uniform vect_compare implementations

2020-09-14 16:44:09 -04:00 · 2020-09-14 16:44:09 -04:00 · 15330871bf
commit 15330871bf
parent cd1c930508
36 changed files with 129 additions and 96 deletions
--- a/crypto_kem/hqc-128/avx2/kem.c
+++ b/crypto_kem/hqc-128/avx2/kem.c
@ -127,9 +127,9 @@ int PQCLEAN_HQC128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned char *c
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQC128_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQC128_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQC128_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQC128_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQC128_AVX2_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-128/avx2/vector.c
+++ b/crypto_kem/hqc-128/avx2/vector.c
@ -162,13 +162,13 @@ void PQCLEAN_HQC128_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQC128_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQC128_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    unsigned char diff = 0;
+    uint64_t r = 0;
-
+    for (size_t i = 0; i < size; i++) {
-    for (uint32_t i = 0; i < size; i++) {
+        r |= v1[i] ^ v2[i];
        diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
    }
-    return diff != 0;
+    r = (-r) >> 63;
    return (uint8_t) r;
 }
--- a/crypto_kem/hqc-128/avx2/vector.h
+++ b/crypto_kem/hqc-128/avx2/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQC128_AVX2_vect_set_random_from_randombytes(uint64_t *v);
 void PQCLEAN_HQC128_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC128_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC128_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQC128_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-128/clean/kem.c
+++ b/crypto_kem/hqc-128/clean/kem.c
@ -131,9 +131,9 @@ int PQCLEAN_HQC128_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQC128_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQC128_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQC128_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQC128_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQC128_CLEAN_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-128/clean/vector.c
+++ b/crypto_kem/hqc-128/clean/vector.c
@ -178,8 +178,13 @@ void PQCLEAN_HQC128_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQC128_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQC128_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    return memcmp(v1, v2, size);
+    uint64_t r = 0;
    for (size_t i = 0; i < size; i++) {
        r |= v1[i] ^ v2[i];
    }
    r = (-r) >> 63;
    return (uint8_t) r;
 }
--- a/crypto_kem/hqc-128/clean/vector.h
+++ b/crypto_kem/hqc-128/clean/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQC128_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
 void PQCLEAN_HQC128_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC128_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC128_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQC128_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-192/avx2/kem.c
+++ b/crypto_kem/hqc-192/avx2/kem.c
@ -127,9 +127,9 @@ int PQCLEAN_HQC192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned char *c
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQC192_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQC192_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQC192_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQC192_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQC192_AVX2_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-192/avx2/vector.c
+++ b/crypto_kem/hqc-192/avx2/vector.c
@ -162,13 +162,13 @@ void PQCLEAN_HQC192_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQC192_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQC192_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    unsigned char diff = 0;
+    uint64_t r = 0;
-
+    for (size_t i = 0; i < size; i++) {
-    for (uint32_t i = 0; i < size; i++) {
+        r |= v1[i] ^ v2[i];
        diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
    }
-    return diff != 0;
+    r = (-r) >> 63;
    return (uint8_t) r;
 }
--- a/crypto_kem/hqc-192/avx2/vector.h
+++ b/crypto_kem/hqc-192/avx2/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQC192_AVX2_vect_set_random_from_randombytes(uint64_t *v);
 void PQCLEAN_HQC192_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC192_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC192_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQC192_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-192/clean/kem.c
+++ b/crypto_kem/hqc-192/clean/kem.c
@ -131,9 +131,9 @@ int PQCLEAN_HQC192_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQC192_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQC192_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQC192_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQC192_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQC192_CLEAN_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-192/clean/vector.c
+++ b/crypto_kem/hqc-192/clean/vector.c
@ -178,8 +178,13 @@ void PQCLEAN_HQC192_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQC192_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQC192_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    return memcmp(v1, v2, size);
+    uint64_t r = 0;
    for (size_t i = 0; i < size; i++) {
        r |= v1[i] ^ v2[i];
    }
    r = (-r) >> 63;
    return (uint8_t) r;
 }
--- a/crypto_kem/hqc-192/clean/vector.h
+++ b/crypto_kem/hqc-192/clean/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQC192_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
 void PQCLEAN_HQC192_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC192_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC192_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQC192_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-256/avx2/kem.c
+++ b/crypto_kem/hqc-256/avx2/kem.c
@ -127,9 +127,9 @@ int PQCLEAN_HQC256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned char *c
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQC256_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQC256_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQC256_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQC256_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQC256_AVX2_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-256/avx2/vector.c
+++ b/crypto_kem/hqc-256/avx2/vector.c
@ -162,13 +162,13 @@ void PQCLEAN_HQC256_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQC256_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQC256_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    unsigned char diff = 0;
+    uint64_t r = 0;
-
+    for (size_t i = 0; i < size; i++) {
-    for (uint32_t i = 0; i < size; i++) {
+        r |= v1[i] ^ v2[i];
        diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
    }
-    return diff != 0;
+    r = (-r) >> 63;
    return (uint8_t) r;
 }
--- a/crypto_kem/hqc-256/avx2/vector.h
+++ b/crypto_kem/hqc-256/avx2/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQC256_AVX2_vect_set_random_from_randombytes(uint64_t *v);
 void PQCLEAN_HQC256_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC256_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC256_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQC256_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-256/clean/kem.c
+++ b/crypto_kem/hqc-256/clean/kem.c
@ -131,9 +131,9 @@ int PQCLEAN_HQC256_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned char *
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQC256_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQC256_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQC256_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQC256_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQC256_CLEAN_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-256/clean/vector.c
+++ b/crypto_kem/hqc-256/clean/vector.c
@ -178,8 +178,13 @@ void PQCLEAN_HQC256_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQC256_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQC256_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    return memcmp(v1, v2, size);
+    uint64_t r = 0;
    for (size_t i = 0; i < size; i++) {
        r |= v1[i] ^ v2[i];
    }
    r = (-r) >> 63;
    return (uint8_t) r;
 }
--- a/crypto_kem/hqc-256/clean/vector.h
+++ b/crypto_kem/hqc-256/clean/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQC256_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
 void PQCLEAN_HQC256_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQC256_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQC256_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQC256_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-rmrs-128/avx2/kem.c
+++ b/crypto_kem/hqc-rmrs-128/avx2/kem.c
@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQCRMRS128_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQCRMRS128_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQCRMRS128_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQCRMRS128_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQCRMRS128_AVX2_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-rmrs-128/avx2/vector.c
+++ b/crypto_kem/hqc-rmrs-128/avx2/vector.c
@ -146,17 +146,18 @@ void PQCLEAN_HQCRMRS128_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uin
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQCRMRS128_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQCRMRS128_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    unsigned char diff = 0;
+    uint64_t r = 0;
-
+    for (size_t i = 0; i < size; i++) {
-    for (uint32_t i = 0; i < size; i++) {
+        r |= v1[i] ^ v2[i];
        diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
    }
-    return diff != 0;
+    r = (-r) >> 63;
    return (uint8_t) r;
 }
 /**
 * @brief Resize a vector so that it contains <b>size_o</b> bits
 *
--- a/crypto_kem/hqc-rmrs-128/avx2/vector.h
+++ b/crypto_kem/hqc-rmrs-128/avx2/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS128_AVX2_vect_set_random_from_randombytes(uint64_t *v);
 void PQCLEAN_HQCRMRS128_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS128_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS128_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQCRMRS128_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-rmrs-128/clean/kem.c
+++ b/crypto_kem/hqc-rmrs-128/clean/kem.c
@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS128_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned ch
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQCRMRS128_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQCRMRS128_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQCRMRS128_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQCRMRS128_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQCRMRS128_CLEAN_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-rmrs-128/clean/vector.c
+++ b/crypto_kem/hqc-rmrs-128/clean/vector.c
@ -178,8 +178,13 @@ void PQCLEAN_HQCRMRS128_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const ui
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQCRMRS128_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQCRMRS128_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    return memcmp(v1, v2, size);
+    uint64_t r = 0;
    for (size_t i = 0; i < size; i++) {
        r |= v1[i] ^ v2[i];
    }
    r = (-r) >> 63;
    return (uint8_t) r;
 }
--- a/crypto_kem/hqc-rmrs-128/clean/vector.h
+++ b/crypto_kem/hqc-rmrs-128/clean/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS128_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
 void PQCLEAN_HQCRMRS128_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS128_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS128_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQCRMRS128_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-rmrs-192/avx2/kem.c
+++ b/crypto_kem/hqc-rmrs-192/avx2/kem.c
@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQCRMRS192_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQCRMRS192_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQCRMRS192_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQCRMRS192_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQCRMRS192_AVX2_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-rmrs-192/avx2/vector.c
+++ b/crypto_kem/hqc-rmrs-192/avx2/vector.c
@ -146,17 +146,18 @@ void PQCLEAN_HQCRMRS192_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uin
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQCRMRS192_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQCRMRS192_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    unsigned char diff = 0;
+    uint64_t r = 0;
-
+    for (size_t i = 0; i < size; i++) {
-    for (uint32_t i = 0; i < size; i++) {
+        r |= v1[i] ^ v2[i];
        diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
    }
-    return diff != 0;
+    r = (-r) >> 63;
    return (uint8_t) r;
 }
 /**
 * @brief Resize a vector so that it contains <b>size_o</b> bits
 *
--- a/crypto_kem/hqc-rmrs-192/avx2/vector.h
+++ b/crypto_kem/hqc-rmrs-192/avx2/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS192_AVX2_vect_set_random_from_randombytes(uint64_t *v);
 void PQCLEAN_HQCRMRS192_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS192_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS192_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQCRMRS192_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-rmrs-192/clean/kem.c
+++ b/crypto_kem/hqc-rmrs-192/clean/kem.c
@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS192_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned ch
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQCRMRS192_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQCRMRS192_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQCRMRS192_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQCRMRS192_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQCRMRS192_CLEAN_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-rmrs-192/clean/vector.c
+++ b/crypto_kem/hqc-rmrs-192/clean/vector.c
@ -178,8 +178,13 @@ void PQCLEAN_HQCRMRS192_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const ui
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQCRMRS192_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQCRMRS192_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    return memcmp(v1, v2, size);
+    uint64_t r = 0;
    for (size_t i = 0; i < size; i++) {
        r |= v1[i] ^ v2[i];
    }
    r = (-r) >> 63;
    return (uint8_t) r;
 }
--- a/crypto_kem/hqc-rmrs-192/clean/vector.h
+++ b/crypto_kem/hqc-rmrs-192/clean/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS192_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
 void PQCLEAN_HQCRMRS192_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS192_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS192_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQCRMRS192_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-rmrs-256/avx2/kem.c
+++ b/crypto_kem/hqc-rmrs-256/avx2/kem.c
@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQCRMRS256_AVX2_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQCRMRS256_AVX2_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQCRMRS256_AVX2_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQCRMRS256_AVX2_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQCRMRS256_AVX2_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-rmrs-256/avx2/vector.c
+++ b/crypto_kem/hqc-rmrs-256/avx2/vector.c
@ -146,17 +146,18 @@ void PQCLEAN_HQCRMRS256_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uin
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQCRMRS256_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQCRMRS256_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    unsigned char diff = 0;
+    uint64_t r = 0;
-
+    for (size_t i = 0; i < size; i++) {
-    for (uint32_t i = 0; i < size; i++) {
+        r |= v1[i] ^ v2[i];
        diff |= ((uint8_t *) v1)[i] ^ ((uint8_t *) v2)[i];
    }
-    return diff != 0;
+    r = (-r) >> 63;
    return (uint8_t) r;
 }
 /**
 * @brief Resize a vector so that it contains <b>size_o</b> bits
 *
--- a/crypto_kem/hqc-rmrs-256/avx2/vector.h
+++ b/crypto_kem/hqc-rmrs-256/avx2/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS256_AVX2_vect_set_random_from_randombytes(uint64_t *v);
 void PQCLEAN_HQCRMRS256_AVX2_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS256_AVX2_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS256_AVX2_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQCRMRS256_AVX2_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);
--- a/crypto_kem/hqc-rmrs-256/clean/kem.c
+++ b/crypto_kem/hqc-rmrs-256/clean/kem.c
@ -127,9 +127,9 @@ int PQCLEAN_HQCRMRS256_CLEAN_crypto_kem_dec(unsigned char *ss, const unsigned ch
    sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
    // Abort if c != c' or d != d'
-    result = PQCLEAN_HQCRMRS256_CLEAN_vect_compare(u, u2, VEC_N_SIZE_BYTES);
+    result = PQCLEAN_HQCRMRS256_CLEAN_vect_compare((uint8_t *)u, (uint8_t *)u2, VEC_N_SIZE_BYTES);
-    result |= PQCLEAN_HQCRMRS256_CLEAN_vect_compare(v, v2, VEC_N1N2_SIZE_BYTES);
+    result |= PQCLEAN_HQCRMRS256_CLEAN_vect_compare((uint8_t *)v, (uint8_t *)v2, VEC_N1N2_SIZE_BYTES);
-    result |= memcmp(d, d2, SHA512_BYTES);
+    result |= PQCLEAN_HQCRMRS256_CLEAN_vect_compare(d, d2, SHA512_BYTES);
    result = (uint8_t) (-((int16_t) result) >> 15);
    for (size_t i = 0; i < SHARED_SECRET_BYTES; i++) {
        ss[i] &= ~result;
--- a/crypto_kem/hqc-rmrs-256/clean/vector.c
+++ b/crypto_kem/hqc-rmrs-256/clean/vector.c
@ -178,8 +178,13 @@ void PQCLEAN_HQCRMRS256_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const ui
 * @param[in] size Integer that is the size of the vectors
 * @returns 0 if the vectors are equals and a negative/psotive value otherwise
 */
-int PQCLEAN_HQCRMRS256_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size) {
+uint8_t PQCLEAN_HQCRMRS256_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size) {
-    return memcmp(v1, v2, size);
+    uint64_t r = 0;
    for (size_t i = 0; i < size; i++) {
        r |= v1[i] ^ v2[i];
    }
    r = (-r) >> 63;
    return (uint8_t) r;
 }
--- a/crypto_kem/hqc-rmrs-256/clean/vector.h
+++ b/crypto_kem/hqc-rmrs-256/clean/vector.h
@ -21,7 +21,7 @@ void PQCLEAN_HQCRMRS256_CLEAN_vect_set_random(AES_XOF_struct *ctx, uint64_t *v);
 void PQCLEAN_HQCRMRS256_CLEAN_vect_add(uint64_t *o, const uint64_t *v1, const uint64_t *v2, uint32_t size);
-int PQCLEAN_HQCRMRS256_CLEAN_vect_compare(const uint64_t *v1, const uint64_t *v2, uint32_t size);
+uint8_t PQCLEAN_HQCRMRS256_CLEAN_vect_compare(const uint8_t *v1, const uint8_t *v2, uint32_t size);
 void PQCLEAN_HQCRMRS256_CLEAN_vect_resize(uint64_t *o, uint32_t size_o, const uint64_t *v, uint32_t size_v);