resolve todo, remove asserts, add duplicate checks and make sure they pass

This commit is contained in:
Leon 2019-06-17 14:03:59 +02:00
джерело e5b9b13160
коміт 3c733b6691
15 змінених файлів з 108 додано та 32 видалено

@ -1,7 +1,6 @@
#include "bf_decoding.h"
#include "gf2x_arith_mod_xPplusOne.h"
#include <assert.h>
#include <string.h>
int PQCLEAN_LEDAKEMLT12_LEAKTIME_bf_decoding(DIGIT err[],

@ -1,6 +1,5 @@
#include "gf2x_arith.h"
#include <assert.h>
#include <string.h> // memset(...)
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr) {
@ -11,7 +10,6 @@ void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const D
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
assert(amount < DIGIT_SIZE_b);
if ( amount == 0 ) {
return;
}
@ -27,7 +25,6 @@ void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsi
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
void PQCLEAN_LEDAKEMLT12_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
assert(amount < DIGIT_SIZE_b);
if ( amount == 0 ) {
return;
}

@ -1,7 +1,6 @@
#include "gf2x_arith_mod_xPplusOne.h"
#include "rng.h"
#include <assert.h>
#include <string.h> // memcpy(...), memset(...)
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_copy(DIGIT dest[], const DIGIT in[]) {
@ -431,14 +430,14 @@ void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_mod_mul_sparse(size_t sizeR, POSITION_T R
}
}
/* the implementation is safe even in case A or B alias with the result */
/* PRE: A and B should be sorted and have INVALID_POS_VALUE at the end */
/* the implementation is safe even in case A or B alias with the result
* PRE: A and B should be sorted, disjunct arrays ending with INVALID_POS_VALUE */
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_mod_add_sparse(
int sizeR, POSITION_T Res[],
int sizeA, const POSITION_T A[],
int sizeB, const POSITION_T B[]) {
POSITION_T tmpRes[DV * M]; // TODO: now function only works for adding (disjunct) DV and M positions
POSITION_T tmpRes[DV * M];
int idxA = 0, idxB = 0, idxR = 0;
while ( idxA < sizeA &&
idxB < sizeB &&

@ -8,7 +8,7 @@
#define RNG_BAD_MAXLEN (-1)
#define RNG_BAD_OUTBUF (-2)
#define RNG_BAD_REQ_LEN (-3)
#define RNG_MAXLEN (10 * 1024 * 1024)
#define RNG_MAXLEN (10 * 1024 * 1024)
typedef struct {
unsigned char buffer[16];

@ -1,7 +1,6 @@
#include "bf_decoding.h"
#include "gf2x_arith_mod_xPplusOne.h"
#include <assert.h>
#include <string.h>
int PQCLEAN_LEDAKEMLT32_LEAKTIME_bf_decoding(DIGIT err[],

@ -1,6 +1,5 @@
#include "gf2x_arith.h"
#include <assert.h>
#include <string.h> // memset(...)
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr) {
@ -11,7 +10,6 @@ void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const D
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
assert(amount < DIGIT_SIZE_b);
if ( amount == 0 ) {
return;
}
@ -27,7 +25,6 @@ void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsi
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
void PQCLEAN_LEDAKEMLT32_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
assert(amount < DIGIT_SIZE_b);
if ( amount == 0 ) {
return;
}

@ -1,7 +1,6 @@
#include "gf2x_arith_mod_xPplusOne.h"
#include "rng.h"
#include <assert.h>
#include <string.h> // memcpy(...), memset(...)
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_copy(DIGIT dest[], const DIGIT in[]) {
@ -211,8 +210,6 @@ void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_transpose_in_place(DIGIT A[]) {
A[NUM_DIGITS_GF2X_ELEMENT - 1 - i] = rev1;
}
// A[NUM_DIGITS_GF2X_ELEMENT / 2] = reverse_digit(A[NUM_DIGITS_GF2X_ELEMENT / 2]); // no middle digit
if (slack_bits_amount) {
PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(NUM_DIGITS_GF2X_ELEMENT, A, slack_bits_amount);
}
@ -431,14 +428,14 @@ void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_mod_mul_sparse(size_t sizeR, POSITION_T R
}
}
/* the implementation is safe even in case A or B alias with the result */
/* PRE: A and B should be sorted and have INVALID_POS_VALUE at the end */
/* the implementation is safe even in case A or B alias with the result
* PRE: A and B should be sorted, disjunct arrays ending with INVALID_POS_VALUE */
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_mod_add_sparse(
int sizeR, POSITION_T Res[],
int sizeA, const POSITION_T A[],
int sizeB, const POSITION_T B[]) {
POSITION_T tmpRes[DV * M]; // TODO: now function only works for adding (disjunct) DV and M positions
POSITION_T tmpRes[DV * M];
int idxA = 0, idxB = 0, idxR = 0;
while ( idxA < sizeA &&
idxB < sizeB &&

@ -10,7 +10,7 @@ typedef struct {
* H and Q during decryption */
unsigned char prng_seed[TRNG_BYTE_LENGTH];
int8_t rejections;
uint8_t threshold;
uint8_t threshold; // for round 2
} privateKeyNiederreiter_t;
typedef struct {

@ -1,7 +1,6 @@
#include "bf_decoding.h"
#include "gf2x_arith_mod_xPplusOne.h"
#include <assert.h>
#include <string.h>
int PQCLEAN_LEDAKEMLT52_LEAKTIME_bf_decoding(DIGIT err[],

@ -1,6 +1,5 @@
#include "gf2x_arith.h"
#include <assert.h>
#include <string.h> // memset(...)
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr) {
@ -11,7 +10,6 @@ void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const D
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
assert(amount < DIGIT_SIZE_b);
if ( amount == 0 ) {
return;
}
@ -27,7 +25,6 @@ void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsi
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
void PQCLEAN_LEDAKEMLT52_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
assert(amount < DIGIT_SIZE_b);
if ( amount == 0 ) {
return;
}

@ -1,10 +1,8 @@
#include "gf2x_arith_mod_xPplusOne.h"
#include "rng.h"
#include <assert.h>
#include <string.h> // memcpy(...), memset(...)
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_copy(DIGIT dest[], const DIGIT in[]) {
for (int i = NUM_DIGITS_GF2X_ELEMENT - 1; i >= 0; i--) {
dest[i] = in[i];
@ -212,8 +210,6 @@ void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_transpose_in_place(DIGIT A[]) {
A[NUM_DIGITS_GF2X_ELEMENT - 1 - i] = rev1;
}
// A[NUM_DIGITS_GF2X_ELEMENT / 2] = reverse_digit(A[NUM_DIGITS_GF2X_ELEMENT / 2]); // no middle digit
if (slack_bits_amount) {
PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(NUM_DIGITS_GF2X_ELEMENT, A, slack_bits_amount);
}
@ -432,14 +428,14 @@ void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_mod_mul_sparse(size_t sizeR, POSITION_T R
}
}
/* the implementation is safe even in case A or B alias with the result */
/* PRE: A and B should be sorted and have INVALID_POS_VALUE at the end */
/* the implementation is safe even in case A or B alias with the result
* PRE: A and B should be sorted, disjunct arrays ending with INVALID_POS_VALUE */
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_mod_add_sparse(
int sizeR, POSITION_T Res[],
int sizeA, const POSITION_T A[],
int sizeB, const POSITION_T B[]) {
POSITION_T tmpRes[DV * M]; // TODO: now function only works for adding (disjunct) DV and M positions
POSITION_T tmpRes[DV * M];
int idxA = 0, idxB = 0, idxR = 0;
while ( idxA < sizeA &&
idxB < sizeB &&

@ -10,7 +10,7 @@ typedef struct {
* H and Q during decryption */
unsigned char prng_seed[TRNG_BYTE_LENGTH];
int8_t rejections;
uint8_t threshold;
uint8_t threshold; // for round 2
} privateKeyNiederreiter_t;
typedef struct {

@ -0,0 +1,32 @@
consistency_checks:
- source:
scheme: ledakemlt32
implementation: leaktime
files:
- bf_decoding.c
- dfr_test.c
- dfr_test.h
- gf2x_arith.c
- gf2x_arith.h
- H_Q_matrices_generation.c
- H_Q_matrices_generation.h
- kem.c
- niederreiter.c
- niederreiter.h
- rng.c
- rng.h
- source:
scheme: ledakemlt52
implementation: leaktime
files:
- bf_decoding.c
- dfr_test.c
- dfr_test.h
- gf2x_arith.c
- gf2x_arith.h
- H_Q_matrices_generation.c
- H_Q_matrices_generation.h
- kem.c
- niederreiter.c
- niederreiter.h
- rng.h

@ -0,0 +1,32 @@
consistency_checks:
- source:
scheme: ledakemlt12
implementation: leaktime
files:
- bf_decoding.c
- dfr_test.c
- dfr_test.h
- gf2x_arith.c
- gf2x_arith.h
- H_Q_matrices_generation.c
- H_Q_matrices_generation.h
- kem.c
- niederreiter.c
- niederreiter.h
- rng.c
- rng.h
- source:
scheme: ledakemlt52
implementation: leaktime
files:
- bf_decoding.c
- dfr_test.c
- dfr_test.h
- gf2x_arith.c
- gf2x_arith.h
- H_Q_matrices_generation.c
- H_Q_matrices_generation.h
- kem.c
- niederreiter.c
- niederreiter.h
- rng.h

@ -0,0 +1,32 @@
consistency_checks:
- source:
scheme: ledakemlt12
implementation: leaktime
files:
- bf_decoding.c
- dfr_test.c
- dfr_test.h
- gf2x_arith.c
- gf2x_arith.h
- H_Q_matrices_generation.c
- H_Q_matrices_generation.h
- kem.c
- niederreiter.c
- niederreiter.h
- rng.h
- source:
scheme: ledakemlt32
implementation: leaktime
files:
- bf_decoding.c
- dfr_test.c
- dfr_test.h
- gf2x_arith.c
- gf2x_arith.h
- gf2x_arith_mod_xPplusOne.c
- H_Q_matrices_generation.c
- H_Q_matrices_generation.h
- kem.c
- niederreiter.c
- niederreiter.h
- rng.h