to input secret key | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_dec(unsigned char *m, | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_dec(unsigned char *m, | |||
| const unsigned char *c, | |||
| const unsigned char *sk) { | |||
| poly vprime, uhat, tmp, shat; | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frombytes(&shat, sk); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_frombytes(&shat, sk); | |||
| decode_c(&uhat, &vprime, c); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_mul_pointwise(&tmp, &shat, &uhat); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_invntt(&tmp); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_mul_pointwise(&tmp, &shat, &uhat); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_invntt(&tmp); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sub(&tmp, &tmp, &vprime); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sub(&tmp, &tmp, &vprime); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tomsg(m, &tmp); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_tomsg(m, &tmp); | |||
| } | |||
crypto_kem/newhope1024ccakem/clean/cpapke.h → crypto_kem/newhope1024cca/clean/cpapke.h
Ver ficheiro
| @@ -1,15 +1,15 @@ | |||
| #ifndef INDCPA_H | |||
| #define INDCPA_H | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_keypair(unsigned char *pk, | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_keypair(unsigned char *pk, | |||
| unsigned char *sk); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_enc(unsigned char *c, | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_enc(unsigned char *c, | |||
| const unsigned char *m, | |||
| const unsigned char *pk, | |||
| const unsigned char *coins); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_dec(unsigned char *m, | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_dec(unsigned char *m, | |||
| const unsigned char *c, | |||
| const unsigned char *sk); | |||
crypto_kem/newhope1024ccakem/clean/kem.c → crypto_kem/newhope1024cca/clean/kem.c
Ver ficheiro
| @@ -19,10 +19,10 @@ | |||
| * | |||
| * Returns 0 (success) | |||
| **************************************************/ | |||
| int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_crypto_kem_keypair(unsigned char *pk, unsigned char *sk) { | |||
| int PQCLEAN_NEWHOPE1024CCA_CLEAN_crypto_kem_keypair(unsigned char *pk, unsigned char *sk) { | |||
| size_t i; | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_keypair(pk, sk); /* First put the actual secret key into sk */ | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_keypair(pk, sk); /* First put the actual secret key into sk */ | |||
| sk += NEWHOPE_CPAPKE_SECRETKEYBYTES; | |||
| for (i = 0; i < NEWHOPE_CPAPKE_PUBLICKEYBYTES; i++) { /* Append the public key for re-encryption */ | |||
| @@ -50,7 +50,7 @@ int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_crypto_kem_keypair(unsigned char *pk, unsign | |||
| * | |||
| * Returns 0 (success) | |||
| **************************************************/ | |||
| int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) { | |||
| int PQCLEAN_NEWHOPE1024CCA_CLEAN_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk) { | |||
| unsigned char k_coins_d[3 * NEWHOPE_SYMBYTES]; /* Will contain key, coins, qrom-hash */ | |||
| unsigned char buf[2 * NEWHOPE_SYMBYTES]; | |||
| int i; | |||
| @@ -61,7 +61,7 @@ int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_crypto_kem_enc(unsigned char *ct, unsigned c | |||
| shake256(buf + NEWHOPE_SYMBYTES, NEWHOPE_SYMBYTES, pk, NEWHOPE_CCAKEM_PUBLICKEYBYTES); /* Multitarget countermeasure for coins + contributory KEM */ | |||
| shake256(k_coins_d, 3 * NEWHOPE_SYMBYTES, buf, 2 * NEWHOPE_SYMBYTES); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_enc(ct, buf, pk, k_coins_d + NEWHOPE_SYMBYTES); /* coins are in k_coins_d+NEWHOPE_SYMBYTES */ | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_enc(ct, buf, pk, k_coins_d + NEWHOPE_SYMBYTES); /* coins are in k_coins_d+NEWHOPE_SYMBYTES */ | |||
| for (i = 0; i < NEWHOPE_SYMBYTES; i++) { | |||
| ct[i + NEWHOPE_CPAPKE_CIPHERTEXTBYTES] = k_coins_d[i + 2 * NEWHOPE_SYMBYTES]; /* copy Targhi-Unruh hash into ct */ | |||
| @@ -86,30 +86,30 @@ int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_crypto_kem_enc(unsigned char *ct, unsigned c | |||
| * | |||
| * On failure, ss will contain a randomized value. | |||
| **************************************************/ | |||
| int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *ct, const unsigned char *sk) { | |||
| int PQCLEAN_NEWHOPE1024CCA_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *ct, const unsigned char *sk) { | |||
| int i, fail; | |||
| unsigned char ct_cmp[NEWHOPE_CCAKEM_CIPHERTEXTBYTES]; | |||
| unsigned char buf[2 * NEWHOPE_SYMBYTES]; | |||
| unsigned char k_coins_d[3 * NEWHOPE_SYMBYTES]; /* Will contain key, coins, qrom-hash */ | |||
| const unsigned char *pk = sk + NEWHOPE_CPAPKE_SECRETKEYBYTES; | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_dec(buf, ct, sk); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_dec(buf, ct, sk); | |||
| for (i = 0; i < NEWHOPE_SYMBYTES; i++) { /* Use hash of pk stored in sk */ | |||
| buf[NEWHOPE_SYMBYTES + i] = sk[NEWHOPE_CCAKEM_SECRETKEYBYTES - 2 * NEWHOPE_SYMBYTES + i]; | |||
| } | |||
| shake256(k_coins_d, 3 * NEWHOPE_SYMBYTES, buf, 2 * NEWHOPE_SYMBYTES); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cpapke_enc(ct_cmp, buf, pk, k_coins_d + NEWHOPE_SYMBYTES); /* coins are in k_coins_d+NEWHOPE_SYMBYTES */ | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_cpapke_enc(ct_cmp, buf, pk, k_coins_d + NEWHOPE_SYMBYTES); /* coins are in k_coins_d+NEWHOPE_SYMBYTES */ | |||
| for (i = 0; i < NEWHOPE_SYMBYTES; i++) { | |||
| ct_cmp[i + NEWHOPE_CPAPKE_CIPHERTEXTBYTES] = k_coins_d[i + 2 * NEWHOPE_SYMBYTES]; | |||
| } | |||
| fail = PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_verify(ct, ct_cmp, NEWHOPE_CCAKEM_CIPHERTEXTBYTES); | |||
| fail = PQCLEAN_NEWHOPE1024CCA_CLEAN_verify(ct, ct_cmp, NEWHOPE_CCAKEM_CIPHERTEXTBYTES); | |||
| shake256(k_coins_d + NEWHOPE_SYMBYTES, NEWHOPE_SYMBYTES, ct, NEWHOPE_CCAKEM_CIPHERTEXTBYTES); /* overwrite coins in k_coins_d with h(c) */ | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cmov(k_coins_d, sk + NEWHOPE_CCAKEM_SECRETKEYBYTES - NEWHOPE_SYMBYTES, NEWHOPE_SYMBYTES, (unsigned char) fail); /* Overwrite pre-k with z on re-encryption failure */ | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_cmov(k_coins_d, sk + NEWHOPE_CCAKEM_SECRETKEYBYTES - NEWHOPE_SYMBYTES, NEWHOPE_SYMBYTES, (unsigned char) fail); /* Overwrite pre-k with z on re-encryption failure */ | |||
| shake256(ss, NEWHOPE_SYMBYTES, k_coins_d, 2 * NEWHOPE_SYMBYTES); /* hash concatenation of pre-k and h(c) to k */ | |||
| return 0; | |||
crypto_kem/newhope1024ccakem/clean/ntt.c → crypto_kem/newhope1024cca/clean/ntt.c
Ver ficheiro
| @@ -51,7 +51,7 @@ static uint16_t bitrev_table[NEWHOPE_N] = { | |||
| * | |||
| * Arguments: - uint16_t* poly: pointer to in/output polynomial | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_bitrev_vector(uint16_t *poly) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_bitrev_vector(uint16_t *poly) { | |||
| unsigned int i, r; | |||
| uint16_t tmp; | |||
| @@ -74,11 +74,11 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_bitrev_vector(uint16_t *poly) { | |||
| * - const uint16_t* factors: pointer to input polynomial, coefficients | |||
| * are assumed to be in Montgomery representation | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_mul_coefficients(uint16_t *poly, const uint16_t *factors) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_mul_coefficients(uint16_t *poly, const uint16_t *factors) { | |||
| unsigned int i; | |||
| for (i = 0; i < NEWHOPE_N; i++) { | |||
| poly[i] = PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_montgomery_reduce((poly[i] * factors[i])); | |||
| poly[i] = PQCLEAN_NEWHOPE1024CCA_CLEAN_montgomery_reduce((poly[i] * factors[i])); | |||
| } | |||
| } | |||
| @@ -94,7 +94,7 @@ void /************************************************* | |||
| * - const uint16_t* omega: pointer to input powers of root of unity omega; | |||
| * assumed to be in Montgomery domain | |||
| **************************************************/ | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_ntt(uint16_t *a, const uint16_t *omega) { | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_ntt(uint16_t *a, const uint16_t *omega) { | |||
| int i, start, j, jTwiddle, distance; | |||
| uint16_t temp, W; | |||
| @@ -108,7 +108,7 @@ PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_ntt(uint16_t *a, const uint16_t *omega) { | |||
| W = omega[jTwiddle++]; | |||
| temp = a[j]; | |||
| a[j] = (temp + a[j + distance]); // Omit reduction (be lazy) | |||
| a[j + distance] = PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_montgomery_reduce((W * ((uint32_t)temp + 3 * NEWHOPE_Q - a[j + distance]))); | |||
| a[j + distance] = PQCLEAN_NEWHOPE1024CCA_CLEAN_montgomery_reduce((W * ((uint32_t)temp + 3 * NEWHOPE_Q - a[j + distance]))); | |||
| } | |||
| } | |||
| @@ -120,7 +120,7 @@ PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_ntt(uint16_t *a, const uint16_t *omega) { | |||
| W = omega[jTwiddle++]; | |||
| temp = a[j]; | |||
| a[j] = (temp + a[j + distance]) % NEWHOPE_Q; | |||
| a[j + distance] = PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_montgomery_reduce((W * ((uint32_t)temp + 3 * NEWHOPE_Q - a[j + distance]))); | |||
| a[j + distance] = PQCLEAN_NEWHOPE1024CCA_CLEAN_montgomery_reduce((W * ((uint32_t)temp + 3 * NEWHOPE_Q - a[j + distance]))); | |||
| } | |||
| } | |||
| } | |||
+ 14
- 0
crypto_kem/newhope1024cca/clean/ntt.h
Ver ficheiro
| @@ -0,0 +1,14 @@ | |||
| #ifndef NTT_H | |||
| #define NTT_H | |||
| #include "inttypes.h" | |||
| extern const uint16_t PQCLEAN_NEWHOPE1024CCA_CLEAN_omegas_inv_bitrev_montgomery[]; | |||
| extern const uint16_t PQCLEAN_NEWHOPE1024CCA_CLEAN_gammas_bitrev_montgomery[]; | |||
| extern const uint16_t PQCLEAN_NEWHOPE1024CCA_CLEAN_gammas_inv_montgomery[]; | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_bitrev_vector(uint16_t *poly); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_mul_coefficients(uint16_t *poly, const uint16_t *factors); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_ntt(uint16_t *a, const uint16_t *omegas); | |||
| #endif | |||
crypto_kem/newhope1024ccakem/clean/params.h → crypto_kem/newhope1024cca/clean/params.h
Ver ficheiro
| @@ -1,5 +1,5 @@ | |||
| #ifndef PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_PARAMS_H | |||
| #define PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_PARAMS_H | |||
| #ifndef PQCLEAN_NEWHOPE1024CCA_CLEAN_PARAMS_H | |||
| #define PQCLEAN_NEWHOPE1024CCA_CLEAN_PARAMS_H | |||
| #define NEWHOPE_N 1024 | |||
| #define NEWHOPE_Q 12289 | |||
crypto_kem/newhope1024ccakem/clean/poly.c → crypto_kem/newhope1024cca/clean/poly.c
Ver ficheiro
| @@ -51,7 +51,7 @@ static uint16_t flipabs(uint16_t x) { | |||
| * Arguments: - poly *r: pointer to output polynomial | |||
| * - const unsigned char *a: pointer to input byte array | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frombytes(poly *r, const unsigned char *a) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_frombytes(poly *r, const unsigned char *a) { | |||
| int i; | |||
| for (i = 0; i < NEWHOPE_N / 4; i++) { | |||
| r->coeffs[4 * i + 0] = a[7 * i + 0] | (((uint16_t)a[7 * i + 1] & 0x3f) << 8); | |||
| @@ -69,7 +69,7 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frombytes(poly *r, const unsigned char | |||
| * Arguments: - unsigned char *r: pointer to output byte array | |||
| * - const poly *p: pointer to input polynomial | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tobytes(unsigned char *r, const poly *p) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_tobytes(unsigned char *r, const poly *p) { | |||
| int i; | |||
| uint16_t t0, t1, t2, t3; | |||
| for (i = 0; i < NEWHOPE_N / 4; i++) { | |||
| @@ -96,7 +96,7 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tobytes(unsigned char *r, const poly * | |||
| * Arguments: - unsigned char *r: pointer to output byte array | |||
| * - const poly *p: pointer to input polynomial | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_compress(unsigned char *r, const poly *p) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_compress(unsigned char *r, const poly *p) { | |||
| unsigned int i, j, k = 0; | |||
| uint32_t t[8]; | |||
| @@ -123,7 +123,7 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_compress(unsigned char *r, const poly | |||
| * Arguments: - poly *r: pointer to output polynomial | |||
| * - const unsigned char *a: pointer to input byte array | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_decompress(poly *r, const unsigned char *a) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_decompress(poly *r, const unsigned char *a) { | |||
| unsigned int i, j; | |||
| for (i = 0; i < NEWHOPE_N; i += 8) { | |||
| r->coeffs[i + 0] = a[0] & 7; | |||
| @@ -149,7 +149,7 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_decompress(poly *r, const unsigned cha | |||
| * Arguments: - poly *r: pointer to output polynomial | |||
| * - const unsigned char *msg: pointer to input message | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frommsg(poly *r, const unsigned char *msg) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_frommsg(poly *r, const unsigned char *msg) { | |||
| unsigned int i, j, mask; | |||
| for (i = 0; i < 32; i++) { // XXX: MACRO for 32 | |||
| for (j = 0; j < 8; j++) { | |||
| @@ -170,7 +170,7 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frommsg(poly *r, const unsigned char * | |||
| * Arguments: - unsigned char *msg: pointer to output message | |||
| * - const poly *x: pointer to input polynomial | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tomsg(unsigned char *msg, const poly *x) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_tomsg(unsigned char *msg, const poly *x) { | |||
| unsigned int i; | |||
| uint16_t t; | |||
| @@ -199,7 +199,7 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tomsg(unsigned char *msg, const poly * | |||
| * Arguments: - poly *a: pointer to output polynomial | |||
| * - const unsigned char *seed: pointer to input seed | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_uniform(poly *a, const unsigned char *seed) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_uniform(poly *a, const unsigned char *seed) { | |||
| unsigned int ctr = 0; | |||
| uint16_t val; | |||
| uint64_t state[25]; | |||
| @@ -254,7 +254,7 @@ static unsigned char hw(unsigned char a) { | |||
| * - const unsigned char *seed: pointer to input seed | |||
| * - unsigned char nonce: one-byte input nonce | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sample(poly *r, const unsigned char *seed, unsigned char nonce) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sample(poly *r, const unsigned char *seed, unsigned char nonce) { | |||
| unsigned char buf[128], a, b; | |||
| // uint32_t t, d, a, b, c; | |||
| int i, j; | |||
| @@ -298,12 +298,12 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sample(poly *r, const unsigned char *s | |||
| * - const poly *a: pointer to first input polynomial | |||
| * - const poly *b: pointer to second input polynomial | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_mul_pointwise(poly *r, const poly *a, const poly *b) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_mul_pointwise(poly *r, const poly *a, const poly *b) { | |||
| int i; | |||
| uint16_t t; | |||
| for (i = 0; i < NEWHOPE_N; i++) { | |||
| t = PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_montgomery_reduce(3186 * b->coeffs[i]); /* t is now in Montgomery domain */ | |||
| r->coeffs[i] = PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_montgomery_reduce(a->coeffs[i] * t); /* r->coeffs[i] is back in normal domain */ | |||
| t = PQCLEAN_NEWHOPE1024CCA_CLEAN_montgomery_reduce(3186 * b->coeffs[i]); /* t is now in Montgomery domain */ | |||
| r->coeffs[i] = PQCLEAN_NEWHOPE1024CCA_CLEAN_montgomery_reduce(a->coeffs[i] * t); /* r->coeffs[i] is back in normal domain */ | |||
| } | |||
| } | |||
| @@ -316,7 +316,7 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_mul_pointwise(poly *r, const poly *a, | |||
| * - const poly *a: pointer to first input polynomial | |||
| * - const poly *b: pointer to second input polynomial | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_add(poly *r, const poly *a, const poly *b) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_add(poly *r, const poly *a, const poly *b) { | |||
| int i; | |||
| for (i = 0; i < NEWHOPE_N; i++) { | |||
| r->coeffs[i] = (a->coeffs[i] + b->coeffs[i]) % NEWHOPE_Q; | |||
| @@ -332,7 +332,7 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_add(poly *r, const poly *a, const poly | |||
| * - const poly *a: pointer to first input polynomial | |||
| * - const poly *b: pointer to second input polynomial | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sub(poly *r, const poly *a, const poly *b) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sub(poly *r, const poly *a, const poly *b) { | |||
| int i; | |||
| for (i = 0; i < NEWHOPE_N; i++) { | |||
| r->coeffs[i] = (a->coeffs[i] + 3 * NEWHOPE_Q - b->coeffs[i]) % NEWHOPE_Q; | |||
| @@ -348,9 +348,9 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sub(poly *r, const poly *a, const poly | |||
| * | |||
| * Arguments: - poly *r: pointer to in/output polynomial | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_ntt(poly *r) { | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_mul_coefficients(r->coeffs, PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_gammas_bitrev_montgomery); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_ntt((uint16_t *)r->coeffs, PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_gammas_bitrev_montgomery); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_ntt(poly *r) { | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_mul_coefficients(r->coeffs, PQCLEAN_NEWHOPE1024CCA_CLEAN_gammas_bitrev_montgomery); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_ntt((uint16_t *)r->coeffs, PQCLEAN_NEWHOPE1024CCA_CLEAN_gammas_bitrev_montgomery); | |||
| } | |||
| /************************************************* | |||
| @@ -362,9 +362,9 @@ void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_ntt(poly *r) { | |||
| * | |||
| * Arguments: - poly *r: pointer to in/output polynomial | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_invntt(poly *r) { | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_bitrev_vector(r->coeffs); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_ntt((uint16_t *)r->coeffs, PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_omegas_inv_bitrev_montgomery); | |||
| PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_mul_coefficients(r->coeffs, PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_gammas_inv_montgomery); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_invntt(poly *r) { | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_bitrev_vector(r->coeffs); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_ntt((uint16_t *)r->coeffs, PQCLEAN_NEWHOPE1024CCA_CLEAN_omegas_inv_bitrev_montgomery); | |||
| PQCLEAN_NEWHOPE1024CCA_CLEAN_mul_coefficients(r->coeffs, PQCLEAN_NEWHOPE1024CCA_CLEAN_gammas_inv_montgomery); | |||
| } | |||
+ 32
- 0
crypto_kem/newhope1024cca/clean/poly.h
Ver ficheiro
| @@ -0,0 +1,32 @@ | |||
| #ifndef POLY_H | |||
| #define POLY_H | |||
| #include "params.h" | |||
| #include <stdint.h> | |||
| /* | |||
| * Elements of R_q = Z_q[X]/(X^n + 1). Represents polynomial | |||
| * coeffs[0] + X*coeffs[1] + X^2*xoeffs[2] + ... + X^{n-1}*coeffs[n-1] | |||
| */ | |||
| typedef struct { | |||
| uint16_t coeffs[NEWHOPE_N]; | |||
| } poly; | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_uniform(poly *a, const unsigned char *seed); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sample(poly *r, const unsigned char *seed, unsigned char nonce); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_add(poly *r, const poly *a, const poly *b); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_ntt(poly *r); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_invntt(poly *r); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_mul_pointwise(poly *r, const poly *a, const poly *b); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_frombytes(poly *r, const unsigned char *a); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_tobytes(unsigned char *r, const poly *p); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_compress(unsigned char *r, const poly *p); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_decompress(poly *r, const unsigned char *a); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_frommsg(poly *r, const unsigned char *msg); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_tomsg(unsigned char *msg, const poly *x); | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_poly_sub(poly *r, const poly *a, const poly *b); | |||
| #endif | |||
crypto_kem/newhope1024ccakem/clean/precomp.c → crypto_kem/newhope1024cca/clean/precomp.c
Ver ficheiro
| @@ -78,7 +78,7 @@ | |||
| * Description: Contains inverses of powers of nth root of unity | |||
| * in Montgomery domain with R=2^18 in bit-reversed order | |||
| ************************************************************/ | |||
| const uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_omegas_inv_bitrev_montgomery[NEWHOPE_N / 2] = { | |||
| const uint16_t PQCLEAN_NEWHOPE1024CCA_CLEAN_omegas_inv_bitrev_montgomery[NEWHOPE_N / 2] = { | |||
| 4075, 5315, 4324, 4916, 10120, 11767, 7210, 9027, 10316, 6715, 1278, 9945, 3514, 11248, 11271, 5925, | |||
| 147, 8500, 7840, 6833, 5537, 4749, 4467, 7500, 11099, 9606, 6171, 8471, 8429, 5445, 11239, 7753, | |||
| 9090, 12233, 5529, 5206, 10587, 1987, 11635, 3565, 5415, 8646, 6153, 6427, 7341, 6152, 10561, 400, | |||
| @@ -119,7 +119,7 @@ const uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_omegas_inv_bitrev_montgomery[NEWH | |||
| * Description: Contains powers of nth root of -1 in Montgomery | |||
| * domain with R=2^18 in bit-reversed order | |||
| ************************************************************/ | |||
| const uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_gammas_bitrev_montgomery[NEWHOPE_N] = { | |||
| const uint16_t PQCLEAN_NEWHOPE1024CCA_CLEAN_gammas_bitrev_montgomery[NEWHOPE_N] = { | |||
| 4075, 6974, 7373, 7965, 3262, 5079, 522, 2169, 6364, 1018, 1041, 8775, 2344, 11011, 5574, 1973, | |||
| 4536, 1050, 6844, 3860, 3818, 6118, 2683, 1190, 4789, 7822, 7540, 6752, 5456, 4449, 3789, 12142, | |||
| 11973, 382, 3988, 468, 6843, 5339, 6196, 3710, 11316, 1254, 5435, 10930, 3998, 10256, 10367, 3879, | |||
| @@ -192,7 +192,7 @@ const uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_gammas_bitrev_montgomery[NEWHOPE_ | |||
| * Description: Contains inverses of powers of nth root of -1 | |||
| * divided by n in Montgomery domain with R=2^18 | |||
| ************************************************************/ | |||
| const uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_gammas_inv_montgomery[NEWHOPE_N] = { | |||
| const uint16_t PQCLEAN_NEWHOPE1024CCA_CLEAN_gammas_inv_montgomery[NEWHOPE_N] = { | |||
| 256, 10570, 1510, 7238, 1034, 7170, 6291, 7921, 11665, 3422, 4000, 2327, 2088, 5565, 795, 10647, | |||
| 1521, 5484, 2539, 7385, 1055, 7173, 8047, 11683, 1669, 1994, 3796, 5809, 4341, 9398, 11876, 12230, | |||
| 10525, 12037, 12253, 3506, 4012, 9351, 4847, 2448, 7372, 9831, 3160, 2207, 5582, 2553, 7387, 6322, | |||
crypto_kem/newhope1024ccakem/clean/reduce.c → crypto_kem/newhope1024cca/clean/reduce.c
Ver ficheiro
| @@ -15,7 +15,7 @@ static const uint32_t rlog = 18; | |||
| * | |||
| * Returns: unsigned integer in {0,...,2^14-1} congruent to a * R^-1 modulo q. | |||
| **************************************************/ | |||
| uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_montgomery_reduce(uint32_t a) { | |||
| uint16_t PQCLEAN_NEWHOPE1024CCA_CLEAN_montgomery_reduce(uint32_t a) { | |||
| uint32_t u; | |||
| u = (a * qinv); | |||
+ 8
- 0
crypto_kem/newhope1024cca/clean/reduce.h
Ver ficheiro
| @@ -0,0 +1,8 @@ | |||
| #ifndef REDUCE_H | |||
| #define REDUCE_H | |||
| #include <stdint.h> | |||
| uint16_t PQCLEAN_NEWHOPE1024CCA_CLEAN_montgomery_reduce(uint32_t a); | |||
| #endif | |||
crypto_kem/newhope1024ccakem/clean/verify.c → crypto_kem/newhope1024cca/clean/verify.c
Ver ficheiro
| @@ -13,7 +13,7 @@ | |||
| * | |||
| * Returns 0 if the byte arrays are equal, 1 otherwise | |||
| **************************************************/ | |||
| int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_verify(const unsigned char *a, const unsigned char *b, size_t len) { | |||
| int PQCLEAN_NEWHOPE1024CCA_CLEAN_verify(const unsigned char *a, const unsigned char *b, size_t len) { | |||
| uint64_t r; | |||
| size_t i; | |||
| r = 0; | |||
| @@ -39,7 +39,7 @@ int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_verify(const unsigned char *a, const unsigne | |||
| * size_t len: Amount of bytes to be copied | |||
| * unsigned char b: Condition bit; has to be in {0,1} | |||
| **************************************************/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cmov(unsigned char *r, const unsigned char *x, size_t len, unsigned char b) { | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_cmov(unsigned char *r, const unsigned char *x, size_t len, unsigned char b) { | |||
| size_t i; | |||
| b = -b; | |||
+ 12
- 0
crypto_kem/newhope1024cca/clean/verify.h
Ver ficheiro
| @@ -0,0 +1,12 @@ | |||
| #ifndef VERIFY_H | |||
| #define VERIFY_H | |||
| #include <stdio.h> | |||
| /* returns 0 for equal strings, 1 for non-equal strings */ | |||
| int PQCLEAN_NEWHOPE1024CCA_CLEAN_verify(const unsigned char *a, const unsigned char *b, size_t len); | |||
| /* b = 1 means mov, b = 0 means don't mov*/ | |||
| void PQCLEAN_NEWHOPE1024CCA_CLEAN_cmov(unsigned char *r, const unsigned char *x, size_t len, unsigned char b); | |||
| #endif | |||
+ 0
- 15
crypto_kem/newhope1024ccakem/clean/api.h
Ver ficheiro
| @@ -1,15 +0,0 @@ | |||
| #ifndef PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_API_H | |||
| #define PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_API_H | |||
| #define PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_CRYPTO_SECRETKEYBYTES 3680 | |||
| #define PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_CRYPTO_PUBLICKEYBYTES 1824 | |||
| #define PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_CRYPTO_CIPHERTEXTBYTES 2208 | |||
| #define PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_CRYPTO_BYTES 32 | |||
| #define PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_CRYPTO_ALGNAME "NewHope1024-CCAKEM" | |||
| int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_crypto_kem_keypair(unsigned char *pk, unsigned char *sk); | |||
| int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_crypto_kem_enc(unsigned char *ct, unsigned char *ss, const unsigned char *pk); | |||
| int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *ct, const unsigned char *sk); | |||
| #endif | |||
+ 0
- 14
crypto_kem/newhope1024ccakem/clean/ntt.h
Ver ficheiro
| @@ -1,14 +0,0 @@ | |||
| #ifndef NTT_H | |||
| #define NTT_H | |||
| #include "inttypes.h" | |||
| extern const uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_omegas_inv_bitrev_montgomery[]; | |||
| extern const uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_gammas_bitrev_montgomery[]; | |||
| extern const uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_gammas_inv_montgomery[]; | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_bitrev_vector(uint16_t *poly); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_mul_coefficients(uint16_t *poly, const uint16_t *factors); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_ntt(uint16_t *a, const uint16_t *omegas); | |||
| #endif | |||
+ 0
- 32
crypto_kem/newhope1024ccakem/clean/poly.h
Ver ficheiro
| @@ -1,32 +0,0 @@ | |||
| #ifndef POLY_H | |||
| #define POLY_H | |||
| #include "params.h" | |||
| #include <stdint.h> | |||
| /* | |||
| * Elements of R_q = Z_q[X]/(X^n + 1). Represents polynomial | |||
| * coeffs[0] + X*coeffs[1] + X^2*xoeffs[2] + ... + X^{n-1}*coeffs[n-1] | |||
| */ | |||
| typedef struct { | |||
| uint16_t coeffs[NEWHOPE_N]; | |||
| } poly; | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_uniform(poly *a, const unsigned char *seed); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sample(poly *r, const unsigned char *seed, unsigned char nonce); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_add(poly *r, const poly *a, const poly *b); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_ntt(poly *r); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_invntt(poly *r); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_mul_pointwise(poly *r, const poly *a, const poly *b); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frombytes(poly *r, const unsigned char *a); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tobytes(unsigned char *r, const poly *p); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_compress(unsigned char *r, const poly *p); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_decompress(poly *r, const unsigned char *a); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_frommsg(poly *r, const unsigned char *msg); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_tomsg(unsigned char *msg, const poly *x); | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_poly_sub(poly *r, const poly *a, const poly *b); | |||
| #endif | |||
+ 0
- 8
crypto_kem/newhope1024ccakem/clean/reduce.h
Ver ficheiro
| @@ -1,8 +0,0 @@ | |||
| #ifndef REDUCE_H | |||
| #define REDUCE_H | |||
| #include <stdint.h> | |||
| uint16_t PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_montgomery_reduce(uint32_t a); | |||
| #endif | |||
+ 0
- 12
crypto_kem/newhope1024ccakem/clean/verify.h
Ver ficheiro
| @@ -1,12 +0,0 @@ | |||
| #ifndef VERIFY_H | |||
| #define VERIFY_H | |||
| #include <stdio.h> | |||
| /* returns 0 for equal strings, 1 for non-equal strings */ | |||
| int PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_verify(const unsigned char *a, const unsigned char *b, size_t len); | |||
| /* b = 1 means mov, b = 0 means don't mov*/ | |||
| void PQCLEAN_NEWHOPE1024CCAKEM_CLEAN_cmov(unsigned char *r, const unsigned char *x, size_t len, unsigned char b); | |||
| #endif | |||