diff --git a/crypto_kem/hqc-128/avx2/kem.c b/crypto_kem/hqc-128/avx2/kem.c
index e70f0952..b45cd715 100644
--- a/crypto_kem/hqc-128/avx2/kem.c
+++ b/crypto_kem/hqc-128/avx2/kem.c
@@ -127,9 +127,9 @@ int PQCLEAN_HQC128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned char *c
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQC128_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQC128_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQC128_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQC128_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQC128_AVX2_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-128/avx2/vector.c b/crypto_kem/hqc-128/avx2/vector.c
index 8f5da9df..79f70361 100644
--- a/crypto_kem/hqc-128/avx2/vector.c
+++ b/crypto_kem/hqc-128/avx2/vector.c
@@ -162,13 +162,13 @@ void PQCLEAN_HQC128_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQC128_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- unsigned char diff = 0;
-
- for (uint32_t i = 0; i < size; i++) {
- diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
+uint8_t PQCLEAN_HQC128_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
}
- return diff != 0;
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
diff --git a/crypto_kem/hqc-128/avx2/vector.h b/crypto_kem/hqc-128/avx2/vector.h
index 3fbb2ddc..97242a4c 100644
--- a/crypto_kem/hqc-128/avx2/vector.h
+++ b/crypto_kem/hqc-128/avx2/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQC128_AVX2_vect_set_random_from_randombytes(uint64_t *v);
void PQCLEAN_HQC128_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC128_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC128_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQC128_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-128/clean/kem.c b/crypto_kem/hqc-128/clean/kem.c
index 76173dc2..a2604d95 100644
--- a/crypto_kem/hqc-128/clean/kem.c
+++ b/crypto_kem/hqc-128/clean/kem.c
@@ -131,9 +131,9 @@ int PQCLEAN_HQC128_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQC128_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQC128_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQC128_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQC128_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQC128_CLEAN_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-128/clean/vector.c b/crypto_kem/hqc-128/clean/vector.c
index c8ad8f34..a5ddc317 100644
--- a/crypto_kem/hqc-128/clean/vector.c
+++ b/crypto_kem/hqc-128/clean/vector.c
@@ -178,8 +178,13 @@ void PQCLEAN_HQC128_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQC128_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- return memcmp(v1, v2, size);
+uint8_t PQCLEAN_HQC128_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
+ }
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
diff --git a/crypto_kem/hqc-128/clean/vector.h b/crypto_kem/hqc-128/clean/vector.h
index 1a23056a..16ed84b9 100644
--- a/crypto_kem/hqc-128/clean/vector.h
+++ b/crypto_kem/hqc-128/clean/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQC128_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
void PQCLEAN_HQC128_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC128_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC128_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQC128_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-192/avx2/kem.c b/crypto_kem/hqc-192/avx2/kem.c
index 4807780e..e2cbec1d 100644
--- a/crypto_kem/hqc-192/avx2/kem.c
+++ b/crypto_kem/hqc-192/avx2/kem.c
@@ -127,9 +127,9 @@ int PQCLEAN_HQC192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned char *c
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQC192_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQC192_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQC192_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQC192_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQC192_AVX2_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-192/avx2/vector.c b/crypto_kem/hqc-192/avx2/vector.c
index 73f5d5bc..cceaaf38 100644
--- a/crypto_kem/hqc-192/avx2/vector.c
+++ b/crypto_kem/hqc-192/avx2/vector.c
@@ -162,13 +162,13 @@ void PQCLEAN_HQC192_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQC192_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- unsigned char diff = 0;
-
- for (uint32_t i = 0; i < size; i++) {
- diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
+uint8_t PQCLEAN_HQC192_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
}
- return diff != 0;
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
diff --git a/crypto_kem/hqc-192/avx2/vector.h b/crypto_kem/hqc-192/avx2/vector.h
index 0ff92c23..a01c6743 100644
--- a/crypto_kem/hqc-192/avx2/vector.h
+++ b/crypto_kem/hqc-192/avx2/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQC192_AVX2_vect_set_random_from_randombytes(uint64_t *v);
void PQCLEAN_HQC192_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC192_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC192_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQC192_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-192/clean/kem.c b/crypto_kem/hqc-192/clean/kem.c
index 90bfe9d3..fb4a1cfb 100644
--- a/crypto_kem/hqc-192/clean/kem.c
+++ b/crypto_kem/hqc-192/clean/kem.c
@@ -131,9 +131,9 @@ int PQCLEAN_HQC192_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQC192_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQC192_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQC192_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQC192_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQC192_CLEAN_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-192/clean/vector.c b/crypto_kem/hqc-192/clean/vector.c
index 7bd08e0e..242d9284 100644
--- a/crypto_kem/hqc-192/clean/vector.c
+++ b/crypto_kem/hqc-192/clean/vector.c
@@ -178,8 +178,13 @@ void PQCLEAN_HQC192_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQC192_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- return memcmp(v1, v2, size);
+uint8_t PQCLEAN_HQC192_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
+ }
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
diff --git a/crypto_kem/hqc-192/clean/vector.h b/crypto_kem/hqc-192/clean/vector.h
index 55423f1a..76213411 100644
--- a/crypto_kem/hqc-192/clean/vector.h
+++ b/crypto_kem/hqc-192/clean/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQC192_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
void PQCLEAN_HQC192_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC192_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC192_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQC192_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-256/avx2/kem.c b/crypto_kem/hqc-256/avx2/kem.c
index de7761fa..b9b8401a 100644
--- a/crypto_kem/hqc-256/avx2/kem.c
+++ b/crypto_kem/hqc-256/avx2/kem.c
@@ -127,9 +127,9 @@ int PQCLEAN_HQC256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned char *c
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQC256_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQC256_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQC256_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQC256_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQC256_AVX2_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-256/avx2/vector.c b/crypto_kem/hqc-256/avx2/vector.c
index 925b6f97..56f60bfe 100644
--- a/crypto_kem/hqc-256/avx2/vector.c
+++ b/crypto_kem/hqc-256/avx2/vector.c
@@ -162,13 +162,13 @@ void PQCLEAN_HQC256_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQC256_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- unsigned char diff = 0;
-
- for (uint32_t i = 0; i < size; i++) {
- diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
+uint8_t PQCLEAN_HQC256_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
}
- return diff != 0;
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
diff --git a/crypto_kem/hqc-256/avx2/vector.h b/crypto_kem/hqc-256/avx2/vector.h
index 8a671d09..2be772b1 100644
--- a/crypto_kem/hqc-256/avx2/vector.h
+++ b/crypto_kem/hqc-256/avx2/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQC256_AVX2_vect_set_random_from_randombytes(uint64_t *v);
void PQCLEAN_HQC256_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC256_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC256_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQC256_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-256/clean/kem.c b/crypto_kem/hqc-256/clean/kem.c
index 4073cecd..258bddd9 100644
--- a/crypto_kem/hqc-256/clean/kem.c
+++ b/crypto_kem/hqc-256/clean/kem.c
@@ -131,9 +131,9 @@ int PQCLEAN_HQC256_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQC256_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQC256_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQC256_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQC256_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQC256_CLEAN_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-256/clean/vector.c b/crypto_kem/hqc-256/clean/vector.c
index 78f09737..2c08f50d 100644
--- a/crypto_kem/hqc-256/clean/vector.c
+++ b/crypto_kem/hqc-256/clean/vector.c
@@ -178,8 +178,13 @@ void PQCLEAN_HQC256_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQC256_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- return memcmp(v1, v2, size);
+uint8_t PQCLEAN_HQC256_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
+ }
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
diff --git a/crypto_kem/hqc-256/clean/vector.h b/crypto_kem/hqc-256/clean/vector.h
index 257525ec..9e417907 100644
--- a/crypto_kem/hqc-256/clean/vector.h
+++ b/crypto_kem/hqc-256/clean/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQC256_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
void PQCLEAN_HQC256_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC256_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC256_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQC256_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-rmrs-128/avx2/kem.c b/crypto_kem/hqc-rmrs-128/avx2/kem.c
index bdde55b0..29d3feff 100644
--- a/crypto_kem/hqc-rmrs-128/avx2/kem.c
+++ b/crypto_kem/hqc-rmrs-128/avx2/kem.c
@@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQCRMRS128_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQCRMRS128_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQCRMRS128_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS128_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS128_AVX2_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-rmrs-128/avx2/vector.c b/crypto_kem/hqc-rmrs-128/avx2/vector.c
index ccb1b75a..66f239d4 100644
--- a/crypto_kem/hqc-rmrs-128/avx2/vector.c
+++ b/crypto_kem/hqc-rmrs-128/avx2/vector.c
@@ -146,17 +146,18 @@ void PQCLEAN_HQCRMRS128_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uin
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQCRMRS128_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- unsigned char diff = 0;
-
- for (uint32_t i = 0; i < size; i++) {
- diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
+uint8_t PQCLEAN_HQCRMRS128_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
}
- return diff != 0;
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
+
/**
* @brief Resize a vector so that it contains size_o bits
*
diff --git a/crypto_kem/hqc-rmrs-128/avx2/vector.h b/crypto_kem/hqc-rmrs-128/avx2/vector.h
index c929fcd7..06ca86b2 100644
--- a/crypto_kem/hqc-rmrs-128/avx2/vector.h
+++ b/crypto_kem/hqc-rmrs-128/avx2/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS128_AVX2_vect_set_random_from_randombytes(uint64_t *v);
void PQCLEAN_HQCRMRS128_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS128_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS128_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQCRMRS128_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-rmrs-128/clean/kem.c b/crypto_kem/hqc-rmrs-128/clean/kem.c
index d92d7bc7..dd49c3a6 100644
--- a/crypto_kem/hqc-rmrs-128/clean/kem.c
+++ b/crypto_kem/hqc-rmrs-128/clean/kem.c
@@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS128_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned ch
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQCRMRS128_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQCRMRS128_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQCRMRS128_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS128_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS128_CLEAN_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-rmrs-128/clean/vector.c b/crypto_kem/hqc-rmrs-128/clean/vector.c
index 651dbc88..bbe402c9 100644
--- a/crypto_kem/hqc-rmrs-128/clean/vector.c
+++ b/crypto_kem/hqc-rmrs-128/clean/vector.c
@@ -178,8 +178,13 @@ void PQCLEAN_HQCRMRS128_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const ui
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQCRMRS128_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- return memcmp(v1, v2, size);
+uint8_t PQCLEAN_HQCRMRS128_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
+ }
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
diff --git a/crypto_kem/hqc-rmrs-128/clean/vector.h b/crypto_kem/hqc-rmrs-128/clean/vector.h
index 406dc220..bff96e58 100644
--- a/crypto_kem/hqc-rmrs-128/clean/vector.h
+++ b/crypto_kem/hqc-rmrs-128/clean/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS128_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
void PQCLEAN_HQCRMRS128_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS128_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS128_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQCRMRS128_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-rmrs-192/avx2/kem.c b/crypto_kem/hqc-rmrs-192/avx2/kem.c
index b216d1bc..e0855f56 100644
--- a/crypto_kem/hqc-rmrs-192/avx2/kem.c
+++ b/crypto_kem/hqc-rmrs-192/avx2/kem.c
@@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQCRMRS192_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQCRMRS192_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQCRMRS192_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS192_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS192_AVX2_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-rmrs-192/avx2/vector.c b/crypto_kem/hqc-rmrs-192/avx2/vector.c
index 38bbd51c..d43b4f7b 100644
--- a/crypto_kem/hqc-rmrs-192/avx2/vector.c
+++ b/crypto_kem/hqc-rmrs-192/avx2/vector.c
@@ -146,17 +146,18 @@ void PQCLEAN_HQCRMRS192_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uin
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQCRMRS192_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- unsigned char diff = 0;
-
- for (uint32_t i = 0; i < size; i++) {
- diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
+uint8_t PQCLEAN_HQCRMRS192_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
}
- return diff != 0;
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
+
/**
* @brief Resize a vector so that it contains size_o bits
*
diff --git a/crypto_kem/hqc-rmrs-192/avx2/vector.h b/crypto_kem/hqc-rmrs-192/avx2/vector.h
index 6d217dce..36ef86d7 100644
--- a/crypto_kem/hqc-rmrs-192/avx2/vector.h
+++ b/crypto_kem/hqc-rmrs-192/avx2/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS192_AVX2_vect_set_random_from_randombytes(uint64_t *v);
void PQCLEAN_HQCRMRS192_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS192_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS192_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQCRMRS192_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-rmrs-192/clean/kem.c b/crypto_kem/hqc-rmrs-192/clean/kem.c
index 8af76320..10f2f9a0 100644
--- a/crypto_kem/hqc-rmrs-192/clean/kem.c
+++ b/crypto_kem/hqc-rmrs-192/clean/kem.c
@@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS192_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned ch
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQCRMRS192_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQCRMRS192_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQCRMRS192_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS192_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS192_CLEAN_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-rmrs-192/clean/vector.c b/crypto_kem/hqc-rmrs-192/clean/vector.c
index 27f37662..364dfa49 100644
--- a/crypto_kem/hqc-rmrs-192/clean/vector.c
+++ b/crypto_kem/hqc-rmrs-192/clean/vector.c
@@ -178,8 +178,13 @@ void PQCLEAN_HQCRMRS192_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const ui
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQCRMRS192_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- return memcmp(v1, v2, size);
+uint8_t PQCLEAN_HQCRMRS192_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
+ }
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
diff --git a/crypto_kem/hqc-rmrs-192/clean/vector.h b/crypto_kem/hqc-rmrs-192/clean/vector.h
index 93b80bf0..66320360 100644
--- a/crypto_kem/hqc-rmrs-192/clean/vector.h
+++ b/crypto_kem/hqc-rmrs-192/clean/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS192_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
void PQCLEAN_HQCRMRS192_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS192_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS192_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQCRMRS192_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-rmrs-256/avx2/kem.c b/crypto_kem/hqc-rmrs-256/avx2/kem.c
index 02403028..6e19f212 100644
--- a/crypto_kem/hqc-rmrs-256/avx2/kem.c
+++ b/crypto_kem/hqc-rmrs-256/avx2/kem.c
@@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQCRMRS256_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQCRMRS256_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQCRMRS256_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS256_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS256_AVX2_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-rmrs-256/avx2/vector.c b/crypto_kem/hqc-rmrs-256/avx2/vector.c
index 9728d063..543d3060 100644
--- a/crypto_kem/hqc-rmrs-256/avx2/vector.c
+++ b/crypto_kem/hqc-rmrs-256/avx2/vector.c
@@ -146,17 +146,18 @@ void PQCLEAN_HQCRMRS256_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uin
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQCRMRS256_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- unsigned char diff = 0;
-
- for (uint32_t i = 0; i < size; i++) {
- diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
+uint8_t PQCLEAN_HQCRMRS256_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
}
- return diff != 0;
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
+
/**
* @brief Resize a vector so that it contains size_o bits
*
diff --git a/crypto_kem/hqc-rmrs-256/avx2/vector.h b/crypto_kem/hqc-rmrs-256/avx2/vector.h
index e58903c9..11f3212d 100644
--- a/crypto_kem/hqc-rmrs-256/avx2/vector.h
+++ b/crypto_kem/hqc-rmrs-256/avx2/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS256_AVX2_vect_set_random_from_randombytes(uint64_t *v);
void PQCLEAN_HQCRMRS256_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS256_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS256_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQCRMRS256_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
diff --git a/crypto_kem/hqc-rmrs-256/clean/kem.c b/crypto_kem/hqc-rmrs-256/clean/kem.c
index 4f857d87..3320be82 100644
--- a/crypto_kem/hqc-rmrs-256/clean/kem.c
+++ b/crypto_kem/hqc-rmrs-256/clean/kem.c
@@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS256_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned ch
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d'
- result = PQCLEAN_HQCRMRS256_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
- result |= PQCLEAN_HQCRMRS256_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
- result |= memcmp(d, d2, SHA512_BYTES);
+ result = PQCLEAN_HQCRMRS256_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS256_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
+ result |= PQCLEAN_HQCRMRS256_CLEAN_vect_compare(d, d2, SHA512_BYTES);
result = (uint8_t) (-((int16_t) result) >> 15);
for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
ss[i] &= ~result;
diff --git a/crypto_kem/hqc-rmrs-256/clean/vector.c b/crypto_kem/hqc-rmrs-256/clean/vector.c
index 3d48e793..3eacead2 100644
--- a/crypto_kem/hqc-rmrs-256/clean/vector.c
+++ b/crypto_kem/hqc-rmrs-256/clean/vector.c
@@ -178,8 +178,13 @@ void PQCLEAN_HQCRMRS256_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const ui
* @param[in] size Integer that is the size of the vectors
* @returns 0 if the vectors are equals and a negative/psotive value otherwise
*/
-int PQCLEAN_HQCRMRS256_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
- return memcmp(v1, v2, size);
+uint8_t PQCLEAN_HQCRMRS256_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
+ uint64_t r = 0;
+ for (size_t i = 0; i < size; i++) {
+ r |= v1[i] ^ v2[i];
+ }
+ r = (-r) >> 63;
+ return (uint8_t) r;
}
diff --git a/crypto_kem/hqc-rmrs-256/clean/vector.h b/crypto_kem/hqc-rmrs-256/clean/vector.h
index 73fc521f..f2c7c167 100644
--- a/crypto_kem/hqc-rmrs-256/clean/vector.h
+++ b/crypto_kem/hqc-rmrs-256/clean/vector.h
@@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS256_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
void PQCLEAN_HQCRMRS256_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS256_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS256_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
void PQCLEAN_HQCRMRS256_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);