From 3d5079129dc9bc12b3ca8b584089d7d2a609b37d Mon Sep 17 00:00:00 2001 From: "Matthias J. Kannwischer" Date: Fri, 27 Nov 2020 18:55:15 +0100 Subject: [PATCH] Update Rainbow to round 3 parameter sets (#361) * rainbow update * update workflows * re-add /O2 in nmake Makefile --- .github/workflows/BADGES.md | 163 ++++++----- .../sign_rainbowI-circumzenithal.yml | 204 ++++++++++++++ ...a-cyclic.yml => sign_rainbowI-classic.yml} | 22 +- ...assic.yml => sign_rainbowI-compressed.yml} | 22 +- .../sign_rainbowIII-circumzenithal.yml | 204 ++++++++++++++ ...cyclic.yml => sign_rainbowIII-classic.yml} | 22 +- .../workflows/sign_rainbowIII-compressed.yml | 204 ++++++++++++++ .../sign_rainbowIIIc-cyclic-compressed.yml | 204 -------------- .../sign_rainbowIa-cyclic-compressed.yml | 204 -------------- .../sign_rainbowV-circumzenithal.yml | 204 ++++++++++++++ ...c-cyclic.yml => sign_rainbowV-classic.yml} | 22 +- ...assic.yml => sign_rainbowV-compressed.yml} | 22 +- .github/workflows/sign_rainbowVc-classic.yml | 204 -------------- .../sign_rainbowVc-cyclic-compressed.yml | 204 -------------- crypto_sign/rainbowI-circumzenithal/META.yml | 20 ++ .../clean/LICENSE | 0 .../rainbowI-circumzenithal/clean/Makefile | 21 ++ .../clean/Makefile.Microsoft_nmake | 19 ++ .../rainbowI-circumzenithal/clean/api.h | 32 +++ .../rainbowI-circumzenithal/clean/blas.c | 43 +++ .../rainbowI-circumzenithal/clean/blas.h | 20 ++ .../clean/blas_comm.c | 54 ++-- .../clean/blas_comm.h | 14 +- .../clean/gf.c | 10 +- .../rainbowI-circumzenithal/clean/gf.h | 18 ++ .../clean/parallel_matrix_op.c | 182 ++++++++++++ .../clean/parallel_matrix_op.h | 260 ++++++++++++++++++ .../clean/rainbow.c | 47 ++-- .../clean/rainbow.h | 6 +- .../clean/rainbow_blas.h | 32 +++ .../clean/rainbow_config.h | 2 +- .../clean/rainbow_keypair.c | 111 +++++--- .../clean/rainbow_keypair.h | 4 +- .../clean/rainbow_keypair_computation.c | 26 +- .../clean/rainbow_keypair_computation.h | 8 +- .../rainbowI-circumzenithal/clean/sign.c | 76 +++++ .../clean/utils_hash.c | 10 +- .../clean/utils_hash.h | 11 + .../clean/utils_prng.c | 97 +++++++ .../clean/utils_prng.h | 18 ++ crypto_sign/rainbowI-classic/META.yml | 20 ++ .../clean/LICENSE | 0 .../clean/Makefile | 2 +- .../clean/Makefile.Microsoft_nmake | 2 +- crypto_sign/rainbowI-classic/clean/api.h | 32 +++ .../clean/blas.c | 20 +- .../clean/blas.h | 10 +- .../clean/blas_comm.c | 54 ++-- .../clean/blas_comm.h | 14 +- .../clean/gf.c | 10 +- .../clean/gf.h | 6 +- .../clean/parallel_matrix_op.c | 64 ++--- .../clean/parallel_matrix_op.h | 36 +-- .../clean/rainbow.c | 47 ++-- .../clean/rainbow.h | 4 +- .../rainbowI-classic/clean/rainbow_blas.h | 32 +++ .../clean/rainbow_config.h | 2 +- .../rainbowI-classic/clean/rainbow_keypair.c | 155 +++++++++++ .../clean/rainbow_keypair.h | 2 +- .../clean/rainbow_keypair_computation.c | 26 +- .../clean/rainbow_keypair_computation.h | 4 +- .../clean/sign.c | 30 +- .../clean/utils_hash.c | 10 +- .../clean/utils_hash.h | 2 +- .../clean/utils_prng.c | 6 +- .../clean/utils_prng.h | 4 +- crypto_sign/rainbowI-compressed/META.yml | 20 ++ .../clean/LICENSE | 0 .../clean/Makefile | 2 +- .../clean/Makefile.Microsoft_nmake | 2 +- crypto_sign/rainbowI-compressed/clean/api.h | 32 +++ crypto_sign/rainbowI-compressed/clean/blas.c | 43 +++ crypto_sign/rainbowI-compressed/clean/blas.h | 20 ++ .../clean/blas_comm.c | 54 ++-- .../clean/blas_comm.h | 14 +- .../clean/gf.c | 10 +- crypto_sign/rainbowI-compressed/clean/gf.h | 18 ++ .../clean/parallel_matrix_op.c | 64 ++--- .../clean/parallel_matrix_op.h | 36 +-- .../clean/rainbow.c | 53 ++-- .../clean/rainbow.h | 8 +- .../rainbowI-compressed/clean/rainbow_blas.h | 32 +++ .../clean/rainbow_config.h | 2 +- .../clean/rainbow_keypair.c | 123 +++++---- .../clean/rainbow_keypair.h | 8 +- .../clean/rainbow_keypair_computation.c | 26 +- .../clean/rainbow_keypair_computation.h | 8 +- .../clean/sign.c | 30 +- .../clean/utils_hash.c | 10 +- .../clean/utils_hash.h | 2 +- .../clean/utils_prng.c | 6 +- .../clean/utils_prng.h | 4 +- .../rainbowIII-circumzenithal/META.yml | 20 ++ .../clean/LICENSE | 0 .../rainbowIII-circumzenithal/clean/Makefile | 21 ++ .../clean/Makefile.Microsoft_nmake | 19 ++ .../rainbowIII-circumzenithal/clean/api.h | 32 +++ .../rainbowIII-circumzenithal/clean/blas.c | 31 +++ .../rainbowIII-circumzenithal/clean/blas.h | 19 ++ .../clean/blas_comm.c | 144 ++++++++++ .../clean/blas_comm.h | 90 ++++++ .../clean/gf.c | 22 +- .../rainbowIII-circumzenithal/clean/gf.h | 19 ++ .../clean/parallel_matrix_op.c | 99 +++---- .../clean/parallel_matrix_op.h | 36 +-- .../rainbowIII-circumzenithal/clean/rainbow.c | 173 ++++++++++++ .../clean/rainbow.h | 6 +- .../clean/rainbow_blas.h | 32 +++ .../clean/rainbow_config.h | 6 +- .../clean/rainbow_keypair.c | 111 +++++--- .../clean/rainbow_keypair.h | 4 +- .../clean/rainbow_keypair_computation.c | 213 ++++++++++++++ .../clean/rainbow_keypair_computation.h | 71 +++++ .../rainbowIII-circumzenithal/clean/sign.c | 76 +++++ .../clean/utils_hash.c | 10 +- .../clean/utils_hash.h | 11 + .../clean/utils_prng.c | 97 +++++++ .../clean/utils_prng.h | 18 ++ crypto_sign/rainbowIII-classic/META.yml | 20 ++ .../clean/LICENSE | 0 .../clean/Makefile | 2 +- .../clean/Makefile.Microsoft_nmake | 2 +- crypto_sign/rainbowIII-classic/clean/api.h | 32 +++ .../clean/blas.c | 12 +- .../clean/blas.h | 8 +- .../clean/blas_comm.c | 48 ++-- .../clean/blas_comm.h | 18 +- .../clean/gf.c | 22 +- crypto_sign/rainbowIII-classic/clean/gf.h | 19 ++ .../clean/parallel_matrix_op.c | 64 ++--- .../clean/parallel_matrix_op.h | 36 +-- .../clean/rainbow.c | 47 ++-- .../clean/rainbow.h | 4 +- .../rainbowIII-classic/clean/rainbow_blas.h | 32 +++ .../clean/rainbow_config.h | 6 +- .../clean/rainbow_keypair.c | 155 +++++++++++ .../clean/rainbow_keypair.h | 2 +- .../clean/rainbow_keypair_computation.c | 26 +- .../clean/rainbow_keypair_computation.h | 4 +- .../clean/sign.c | 30 +- .../clean/utils_hash.c | 10 +- .../clean/utils_hash.h | 2 +- .../clean/utils_prng.c | 6 +- .../clean/utils_prng.h | 4 +- crypto_sign/rainbowIII-compressed/META.yml | 20 ++ .../clean/LICENSE | 0 .../clean/Makefile | 2 +- .../clean/Makefile.Microsoft_nmake | 19 ++ crypto_sign/rainbowIII-compressed/clean/api.h | 32 +++ .../rainbowIII-compressed/clean/blas.c | 31 +++ .../rainbowIII-compressed/clean/blas.h | 19 ++ .../clean/blas_comm.c | 48 ++-- .../clean/blas_comm.h | 18 +- .../clean/gf.c | 22 +- crypto_sign/rainbowIII-compressed/clean/gf.h | 19 ++ .../clean/parallel_matrix_op.c | 183 ++++++++++++ .../clean/parallel_matrix_op.h | 260 ++++++++++++++++++ .../clean/rainbow.c | 54 ++-- .../clean/rainbow.h | 8 +- .../clean/rainbow_blas.h | 32 +++ .../clean/rainbow_config.h | 6 +- .../clean/rainbow_keypair.c | 123 +++++---- .../clean/rainbow_keypair.h | 8 +- .../clean/rainbow_keypair_computation.c | 26 +- .../clean/rainbow_keypair_computation.h | 8 +- .../rainbowIII-compressed/clean/sign.c | 76 +++++ .../clean/utils_hash.c | 10 +- .../rainbowIII-compressed/clean/utils_hash.h | 11 + .../rainbowIII-compressed/clean/utils_prng.c | 97 +++++++ .../rainbowIII-compressed/clean/utils_prng.h | 18 ++ crypto_sign/rainbowIIIc-classic/META.yml | 18 -- crypto_sign/rainbowIIIc-classic/clean/api.h | 32 --- crypto_sign/rainbowIIIc-classic/clean/gf.h | 19 -- .../rainbowIIIc-classic/clean/rainbow_blas.h | 32 --- .../clean/rainbow_keypair.c | 126 --------- .../rainbowIIIc-cyclic-compressed/META.yml | 18 -- .../clean/Makefile | 21 -- .../clean/Makefile.Microsoft_nmake | 19 -- .../rainbowIIIc-cyclic-compressed/clean/api.h | 32 --- .../clean/blas.c | 31 --- .../clean/blas.h | 19 -- .../clean/blas_comm.c | 144 ---------- .../clean/blas_comm.h | 90 ------ .../rainbowIIIc-cyclic-compressed/clean/gf.c | 91 ------ .../rainbowIIIc-cyclic-compressed/clean/gf.h | 19 -- .../clean/parallel_matrix_op.c | 183 ------------ .../clean/parallel_matrix_op.h | 260 ------------------ .../clean/rainbow.c | 179 ------------ .../clean/rainbow_blas.h | 32 --- .../clean/rainbow_keypair_computation.c | 213 -------------- .../clean/rainbow_keypair_computation.h | 71 ----- .../clean/sign.c | 76 ----- .../clean/utils_hash.h | 11 - .../clean/utils_prng.c | 97 ------- .../clean/utils_prng.h | 18 -- crypto_sign/rainbowIIIc-cyclic/META.yml | 18 -- crypto_sign/rainbowIIIc-cyclic/clean/api.h | 32 --- crypto_sign/rainbowIIIc-cyclic/clean/gf.h | 19 -- .../rainbowIIIc-cyclic/clean/rainbow_blas.h | 32 --- crypto_sign/rainbowIa-classic/META.yml | 18 -- crypto_sign/rainbowIa-classic/clean/api.h | 32 --- crypto_sign/rainbowIa-classic/clean/blas.c | 43 --- crypto_sign/rainbowIa-classic/clean/blas.h | 20 -- crypto_sign/rainbowIa-classic/clean/gf.h | 18 -- .../rainbowIa-classic/clean/rainbow_blas.h | 32 --- .../rainbowIa-classic/clean/rainbow_keypair.c | 126 --------- crypto_sign/rainbowIa-classic/clean/sign.c | 74 ----- .../rainbowIa-cyclic-compressed/META.yml | 18 -- .../clean/Makefile | 21 -- .../clean/Makefile.Microsoft_nmake | 19 -- .../rainbowIa-cyclic-compressed/clean/api.h | 32 --- .../rainbowIa-cyclic-compressed/clean/blas.c | 43 --- .../rainbowIa-cyclic-compressed/clean/blas.h | 20 -- .../rainbowIa-cyclic-compressed/clean/gf.h | 18 -- .../clean/parallel_matrix_op.h | 260 ------------------ .../clean/rainbow.c | 179 ------------ .../clean/rainbow_blas.h | 32 --- .../clean/rainbow_keypair_computation.c | 213 -------------- .../rainbowIa-cyclic-compressed/clean/sign.c | 76 ----- .../clean/utils_hash.h | 11 - .../clean/utils_prng.c | 97 ------- .../clean/utils_prng.h | 18 -- crypto_sign/rainbowIa-cyclic/META.yml | 18 -- crypto_sign/rainbowIa-cyclic/clean/api.h | 32 --- .../rainbowIa-cyclic/clean/rainbow_blas.h | 32 --- crypto_sign/rainbowV-circumzenithal/META.yml | 20 ++ .../clean/LICENSE | 0 .../rainbowV-circumzenithal/clean/Makefile | 21 ++ .../clean/Makefile.Microsoft_nmake | 19 ++ .../rainbowV-circumzenithal/clean/api.h | 32 +++ .../rainbowV-circumzenithal/clean/blas.c | 31 +++ .../rainbowV-circumzenithal/clean/blas.h | 19 ++ .../rainbowV-circumzenithal/clean/blas_comm.c | 144 ++++++++++ .../rainbowV-circumzenithal/clean/blas_comm.h | 90 ++++++ .../rainbowV-circumzenithal/clean/gf.c | 91 ++++++ .../rainbowV-circumzenithal/clean/gf.h | 19 ++ .../clean/parallel_matrix_op.c | 64 ++--- .../clean/parallel_matrix_op.h | 260 ++++++++++++++++++ .../rainbowV-circumzenithal/clean/rainbow.c | 173 ++++++++++++ .../clean/rainbow.h | 6 +- .../clean/rainbow_blas.h | 32 +++ .../clean/rainbow_config.h | 8 +- .../clean/rainbow_keypair.c | 111 +++++--- .../clean/rainbow_keypair.h | 4 +- .../clean/rainbow_keypair_computation.c | 213 ++++++++++++++ .../clean/rainbow_keypair_computation.h | 71 +++++ .../rainbowV-circumzenithal/clean/sign.c | 76 +++++ .../clean/utils_hash.c | 10 +- .../clean/utils_hash.h | 11 + .../clean/utils_prng.c | 97 +++++++ .../clean/utils_prng.h | 18 ++ crypto_sign/rainbowV-classic/META.yml | 20 ++ .../clean/LICENSE | 0 .../clean/Makefile | 2 +- .../clean/Makefile.Microsoft_nmake | 2 +- crypto_sign/rainbowV-classic/clean/api.h | 32 +++ .../clean/blas.c | 12 +- .../clean/blas.h | 8 +- .../clean/blas_comm.c | 48 ++-- .../clean/blas_comm.h | 18 +- .../clean/gf.c | 22 +- crypto_sign/rainbowV-classic/clean/gf.h | 19 ++ .../clean/parallel_matrix_op.c | 64 ++--- .../clean/parallel_matrix_op.h | 36 +-- .../clean/rainbow.c | 47 ++-- .../clean/rainbow.h | 4 +- .../rainbowV-classic/clean/rainbow_blas.h | 32 +++ .../clean/rainbow_config.h | 8 +- .../rainbowV-classic/clean/rainbow_keypair.c | 155 +++++++++++ .../clean/rainbow_keypair.h | 2 +- .../clean/rainbow_keypair_computation.c | 26 +- .../clean/rainbow_keypair_computation.h | 4 +- .../clean/sign.c | 30 +- .../clean/utils_hash.c | 10 +- .../clean/utils_hash.h | 2 +- .../clean/utils_prng.c | 6 +- .../clean/utils_prng.h | 4 +- crypto_sign/rainbowV-compressed/META.yml | 20 ++ .../clean/LICENSE | 0 .../clean/Makefile | 2 +- .../clean/Makefile.Microsoft_nmake | 2 +- crypto_sign/rainbowV-compressed/clean/api.h | 32 +++ .../clean/blas.c | 12 +- .../clean/blas.h | 8 +- .../clean/blas_comm.c | 48 ++-- .../clean/blas_comm.h | 18 +- .../clean/gf.c | 22 +- crypto_sign/rainbowV-compressed/clean/gf.h | 19 ++ .../clean/parallel_matrix_op.c | 64 ++--- .../clean/parallel_matrix_op.h | 36 +-- .../rainbowV-compressed/clean/rainbow.c | 179 ++++++++++++ .../clean/rainbow.h | 8 +- .../rainbowV-compressed/clean/rainbow_blas.h | 32 +++ .../clean/rainbow_config.h | 8 +- .../clean/rainbow_keypair.c | 123 +++++---- .../clean/rainbow_keypair.h | 8 +- .../clean/rainbow_keypair_computation.c | 26 +- .../clean/rainbow_keypair_computation.h | 8 +- crypto_sign/rainbowV-compressed/clean/sign.c | 76 +++++ .../clean/utils_hash.c | 10 +- .../clean/utils_hash.h | 2 +- .../clean/utils_prng.c | 6 +- .../clean/utils_prng.h | 4 +- crypto_sign/rainbowVc-classic/META.yml | 18 -- .../clean/Makefile.Microsoft_nmake | 19 -- crypto_sign/rainbowVc-classic/clean/api.h | 32 --- crypto_sign/rainbowVc-classic/clean/blas.c | 31 --- crypto_sign/rainbowVc-classic/clean/blas.h | 19 -- crypto_sign/rainbowVc-classic/clean/gf.h | 19 -- .../clean/parallel_matrix_op.h | 260 ------------------ crypto_sign/rainbowVc-classic/clean/rainbow.c | 168 ----------- .../rainbowVc-classic/clean/rainbow_blas.h | 32 --- .../rainbowVc-classic/clean/rainbow_keypair.c | 126 --------- crypto_sign/rainbowVc-classic/clean/sign.c | 74 ----- .../rainbowVc-classic/clean/utils_hash.h | 11 - .../rainbowVc-classic/clean/utils_prng.c | 97 ------- .../rainbowVc-classic/clean/utils_prng.h | 18 -- .../rainbowVc-cyclic-compressed/META.yml | 18 -- .../clean/Makefile | 21 -- .../clean/Makefile.Microsoft_nmake | 19 -- .../rainbowVc-cyclic-compressed/clean/api.h | 32 --- .../rainbowVc-cyclic-compressed/clean/blas.c | 31 --- .../rainbowVc-cyclic-compressed/clean/blas.h | 19 -- .../clean/blas_comm.c | 144 ---------- .../clean/blas_comm.h | 90 ------ .../rainbowVc-cyclic-compressed/clean/gf.h | 19 -- .../clean/parallel_matrix_op.c | 183 ------------ .../clean/rainbow_blas.h | 32 --- .../clean/rainbow_keypair_computation.h | 71 ----- .../rainbowVc-cyclic-compressed/clean/sign.c | 76 ----- .../clean/utils_hash.h | 11 - .../clean/utils_prng.c | 97 ------- .../clean/utils_prng.h | 18 -- crypto_sign/rainbowVc-cyclic/META.yml | 18 -- crypto_sign/rainbowVc-cyclic/clean/api.h | 32 --- crypto_sign/rainbowVc-cyclic/clean/gf.h | 19 -- .../rainbowVc-cyclic/clean/rainbow_blas.h | 32 --- ....yml => rainbowI-circumzenithal_clean.yml} | 4 +- ...c_clean.yml => rainbowI-classic_clean.yml} | 16 +- ...lean.yml => rainbowI-compressed_clean.yml} | 4 +- ...clean.yml => rainbowIII-classic_clean.yml} | 10 +- ...c_clean.yml => rainbowV-classic_clean.yml} | 4 +- 342 files changed, 8054 insertions(+), 7778 deletions(-) create mode 100644 .github/workflows/sign_rainbowI-circumzenithal.yml rename .github/workflows/{sign_rainbowIa-cyclic.yml => sign_rainbowI-classic.yml} (91%) rename .github/workflows/{sign_rainbowIIIc-classic.yml => sign_rainbowI-compressed.yml} (91%) create mode 100644 .github/workflows/sign_rainbowIII-circumzenithal.yml rename .github/workflows/{sign_rainbowIIIc-cyclic.yml => sign_rainbowIII-classic.yml} (91%) create mode 100644 .github/workflows/sign_rainbowIII-compressed.yml delete mode 100644 .github/workflows/sign_rainbowIIIc-cyclic-compressed.yml delete mode 100644 .github/workflows/sign_rainbowIa-cyclic-compressed.yml create mode 100644 .github/workflows/sign_rainbowV-circumzenithal.yml rename .github/workflows/{sign_rainbowVc-cyclic.yml => sign_rainbowV-classic.yml} (91%) rename .github/workflows/{sign_rainbowIa-classic.yml => sign_rainbowV-compressed.yml} (90%) delete mode 100644 .github/workflows/sign_rainbowVc-classic.yml delete mode 100644 .github/workflows/sign_rainbowVc-cyclic-compressed.yml create mode 100644 crypto_sign/rainbowI-circumzenithal/META.yml rename crypto_sign/{rainbowIIIc-classic => rainbowI-circumzenithal}/clean/LICENSE (100%) create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/Makefile create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/Makefile.Microsoft_nmake create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/api.h create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/blas.c create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/blas.h rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowI-circumzenithal}/clean/blas_comm.c (55%) rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowI-circumzenithal}/clean/blas_comm.h (71%) rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowI-circumzenithal}/clean/gf.c (76%) create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/gf.h create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/parallel_matrix_op.c create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/parallel_matrix_op.h rename crypto_sign/{rainbowIa-classic => rainbowI-circumzenithal}/clean/rainbow.c (67%) rename crypto_sign/{rainbowVc-cyclic => rainbowI-circumzenithal}/clean/rainbow.h (71%) create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/rainbow_blas.h rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowI-circumzenithal}/clean/rainbow_config.h (98%) rename crypto_sign/{rainbowVc-cyclic => rainbowI-circumzenithal}/clean/rainbow_keypair.c (54%) rename crypto_sign/{rainbowVc-cyclic => rainbowI-circumzenithal}/clean/rainbow_keypair.h (93%) rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowI-circumzenithal}/clean/rainbow_keypair_computation.c (86%) rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowI-circumzenithal}/clean/rainbow_keypair_computation.h (84%) create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/sign.c rename crypto_sign/{rainbowIa-classic => rainbowI-circumzenithal}/clean/utils_hash.c (78%) create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/utils_hash.h create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/utils_prng.c create mode 100644 crypto_sign/rainbowI-circumzenithal/clean/utils_prng.h create mode 100644 crypto_sign/rainbowI-classic/META.yml rename crypto_sign/{rainbowIIIc-cyclic-compressed => rainbowI-classic}/clean/LICENSE (100%) rename crypto_sign/{rainbowVc-cyclic => rainbowI-classic}/clean/Makefile (95%) rename crypto_sign/{rainbowVc-cyclic => rainbowI-classic}/clean/Makefile.Microsoft_nmake (93%) create mode 100644 crypto_sign/rainbowI-classic/clean/api.h rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/blas.c (56%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/blas.h (58%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/blas_comm.c (70%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/blas_comm.h (85%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/gf.c (79%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/gf.h (50%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/parallel_matrix_op.c (70%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/parallel_matrix_op.h (91%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/rainbow.c (76%) rename crypto_sign/{rainbowVc-classic => rainbowI-classic}/clean/rainbow.h (73%) create mode 100644 crypto_sign/rainbowI-classic/clean/rainbow_blas.h rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/rainbow_config.h (98%) create mode 100644 crypto_sign/rainbowI-classic/clean/rainbow_keypair.c rename crypto_sign/{rainbowIa-classic => rainbowI-classic}/clean/rainbow_keypair.h (94%) rename crypto_sign/{rainbowVc-classic => rainbowI-classic}/clean/rainbow_keypair_computation.c (85%) rename crypto_sign/{rainbowVc-classic => rainbowI-classic}/clean/rainbow_keypair_computation.h (90%) rename crypto_sign/{rainbowVc-cyclic => rainbowI-classic}/clean/sign.c (57%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/utils_hash.c (78%) rename crypto_sign/{rainbowIa-cyclic => rainbowI-classic}/clean/utils_hash.h (78%) rename crypto_sign/{rainbowVc-cyclic => rainbowI-classic}/clean/utils_prng.c (92%) rename crypto_sign/{rainbowVc-cyclic => rainbowI-classic}/clean/utils_prng.h (72%) create mode 100644 crypto_sign/rainbowI-compressed/META.yml rename crypto_sign/{rainbowIIIc-cyclic => rainbowI-compressed}/clean/LICENSE (100%) rename crypto_sign/{rainbowIIIc-classic => rainbowI-compressed}/clean/Makefile (95%) rename crypto_sign/{rainbowIIIc-classic => rainbowI-compressed}/clean/Makefile.Microsoft_nmake (92%) create mode 100644 crypto_sign/rainbowI-compressed/clean/api.h create mode 100644 crypto_sign/rainbowI-compressed/clean/blas.c create mode 100644 crypto_sign/rainbowI-compressed/clean/blas.h rename crypto_sign/{rainbowIa-classic => rainbowI-compressed}/clean/blas_comm.c (57%) rename crypto_sign/{rainbowIa-classic => rainbowI-compressed}/clean/blas_comm.h (72%) rename crypto_sign/{rainbowIa-classic => rainbowI-compressed}/clean/gf.c (77%) create mode 100644 crypto_sign/rainbowI-compressed/clean/gf.h rename crypto_sign/{rainbowIa-classic => rainbowI-compressed}/clean/parallel_matrix_op.c (55%) rename crypto_sign/{rainbowIIIc-classic => rainbowI-compressed}/clean/parallel_matrix_op.h (91%) rename crypto_sign/{rainbowIIIc-classic => rainbowI-compressed}/clean/rainbow.c (72%) rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowI-compressed}/clean/rainbow.h (69%) create mode 100644 crypto_sign/rainbowI-compressed/clean/rainbow_blas.h rename crypto_sign/{rainbowIa-classic => rainbowI-compressed}/clean/rainbow_config.h (98%) rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowI-compressed}/clean/rainbow_keypair.c (52%) rename crypto_sign/{rainbowIIIc-cyclic-compressed => rainbowI-compressed}/clean/rainbow_keypair.h (88%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowI-compressed}/clean/rainbow_keypair_computation.c (87%) rename crypto_sign/{rainbowVc-cyclic => rainbowI-compressed}/clean/rainbow_keypair_computation.h (87%) rename crypto_sign/{rainbowIIIc-classic => rainbowI-compressed}/clean/sign.c (54%) rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowI-compressed}/clean/utils_hash.c (78%) rename crypto_sign/{rainbowIIIc-classic => rainbowI-compressed}/clean/utils_hash.h (78%) rename crypto_sign/{rainbowIIIc-classic => rainbowI-compressed}/clean/utils_prng.c (92%) rename crypto_sign/{rainbowIIIc-classic => rainbowI-compressed}/clean/utils_prng.h (73%) create mode 100644 crypto_sign/rainbowIII-circumzenithal/META.yml rename crypto_sign/{rainbowIa-classic => rainbowIII-circumzenithal}/clean/LICENSE (100%) create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/Makefile create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/Makefile.Microsoft_nmake create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/api.h create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/blas.c create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/blas.h create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/blas_comm.c create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/blas_comm.h rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowIII-circumzenithal}/clean/gf.c (71%) create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/gf.h rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowIII-circumzenithal}/clean/parallel_matrix_op.c (58%) rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowIII-circumzenithal}/clean/parallel_matrix_op.h (85%) create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/rainbow.c rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-circumzenithal}/clean/rainbow.h (70%) create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/rainbow_blas.h rename crypto_sign/{rainbowIIIc-classic => rainbowIII-circumzenithal}/clean/rainbow_config.h (95%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-circumzenithal}/clean/rainbow_keypair.c (54%) rename crypto_sign/{rainbowIa-cyclic => rainbowIII-circumzenithal}/clean/rainbow_keypair.h (93%) create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair_computation.c create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair_computation.h create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/sign.c rename crypto_sign/{rainbowIIIc-classic => rainbowIII-circumzenithal}/clean/utils_hash.c (78%) create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/utils_hash.h create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/utils_prng.c create mode 100644 crypto_sign/rainbowIII-circumzenithal/clean/utils_prng.h create mode 100644 crypto_sign/rainbowIII-classic/META.yml rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowIII-classic}/clean/LICENSE (100%) rename crypto_sign/{rainbowVc-classic => rainbowIII-classic}/clean/Makefile (95%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/Makefile.Microsoft_nmake (92%) create mode 100644 crypto_sign/rainbowIII-classic/clean/api.h rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/blas.c (61%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/blas.h (61%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/blas_comm.c (71%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/blas_comm.h (84%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/gf.c (76%) create mode 100644 crypto_sign/rainbowIII-classic/clean/gf.h rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/parallel_matrix_op.c (71%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/parallel_matrix_op.h (91%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/rainbow.c (76%) rename crypto_sign/{rainbowIIIc-classic => rainbowIII-classic}/clean/rainbow.h (73%) create mode 100644 crypto_sign/rainbowIII-classic/clean/rainbow_blas.h rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/rainbow_config.h (95%) create mode 100644 crypto_sign/rainbowIII-classic/clean/rainbow_keypair.c rename crypto_sign/{rainbowIIIc-classic => rainbowIII-classic}/clean/rainbow_keypair.h (94%) rename crypto_sign/{rainbowIIIc-classic => rainbowIII-classic}/clean/rainbow_keypair_computation.c (85%) rename crypto_sign/{rainbowIIIc-classic => rainbowIII-classic}/clean/rainbow_keypair_computation.h (90%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/sign.c (57%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/utils_hash.c (78%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/utils_hash.h (78%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/utils_prng.c (92%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-classic}/clean/utils_prng.h (73%) create mode 100644 crypto_sign/rainbowIII-compressed/META.yml rename crypto_sign/{rainbowIa-cyclic => rainbowIII-compressed}/clean/LICENSE (100%) rename crypto_sign/{rainbowIa-classic => rainbowIII-compressed}/clean/Makefile (94%) create mode 100644 crypto_sign/rainbowIII-compressed/clean/Makefile.Microsoft_nmake create mode 100644 crypto_sign/rainbowIII-compressed/clean/api.h create mode 100644 crypto_sign/rainbowIII-compressed/clean/blas.c create mode 100644 crypto_sign/rainbowIII-compressed/clean/blas.h rename crypto_sign/{rainbowVc-classic => rainbowIII-compressed}/clean/blas_comm.c (55%) rename crypto_sign/{rainbowVc-classic => rainbowIII-compressed}/clean/blas_comm.h (71%) rename crypto_sign/{rainbowVc-classic => rainbowIII-compressed}/clean/gf.c (71%) create mode 100644 crypto_sign/rainbowIII-compressed/clean/gf.h create mode 100644 crypto_sign/rainbowIII-compressed/clean/parallel_matrix_op.c create mode 100644 crypto_sign/rainbowIII-compressed/clean/parallel_matrix_op.h rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowIII-compressed}/clean/rainbow.c (64%) rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowIII-compressed}/clean/rainbow.h (69%) create mode 100644 crypto_sign/rainbowIII-compressed/clean/rainbow_blas.h rename crypto_sign/{rainbowIIIc-cyclic-compressed => rainbowIII-compressed}/clean/rainbow_config.h (95%) rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowIII-compressed}/clean/rainbow_keypair.c (52%) rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowIII-compressed}/clean/rainbow_keypair.h (87%) rename crypto_sign/{rainbowVc-cyclic => rainbowIII-compressed}/clean/rainbow_keypair_computation.c (87%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowIII-compressed}/clean/rainbow_keypair_computation.h (87%) create mode 100644 crypto_sign/rainbowIII-compressed/clean/sign.c rename crypto_sign/{rainbowIIIc-cyclic-compressed => rainbowIII-compressed}/clean/utils_hash.c (77%) create mode 100644 crypto_sign/rainbowIII-compressed/clean/utils_hash.h create mode 100644 crypto_sign/rainbowIII-compressed/clean/utils_prng.c create mode 100644 crypto_sign/rainbowIII-compressed/clean/utils_prng.h delete mode 100644 crypto_sign/rainbowIIIc-classic/META.yml delete mode 100644 crypto_sign/rainbowIIIc-classic/clean/api.h delete mode 100644 crypto_sign/rainbowIIIc-classic/clean/gf.h delete mode 100644 crypto_sign/rainbowIIIc-classic/clean/rainbow_blas.h delete mode 100644 crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair.c delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/META.yml delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/Makefile delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/Makefile.Microsoft_nmake delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/api.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas.c delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas_comm.c delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas_comm.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/gf.c delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/gf.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/parallel_matrix_op.c delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/parallel_matrix_op.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow.c delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_blas.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair_computation.c delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair_computation.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/sign.c delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_hash.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.c delete mode 100644 crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic/META.yml delete mode 100644 crypto_sign/rainbowIIIc-cyclic/clean/api.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic/clean/gf.h delete mode 100644 crypto_sign/rainbowIIIc-cyclic/clean/rainbow_blas.h delete mode 100644 crypto_sign/rainbowIa-classic/META.yml delete mode 100644 crypto_sign/rainbowIa-classic/clean/api.h delete mode 100644 crypto_sign/rainbowIa-classic/clean/blas.c delete mode 100644 crypto_sign/rainbowIa-classic/clean/blas.h delete mode 100644 crypto_sign/rainbowIa-classic/clean/gf.h delete mode 100644 crypto_sign/rainbowIa-classic/clean/rainbow_blas.h delete mode 100644 crypto_sign/rainbowIa-classic/clean/rainbow_keypair.c delete mode 100644 crypto_sign/rainbowIa-classic/clean/sign.c delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/META.yml delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/Makefile delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/Makefile.Microsoft_nmake delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/api.h delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/blas.c delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/blas.h delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/gf.h delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/parallel_matrix_op.h delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow.c delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_blas.h delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair_computation.c delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/sign.c delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/utils_hash.h delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.c delete mode 100644 crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.h delete mode 100644 crypto_sign/rainbowIa-cyclic/META.yml delete mode 100644 crypto_sign/rainbowIa-cyclic/clean/api.h delete mode 100644 crypto_sign/rainbowIa-cyclic/clean/rainbow_blas.h create mode 100644 crypto_sign/rainbowV-circumzenithal/META.yml rename crypto_sign/{rainbowVc-classic => rainbowV-circumzenithal}/clean/LICENSE (100%) create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/Makefile create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/Makefile.Microsoft_nmake create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/api.h create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/blas.c create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/blas.h create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/blas_comm.c create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/blas_comm.h create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/gf.c create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/gf.h rename crypto_sign/{rainbowVc-classic => rainbowV-circumzenithal}/clean/parallel_matrix_op.c (54%) create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/parallel_matrix_op.h create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/rainbow.c rename crypto_sign/{rainbowIa-cyclic => rainbowV-circumzenithal}/clean/rainbow.h (71%) create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/rainbow_blas.h rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowV-circumzenithal}/clean/rainbow_config.h (93%) rename crypto_sign/{rainbowIa-cyclic => rainbowV-circumzenithal}/clean/rainbow_keypair.c (54%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowV-circumzenithal}/clean/rainbow_keypair.h (93%) create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair_computation.c create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair_computation.h create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/sign.c rename crypto_sign/{rainbowVc-classic => rainbowV-circumzenithal}/clean/utils_hash.c (78%) create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/utils_hash.h create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/utils_prng.c create mode 100644 crypto_sign/rainbowV-circumzenithal/clean/utils_prng.h create mode 100644 crypto_sign/rainbowV-classic/META.yml rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowV-classic}/clean/LICENSE (100%) rename crypto_sign/{rainbowIa-cyclic => rainbowV-classic}/clean/Makefile (95%) rename crypto_sign/{rainbowIa-cyclic => rainbowV-classic}/clean/Makefile.Microsoft_nmake (93%) create mode 100644 crypto_sign/rainbowV-classic/clean/api.h rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/blas.c (60%) rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/blas.h (61%) rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/blas_comm.c (70%) rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/blas_comm.h (84%) rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/gf.c (75%) create mode 100644 crypto_sign/rainbowV-classic/clean/gf.h rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/parallel_matrix_op.c (71%) rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/parallel_matrix_op.h (91%) rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/rainbow.c (76%) rename crypto_sign/{rainbowIa-classic => rainbowV-classic}/clean/rainbow.h (73%) create mode 100644 crypto_sign/rainbowV-classic/clean/rainbow_blas.h rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/rainbow_config.h (93%) create mode 100644 crypto_sign/rainbowV-classic/clean/rainbow_keypair.c rename crypto_sign/{rainbowVc-classic => rainbowV-classic}/clean/rainbow_keypair.h (94%) rename crypto_sign/{rainbowIa-classic => rainbowV-classic}/clean/rainbow_keypair_computation.c (85%) rename crypto_sign/{rainbowIa-classic => rainbowV-classic}/clean/rainbow_keypair_computation.h (90%) rename crypto_sign/{rainbowIa-cyclic => rainbowV-classic}/clean/sign.c (57%) rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/utils_hash.c (78%) rename crypto_sign/{rainbowVc-cyclic => rainbowV-classic}/clean/utils_hash.h (78%) rename crypto_sign/{rainbowIa-cyclic => rainbowV-classic}/clean/utils_prng.c (92%) rename crypto_sign/{rainbowIa-cyclic => rainbowV-classic}/clean/utils_prng.h (72%) create mode 100644 crypto_sign/rainbowV-compressed/META.yml rename crypto_sign/{rainbowVc-cyclic => rainbowV-compressed}/clean/LICENSE (100%) rename crypto_sign/{rainbowIIIc-cyclic => rainbowV-compressed}/clean/Makefile (95%) rename crypto_sign/{rainbowIa-classic => rainbowV-compressed}/clean/Makefile.Microsoft_nmake (92%) create mode 100644 crypto_sign/rainbowV-compressed/clean/api.h rename crypto_sign/{rainbowIIIc-classic => rainbowV-compressed}/clean/blas.c (61%) rename crypto_sign/{rainbowIIIc-classic => rainbowV-compressed}/clean/blas.h (61%) rename crypto_sign/{rainbowIIIc-classic => rainbowV-compressed}/clean/blas_comm.c (71%) rename crypto_sign/{rainbowIIIc-classic => rainbowV-compressed}/clean/blas_comm.h (84%) rename crypto_sign/{rainbowIIIc-classic => rainbowV-compressed}/clean/gf.c (76%) create mode 100644 crypto_sign/rainbowV-compressed/clean/gf.h rename crypto_sign/{rainbowIIIc-classic => rainbowV-compressed}/clean/parallel_matrix_op.c (71%) rename crypto_sign/{rainbowIa-classic => rainbowV-compressed}/clean/parallel_matrix_op.h (84%) create mode 100644 crypto_sign/rainbowV-compressed/clean/rainbow.c rename crypto_sign/{rainbowIIIc-cyclic-compressed => rainbowV-compressed}/clean/rainbow.h (69%) create mode 100644 crypto_sign/rainbowV-compressed/clean/rainbow_blas.h rename crypto_sign/{rainbowVc-classic => rainbowV-compressed}/clean/rainbow_config.h (93%) rename crypto_sign/{rainbowIIIc-cyclic-compressed => rainbowV-compressed}/clean/rainbow_keypair.c (52%) rename crypto_sign/{rainbowIa-cyclic-compressed => rainbowV-compressed}/clean/rainbow_keypair.h (87%) rename crypto_sign/{rainbowIa-cyclic => rainbowV-compressed}/clean/rainbow_keypair_computation.c (87%) rename crypto_sign/{rainbowIa-cyclic => rainbowV-compressed}/clean/rainbow_keypair_computation.h (87%) create mode 100644 crypto_sign/rainbowV-compressed/clean/sign.c rename crypto_sign/{rainbowVc-cyclic-compressed => rainbowV-compressed}/clean/utils_hash.c (78%) rename crypto_sign/{rainbowIa-classic => rainbowV-compressed}/clean/utils_hash.h (58%) rename crypto_sign/{rainbowIa-classic => rainbowV-compressed}/clean/utils_prng.c (86%) rename crypto_sign/{rainbowIa-classic => rainbowV-compressed}/clean/utils_prng.h (55%) delete mode 100644 crypto_sign/rainbowVc-classic/META.yml delete mode 100644 crypto_sign/rainbowVc-classic/clean/Makefile.Microsoft_nmake delete mode 100644 crypto_sign/rainbowVc-classic/clean/api.h delete mode 100644 crypto_sign/rainbowVc-classic/clean/blas.c delete mode 100644 crypto_sign/rainbowVc-classic/clean/blas.h delete mode 100644 crypto_sign/rainbowVc-classic/clean/gf.h delete mode 100644 crypto_sign/rainbowVc-classic/clean/parallel_matrix_op.h delete mode 100644 crypto_sign/rainbowVc-classic/clean/rainbow.c delete mode 100644 crypto_sign/rainbowVc-classic/clean/rainbow_blas.h delete mode 100644 crypto_sign/rainbowVc-classic/clean/rainbow_keypair.c delete mode 100644 crypto_sign/rainbowVc-classic/clean/sign.c delete mode 100644 crypto_sign/rainbowVc-classic/clean/utils_hash.h delete mode 100644 crypto_sign/rainbowVc-classic/clean/utils_prng.c delete mode 100644 crypto_sign/rainbowVc-classic/clean/utils_prng.h delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/META.yml delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/Makefile delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/Makefile.Microsoft_nmake delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/api.h delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/blas.c delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/blas.h delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/blas_comm.c delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/blas_comm.h delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/gf.h delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/parallel_matrix_op.c delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_blas.h delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair_computation.h delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/sign.c delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/utils_hash.h delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.c delete mode 100644 crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.h delete mode 100644 crypto_sign/rainbowVc-cyclic/META.yml delete mode 100644 crypto_sign/rainbowVc-cyclic/clean/api.h delete mode 100644 crypto_sign/rainbowVc-cyclic/clean/gf.h delete mode 100644 crypto_sign/rainbowVc-cyclic/clean/rainbow_blas.h rename test/duplicate_consistency/{rainbowIa-cyclic-compressed_clean.yml => rainbowI-circumzenithal_clean.yml} (83%) rename test/duplicate_consistency/{rainbowIa-classic_clean.yml => rainbowI-classic_clean.yml} (86%) rename test/duplicate_consistency/{rainbowIa-cyclic_clean.yml => rainbowI-compressed_clean.yml} (86%) rename test/duplicate_consistency/{rainbowIIIc-classic_clean.yml => rainbowIII-classic_clean.yml} (86%) rename test/duplicate_consistency/{rainbowVc-classic_clean.yml => rainbowV-classic_clean.yml} (68%) diff --git a/.github/workflows/BADGES.md b/.github/workflows/BADGES.md index ae598f59..d625517f 100644 --- a/.github/workflows/BADGES.md +++ b/.github/workflows/BADGES.md @@ -1,91 +1,88 @@ -![Test firesaber](https://github.com/PQClean/PQClean/workflows/Test%20firesaber/badge.svg?branch=master) -![Test frodokem1344aes](https://github.com/PQClean/PQClean/workflows/Test%20frodokem1344aes/badge.svg?branch=master) -![Test frodokem1344shake](https://github.com/PQClean/PQClean/workflows/Test%20frodokem1344shake/badge.svg?branch=master) -![Test frodokem640aes](https://github.com/PQClean/PQClean/workflows/Test%20frodokem640aes/badge.svg?branch=master) -![Test frodokem640shake](https://github.com/PQClean/PQClean/workflows/Test%20frodokem640shake/badge.svg?branch=master) -![Test frodokem976aes](https://github.com/PQClean/PQClean/workflows/Test%20frodokem976aes/badge.svg?branch=master) -![Test frodokem976shake](https://github.com/PQClean/PQClean/workflows/Test%20frodokem976shake/badge.svg?branch=master) +![Test sphincs-haraka-128s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-128s-robust/badge.svg?branch=master) +![Test sphincs-haraka-256f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-256f-simple/badge.svg?branch=master) +![Test sphincs-sha256-128f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-128f-simple/badge.svg?branch=master) +![Test sphincs-haraka-192s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-192s-robust/badge.svg?branch=master) +![Test sphincs-sha256-192s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-192s-simple/badge.svg?branch=master) +![Test dilithium2](https://github.com/PQClean/PQClean/workflows/Test%20dilithium2/badge.svg?branch=master) +![Test sphincs-shake256-192f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-192f-robust/badge.svg?branch=master) +![Test rainbowIII-compressed](https://github.com/PQClean/PQClean/workflows/Test%20rainbowIII-compressed/badge.svg?branch=master) +![Test sphincs-haraka-128s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-128s-simple/badge.svg?branch=master) +![Test sphincs-sha256-192f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-192f-robust/badge.svg?branch=master) +![Test sphincs-haraka-128f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-128f-simple/badge.svg?branch=master) +![Test rainbowV-circumzenithal](https://github.com/PQClean/PQClean/workflows/Test%20rainbowV-circumzenithal/badge.svg?branch=master) +![Test sphincs-shake256-192f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-192f-simple/badge.svg?branch=master) +![Test sphincs-shake256-256s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-256s-robust/badge.svg?branch=master) +![Test rainbowIII-circumzenithal](https://github.com/PQClean/PQClean/workflows/Test%20rainbowIII-circumzenithal/badge.svg?branch=master) +![Test sphincs-sha256-192s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-192s-robust/badge.svg?branch=master) +![Test sphincs-haraka-192f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-192f-simple/badge.svg?branch=master) +![Test sphincs-shake256-128f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-128f-simple/badge.svg?branch=master) +![Test sphincs-sha256-128f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-128f-robust/badge.svg?branch=master) +![Test sphincs-shake256-192s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-192s-robust/badge.svg?branch=master) +![Test sphincs-haraka-192s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-192s-simple/badge.svg?branch=master) +![Test sphincs-sha256-192f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-192f-simple/badge.svg?branch=master) +![Test rainbowI-circumzenithal](https://github.com/PQClean/PQClean/workflows/Test%20rainbowI-circumzenithal/badge.svg?branch=master) +![Test sphincs-sha256-128s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-128s-robust/badge.svg?branch=master) +![Test rainbowV-compressed](https://github.com/PQClean/PQClean/workflows/Test%20rainbowV-compressed/badge.svg?branch=master) +![Test rainbowV-classic](https://github.com/PQClean/PQClean/workflows/Test%20rainbowV-classic/badge.svg?branch=master) +![Test sphincs-sha256-256s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-256s-simple/badge.svg?branch=master) +![Test falcon-512](https://github.com/PQClean/PQClean/workflows/Test%20falcon-512/badge.svg?branch=master) +![Test falcon-1024](https://github.com/PQClean/PQClean/workflows/Test%20falcon-1024/badge.svg?branch=master) +![Test sphincs-haraka-256s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-256s-simple/badge.svg?branch=master) +![Test sphincs-shake256-128f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-128f-robust/badge.svg?branch=master) +![Test dilithium4](https://github.com/PQClean/PQClean/workflows/Test%20dilithium4/badge.svg?branch=master) +![Test sphincs-sha256-256s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-256s-robust/badge.svg?branch=master) +![Test sphincs-haraka-256s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-256s-robust/badge.svg?branch=master) +![Test sphincs-shake256-256f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-256f-simple/badge.svg?branch=master) +![Test rainbowI-classic](https://github.com/PQClean/PQClean/workflows/Test%20rainbowI-classic/badge.svg?branch=master) +![Test sphincs-haraka-256f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-256f-robust/badge.svg?branch=master) +![Test sphincs-sha256-256f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-256f-robust/badge.svg?branch=master) +![Test sphincs-shake256-128s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-128s-robust/badge.svg?branch=master) +![Test rainbowI-compressed](https://github.com/PQClean/PQClean/workflows/Test%20rainbowI-compressed/badge.svg?branch=master) +![Test rainbowIII-classic](https://github.com/PQClean/PQClean/workflows/Test%20rainbowIII-classic/badge.svg?branch=master) +![Test sphincs-haraka-192f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-192f-robust/badge.svg?branch=master) +![Test dilithium3](https://github.com/PQClean/PQClean/workflows/Test%20dilithium3/badge.svg?branch=master) +![Test sphincs-sha256-256f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-256f-simple/badge.svg?branch=master) +![Test sphincs-shake256-256s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-256s-simple/badge.svg?branch=master) +![Test sphincs-shake256-128s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-128s-simple/badge.svg?branch=master) +![Test sphincs-haraka-128f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-128f-robust/badge.svg?branch=master) +![Test sphincs-shake256-256f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-256f-robust/badge.svg?branch=master) +![Test sphincs-shake256-192s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-192s-simple/badge.svg?branch=master) +![Test sphincs-sha256-128s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-128s-simple/badge.svg?branch=master) +![Test mceliece460896](https://github.com/PQClean/PQClean/workflows/Test%20mceliece460896/badge.svg?branch=master) +![Test saber](https://github.com/PQClean/PQClean/workflows/Test%20saber/badge.svg?branch=master) ![Test kyber1024-90s](https://github.com/PQClean/PQClean/workflows/Test%20kyber1024-90s/badge.svg?branch=master) ![Test kyber1024](https://github.com/PQClean/PQClean/workflows/Test%20kyber1024/badge.svg?branch=master) +![Test mceliece8192128](https://github.com/PQClean/PQClean/workflows/Test%20mceliece8192128/badge.svg?branch=master) +![Test mceliece6960119](https://github.com/PQClean/PQClean/workflows/Test%20mceliece6960119/badge.svg?branch=master) +![Test ntruhrss701](https://github.com/PQClean/PQClean/workflows/Test%20ntruhrss701/badge.svg?branch=master) +![Test ntrulpr857](https://github.com/PQClean/PQClean/workflows/Test%20ntrulpr857/badge.svg?branch=master) +![Test frodokem1344shake](https://github.com/PQClean/PQClean/workflows/Test%20frodokem1344shake/badge.svg?branch=master) +![Test mceliece6688128f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece6688128f/badge.svg?branch=master) +![Test ntruhps2048677](https://github.com/PQClean/PQClean/workflows/Test%20ntruhps2048677/badge.svg?branch=master) +![Test frodokem640aes](https://github.com/PQClean/PQClean/workflows/Test%20frodokem640aes/badge.svg?branch=master) +![Test sntrup761](https://github.com/PQClean/PQClean/workflows/Test%20sntrup761/badge.svg?branch=master) +![Test hqc-rmrs-256](https://github.com/PQClean/PQClean/workflows/Test%20hqc-rmrs-256/badge.svg?branch=master) +![Test frodokem976shake](https://github.com/PQClean/PQClean/workflows/Test%20frodokem976shake/badge.svg?branch=master) +![Test mceliece348864](https://github.com/PQClean/PQClean/workflows/Test%20mceliece348864/badge.svg?branch=master) +![Test frodokem1344aes](https://github.com/PQClean/PQClean/workflows/Test%20frodokem1344aes/badge.svg?branch=master) +![Test hqc-rmrs-192](https://github.com/PQClean/PQClean/workflows/Test%20hqc-rmrs-192/badge.svg?branch=master) +![Test frodokem976aes](https://github.com/PQClean/PQClean/workflows/Test%20frodokem976aes/badge.svg?branch=master) +![Test mceliece8192128f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece8192128f/badge.svg?branch=master) +![Test mceliece460896f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece460896f/badge.svg?branch=master) ![Test kyber512-90s](https://github.com/PQClean/PQClean/workflows/Test%20kyber512-90s/badge.svg?branch=master) -![Test kyber512](https://github.com/PQClean/PQClean/workflows/Test%20kyber512/badge.svg?branch=master) +![Test mceliece348864f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece348864f/badge.svg?branch=master) +![Test mceliece6960119f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece6960119f/badge.svg?branch=master) +![Test firesaber](https://github.com/PQClean/PQClean/workflows/Test%20firesaber/badge.svg?branch=master) +![Test sntrup857](https://github.com/PQClean/PQClean/workflows/Test%20sntrup857/badge.svg?branch=master) +![Test frodokem640shake](https://github.com/PQClean/PQClean/workflows/Test%20frodokem640shake/badge.svg?branch=master) +![Test ntrulpr653](https://github.com/PQClean/PQClean/workflows/Test%20ntrulpr653/badge.svg?branch=master) +![Test sntrup653](https://github.com/PQClean/PQClean/workflows/Test%20sntrup653/badge.svg?branch=master) +![Test lightsaber](https://github.com/PQClean/PQClean/workflows/Test%20lightsaber/badge.svg?branch=master) ![Test kyber768-90s](https://github.com/PQClean/PQClean/workflows/Test%20kyber768-90s/badge.svg?branch=master) ![Test kyber768](https://github.com/PQClean/PQClean/workflows/Test%20kyber768/badge.svg?branch=master) -![Test lightsaber](https://github.com/PQClean/PQClean/workflows/Test%20lightsaber/badge.svg?branch=master) -![Test mceliece348864](https://github.com/PQClean/PQClean/workflows/Test%20mceliece348864/badge.svg?branch=master) -![Test mceliece348864f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece348864f/badge.svg?branch=master) -![Test mceliece460896](https://github.com/PQClean/PQClean/workflows/Test%20mceliece460896/badge.svg?branch=master) -![Test mceliece460896f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece460896f/badge.svg?branch=master) -![Test mceliece6688128](https://github.com/PQClean/PQClean/workflows/Test%20mceliece6688128/badge.svg?branch=master) -![Test mceliece6688128f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece6688128f/badge.svg?branch=master) -![Test mceliece6960119](https://github.com/PQClean/PQClean/workflows/Test%20mceliece6960119/badge.svg?branch=master) -![Test mceliece6960119f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece6960119f/badge.svg?branch=master) -![Test mceliece8192128](https://github.com/PQClean/PQClean/workflows/Test%20mceliece8192128/badge.svg?branch=master) -![Test mceliece8192128f](https://github.com/PQClean/PQClean/workflows/Test%20mceliece8192128f/badge.svg?branch=master) ![Test ntruhps2048509](https://github.com/PQClean/PQClean/workflows/Test%20ntruhps2048509/badge.svg?branch=master) -![Test ntruhps2048677](https://github.com/PQClean/PQClean/workflows/Test%20ntruhps2048677/badge.svg?branch=master) ![Test ntruhps4096821](https://github.com/PQClean/PQClean/workflows/Test%20ntruhps4096821/badge.svg?branch=master) -![Test ntruhrss701](https://github.com/PQClean/PQClean/workflows/Test%20ntruhrss701/badge.svg?branch=master) -![Test saber](https://github.com/PQClean/PQClean/workflows/Test%20saber/badge.svg?branch=master) -![Test hqc-128](https://github.com/PQClean/PQClean/workflows/Test%20hqc-128/badge.svg?branch=master) -![Test hqc-192](https://github.com/PQClean/PQClean/workflows/Test%20hqc-192/badge.svg?branch=master) -![Test hqc-256](https://github.com/PQClean/PQClean/workflows/Test%20hqc-256/badge.svg?branch=master) -![Test hqc-rmrs-128](https://github.com/PQClean/PQClean/workflows/Test%20hqc-rmrs-128/badge.svg?branch=master) -![Test hqc-rmrs-192](https://github.com/PQClean/PQClean/workflows/Test%20hqc-rmrs-192/badge.svg?branch=master) -![Test hqc-rmrs-256](https://github.com/PQClean/PQClean/workflows/Test%20hqc-rmrs-256/badge.svg?branch=master) -![Test ntrulpr653](https://github.com/PQClean/PQClean/workflows/Test%20ntrulpr653/badge.svg?branch=master) ![Test ntrulpr761](https://github.com/PQClean/PQClean/workflows/Test%20ntrulpr761/badge.svg?branch=master) -![Test ntrulpr857](https://github.com/PQClean/PQClean/workflows/Test%20ntrulpr857/badge.svg?branch=master) -![Test sntrup653](https://github.com/PQClean/PQClean/workflows/Test%20sntrup653/badge.svg?branch=master) -![Test sntrup761](https://github.com/PQClean/PQClean/workflows/Test%20sntrup761/badge.svg?branch=master) -![Test sntrup857](https://github.com/PQClean/PQClean/workflows/Test%20sntrup857/badge.svg?branch=master) -![Test dilithium2](https://github.com/PQClean/PQClean/workflows/Test%20dilithium2/badge.svg?branch=master) -![Test dilithium3](https://github.com/PQClean/PQClean/workflows/Test%20dilithium3/badge.svg?branch=master) -![Test dilithium4](https://github.com/PQClean/PQClean/workflows/Test%20dilithium4/badge.svg?branch=master) -![Test falcon-1024](https://github.com/PQClean/PQClean/workflows/Test%20falcon-1024/badge.svg?branch=master) -![Test falcon-512](https://github.com/PQClean/PQClean/workflows/Test%20falcon-512/badge.svg?branch=master) -![Test rainbowIIIc-classic](https://github.com/PQClean/PQClean/workflows/Test%20rainbowIIIc-classic/badge.svg?branch=master) -![Test rainbowIIIc-cyclic-compressed](https://github.com/PQClean/PQClean/workflows/Test%20rainbowIIIc-cyclic-compressed/badge.svg?branch=master) -![Test rainbowIIIc-cyclic](https://github.com/PQClean/PQClean/workflows/Test%20rainbowIIIc-cyclic/badge.svg?branch=master) -![Test rainbowIa-classic](https://github.com/PQClean/PQClean/workflows/Test%20rainbowIa-classic/badge.svg?branch=master) -![Test rainbowIa-cyclic-compressed](https://github.com/PQClean/PQClean/workflows/Test%20rainbowIa-cyclic-compressed/badge.svg?branch=master) -![Test rainbowIa-cyclic](https://github.com/PQClean/PQClean/workflows/Test%20rainbowIa-cyclic/badge.svg?branch=master) -![Test rainbowVc-classic](https://github.com/PQClean/PQClean/workflows/Test%20rainbowVc-classic/badge.svg?branch=master) -![Test rainbowVc-cyclic-compressed](https://github.com/PQClean/PQClean/workflows/Test%20rainbowVc-cyclic-compressed/badge.svg?branch=master) -![Test rainbowVc-cyclic](https://github.com/PQClean/PQClean/workflows/Test%20rainbowVc-cyclic/badge.svg?branch=master) -![Test sphincs-haraka-128f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-128f-robust/badge.svg?branch=master) -![Test sphincs-haraka-128f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-128f-simple/badge.svg?branch=master) -![Test sphincs-haraka-128s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-128s-robust/badge.svg?branch=master) -![Test sphincs-haraka-128s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-128s-simple/badge.svg?branch=master) -![Test sphincs-haraka-192f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-192f-robust/badge.svg?branch=master) -![Test sphincs-haraka-192f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-192f-simple/badge.svg?branch=master) -![Test sphincs-haraka-192s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-192s-robust/badge.svg?branch=master) -![Test sphincs-haraka-192s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-192s-simple/badge.svg?branch=master) -![Test sphincs-haraka-256f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-256f-robust/badge.svg?branch=master) -![Test sphincs-haraka-256f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-256f-simple/badge.svg?branch=master) -![Test sphincs-haraka-256s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-256s-robust/badge.svg?branch=master) -![Test sphincs-haraka-256s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-haraka-256s-simple/badge.svg?branch=master) -![Test sphincs-sha256-128f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-128f-robust/badge.svg?branch=master) -![Test sphincs-sha256-128f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-128f-simple/badge.svg?branch=master) -![Test sphincs-sha256-128s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-128s-robust/badge.svg?branch=master) -![Test sphincs-sha256-128s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-128s-simple/badge.svg?branch=master) -![Test sphincs-sha256-192f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-192f-robust/badge.svg?branch=master) -![Test sphincs-sha256-192f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-192f-simple/badge.svg?branch=master) -![Test sphincs-sha256-192s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-192s-robust/badge.svg?branch=master) -![Test sphincs-sha256-192s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-192s-simple/badge.svg?branch=master) -![Test sphincs-sha256-256f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-256f-robust/badge.svg?branch=master) -![Test sphincs-sha256-256f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-256f-simple/badge.svg?branch=master) -![Test sphincs-sha256-256s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-256s-robust/badge.svg?branch=master) -![Test sphincs-sha256-256s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-sha256-256s-simple/badge.svg?branch=master) -![Test sphincs-shake256-128f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-128f-robust/badge.svg?branch=master) -![Test sphincs-shake256-128f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-128f-simple/badge.svg?branch=master) -![Test sphincs-shake256-128s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-128s-robust/badge.svg?branch=master) -![Test sphincs-shake256-128s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-128s-simple/badge.svg?branch=master) -![Test sphincs-shake256-192f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-192f-robust/badge.svg?branch=master) -![Test sphincs-shake256-192f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-192f-simple/badge.svg?branch=master) -![Test sphincs-shake256-192s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-192s-robust/badge.svg?branch=master) -![Test sphincs-shake256-192s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-192s-simple/badge.svg?branch=master) -![Test sphincs-shake256-256f-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-256f-robust/badge.svg?branch=master) -![Test sphincs-shake256-256f-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-256f-simple/badge.svg?branch=master) -![Test sphincs-shake256-256s-robust](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-256s-robust/badge.svg?branch=master) -![Test sphincs-shake256-256s-simple](https://github.com/PQClean/PQClean/workflows/Test%20sphincs-shake256-256s-simple/badge.svg?branch=master) +![Test kyber512](https://github.com/PQClean/PQClean/workflows/Test%20kyber512/badge.svg?branch=master) +![Test hqc-rmrs-128](https://github.com/PQClean/PQClean/workflows/Test%20hqc-rmrs-128/badge.svg?branch=master) +![Test mceliece6688128](https://github.com/PQClean/PQClean/workflows/Test%20mceliece6688128/badge.svg?branch=master) diff --git a/.github/workflows/sign_rainbowI-circumzenithal.yml b/.github/workflows/sign_rainbowI-circumzenithal.yml new file mode 100644 index 00000000..ef8947e8 --- /dev/null +++ b/.github/workflows/sign_rainbowI-circumzenithal.yml @@ -0,0 +1,204 @@ +on: + push: + paths: + # build if tests change + - 'test/**' + # do not build if other schemes duplicate_consistency files change + - '!test/duplicate_consistency/*.yml' + - 'test/duplicate_consistency/rainbowI-circumzenithal*.yml' + # build if common files change + - 'common/**' + # build if scheme changed + - 'crypto_sign/rainbowI-circumzenithal/**' + # build if workflow file changed + - '.github/workflows/sign_rainbowI-circumzenithal.yml' + # Build if any files in the root change, except .md files + - '*' + - '!*.md' + pull_request: + paths: + # build if tests change + - 'test/**' + # do not build if other schemes duplicate_consistency files change + - '!test/duplicate_consistency/*.yml' + - 'test/duplicate_consistency/rainbowI-circumzenithal*.yml' + # build if common files change + - 'common/**' + # build if scheme changed + - 'crypto_sign/rainbowI-circumzenithal/**' + # build if workflow file changed + - '.github/workflows/sign_rainbowI-circumzenithal.yml' + # Build if any files in the root change, except .md files + - '*' + - '!*.md' + schedule: + - cron: '5 4 * * *' + +name: Test rainbowI-circumzenithal + +jobs: + test-native: + runs-on: ubuntu-latest + container: + image: pqclean/ci-container:${{ matrix.arch }} + env: + PQCLEAN_ONLY_SCHEMES: rainbowI-circumzenithal + CC: ccache ${{ matrix.cc }} + CCACHE_NOSTATS: 1 + CCACHE_DIR: /ccache + CCACHE_SLOPPINESS: include_file_mtime + strategy: + matrix: + arch: + - amd64 + - i386 + cc: + - gcc + - clang + steps: + - name: Cancel Previous Runs + uses: thomwiggers/cancel-workflow-action@all_but_latest + with: + all_but_latest: true + access_token: ${{ github.token }} + continue-on-error: true + if: matrix.arch == 'amd64' && matrix.cc == 'gcc' + - uses: actions/checkout@v2 + with: + submodules: true + - name: Cache ccache + uses: actions/cache@v2 + env: + cache-name: cache-ccache + with: + path: /ccache + key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} + - name: Cache pip + uses: actions/cache@v2 + env: + cache-name: cache-python-pip + with: + path: ~/.cache/pip + key: v1-python-pip + - name: Install python dependencies + run: | + python3 -m pip install -U -r requirements.txt + - name: Run tests + run: | + cd test + python3 -m pytest --verbose --numprocesses=auto + test-emulated: + needs: + - test-native + runs-on: ubuntu-latest + strategy: + matrix: + arch: + - armhf + - unstable-ppc + cc: + - gcc + - clang + env: + CC: ${{ matrix.cc }} + steps: + - name: Register qemu-user-static + run: | + docker run --rm --privileged multiarch/qemu-user-static:register --reset + - uses: actions/checkout@v2 + with: + submodules: true + - name: Cache ccache + uses: actions/cache@v2 + env: + cache-name: cache-ccache + with: + path: ~/ccache + key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} + - name: Cache pip + uses: actions/cache@v2 + env: + cache-name: cache-python-pip + with: + path: ~/.cache/pip + key: v1-python-pip + - name: Run tests in container + run: | + docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowI-circumzenithal -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ + export CCACHE_NOSTATS=1 && \ + export CCACHE_DIR=/ccache && \ + export CCACHE_SLOPPINESS=include_file_mtime && \ + export CC=\"ccache $CC\" && \ + pip3 install -U -r requirements.txt && \ + cd test && \ + python3 -m pytest --verbose --numprocesses=auto" + test-windows: + needs: + - test-native + strategy: + matrix: + bits: + - 64 + - 32 + env: + PQCLEAN_ONLY_SCHEMES: rainbowI-circumzenithal + runs-on: windows-latest + steps: + - uses: actions/checkout@v2 + with: + submodules: true + - name: Setup astyle + run: | + # Setup strong crypto + Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319" -Name 'SchUseStrongCrypto' -Value '1' -Type DWord + Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\.NetFramework\\v4.0.30319" -Name "SchUseStrongCrypto" -Value '1' -Type DWord + Invoke-WebRequest -OutFile "test\\astyle.exe" "https://rded.nl/pqclean/AStyle.exe" + shell: powershell + - name: Setup Python + uses: actions/setup-python@main + with: + python-version: "3.x" + - name: Install python requirements + run: python -m pip install -U -r requirements.txt + - name: Run tests + run: | + call "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Enterprise\\VC\\Auxiliary\\Build\\vcvars${{ matrix.bits }}.bat" + cd test + python -m pytest --verbose --numprocesses=auto + shell: cmd + test-macos: + needs: + - test-native + env: + PQCLEAN_ONLY_SCHEMES: rainbowI-circumzenithal + CCACHE_NOSTATS: 1 + CCACHE_SLOPPINESS: include_file_mtime + # XCode version + DEVELOPER_DIR: /Applications/Xcode_11.5.app/Contents/Developer + strategy: + matrix: + compiler: + - clang # XCode (Apple LLVM/Clang) + - gcc9 # GNU (Homebrew) + runs-on: macos-latest + steps: + - uses: actions/checkout@v2 + with: + submodules: true + - name: Install astyle + run: | + brew install astyle + - name: Set up GCC9 compiler + run: 'export PATH="/usr/local/bin:$PATH" && export CC=gcc-9' + if: matrix.compiler == 'gcc9' + - name: Setup Python + uses: actions/setup-python@main + with: + python-version: "3.x" + - name: Install Python dependencies + run: python -m pip install -U -r requirements.txt + - name: Run tests + run: | + cd test + python -m pytest --verbose --numprocesses=auto + diff --git a/.github/workflows/sign_rainbowIa-cyclic.yml b/.github/workflows/sign_rainbowI-classic.yml similarity index 91% rename from .github/workflows/sign_rainbowIa-cyclic.yml rename to .github/workflows/sign_rainbowI-classic.yml index 70173f3e..0d7bedf3 100644 --- a/.github/workflows/sign_rainbowIa-cyclic.yml +++ b/.github/workflows/sign_rainbowI-classic.yml @@ -5,13 +5,13 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIa-cyclic*.yml' + - 'test/duplicate_consistency/rainbowI-classic*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowIa-cyclic/**' + - 'crypto_sign/rainbowI-classic/**' # build if workflow file changed - - '.github/workflows/sign_rainbowIa-cyclic.yml' + - '.github/workflows/sign_rainbowI-classic.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' @@ -21,20 +21,20 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIa-cyclic*.yml' + - 'test/duplicate_consistency/rainbowI-classic*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowIa-cyclic/**' + - 'crypto_sign/rainbowI-classic/**' # build if workflow file changed - - '.github/workflows/sign_rainbowIa-cyclic.yml' + - '.github/workflows/sign_rainbowI-classic.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' schedule: - cron: '5 4 * * *' -name: Test rainbowIa-cyclic +name: Test rainbowI-classic jobs: test-native: @@ -42,7 +42,7 @@ jobs: container: image: pqclean/ci-container:${{ matrix.arch }} env: - PQCLEAN_ONLY_SCHEMES: rainbowIa-cyclic + PQCLEAN_ONLY_SCHEMES: rainbowI-classic CC: ccache ${{ matrix.cc }} CCACHE_NOSTATS: 1 CCACHE_DIR: /ccache @@ -124,7 +124,7 @@ jobs: key: v1-python-pip - name: Run tests in container run: | - docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowIa-cyclic -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ + docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowI-classic -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ export CCACHE_NOSTATS=1 && \ export CCACHE_DIR=/ccache && \ export CCACHE_SLOPPINESS=include_file_mtime && \ @@ -141,7 +141,7 @@ jobs: - 64 - 32 env: - PQCLEAN_ONLY_SCHEMES: rainbowIa-cyclic + PQCLEAN_ONLY_SCHEMES: rainbowI-classic runs-on: windows-latest steps: - uses: actions/checkout@v2 @@ -170,7 +170,7 @@ jobs: needs: - test-native env: - PQCLEAN_ONLY_SCHEMES: rainbowIa-cyclic + PQCLEAN_ONLY_SCHEMES: rainbowI-classic CCACHE_NOSTATS: 1 CCACHE_SLOPPINESS: include_file_mtime # XCode version diff --git a/.github/workflows/sign_rainbowIIIc-classic.yml b/.github/workflows/sign_rainbowI-compressed.yml similarity index 91% rename from .github/workflows/sign_rainbowIIIc-classic.yml rename to .github/workflows/sign_rainbowI-compressed.yml index 1ed5acbf..6d7a91ba 100644 --- a/.github/workflows/sign_rainbowIIIc-classic.yml +++ b/.github/workflows/sign_rainbowI-compressed.yml @@ -5,13 +5,13 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIIIc-classic*.yml' + - 'test/duplicate_consistency/rainbowI-compressed*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowIIIc-classic/**' + - 'crypto_sign/rainbowI-compressed/**' # build if workflow file changed - - '.github/workflows/sign_rainbowIIIc-classic.yml' + - '.github/workflows/sign_rainbowI-compressed.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' @@ -21,20 +21,20 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIIIc-classic*.yml' + - 'test/duplicate_consistency/rainbowI-compressed*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowIIIc-classic/**' + - 'crypto_sign/rainbowI-compressed/**' # build if workflow file changed - - '.github/workflows/sign_rainbowIIIc-classic.yml' + - '.github/workflows/sign_rainbowI-compressed.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' schedule: - cron: '5 4 * * *' -name: Test rainbowIIIc-classic +name: Test rainbowI-compressed jobs: test-native: @@ -42,7 +42,7 @@ jobs: container: image: pqclean/ci-container:${{ matrix.arch }} env: - PQCLEAN_ONLY_SCHEMES: rainbowIIIc-classic + PQCLEAN_ONLY_SCHEMES: rainbowI-compressed CC: ccache ${{ matrix.cc }} CCACHE_NOSTATS: 1 CCACHE_DIR: /ccache @@ -124,7 +124,7 @@ jobs: key: v1-python-pip - name: Run tests in container run: | - docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowIIIc-classic -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ + docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowI-compressed -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ export CCACHE_NOSTATS=1 && \ export CCACHE_DIR=/ccache && \ export CCACHE_SLOPPINESS=include_file_mtime && \ @@ -141,7 +141,7 @@ jobs: - 64 - 32 env: - PQCLEAN_ONLY_SCHEMES: rainbowIIIc-classic + PQCLEAN_ONLY_SCHEMES: rainbowI-compressed runs-on: windows-latest steps: - uses: actions/checkout@v2 @@ -170,7 +170,7 @@ jobs: needs: - test-native env: - PQCLEAN_ONLY_SCHEMES: rainbowIIIc-classic + PQCLEAN_ONLY_SCHEMES: rainbowI-compressed CCACHE_NOSTATS: 1 CCACHE_SLOPPINESS: include_file_mtime # XCode version diff --git a/.github/workflows/sign_rainbowIII-circumzenithal.yml b/.github/workflows/sign_rainbowIII-circumzenithal.yml new file mode 100644 index 00000000..88b75850 --- /dev/null +++ b/.github/workflows/sign_rainbowIII-circumzenithal.yml @@ -0,0 +1,204 @@ +on: + push: + paths: + # build if tests change + - 'test/**' + # do not build if other schemes duplicate_consistency files change + - '!test/duplicate_consistency/*.yml' + - 'test/duplicate_consistency/rainbowIII-circumzenithal*.yml' + # build if common files change + - 'common/**' + # build if scheme changed + - 'crypto_sign/rainbowIII-circumzenithal/**' + # build if workflow file changed + - '.github/workflows/sign_rainbowIII-circumzenithal.yml' + # Build if any files in the root change, except .md files + - '*' + - '!*.md' + pull_request: + paths: + # build if tests change + - 'test/**' + # do not build if other schemes duplicate_consistency files change + - '!test/duplicate_consistency/*.yml' + - 'test/duplicate_consistency/rainbowIII-circumzenithal*.yml' + # build if common files change + - 'common/**' + # build if scheme changed + - 'crypto_sign/rainbowIII-circumzenithal/**' + # build if workflow file changed + - '.github/workflows/sign_rainbowIII-circumzenithal.yml' + # Build if any files in the root change, except .md files + - '*' + - '!*.md' + schedule: + - cron: '5 4 * * *' + +name: Test rainbowIII-circumzenithal + +jobs: + test-native: + runs-on: ubuntu-latest + container: + image: pqclean/ci-container:${{ matrix.arch }} + env: + PQCLEAN_ONLY_SCHEMES: rainbowIII-circumzenithal + CC: ccache ${{ matrix.cc }} + CCACHE_NOSTATS: 1 + CCACHE_DIR: /ccache + CCACHE_SLOPPINESS: include_file_mtime + strategy: + matrix: + arch: + - amd64 + - i386 + cc: + - gcc + - clang + steps: + - name: Cancel Previous Runs + uses: thomwiggers/cancel-workflow-action@all_but_latest + with: + all_but_latest: true + access_token: ${{ github.token }} + continue-on-error: true + if: matrix.arch == 'amd64' && matrix.cc == 'gcc' + - uses: actions/checkout@v2 + with: + submodules: true + - name: Cache ccache + uses: actions/cache@v2 + env: + cache-name: cache-ccache + with: + path: /ccache + key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} + - name: Cache pip + uses: actions/cache@v2 + env: + cache-name: cache-python-pip + with: + path: ~/.cache/pip + key: v1-python-pip + - name: Install python dependencies + run: | + python3 -m pip install -U -r requirements.txt + - name: Run tests + run: | + cd test + python3 -m pytest --verbose --numprocesses=auto + test-emulated: + needs: + - test-native + runs-on: ubuntu-latest + strategy: + matrix: + arch: + - armhf + - unstable-ppc + cc: + - gcc + - clang + env: + CC: ${{ matrix.cc }} + steps: + - name: Register qemu-user-static + run: | + docker run --rm --privileged multiarch/qemu-user-static:register --reset + - uses: actions/checkout@v2 + with: + submodules: true + - name: Cache ccache + uses: actions/cache@v2 + env: + cache-name: cache-ccache + with: + path: ~/ccache + key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} + - name: Cache pip + uses: actions/cache@v2 + env: + cache-name: cache-python-pip + with: + path: ~/.cache/pip + key: v1-python-pip + - name: Run tests in container + run: | + docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowIII-circumzenithal -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ + export CCACHE_NOSTATS=1 && \ + export CCACHE_DIR=/ccache && \ + export CCACHE_SLOPPINESS=include_file_mtime && \ + export CC=\"ccache $CC\" && \ + pip3 install -U -r requirements.txt && \ + cd test && \ + python3 -m pytest --verbose --numprocesses=auto" + test-windows: + needs: + - test-native + strategy: + matrix: + bits: + - 64 + - 32 + env: + PQCLEAN_ONLY_SCHEMES: rainbowIII-circumzenithal + runs-on: windows-latest + steps: + - uses: actions/checkout@v2 + with: + submodules: true + - name: Setup astyle + run: | + # Setup strong crypto + Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319" -Name 'SchUseStrongCrypto' -Value '1' -Type DWord + Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\.NetFramework\\v4.0.30319" -Name "SchUseStrongCrypto" -Value '1' -Type DWord + Invoke-WebRequest -OutFile "test\\astyle.exe" "https://rded.nl/pqclean/AStyle.exe" + shell: powershell + - name: Setup Python + uses: actions/setup-python@main + with: + python-version: "3.x" + - name: Install python requirements + run: python -m pip install -U -r requirements.txt + - name: Run tests + run: | + call "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Enterprise\\VC\\Auxiliary\\Build\\vcvars${{ matrix.bits }}.bat" + cd test + python -m pytest --verbose --numprocesses=auto + shell: cmd + test-macos: + needs: + - test-native + env: + PQCLEAN_ONLY_SCHEMES: rainbowIII-circumzenithal + CCACHE_NOSTATS: 1 + CCACHE_SLOPPINESS: include_file_mtime + # XCode version + DEVELOPER_DIR: /Applications/Xcode_11.5.app/Contents/Developer + strategy: + matrix: + compiler: + - clang # XCode (Apple LLVM/Clang) + - gcc9 # GNU (Homebrew) + runs-on: macos-latest + steps: + - uses: actions/checkout@v2 + with: + submodules: true + - name: Install astyle + run: | + brew install astyle + - name: Set up GCC9 compiler + run: 'export PATH="/usr/local/bin:$PATH" && export CC=gcc-9' + if: matrix.compiler == 'gcc9' + - name: Setup Python + uses: actions/setup-python@main + with: + python-version: "3.x" + - name: Install Python dependencies + run: python -m pip install -U -r requirements.txt + - name: Run tests + run: | + cd test + python -m pytest --verbose --numprocesses=auto + diff --git a/.github/workflows/sign_rainbowIIIc-cyclic.yml b/.github/workflows/sign_rainbowIII-classic.yml similarity index 91% rename from .github/workflows/sign_rainbowIIIc-cyclic.yml rename to .github/workflows/sign_rainbowIII-classic.yml index 4030c617..720411cc 100644 --- a/.github/workflows/sign_rainbowIIIc-cyclic.yml +++ b/.github/workflows/sign_rainbowIII-classic.yml @@ -5,13 +5,13 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIIIc-cyclic*.yml' + - 'test/duplicate_consistency/rainbowIII-classic*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowIIIc-cyclic/**' + - 'crypto_sign/rainbowIII-classic/**' # build if workflow file changed - - '.github/workflows/sign_rainbowIIIc-cyclic.yml' + - '.github/workflows/sign_rainbowIII-classic.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' @@ -21,20 +21,20 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIIIc-cyclic*.yml' + - 'test/duplicate_consistency/rainbowIII-classic*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowIIIc-cyclic/**' + - 'crypto_sign/rainbowIII-classic/**' # build if workflow file changed - - '.github/workflows/sign_rainbowIIIc-cyclic.yml' + - '.github/workflows/sign_rainbowIII-classic.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' schedule: - cron: '5 4 * * *' -name: Test rainbowIIIc-cyclic +name: Test rainbowIII-classic jobs: test-native: @@ -42,7 +42,7 @@ jobs: container: image: pqclean/ci-container:${{ matrix.arch }} env: - PQCLEAN_ONLY_SCHEMES: rainbowIIIc-cyclic + PQCLEAN_ONLY_SCHEMES: rainbowIII-classic CC: ccache ${{ matrix.cc }} CCACHE_NOSTATS: 1 CCACHE_DIR: /ccache @@ -124,7 +124,7 @@ jobs: key: v1-python-pip - name: Run tests in container run: | - docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowIIIc-cyclic -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ + docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowIII-classic -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ export CCACHE_NOSTATS=1 && \ export CCACHE_DIR=/ccache && \ export CCACHE_SLOPPINESS=include_file_mtime && \ @@ -141,7 +141,7 @@ jobs: - 64 - 32 env: - PQCLEAN_ONLY_SCHEMES: rainbowIIIc-cyclic + PQCLEAN_ONLY_SCHEMES: rainbowIII-classic runs-on: windows-latest steps: - uses: actions/checkout@v2 @@ -170,7 +170,7 @@ jobs: needs: - test-native env: - PQCLEAN_ONLY_SCHEMES: rainbowIIIc-cyclic + PQCLEAN_ONLY_SCHEMES: rainbowIII-classic CCACHE_NOSTATS: 1 CCACHE_SLOPPINESS: include_file_mtime # XCode version diff --git a/.github/workflows/sign_rainbowIII-compressed.yml b/.github/workflows/sign_rainbowIII-compressed.yml new file mode 100644 index 00000000..8f903908 --- /dev/null +++ b/.github/workflows/sign_rainbowIII-compressed.yml @@ -0,0 +1,204 @@ +on: + push: + paths: + # build if tests change + - 'test/**' + # do not build if other schemes duplicate_consistency files change + - '!test/duplicate_consistency/*.yml' + - 'test/duplicate_consistency/rainbowIII-compressed*.yml' + # build if common files change + - 'common/**' + # build if scheme changed + - 'crypto_sign/rainbowIII-compressed/**' + # build if workflow file changed + - '.github/workflows/sign_rainbowIII-compressed.yml' + # Build if any files in the root change, except .md files + - '*' + - '!*.md' + pull_request: + paths: + # build if tests change + - 'test/**' + # do not build if other schemes duplicate_consistency files change + - '!test/duplicate_consistency/*.yml' + - 'test/duplicate_consistency/rainbowIII-compressed*.yml' + # build if common files change + - 'common/**' + # build if scheme changed + - 'crypto_sign/rainbowIII-compressed/**' + # build if workflow file changed + - '.github/workflows/sign_rainbowIII-compressed.yml' + # Build if any files in the root change, except .md files + - '*' + - '!*.md' + schedule: + - cron: '5 4 * * *' + +name: Test rainbowIII-compressed + +jobs: + test-native: + runs-on: ubuntu-latest + container: + image: pqclean/ci-container:${{ matrix.arch }} + env: + PQCLEAN_ONLY_SCHEMES: rainbowIII-compressed + CC: ccache ${{ matrix.cc }} + CCACHE_NOSTATS: 1 + CCACHE_DIR: /ccache + CCACHE_SLOPPINESS: include_file_mtime + strategy: + matrix: + arch: + - amd64 + - i386 + cc: + - gcc + - clang + steps: + - name: Cancel Previous Runs + uses: thomwiggers/cancel-workflow-action@all_but_latest + with: + all_but_latest: true + access_token: ${{ github.token }} + continue-on-error: true + if: matrix.arch == 'amd64' && matrix.cc == 'gcc' + - uses: actions/checkout@v2 + with: + submodules: true + - name: Cache ccache + uses: actions/cache@v2 + env: + cache-name: cache-ccache + with: + path: /ccache + key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} + - name: Cache pip + uses: actions/cache@v2 + env: + cache-name: cache-python-pip + with: + path: ~/.cache/pip + key: v1-python-pip + - name: Install python dependencies + run: | + python3 -m pip install -U -r requirements.txt + - name: Run tests + run: | + cd test + python3 -m pytest --verbose --numprocesses=auto + test-emulated: + needs: + - test-native + runs-on: ubuntu-latest + strategy: + matrix: + arch: + - armhf + - unstable-ppc + cc: + - gcc + - clang + env: + CC: ${{ matrix.cc }} + steps: + - name: Register qemu-user-static + run: | + docker run --rm --privileged multiarch/qemu-user-static:register --reset + - uses: actions/checkout@v2 + with: + submodules: true + - name: Cache ccache + uses: actions/cache@v2 + env: + cache-name: cache-ccache + with: + path: ~/ccache + key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} + - name: Cache pip + uses: actions/cache@v2 + env: + cache-name: cache-python-pip + with: + path: ~/.cache/pip + key: v1-python-pip + - name: Run tests in container + run: | + docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowIII-compressed -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ + export CCACHE_NOSTATS=1 && \ + export CCACHE_DIR=/ccache && \ + export CCACHE_SLOPPINESS=include_file_mtime && \ + export CC=\"ccache $CC\" && \ + pip3 install -U -r requirements.txt && \ + cd test && \ + python3 -m pytest --verbose --numprocesses=auto" + test-windows: + needs: + - test-native + strategy: + matrix: + bits: + - 64 + - 32 + env: + PQCLEAN_ONLY_SCHEMES: rainbowIII-compressed + runs-on: windows-latest + steps: + - uses: actions/checkout@v2 + with: + submodules: true + - name: Setup astyle + run: | + # Setup strong crypto + Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319" -Name 'SchUseStrongCrypto' -Value '1' -Type DWord + Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\.NetFramework\\v4.0.30319" -Name "SchUseStrongCrypto" -Value '1' -Type DWord + Invoke-WebRequest -OutFile "test\\astyle.exe" "https://rded.nl/pqclean/AStyle.exe" + shell: powershell + - name: Setup Python + uses: actions/setup-python@main + with: + python-version: "3.x" + - name: Install python requirements + run: python -m pip install -U -r requirements.txt + - name: Run tests + run: | + call "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Enterprise\\VC\\Auxiliary\\Build\\vcvars${{ matrix.bits }}.bat" + cd test + python -m pytest --verbose --numprocesses=auto + shell: cmd + test-macos: + needs: + - test-native + env: + PQCLEAN_ONLY_SCHEMES: rainbowIII-compressed + CCACHE_NOSTATS: 1 + CCACHE_SLOPPINESS: include_file_mtime + # XCode version + DEVELOPER_DIR: /Applications/Xcode_11.5.app/Contents/Developer + strategy: + matrix: + compiler: + - clang # XCode (Apple LLVM/Clang) + - gcc9 # GNU (Homebrew) + runs-on: macos-latest + steps: + - uses: actions/checkout@v2 + with: + submodules: true + - name: Install astyle + run: | + brew install astyle + - name: Set up GCC9 compiler + run: 'export PATH="/usr/local/bin:$PATH" && export CC=gcc-9' + if: matrix.compiler == 'gcc9' + - name: Setup Python + uses: actions/setup-python@main + with: + python-version: "3.x" + - name: Install Python dependencies + run: python -m pip install -U -r requirements.txt + - name: Run tests + run: | + cd test + python -m pytest --verbose --numprocesses=auto + diff --git a/.github/workflows/sign_rainbowIIIc-cyclic-compressed.yml b/.github/workflows/sign_rainbowIIIc-cyclic-compressed.yml deleted file mode 100644 index 4335458e..00000000 --- a/.github/workflows/sign_rainbowIIIc-cyclic-compressed.yml +++ /dev/null @@ -1,204 +0,0 @@ -on: - push: - paths: - # build if tests change - - 'test/**' - # do not build if other schemes duplicate_consistency files change - - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIIIc-cyclic-compressed*.yml' - # build if common files change - - 'common/**' - # build if scheme changed - - 'crypto_sign/rainbowIIIc-cyclic-compressed/**' - # build if workflow file changed - - '.github/workflows/sign_rainbowIIIc-cyclic-compressed.yml' - # Build if any files in the root change, except .md files - - '*' - - '!*.md' - pull_request: - paths: - # build if tests change - - 'test/**' - # do not build if other schemes duplicate_consistency files change - - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIIIc-cyclic-compressed*.yml' - # build if common files change - - 'common/**' - # build if scheme changed - - 'crypto_sign/rainbowIIIc-cyclic-compressed/**' - # build if workflow file changed - - '.github/workflows/sign_rainbowIIIc-cyclic-compressed.yml' - # Build if any files in the root change, except .md files - - '*' - - '!*.md' - schedule: - - cron: '5 4 * * *' - -name: Test rainbowIIIc-cyclic-compressed - -jobs: - test-native: - runs-on: ubuntu-latest - container: - image: pqclean/ci-container:${{ matrix.arch }} - env: - PQCLEAN_ONLY_SCHEMES: rainbowIIIc-cyclic-compressed - CC: ccache ${{ matrix.cc }} - CCACHE_NOSTATS: 1 - CCACHE_DIR: /ccache - CCACHE_SLOPPINESS: include_file_mtime - strategy: - matrix: - arch: - - amd64 - - i386 - cc: - - gcc - - clang - steps: - - name: Cancel Previous Runs - uses: thomwiggers/cancel-workflow-action@all_but_latest - with: - all_but_latest: true - access_token: ${{ github.token }} - continue-on-error: true - if: matrix.arch == 'amd64' && matrix.cc == 'gcc' - - uses: actions/checkout@v2 - with: - submodules: true - - name: Cache ccache - uses: actions/cache@v2 - env: - cache-name: cache-ccache - with: - path: /ccache - key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} - - name: Cache pip - uses: actions/cache@v2 - env: - cache-name: cache-python-pip - with: - path: ~/.cache/pip - key: v1-python-pip - - name: Install python dependencies - run: | - python3 -m pip install -U -r requirements.txt - - name: Run tests - run: | - cd test - python3 -m pytest --verbose --numprocesses=auto - test-emulated: - needs: - - test-native - runs-on: ubuntu-latest - strategy: - matrix: - arch: - - armhf - - unstable-ppc - cc: - - gcc - - clang - env: - CC: ${{ matrix.cc }} - steps: - - name: Register qemu-user-static - run: | - docker run --rm --privileged multiarch/qemu-user-static:register --reset - - uses: actions/checkout@v2 - with: - submodules: true - - name: Cache ccache - uses: actions/cache@v2 - env: - cache-name: cache-ccache - with: - path: ~/ccache - key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} - - name: Cache pip - uses: actions/cache@v2 - env: - cache-name: cache-python-pip - with: - path: ~/.cache/pip - key: v1-python-pip - - name: Run tests in container - run: | - docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowIIIc-cyclic-compressed -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ - export CCACHE_NOSTATS=1 && \ - export CCACHE_DIR=/ccache && \ - export CCACHE_SLOPPINESS=include_file_mtime && \ - export CC=\"ccache $CC\" && \ - pip3 install -U -r requirements.txt && \ - cd test && \ - python3 -m pytest --verbose --numprocesses=auto" - test-windows: - needs: - - test-native - strategy: - matrix: - bits: - - 64 - - 32 - env: - PQCLEAN_ONLY_SCHEMES: rainbowIIIc-cyclic-compressed - runs-on: windows-latest - steps: - - uses: actions/checkout@v2 - with: - submodules: true - - name: Setup astyle - run: | - # Setup strong crypto - Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319" -Name 'SchUseStrongCrypto' -Value '1' -Type DWord - Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\.NetFramework\\v4.0.30319" -Name "SchUseStrongCrypto" -Value '1' -Type DWord - Invoke-WebRequest -OutFile "test\\astyle.exe" "https://rded.nl/pqclean/AStyle.exe" - shell: powershell - - name: Setup Python - uses: actions/setup-python@main - with: - python-version: "3.x" - - name: Install python requirements - run: python -m pip install -U -r requirements.txt - - name: Run tests - run: | - call "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Enterprise\\VC\\Auxiliary\\Build\\vcvars${{ matrix.bits }}.bat" - cd test - python -m pytest --verbose --numprocesses=auto - shell: cmd - test-macos: - needs: - - test-native - env: - PQCLEAN_ONLY_SCHEMES: rainbowIIIc-cyclic-compressed - CCACHE_NOSTATS: 1 - CCACHE_SLOPPINESS: include_file_mtime - # XCode version - DEVELOPER_DIR: /Applications/Xcode_11.5.app/Contents/Developer - strategy: - matrix: - compiler: - - clang # XCode (Apple LLVM/Clang) - - gcc9 # GNU (Homebrew) - runs-on: macos-latest - steps: - - uses: actions/checkout@v2 - with: - submodules: true - - name: Install astyle - run: | - brew install astyle - - name: Set up GCC9 compiler - run: 'export PATH="/usr/local/bin:$PATH" && export CC=gcc-9' - if: matrix.compiler == 'gcc9' - - name: Setup Python - uses: actions/setup-python@main - with: - python-version: "3.x" - - name: Install Python dependencies - run: python -m pip install -U -r requirements.txt - - name: Run tests - run: | - cd test - python -m pytest --verbose --numprocesses=auto - diff --git a/.github/workflows/sign_rainbowIa-cyclic-compressed.yml b/.github/workflows/sign_rainbowIa-cyclic-compressed.yml deleted file mode 100644 index abdd3e65..00000000 --- a/.github/workflows/sign_rainbowIa-cyclic-compressed.yml +++ /dev/null @@ -1,204 +0,0 @@ -on: - push: - paths: - # build if tests change - - 'test/**' - # do not build if other schemes duplicate_consistency files change - - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIa-cyclic-compressed*.yml' - # build if common files change - - 'common/**' - # build if scheme changed - - 'crypto_sign/rainbowIa-cyclic-compressed/**' - # build if workflow file changed - - '.github/workflows/sign_rainbowIa-cyclic-compressed.yml' - # Build if any files in the root change, except .md files - - '*' - - '!*.md' - pull_request: - paths: - # build if tests change - - 'test/**' - # do not build if other schemes duplicate_consistency files change - - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIa-cyclic-compressed*.yml' - # build if common files change - - 'common/**' - # build if scheme changed - - 'crypto_sign/rainbowIa-cyclic-compressed/**' - # build if workflow file changed - - '.github/workflows/sign_rainbowIa-cyclic-compressed.yml' - # Build if any files in the root change, except .md files - - '*' - - '!*.md' - schedule: - - cron: '5 4 * * *' - -name: Test rainbowIa-cyclic-compressed - -jobs: - test-native: - runs-on: ubuntu-latest - container: - image: pqclean/ci-container:${{ matrix.arch }} - env: - PQCLEAN_ONLY_SCHEMES: rainbowIa-cyclic-compressed - CC: ccache ${{ matrix.cc }} - CCACHE_NOSTATS: 1 - CCACHE_DIR: /ccache - CCACHE_SLOPPINESS: include_file_mtime - strategy: - matrix: - arch: - - amd64 - - i386 - cc: - - gcc - - clang - steps: - - name: Cancel Previous Runs - uses: thomwiggers/cancel-workflow-action@all_but_latest - with: - all_but_latest: true - access_token: ${{ github.token }} - continue-on-error: true - if: matrix.arch == 'amd64' && matrix.cc == 'gcc' - - uses: actions/checkout@v2 - with: - submodules: true - - name: Cache ccache - uses: actions/cache@v2 - env: - cache-name: cache-ccache - with: - path: /ccache - key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} - - name: Cache pip - uses: actions/cache@v2 - env: - cache-name: cache-python-pip - with: - path: ~/.cache/pip - key: v1-python-pip - - name: Install python dependencies - run: | - python3 -m pip install -U -r requirements.txt - - name: Run tests - run: | - cd test - python3 -m pytest --verbose --numprocesses=auto - test-emulated: - needs: - - test-native - runs-on: ubuntu-latest - strategy: - matrix: - arch: - - armhf - - unstable-ppc - cc: - - gcc - - clang - env: - CC: ${{ matrix.cc }} - steps: - - name: Register qemu-user-static - run: | - docker run --rm --privileged multiarch/qemu-user-static:register --reset - - uses: actions/checkout@v2 - with: - submodules: true - - name: Cache ccache - uses: actions/cache@v2 - env: - cache-name: cache-ccache - with: - path: ~/ccache - key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} - - name: Cache pip - uses: actions/cache@v2 - env: - cache-name: cache-python-pip - with: - path: ~/.cache/pip - key: v1-python-pip - - name: Run tests in container - run: | - docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowIa-cyclic-compressed -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ - export CCACHE_NOSTATS=1 && \ - export CCACHE_DIR=/ccache && \ - export CCACHE_SLOPPINESS=include_file_mtime && \ - export CC=\"ccache $CC\" && \ - pip3 install -U -r requirements.txt && \ - cd test && \ - python3 -m pytest --verbose --numprocesses=auto" - test-windows: - needs: - - test-native - strategy: - matrix: - bits: - - 64 - - 32 - env: - PQCLEAN_ONLY_SCHEMES: rainbowIa-cyclic-compressed - runs-on: windows-latest - steps: - - uses: actions/checkout@v2 - with: - submodules: true - - name: Setup astyle - run: | - # Setup strong crypto - Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319" -Name 'SchUseStrongCrypto' -Value '1' -Type DWord - Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\.NetFramework\\v4.0.30319" -Name "SchUseStrongCrypto" -Value '1' -Type DWord - Invoke-WebRequest -OutFile "test\\astyle.exe" "https://rded.nl/pqclean/AStyle.exe" - shell: powershell - - name: Setup Python - uses: actions/setup-python@main - with: - python-version: "3.x" - - name: Install python requirements - run: python -m pip install -U -r requirements.txt - - name: Run tests - run: | - call "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Enterprise\\VC\\Auxiliary\\Build\\vcvars${{ matrix.bits }}.bat" - cd test - python -m pytest --verbose --numprocesses=auto - shell: cmd - test-macos: - needs: - - test-native - env: - PQCLEAN_ONLY_SCHEMES: rainbowIa-cyclic-compressed - CCACHE_NOSTATS: 1 - CCACHE_SLOPPINESS: include_file_mtime - # XCode version - DEVELOPER_DIR: /Applications/Xcode_11.5.app/Contents/Developer - strategy: - matrix: - compiler: - - clang # XCode (Apple LLVM/Clang) - - gcc9 # GNU (Homebrew) - runs-on: macos-latest - steps: - - uses: actions/checkout@v2 - with: - submodules: true - - name: Install astyle - run: | - brew install astyle - - name: Set up GCC9 compiler - run: 'export PATH="/usr/local/bin:$PATH" && export CC=gcc-9' - if: matrix.compiler == 'gcc9' - - name: Setup Python - uses: actions/setup-python@main - with: - python-version: "3.x" - - name: Install Python dependencies - run: python -m pip install -U -r requirements.txt - - name: Run tests - run: | - cd test - python -m pytest --verbose --numprocesses=auto - diff --git a/.github/workflows/sign_rainbowV-circumzenithal.yml b/.github/workflows/sign_rainbowV-circumzenithal.yml new file mode 100644 index 00000000..3a01a0c7 --- /dev/null +++ b/.github/workflows/sign_rainbowV-circumzenithal.yml @@ -0,0 +1,204 @@ +on: + push: + paths: + # build if tests change + - 'test/**' + # do not build if other schemes duplicate_consistency files change + - '!test/duplicate_consistency/*.yml' + - 'test/duplicate_consistency/rainbowV-circumzenithal*.yml' + # build if common files change + - 'common/**' + # build if scheme changed + - 'crypto_sign/rainbowV-circumzenithal/**' + # build if workflow file changed + - '.github/workflows/sign_rainbowV-circumzenithal.yml' + # Build if any files in the root change, except .md files + - '*' + - '!*.md' + pull_request: + paths: + # build if tests change + - 'test/**' + # do not build if other schemes duplicate_consistency files change + - '!test/duplicate_consistency/*.yml' + - 'test/duplicate_consistency/rainbowV-circumzenithal*.yml' + # build if common files change + - 'common/**' + # build if scheme changed + - 'crypto_sign/rainbowV-circumzenithal/**' + # build if workflow file changed + - '.github/workflows/sign_rainbowV-circumzenithal.yml' + # Build if any files in the root change, except .md files + - '*' + - '!*.md' + schedule: + - cron: '5 4 * * *' + +name: Test rainbowV-circumzenithal + +jobs: + test-native: + runs-on: ubuntu-latest + container: + image: pqclean/ci-container:${{ matrix.arch }} + env: + PQCLEAN_ONLY_SCHEMES: rainbowV-circumzenithal + CC: ccache ${{ matrix.cc }} + CCACHE_NOSTATS: 1 + CCACHE_DIR: /ccache + CCACHE_SLOPPINESS: include_file_mtime + strategy: + matrix: + arch: + - amd64 + - i386 + cc: + - gcc + - clang + steps: + - name: Cancel Previous Runs + uses: thomwiggers/cancel-workflow-action@all_but_latest + with: + all_but_latest: true + access_token: ${{ github.token }} + continue-on-error: true + if: matrix.arch == 'amd64' && matrix.cc == 'gcc' + - uses: actions/checkout@v2 + with: + submodules: true + - name: Cache ccache + uses: actions/cache@v2 + env: + cache-name: cache-ccache + with: + path: /ccache + key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} + - name: Cache pip + uses: actions/cache@v2 + env: + cache-name: cache-python-pip + with: + path: ~/.cache/pip + key: v1-python-pip + - name: Install python dependencies + run: | + python3 -m pip install -U -r requirements.txt + - name: Run tests + run: | + cd test + python3 -m pytest --verbose --numprocesses=auto + test-emulated: + needs: + - test-native + runs-on: ubuntu-latest + strategy: + matrix: + arch: + - armhf + - unstable-ppc + cc: + - gcc + - clang + env: + CC: ${{ matrix.cc }} + steps: + - name: Register qemu-user-static + run: | + docker run --rm --privileged multiarch/qemu-user-static:register --reset + - uses: actions/checkout@v2 + with: + submodules: true + - name: Cache ccache + uses: actions/cache@v2 + env: + cache-name: cache-ccache + with: + path: ~/ccache + key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} + - name: Cache pip + uses: actions/cache@v2 + env: + cache-name: cache-python-pip + with: + path: ~/.cache/pip + key: v1-python-pip + - name: Run tests in container + run: | + docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowV-circumzenithal -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ + export CCACHE_NOSTATS=1 && \ + export CCACHE_DIR=/ccache && \ + export CCACHE_SLOPPINESS=include_file_mtime && \ + export CC=\"ccache $CC\" && \ + pip3 install -U -r requirements.txt && \ + cd test && \ + python3 -m pytest --verbose --numprocesses=auto" + test-windows: + needs: + - test-native + strategy: + matrix: + bits: + - 64 + - 32 + env: + PQCLEAN_ONLY_SCHEMES: rainbowV-circumzenithal + runs-on: windows-latest + steps: + - uses: actions/checkout@v2 + with: + submodules: true + - name: Setup astyle + run: | + # Setup strong crypto + Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319" -Name 'SchUseStrongCrypto' -Value '1' -Type DWord + Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\.NetFramework\\v4.0.30319" -Name "SchUseStrongCrypto" -Value '1' -Type DWord + Invoke-WebRequest -OutFile "test\\astyle.exe" "https://rded.nl/pqclean/AStyle.exe" + shell: powershell + - name: Setup Python + uses: actions/setup-python@main + with: + python-version: "3.x" + - name: Install python requirements + run: python -m pip install -U -r requirements.txt + - name: Run tests + run: | + call "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Enterprise\\VC\\Auxiliary\\Build\\vcvars${{ matrix.bits }}.bat" + cd test + python -m pytest --verbose --numprocesses=auto + shell: cmd + test-macos: + needs: + - test-native + env: + PQCLEAN_ONLY_SCHEMES: rainbowV-circumzenithal + CCACHE_NOSTATS: 1 + CCACHE_SLOPPINESS: include_file_mtime + # XCode version + DEVELOPER_DIR: /Applications/Xcode_11.5.app/Contents/Developer + strategy: + matrix: + compiler: + - clang # XCode (Apple LLVM/Clang) + - gcc9 # GNU (Homebrew) + runs-on: macos-latest + steps: + - uses: actions/checkout@v2 + with: + submodules: true + - name: Install astyle + run: | + brew install astyle + - name: Set up GCC9 compiler + run: 'export PATH="/usr/local/bin:$PATH" && export CC=gcc-9' + if: matrix.compiler == 'gcc9' + - name: Setup Python + uses: actions/setup-python@main + with: + python-version: "3.x" + - name: Install Python dependencies + run: python -m pip install -U -r requirements.txt + - name: Run tests + run: | + cd test + python -m pytest --verbose --numprocesses=auto + diff --git a/.github/workflows/sign_rainbowVc-cyclic.yml b/.github/workflows/sign_rainbowV-classic.yml similarity index 91% rename from .github/workflows/sign_rainbowVc-cyclic.yml rename to .github/workflows/sign_rainbowV-classic.yml index 0243694f..049c5d3a 100644 --- a/.github/workflows/sign_rainbowVc-cyclic.yml +++ b/.github/workflows/sign_rainbowV-classic.yml @@ -5,13 +5,13 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowVc-cyclic*.yml' + - 'test/duplicate_consistency/rainbowV-classic*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowVc-cyclic/**' + - 'crypto_sign/rainbowV-classic/**' # build if workflow file changed - - '.github/workflows/sign_rainbowVc-cyclic.yml' + - '.github/workflows/sign_rainbowV-classic.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' @@ -21,20 +21,20 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowVc-cyclic*.yml' + - 'test/duplicate_consistency/rainbowV-classic*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowVc-cyclic/**' + - 'crypto_sign/rainbowV-classic/**' # build if workflow file changed - - '.github/workflows/sign_rainbowVc-cyclic.yml' + - '.github/workflows/sign_rainbowV-classic.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' schedule: - cron: '5 4 * * *' -name: Test rainbowVc-cyclic +name: Test rainbowV-classic jobs: test-native: @@ -42,7 +42,7 @@ jobs: container: image: pqclean/ci-container:${{ matrix.arch }} env: - PQCLEAN_ONLY_SCHEMES: rainbowVc-cyclic + PQCLEAN_ONLY_SCHEMES: rainbowV-classic CC: ccache ${{ matrix.cc }} CCACHE_NOSTATS: 1 CCACHE_DIR: /ccache @@ -124,7 +124,7 @@ jobs: key: v1-python-pip - name: Run tests in container run: | - docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowVc-cyclic -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ + docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowV-classic -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ export CCACHE_NOSTATS=1 && \ export CCACHE_DIR=/ccache && \ export CCACHE_SLOPPINESS=include_file_mtime && \ @@ -141,7 +141,7 @@ jobs: - 64 - 32 env: - PQCLEAN_ONLY_SCHEMES: rainbowVc-cyclic + PQCLEAN_ONLY_SCHEMES: rainbowV-classic runs-on: windows-latest steps: - uses: actions/checkout@v2 @@ -170,7 +170,7 @@ jobs: needs: - test-native env: - PQCLEAN_ONLY_SCHEMES: rainbowVc-cyclic + PQCLEAN_ONLY_SCHEMES: rainbowV-classic CCACHE_NOSTATS: 1 CCACHE_SLOPPINESS: include_file_mtime # XCode version diff --git a/.github/workflows/sign_rainbowIa-classic.yml b/.github/workflows/sign_rainbowV-compressed.yml similarity index 90% rename from .github/workflows/sign_rainbowIa-classic.yml rename to .github/workflows/sign_rainbowV-compressed.yml index a4d627e4..68d71ef3 100644 --- a/.github/workflows/sign_rainbowIa-classic.yml +++ b/.github/workflows/sign_rainbowV-compressed.yml @@ -5,13 +5,13 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIa-classic*.yml' + - 'test/duplicate_consistency/rainbowV-compressed*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowIa-classic/**' + - 'crypto_sign/rainbowV-compressed/**' # build if workflow file changed - - '.github/workflows/sign_rainbowIa-classic.yml' + - '.github/workflows/sign_rainbowV-compressed.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' @@ -21,20 +21,20 @@ on: - 'test/**' # do not build if other schemes duplicate_consistency files change - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowIa-classic*.yml' + - 'test/duplicate_consistency/rainbowV-compressed*.yml' # build if common files change - 'common/**' # build if scheme changed - - 'crypto_sign/rainbowIa-classic/**' + - 'crypto_sign/rainbowV-compressed/**' # build if workflow file changed - - '.github/workflows/sign_rainbowIa-classic.yml' + - '.github/workflows/sign_rainbowV-compressed.yml' # Build if any files in the root change, except .md files - '*' - '!*.md' schedule: - cron: '5 4 * * *' -name: Test rainbowIa-classic +name: Test rainbowV-compressed jobs: test-native: @@ -42,7 +42,7 @@ jobs: container: image: pqclean/ci-container:${{ matrix.arch }} env: - PQCLEAN_ONLY_SCHEMES: rainbowIa-classic + PQCLEAN_ONLY_SCHEMES: rainbowV-compressed CC: ccache ${{ matrix.cc }} CCACHE_NOSTATS: 1 CCACHE_DIR: /ccache @@ -124,7 +124,7 @@ jobs: key: v1-python-pip - name: Run tests in container run: | - docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowIa-classic -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ + docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowV-compressed -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ export CCACHE_NOSTATS=1 && \ export CCACHE_DIR=/ccache && \ export CCACHE_SLOPPINESS=include_file_mtime && \ @@ -141,7 +141,7 @@ jobs: - 64 - 32 env: - PQCLEAN_ONLY_SCHEMES: rainbowIa-classic + PQCLEAN_ONLY_SCHEMES: rainbowV-compressed runs-on: windows-latest steps: - uses: actions/checkout@v2 @@ -170,7 +170,7 @@ jobs: needs: - test-native env: - PQCLEAN_ONLY_SCHEMES: rainbowIa-classic + PQCLEAN_ONLY_SCHEMES: rainbowV-compressed CCACHE_NOSTATS: 1 CCACHE_SLOPPINESS: include_file_mtime # XCode version diff --git a/.github/workflows/sign_rainbowVc-classic.yml b/.github/workflows/sign_rainbowVc-classic.yml deleted file mode 100644 index 8db8355c..00000000 --- a/.github/workflows/sign_rainbowVc-classic.yml +++ /dev/null @@ -1,204 +0,0 @@ -on: - push: - paths: - # build if tests change - - 'test/**' - # do not build if other schemes duplicate_consistency files change - - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowVc-classic*.yml' - # build if common files change - - 'common/**' - # build if scheme changed - - 'crypto_sign/rainbowVc-classic/**' - # build if workflow file changed - - '.github/workflows/sign_rainbowVc-classic.yml' - # Build if any files in the root change, except .md files - - '*' - - '!*.md' - pull_request: - paths: - # build if tests change - - 'test/**' - # do not build if other schemes duplicate_consistency files change - - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowVc-classic*.yml' - # build if common files change - - 'common/**' - # build if scheme changed - - 'crypto_sign/rainbowVc-classic/**' - # build if workflow file changed - - '.github/workflows/sign_rainbowVc-classic.yml' - # Build if any files in the root change, except .md files - - '*' - - '!*.md' - schedule: - - cron: '5 4 * * *' - -name: Test rainbowVc-classic - -jobs: - test-native: - runs-on: ubuntu-latest - container: - image: pqclean/ci-container:${{ matrix.arch }} - env: - PQCLEAN_ONLY_SCHEMES: rainbowVc-classic - CC: ccache ${{ matrix.cc }} - CCACHE_NOSTATS: 1 - CCACHE_DIR: /ccache - CCACHE_SLOPPINESS: include_file_mtime - strategy: - matrix: - arch: - - amd64 - - i386 - cc: - - gcc - - clang - steps: - - name: Cancel Previous Runs - uses: thomwiggers/cancel-workflow-action@all_but_latest - with: - all_but_latest: true - access_token: ${{ github.token }} - continue-on-error: true - if: matrix.arch == 'amd64' && matrix.cc == 'gcc' - - uses: actions/checkout@v2 - with: - submodules: true - - name: Cache ccache - uses: actions/cache@v2 - env: - cache-name: cache-ccache - with: - path: /ccache - key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} - - name: Cache pip - uses: actions/cache@v2 - env: - cache-name: cache-python-pip - with: - path: ~/.cache/pip - key: v1-python-pip - - name: Install python dependencies - run: | - python3 -m pip install -U -r requirements.txt - - name: Run tests - run: | - cd test - python3 -m pytest --verbose --numprocesses=auto - test-emulated: - needs: - - test-native - runs-on: ubuntu-latest - strategy: - matrix: - arch: - - armhf - - unstable-ppc - cc: - - gcc - - clang - env: - CC: ${{ matrix.cc }} - steps: - - name: Register qemu-user-static - run: | - docker run --rm --privileged multiarch/qemu-user-static:register --reset - - uses: actions/checkout@v2 - with: - submodules: true - - name: Cache ccache - uses: actions/cache@v2 - env: - cache-name: cache-ccache - with: - path: ~/ccache - key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} - - name: Cache pip - uses: actions/cache@v2 - env: - cache-name: cache-python-pip - with: - path: ~/.cache/pip - key: v1-python-pip - - name: Run tests in container - run: | - docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowVc-classic -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ - export CCACHE_NOSTATS=1 && \ - export CCACHE_DIR=/ccache && \ - export CCACHE_SLOPPINESS=include_file_mtime && \ - export CC=\"ccache $CC\" && \ - pip3 install -U -r requirements.txt && \ - cd test && \ - python3 -m pytest --verbose --numprocesses=auto" - test-windows: - needs: - - test-native - strategy: - matrix: - bits: - - 64 - - 32 - env: - PQCLEAN_ONLY_SCHEMES: rainbowVc-classic - runs-on: windows-latest - steps: - - uses: actions/checkout@v2 - with: - submodules: true - - name: Setup astyle - run: | - # Setup strong crypto - Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319" -Name 'SchUseStrongCrypto' -Value '1' -Type DWord - Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\.NetFramework\\v4.0.30319" -Name "SchUseStrongCrypto" -Value '1' -Type DWord - Invoke-WebRequest -OutFile "test\\astyle.exe" "https://rded.nl/pqclean/AStyle.exe" - shell: powershell - - name: Setup Python - uses: actions/setup-python@main - with: - python-version: "3.x" - - name: Install python requirements - run: python -m pip install -U -r requirements.txt - - name: Run tests - run: | - call "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Enterprise\\VC\\Auxiliary\\Build\\vcvars${{ matrix.bits }}.bat" - cd test - python -m pytest --verbose --numprocesses=auto - shell: cmd - test-macos: - needs: - - test-native - env: - PQCLEAN_ONLY_SCHEMES: rainbowVc-classic - CCACHE_NOSTATS: 1 - CCACHE_SLOPPINESS: include_file_mtime - # XCode version - DEVELOPER_DIR: /Applications/Xcode_11.5.app/Contents/Developer - strategy: - matrix: - compiler: - - clang # XCode (Apple LLVM/Clang) - - gcc9 # GNU (Homebrew) - runs-on: macos-latest - steps: - - uses: actions/checkout@v2 - with: - submodules: true - - name: Install astyle - run: | - brew install astyle - - name: Set up GCC9 compiler - run: 'export PATH="/usr/local/bin:$PATH" && export CC=gcc-9' - if: matrix.compiler == 'gcc9' - - name: Setup Python - uses: actions/setup-python@main - with: - python-version: "3.x" - - name: Install Python dependencies - run: python -m pip install -U -r requirements.txt - - name: Run tests - run: | - cd test - python -m pytest --verbose --numprocesses=auto - diff --git a/.github/workflows/sign_rainbowVc-cyclic-compressed.yml b/.github/workflows/sign_rainbowVc-cyclic-compressed.yml deleted file mode 100644 index d50104a2..00000000 --- a/.github/workflows/sign_rainbowVc-cyclic-compressed.yml +++ /dev/null @@ -1,204 +0,0 @@ -on: - push: - paths: - # build if tests change - - 'test/**' - # do not build if other schemes duplicate_consistency files change - - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowVc-cyclic-compressed*.yml' - # build if common files change - - 'common/**' - # build if scheme changed - - 'crypto_sign/rainbowVc-cyclic-compressed/**' - # build if workflow file changed - - '.github/workflows/sign_rainbowVc-cyclic-compressed.yml' - # Build if any files in the root change, except .md files - - '*' - - '!*.md' - pull_request: - paths: - # build if tests change - - 'test/**' - # do not build if other schemes duplicate_consistency files change - - '!test/duplicate_consistency/*.yml' - - 'test/duplicate_consistency/rainbowVc-cyclic-compressed*.yml' - # build if common files change - - 'common/**' - # build if scheme changed - - 'crypto_sign/rainbowVc-cyclic-compressed/**' - # build if workflow file changed - - '.github/workflows/sign_rainbowVc-cyclic-compressed.yml' - # Build if any files in the root change, except .md files - - '*' - - '!*.md' - schedule: - - cron: '5 4 * * *' - -name: Test rainbowVc-cyclic-compressed - -jobs: - test-native: - runs-on: ubuntu-latest - container: - image: pqclean/ci-container:${{ matrix.arch }} - env: - PQCLEAN_ONLY_SCHEMES: rainbowVc-cyclic-compressed - CC: ccache ${{ matrix.cc }} - CCACHE_NOSTATS: 1 - CCACHE_DIR: /ccache - CCACHE_SLOPPINESS: include_file_mtime - strategy: - matrix: - arch: - - amd64 - - i386 - cc: - - gcc - - clang - steps: - - name: Cancel Previous Runs - uses: thomwiggers/cancel-workflow-action@all_but_latest - with: - all_but_latest: true - access_token: ${{ github.token }} - continue-on-error: true - if: matrix.arch == 'amd64' && matrix.cc == 'gcc' - - uses: actions/checkout@v2 - with: - submodules: true - - name: Cache ccache - uses: actions/cache@v2 - env: - cache-name: cache-ccache - with: - path: /ccache - key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} - - name: Cache pip - uses: actions/cache@v2 - env: - cache-name: cache-python-pip - with: - path: ~/.cache/pip - key: v1-python-pip - - name: Install python dependencies - run: | - python3 -m pip install -U -r requirements.txt - - name: Run tests - run: | - cd test - python3 -m pytest --verbose --numprocesses=auto - test-emulated: - needs: - - test-native - runs-on: ubuntu-latest - strategy: - matrix: - arch: - - armhf - - unstable-ppc - cc: - - gcc - - clang - env: - CC: ${{ matrix.cc }} - steps: - - name: Register qemu-user-static - run: | - docker run --rm --privileged multiarch/qemu-user-static:register --reset - - uses: actions/checkout@v2 - with: - submodules: true - - name: Cache ccache - uses: actions/cache@v2 - env: - cache-name: cache-ccache - with: - path: ~/ccache - key: v1-${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.cc }}-${{ env.GITHUB_WORKFLOW }}-${{ matrix.arch }} - - name: Cache pip - uses: actions/cache@v2 - env: - cache-name: cache-python-pip - with: - path: ~/.cache/pip - key: v1-python-pip - - name: Run tests in container - run: | - docker run --rm -e CI -e CC -e PQCLEAN_ONLY_SCHEMES=rainbowVc-cyclic-compressed -v $PWD:$PWD -w $PWD -v ~/ccache:/ccache pqclean/ci-container:${{ matrix.arch }} /bin/bash -c "\ - export CCACHE_NOSTATS=1 && \ - export CCACHE_DIR=/ccache && \ - export CCACHE_SLOPPINESS=include_file_mtime && \ - export CC=\"ccache $CC\" && \ - pip3 install -U -r requirements.txt && \ - cd test && \ - python3 -m pytest --verbose --numprocesses=auto" - test-windows: - needs: - - test-native - strategy: - matrix: - bits: - - 64 - - 32 - env: - PQCLEAN_ONLY_SCHEMES: rainbowVc-cyclic-compressed - runs-on: windows-latest - steps: - - uses: actions/checkout@v2 - with: - submodules: true - - name: Setup astyle - run: | - # Setup strong crypto - Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\.NetFramework\\v4.0.30319" -Name 'SchUseStrongCrypto' -Value '1' -Type DWord - Set-ItemProperty -Path "HKLM:\\SOFTWARE\\Microsoft\\.NetFramework\\v4.0.30319" -Name "SchUseStrongCrypto" -Value '1' -Type DWord - Invoke-WebRequest -OutFile "test\\astyle.exe" "https://rded.nl/pqclean/AStyle.exe" - shell: powershell - - name: Setup Python - uses: actions/setup-python@main - with: - python-version: "3.x" - - name: Install python requirements - run: python -m pip install -U -r requirements.txt - - name: Run tests - run: | - call "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Enterprise\\VC\\Auxiliary\\Build\\vcvars${{ matrix.bits }}.bat" - cd test - python -m pytest --verbose --numprocesses=auto - shell: cmd - test-macos: - needs: - - test-native - env: - PQCLEAN_ONLY_SCHEMES: rainbowVc-cyclic-compressed - CCACHE_NOSTATS: 1 - CCACHE_SLOPPINESS: include_file_mtime - # XCode version - DEVELOPER_DIR: /Applications/Xcode_11.5.app/Contents/Developer - strategy: - matrix: - compiler: - - clang # XCode (Apple LLVM/Clang) - - gcc9 # GNU (Homebrew) - runs-on: macos-latest - steps: - - uses: actions/checkout@v2 - with: - submodules: true - - name: Install astyle - run: | - brew install astyle - - name: Set up GCC9 compiler - run: 'export PATH="/usr/local/bin:$PATH" && export CC=gcc-9' - if: matrix.compiler == 'gcc9' - - name: Setup Python - uses: actions/setup-python@main - with: - python-version: "3.x" - - name: Install Python dependencies - run: python -m pip install -U -r requirements.txt - - name: Run tests - run: | - cd test - python -m pytest --verbose --numprocesses=auto - diff --git a/crypto_sign/rainbowI-circumzenithal/META.yml b/crypto_sign/rainbowI-circumzenithal/META.yml new file mode 100644 index 00000000..e98c989b --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/META.yml @@ -0,0 +1,20 @@ +name: "RAINBOW(16,36,32,32) - circumzenithal" +type: signature +claimed-nist-level: 1 +length-public-key: 60192 +length-secret-key: 103648 +length-signature: 66 +nistkat-sha256: 819bd33be86eea97c3da516b7dfbe4885ea7dfad6c44d196f5fd7c1c8b00b8a7 +testvectors-sha256: 2cc6d4b3e394832f19ca312ba1ddefcdade1e105b348782d7c6f201635506307 +principal-submitters: + - Jintai Ding +auxiliary-submitters: + - Ming-Shing Chen + - Matthias Kannwischer + - Jacques Patarin + - Albrecht Petzoldt + - Dieter Schmidt + - Bo-Yin Yang +implementations: + - name: clean + version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263 diff --git a/crypto_sign/rainbowIIIc-classic/clean/LICENSE b/crypto_sign/rainbowI-circumzenithal/clean/LICENSE similarity index 100% rename from crypto_sign/rainbowIIIc-classic/clean/LICENSE rename to crypto_sign/rainbowI-circumzenithal/clean/LICENSE diff --git a/crypto_sign/rainbowI-circumzenithal/clean/Makefile b/crypto_sign/rainbowI-circumzenithal/clean/Makefile new file mode 100644 index 00000000..2d7bfdc4 --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/Makefile @@ -0,0 +1,21 @@ +# This Makefile can be used with GNU Make or BSD Make + +LIB=librainbowI-circumzenithal_clean.a + +HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h +OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o + + +CFLAGS=-O3 -Wall -Wconversion -Wextra -Wpedantic -Wvla -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS) + +all: $(LIB) + +%.o: %.c $(HEADERS) + $(CC) $(CFLAGS) -c -o $@ $< + +$(LIB): $(OBJECTS) + $(AR) -r $@ $(OBJECTS) + +clean: + $(RM) $(OBJECTS) + $(RM) $(LIB) diff --git a/crypto_sign/rainbowI-circumzenithal/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowI-circumzenithal/clean/Makefile.Microsoft_nmake new file mode 100644 index 00000000..4cc2b904 --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/Makefile.Microsoft_nmake @@ -0,0 +1,19 @@ +# This Makefile can be used with Microsoft Visual Studio's nmake using the command: +# nmake /f Makefile.Microsoft_nmake + +LIBRARY=librainbowI-circumzenithal_clean.lib +OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj + +CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX + +all: $(LIBRARY) + +# Make sure objects are recompiled if headers change. +$(OBJECTS): *.h + +$(LIBRARY): $(OBJECTS) + LIB.EXE /NOLOGO /WX /OUT:$@ $** + +clean: + -DEL $(OBJECTS) + -DEL $(LIBRARY) diff --git a/crypto_sign/rainbowI-circumzenithal/clean/api.h b/crypto_sign/rainbowI-circumzenithal/clean/api.h new file mode 100644 index 00000000..69b1d7ad --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/api.h @@ -0,0 +1,32 @@ +#ifndef PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_API_H +#define PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_API_H + +#include +#include + +#define PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_CRYPTO_SECRETKEYBYTES 103648 +#define PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_CRYPTO_PUBLICKEYBYTES 60192 +#define PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_CRYPTO_BYTES 66 +#define PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_CRYPTO_ALGNAME "RAINBOW(16,36,32,32) - circumzenithal" + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); + + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk); + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk); + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, + const uint8_t *m, size_t mlen, + const uint8_t *sk); + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, + const uint8_t *sm, size_t smlen, + const uint8_t *pk); + + +#endif diff --git a/crypto_sign/rainbowI-circumzenithal/clean/blas.c b/crypto_sign/rainbowI-circumzenithal/clean/blas.c new file mode 100644 index 00000000..2d5ad845 --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/blas.c @@ -0,0 +1,43 @@ +#include "blas.h" +#include "gf.h" + +#include + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { + uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= (a[i] & pr_u8); + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= a[i]; + } +} + + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte) { + uint8_t tmp; + for (size_t i = 0; i < _num_byte; i++) { + tmp = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); + tmp |= (uint8_t) (PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); + a[i] = tmp; + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_c[i] ^= PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); + accu_c[i] ^= (uint8_t) (PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); + } +} + +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte) { + uint8_t r = 0; + for (size_t i = 0; i < _num_byte; i++) { + r ^= PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_mul(a[i], b[i]); + } + return r; +} + diff --git a/crypto_sign/rainbowI-circumzenithal/clean/blas.h b/crypto_sign/rainbowI-circumzenithal/clean/blas.h new file mode 100644 index 00000000..8897fc52 --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/blas.h @@ -0,0 +1,20 @@ +#ifndef _BLAS_H_ +#define _BLAS_H_ +/// @file blas.h +/// @brief Functions for implementing basic linear algebra functions. +/// + +#include "rainbow_config.h" +#include +#include + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); + + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte); +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte); + + +#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/blas_comm.c b/crypto_sign/rainbowI-circumzenithal/clean/blas_comm.c similarity index 55% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/blas_comm.c rename to crypto_sign/rainbowI-circumzenithal/clean/blas_comm.c index 4016d4d5..69bd2dad 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/blas_comm.c +++ b/crypto_sign/rainbowI-circumzenithal/clean/blas_comm.c @@ -10,7 +10,7 @@ #include #include -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { for (size_t i = 0; i < _num_byte; i++) { b[i] = 0; } @@ -22,7 +22,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigne /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i) { +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i) { uint8_t r = a[i >> 1]; uint8_t r0 = r & 0xf; uint8_t r1 = r >> 4; @@ -37,7 +37,7 @@ uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(const uint8_t *a, /// @param[in] v - the value for the i-th element in vector a. /// @return the value of the element. /// -static uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_set_ele(uint8_t *a, unsigned int i, uint8_t v) { +static uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_set_ele(uint8_t *a, unsigned int i, uint8_t v) { uint8_t m = (uint8_t)(0xf ^ (-((int8_t)i & 1))); /// 1--> 0xf0 , 0--> 0x0f uint8_t ai_remaining = (uint8_t)(a[i >> 1] & (~m)); /// erase a[i >> 1] = (uint8_t)(ai_remaining | (m & (v << 4)) | (m & v & 0xf)); /// set @@ -45,22 +45,22 @@ static uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_set_ele(uint8_t *a, } static void gf16mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(c, n_A_vec_byte); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_A_vec_byte); for (unsigned int i = 0; i < n_A_width; i++) { - uint8_t bb = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(b, i); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(c, matA, bb, n_A_vec_byte); + uint8_t bb = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(b, i); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(c, matA, bb, n_A_vec_byte); matA += n_A_vec_byte; } } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { unsigned int n_vec_byte = (len_vec + 1) / 2; for (unsigned int k = 0; k < len_vec; k++) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(c, n_vec_byte); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_vec_byte); const uint8_t *bk = b + n_vec_byte * k; for (unsigned int i = 0; i < len_vec; i++) { - uint8_t bb = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(bk, i); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(c, a + n_vec_byte * i, bb, n_vec_byte); + uint8_t bb = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(bk, i); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(c, a + n_vec_byte * i, bb, n_vec_byte); } c += n_vec_byte; } @@ -74,19 +74,19 @@ static unsigned int gf16mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigne uint8_t *ai = mat + n_w_byte * i; for (unsigned int j = i + 1; j < h; j++) { uint8_t *aj = mat + n_w_byte * j; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_predicated_add(ai + offset_byte, 1 ^ PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_is_nonzero(PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(ai, i)), aj + offset_byte, n_w_byte - offset_byte); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_predicated_add(ai + offset_byte, 1 ^ PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_is_nonzero(PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(ai, i)), aj + offset_byte, n_w_byte - offset_byte); } - uint8_t pivot = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(ai, i); - r8 &= PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_is_nonzero(pivot); - pivot = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_inv(pivot); + uint8_t pivot = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(ai, i); + r8 &= PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_is_nonzero(pivot); + pivot = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_inv(pivot); offset_byte = (i + 1) >> 1; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_mul_scalar(ai + offset_byte, pivot, n_w_byte - offset_byte); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_mul_scalar(ai + offset_byte, pivot, n_w_byte - offset_byte); for (unsigned int j = 0; j < h; j++) { if (i == j) { continue; } uint8_t *aj = mat + n_w_byte * j; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(aj + offset_byte, ai + offset_byte, PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(aj, i), n_w_byte - offset_byte); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(aj + offset_byte, ai + offset_byte, PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(aj, i), n_w_byte - offset_byte); } } return r8; @@ -97,11 +97,11 @@ static unsigned int gf16mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp unsigned int n_byte = (n + 1) >> 1; for (unsigned int i = 0; i < n; i++) { memcpy(mat + i * (n_byte + 1), inp_mat + i * n_byte, n_byte); - mat[i * (n_byte + 1) + n_byte] = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(c_terms, i); + mat[i * (n_byte + 1) + n_byte] = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(c_terms, i); } - unsigned int r8 = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_gauss_elim(mat, n, n + 2); + unsigned int r8 = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_gauss_elim(mat, n, n + 2); for (unsigned int i = 0; i < n; i++) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_set_ele(sol, i, mat[i * (n_byte + 1) + n_byte]); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_set_ele(sol, i, mat[i * (n_byte + 1) + n_byte]); } return r8; } @@ -117,17 +117,17 @@ static inline void gf16mat_submat(uint8_t *mat2, unsigned int w2, unsigned int s } } -unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { +unsigned int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { unsigned int n_w_byte = (H + 1) / 2; uint8_t *aa = buffer; for (unsigned int i = 0; i < H; i++) { uint8_t *ai = aa + i * 2 * n_w_byte; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(ai, 2 * n_w_byte); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(ai, a + i * n_w_byte, n_w_byte); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_set_ele(ai + n_w_byte, i, 1); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(ai, 2 * n_w_byte); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(ai, a + i * n_w_byte, n_w_byte); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_set_ele(ai + n_w_byte, i, 1); } - unsigned int r8 = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_gauss_elim(aa, H, 2 * H); + unsigned int r8 = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_gauss_elim(aa, H, 2 * H); gf16mat_submat(inv_a, H, H, aa, 2 * H, H); return r8; } @@ -138,15 +138,15 @@ unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_inv(uint8_t *inv_a, #define gf16mat_gauss_elim_impl gf16mat_gauss_elim_ref #define gf16mat_solve_linear_eq_impl gf16mat_solve_linear_eq_ref -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { gf16mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); } -unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { +unsigned int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { return gf16mat_gauss_elim_impl(mat, h, w); } -unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { +unsigned int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { return gf16mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); } diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/blas_comm.h b/crypto_sign/rainbowI-circumzenithal/clean/blas_comm.h similarity index 71% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/blas_comm.h rename to crypto_sign/rainbowI-circumzenithal/clean/blas_comm.h index bf0131b7..0d13a05f 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/blas_comm.h +++ b/crypto_sign/rainbowI-circumzenithal/clean/blas_comm.h @@ -12,7 +12,7 @@ /// @param[in,out] b - the vector b. /// @param[in] _num_byte - number of bytes for the vector b. /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); /// @brief get an element from GF(16) vector . /// @@ -20,7 +20,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigne /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i); +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i); /// @brief matrix-matrix multiplication: c = a * b , in GF(16) /// @@ -29,7 +29,7 @@ uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(const uint8_t *a, /// @param[in] b - a matrix b. /// @param[in] len_vec - the length of column vectors. /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); /// @brief Gauss elimination for a matrix, in GF(16) /// @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_mul(uint8_t *c, const uint8 /// @param[in] w - the width of the matrix. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); +unsigned int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); /// @brief Solving linear equations, in GF(16) /// @@ -48,7 +48,7 @@ unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_gauss_elim(uint8_t /// @param[in] n - the number of equations. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); +unsigned int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); /// @brief Computing the inverse matrix, in GF(16) /// @@ -58,7 +58,7 @@ unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_solve_linear_eq(uin /// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); +unsigned int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); /// @brief matrix-vector multiplication: c = matA * b , in GF(16) /// @@ -68,7 +68,7 @@ unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_inv(uint8_t *inv_a, /// @param[in] n_A_width - the width of matrix A. /// @param[in] b - the vector b. /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); #endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/gf.c b/crypto_sign/rainbowI-circumzenithal/clean/gf.c similarity index 76% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/gf.c rename to crypto_sign/rainbowI-circumzenithal/clean/gf.c index 4eb7f7d9..862dd66d 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/gf.c +++ b/crypto_sign/rainbowI-circumzenithal/clean/gf.c @@ -17,7 +17,7 @@ static inline uint8_t gf4_squ(uint8_t a) { } //// gf16 := gf4[y]/y^2+y+x -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 3; uint8_t a1 = (a >> 2); uint8_t b0 = b & 3; @@ -37,18 +37,18 @@ static inline uint8_t gf16_squ(uint8_t a) { return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); } -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_is_nonzero(uint8_t a) { +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_is_nonzero(uint8_t a) { unsigned int a4 = a & 0xf; unsigned int r = ((unsigned int)0) - a4; r >>= 4; return r & 1; } -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_inv(uint8_t a) { +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_inv(uint8_t a) { uint8_t a2 = gf16_squ(a); uint8_t a4 = gf16_squ(a2); uint8_t a8 = gf16_squ(a4); - uint8_t a6 = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_mul(a4, a2); - return PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_mul(a8, a6); + uint8_t a6 = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_mul(a4, a2); + return PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_mul(a8, a6); } diff --git a/crypto_sign/rainbowI-circumzenithal/clean/gf.h b/crypto_sign/rainbowI-circumzenithal/clean/gf.h new file mode 100644 index 00000000..3cd304cc --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/gf.h @@ -0,0 +1,18 @@ +#ifndef _GF16_H_ +#define _GF16_H_ + +#include "rainbow_config.h" +#include + +/// @file gf16.h +/// @brief Library for arithmetics in GF(16) and GF(256) +/// + +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b); + + +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_is_nonzero(uint8_t a); +uint8_t PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16_inv(uint8_t a); + + +#endif // _GF16_H_ diff --git a/crypto_sign/rainbowI-circumzenithal/clean/parallel_matrix_op.c b/crypto_sign/rainbowI-circumzenithal/clean/parallel_matrix_op.c new file mode 100644 index 00000000..9a04f441 --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/parallel_matrix_op.c @@ -0,0 +1,182 @@ +/// @file parallel_matrix_op.c +/// @brief the standard implementations for functions in parallel_matrix_op.h +/// +/// the standard implementations for functions in parallel_matrix_op.h +/// + +#include "parallel_matrix_op.h" +#include "blas.h" +#include "blas_comm.h" + +/// +/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. +/// +/// @param[in] i_row - the i-th row in an upper-triangle matrix. +/// @param[in] j_col - the j-th column in an upper-triangle matrix. +/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. +/// @return the corresponding index in an array storage. +/// +unsigned int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { + return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; +} + +/// +/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix. +/// +/// @param[in] i_row - the i-th row in a triangle matrix. +/// @param[in] j_col - the j-th column in a triangle matrix. +/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix. +/// @return the corresponding index in an array storage. +/// +static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { + if (i_row > j_col) { + return PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(j_col, i_row, n_var); + } + return PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(i_row, j_col, n_var); +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { + unsigned char *runningC = btriC; + unsigned int Aheight = Awidth; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < i; j++) { + unsigned int idx = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(j, i, Aheight); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); + } + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); + runningC += size_batch * (Aheight - i); + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Awidth = Bheight; + unsigned int Aheight = Awidth; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + if (k < i) { + continue; + } + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + btriA += (Aheight - i) * size_batch; + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Aheight = Bheight; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + if (i < k) { + continue; + } + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Aheight = Bheight; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + if (i == k) { + continue; + } + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, + const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Atr_height = Awidth; + unsigned int Atr_width = Aheight; + for (unsigned int i = 0; i < Atr_height; i++) { + for (unsigned int j = 0; j < Atr_width; j++) { + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); + } + bC += size_batch * Bwidth; + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + const unsigned char *bA = bA_to_tr; + unsigned int Aheight = Awidth_before_tr; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Awidth = Bheight; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + bA += (Awidth) * size_batch; + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, + const unsigned char *x, unsigned int dim_x, unsigned int size_batch) { + unsigned char tmp[128]; + + unsigned char _x[128]; + for (unsigned int i = 0; i < dim_x; i++) { + _x[i] = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(x, i); + } + unsigned char _y[128]; + for (unsigned int i = 0; i < dim_y; i++) { + _y[i] = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(y, i); + } + + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(z, size_batch); + for (unsigned int i = 0; i < dim_y; i++) { + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch); + for (unsigned int j = 0; j < dim_x; j++) { + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(tmp, mat, _x[j], size_batch); + mat += size_batch; + } + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(z, tmp, _y[i], size_batch); + } +} + +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { + unsigned char tmp[256]; + + unsigned char _x[256]; + for (unsigned int i = 0; i < dim; i++) { + _x[i] = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele(x, i); + } + + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(y, size_batch); + for (unsigned int i = 0; i < dim; i++) { + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch); + for (unsigned int j = i; j < dim; j++) { + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(tmp, trimat, _x[j], size_batch); + trimat += size_batch; + } + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd(y, tmp, _x[i], size_batch); + } +} diff --git a/crypto_sign/rainbowI-circumzenithal/clean/parallel_matrix_op.h b/crypto_sign/rainbowI-circumzenithal/clean/parallel_matrix_op.h new file mode 100644 index 00000000..a7697f41 --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/parallel_matrix_op.h @@ -0,0 +1,260 @@ +#ifndef _P_MATRIX_OP_H_ +#define _P_MATRIX_OP_H_ +/// @file parallel_matrix_op.h +/// @brief Librarys for operations of batched matrixes. +/// +/// + +//////////////// Section: triangle matrix <-> rectangle matrix /////////////////////////////////// + +/// +/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. +/// +/// @param[in] i_row - the i-th row in an upper-triangle matrix. +/// @param[in] j_col - the j-th column in an upper-triangle matrix. +/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. +/// @return the corresponding index in an array storage. +/// +unsigned int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); + +/// +/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. +/// +/// @param[out] btriC - the batched upper-trianglized matrix C. +/// @param[in] bA - a batched retangle matrix A. +/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); + +//////////////////// Section: matrix multiplications /////////////////////////////// + +/// +/// @brief bC += btriA * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += btriA * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += btriA^Tr * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += btriA^Tr * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += (btriA + btriA^Tr) *B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += (btriA + btriA^Tr) *B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += A^Tr * bB , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. +/// @param[in] Aheight - the height of A. +/// @param[in] size_Acolvec - the size of a column vector in A. +/// @param[in] Awidth - the width of A. +/// @param[in] bB - a batched matrix B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, + const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, + const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += A^Tr * bB , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. +/// @param[in] Aheight - the height of A. +/// @param[in] size_Acolvec - the size of a column vector in A. +/// @param[in] Awidth - the width of A. +/// @param[in] bB - a batched matrix B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, + const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, + const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA^Tr * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). +/// @param[in] Awidth_befor_tr - the width of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA^Tr * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). +/// @param[in] Awidth_befor_tr - the width of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA - a batched matrix A. +/// @param[in] Aheigh - the height of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA - a batched matrix A. +/// @param[in] Aheigh - the height of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +//////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// + +/// +/// @brief y = x^Tr * trimat * x , in GF(16) +/// +/// @param[out] y - the returned batched element y. +/// @param[in] trimat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim - the dimension of matrix trimat (and x). +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); + +/// +/// @brief y = x^Tr * trimat * x , in GF(256) +/// +/// @param[out] y - the returned batched element y. +/// @param[in] trimat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim - the dimension of matrix trimat (and x). +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); + +/// +/// @brief z = y^Tr * mat * x , in GF(16) +/// +/// @param[out] z - the returned batched element z. +/// @param[in] y - an input vector y. +/// @param[in] dim_y - the length of y. +/// @param[in] mat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim_x - the length of x. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, + const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); + +/// +/// @brief z = y^Tr * mat * x , in GF(256) +/// +/// @param[out] z - the returned batched element z. +/// @param[in] y - an input vector y. +/// @param[in] dim_y - the length of y. +/// @param[in] mat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim_x - the length of x. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, + const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); + +#endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowIa-classic/clean/rainbow.c b/crypto_sign/rainbowI-circumzenithal/clean/rainbow.c similarity index 67% rename from crypto_sign/rainbowIa-classic/clean/rainbow.c rename to crypto_sign/rainbowI-circumzenithal/clean/rainbow.c index 3ffd0c1c..f2b9a9ee 100644 --- a/crypto_sign/rainbowIa-classic/clean/rainbow.c +++ b/crypto_sign/rainbowI-circumzenithal/clean/rainbow.c @@ -16,7 +16,7 @@ #define MAX_ATTEMPT_FRMAT 128 -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { uint8_t mat_l1[_O1 * _O1_BYTE]; uint8_t mat_l2[_O2 * _O2_BYTE]; uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; @@ -27,8 +27,8 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t * memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest uint8_t prng_seed[_HASH_LEN]; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { prng_preseed[i] ^= prng_preseed[i]; // clean } @@ -44,7 +44,7 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t * if (MAX_ATTEMPT_FRMAT <= n_attempt) { break; } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable n_attempt++; @@ -65,7 +65,7 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t * uint8_t y[_PUB_M_BYTE]; uint8_t *x_v1 = vinegar; uint8_t x_o1[_O1_BYTE]; - uint8_t x_o2[_O1_BYTE]; + uint8_t x_o2[_O2_BYTE]; uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, _digest, _HASH_LEN); @@ -79,31 +79,31 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t * } // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt - PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) // y = S^-1 * z memcpy(y, _z, _PUB_M_BYTE); // identity part of S gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); // Central Map: // layer 1: calculate x_o1 memcpy(temp_o, r_l1_F1, _O1_BYTE); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); // layer 2: calculate x_o2 - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); // generate the linear equations of the 2nd layer gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs @@ -117,13 +117,13 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t * memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); // Computing the t1 part. gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t4 part. gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t3 part. gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 // clean @@ -141,12 +141,12 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t * if (MAX_ATTEMPT_FRMAT <= n_attempt) { return -1; } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); return 0; } -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { unsigned char digest_ck[_PUB_M_BYTE]; // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); @@ -155,7 +155,7 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const u unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, digest, _HASH_LEN); memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) // check consistancy. unsigned char cc = 0; @@ -166,3 +166,8 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const u } +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { + unsigned char pk[sizeof(pk_t) + 32]; + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. + return PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); +} diff --git a/crypto_sign/rainbowVc-cyclic/clean/rainbow.h b/crypto_sign/rainbowI-circumzenithal/clean/rainbow.h similarity index 71% rename from crypto_sign/rainbowVc-cyclic/clean/rainbow.h rename to crypto_sign/rainbowI-circumzenithal/clean/rainbow.h index 25925507..5fa1b064 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/rainbow.h +++ b/crypto_sign/rainbowI-circumzenithal/clean/rainbow.h @@ -16,7 +16,7 @@ /// @param[in] sk - the secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); /// /// @brief Verifying function. @@ -26,7 +26,7 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s /// @param[in] pk - the public key. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); /// @@ -37,6 +37,6 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const ui /// @param[in] pk - the public key of cyclic rainbow. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); #endif // _RAINBOW_H_ diff --git a/crypto_sign/rainbowI-circumzenithal/clean/rainbow_blas.h b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_blas.h new file mode 100644 index 00000000..949bc128 --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_blas.h @@ -0,0 +1,32 @@ +#ifndef _RAINBOW_BLAS_H_ +#define _RAINBOW_BLAS_H_ +/// @file rainbow_blas.h +/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h +/// +/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h + +#include "blas.h" +#include "blas_comm.h" +#include "parallel_matrix_op.h" +#include "rainbow_config.h" + + +#define gfv_get_ele PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_get_ele +#define gfv_mul_scalar PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_mul_scalar +#define gfv_madd PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16v_madd + +#define gfmat_prod PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_prod +#define gfmat_inv PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf16mat_inv + +#define batch_trimat_madd PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf16 +#define batch_trimatTr_madd PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf16 +#define batch_2trimat_madd PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf16 +#define batch_matTr_madd PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf16 +#define batch_bmatTr_madd PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf16 +#define batch_mat_madd PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf16 + +#define batch_quad_trimat_eval PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf16 +#define batch_quad_recmat_eval PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf16 + + +#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_config.h b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_config.h similarity index 98% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_config.h rename to crypto_sign/rainbowI-circumzenithal/clean/rainbow_config.h index 36075368..a581af34 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_config.h +++ b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_config.h @@ -7,7 +7,7 @@ #define _USE_GF16 #define _GFSIZE 16 -#define _V1 32 +#define _V1 36 #define _O1 32 #define _O2 32 #define _MAX_O 32 diff --git a/crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair.c b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair.c similarity index 54% rename from crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair.c rename to crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair.c index 066f7169..683d875e 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair.c +++ b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair.c @@ -12,52 +12,81 @@ #include #include -static void generate_S_T(unsigned char *s_and_t, prng_t *prng0) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // S1 - s_and_t += _O1_BYTE * _O2; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O1); // T1 - s_and_t += _V1_BYTE * _O1; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O2); // T2 - s_and_t += _V1_BYTE * _O2; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // T3 +static +void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) { + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->s1); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t1); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t4); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t3); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); } -static unsigned int generate_l1_F12(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); // l1_F1 - sk += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * _V1 * _O1); // l1_F2 - n_byte_generated += _O1_BYTE * _V1 * _O1; +static +unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l1_F1); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l1_F2); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + return n_byte_generated; } -static unsigned int generate_l2_F12356(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // l2_F1 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_V1); +static +unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O1); // l2_F2 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F1); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O2); // l2_F3 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F2); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // l2_F5 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_O1); + size = sizeof(_sk->l2_F3); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _O1 * _O2); // l2_F6 - n_byte_generated += _O2_BYTE * _O1 * _O2; + size = sizeof(_sk->l2_F5); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F6); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; return n_byte_generated; } + static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { sk += generate_l1_F12(sk, prng0); generate_l2_F12356(sk, prng0); @@ -69,7 +98,7 @@ static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t4 = t2_to_t4; for (unsigned int i = 0; i < _O2; i++) { /// t3 width gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(t4, temp, _V1_BYTE); t4 += _V1_BYTE; t3 += _O1_BYTE; } @@ -79,7 +108,7 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ unsigned char temp[_O1_BYTE + 32]; while (n_terms--) { gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); l1_polys += _O1_BYTE; l2_polys += _O2_BYTE; } @@ -89,14 +118,14 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ ///////////////////// Cyclic ////////////////////////////////// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(pk->pk_seed, pk_seed, LEN_PKSEED); memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); // prng for sk prng_t prng; prng_t *prng0 = &prng; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); generate_S_T(sk->s1, prng0); // S,T: only a part of sk unsigned char t2[sizeof(sk->t4)]; @@ -107,18 +136,18 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, sk_t inst_Qs; sk_t *Qs = &inst_Qs; prng_t *prng1 = &prng; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1); obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1); // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6. - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T unsigned char t4[sizeof(sk->t4)]; memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4 memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2 - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4 obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1); @@ -132,7 +161,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { // procedure: cpk_t --> extcpk_t --> pk_t // convert from cpk_t to extcpk_t @@ -140,7 +169,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { // setup prng prng_t prng0; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); // generating parts of key with prng generate_l1_F12(pk.l1_Q1, &prng0); @@ -153,5 +182,5 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); // convert from extcpk_t to pk_t - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_extcpk_to_pk(rpk, &pk); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_extcpk_to_pk(rpk, &pk); } diff --git a/crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair.h b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair.h similarity index 93% rename from crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair.h rename to crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair.h index 67ac998e..852f10fc 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair.h +++ b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair.h @@ -77,7 +77,7 @@ typedef struct rainbow_secretkey_cyclic { /// @param[in] pk_seed - seed for generating parts of public key. /// @param[in] sk_seed - seed for generating secret key. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); @@ -89,6 +89,6 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, /// @param[out] pk - the classic public key. /// @param[in] cpk - the cyclic public key. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); #endif // _RAINBOW_KEYPAIR_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair_computation.c similarity index 86% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair_computation.c rename to crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair_computation.c index 3661f6c8..6eb950c4 100644 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair_computation.c +++ b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair_computation.c @@ -11,12 +11,12 @@ #include #include -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { const unsigned char *idx_l1 = cpk->l1_Q1; const unsigned char *idx_l2 = cpk->l2_Q1; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = i; j < _V1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -27,7 +27,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cp idx_l2 = cpk->l2_Q2; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cp idx_l2 = cpk->l2_Q3; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -49,7 +49,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cp idx_l2 = cpk->l2_Q5; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = i; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -60,7 +60,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cp idx_l2 = cpk->l2_Q6; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -71,7 +71,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cp idx_l2 = cpk->l2_Q9; for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { for (unsigned int j = i; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -119,7 +119,7 @@ static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { memset(tempQ, 0, _O1 * _O1 * _O2_BYTE); batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2) memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5 - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1 @@ -151,7 +151,7 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t memset(tempQ.l2_F2, 0, sizeof(tempQ.l2_F2)); batch_matTr_madd(tempQ.l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, tempQ.l1_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1)); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 /* F1_T2 = F1 * t2 @@ -170,7 +170,7 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t memset(tempQ.l1_F2, 0, _O1_BYTE * _V1 * _O2); // should be F3. assuming: _O1 >= _O2 batch_matTr_madd(tempQ.l1_F2, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 @@ -197,17 +197,17 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t batch_matTr_madd(tempQ.l2_F3, Ts->t3, _O1, _O1_BYTE, _O2, tempQ.l2_F6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 } // Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_ #define calculate_F_from_Q_impl calculate_F_from_Q_ref #define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { calculate_F_from_Q_impl(Fs, Qs, Ts); } -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts); } diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair_computation.h similarity index 84% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair_computation.h rename to crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair_computation.h index 3af7563a..81ac105a 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair_computation.h +++ b/crypto_sign/rainbowI-circumzenithal/clean/rainbow_keypair_computation.h @@ -37,7 +37,7 @@ typedef struct rainbow_extend_publickey { /// @param[out] pk - the classic public key. /// @param[in] cpk - the internel public key. /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); ///////////////////////////////////////////////// /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cp /// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the secret key: T1, T4, T3 /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); /// @@ -57,7 +57,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, c /// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 /// @param[in] Ts - parts of the sk: T1, T4, T3 /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); /// /// @brief Computing parts of the pk from the secret key @@ -66,6 +66,6 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const /// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the sk: T1, T4, T3 /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); #endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowI-circumzenithal/clean/sign.c b/crypto_sign/rainbowI-circumzenithal/clean/sign.c new file mode 100644 index 00000000..f2a92288 --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/sign.c @@ -0,0 +1,76 @@ +/// @file sign.c +/// @brief the implementations for functions in api.h +/// +/// + +#include "api.h" +#include "rainbow.h" +#include "rainbow_config.h" +#include "rainbow_keypair.h" +#include "randombytes.h" +#include "utils_hash.h" +#include +#include + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { + unsigned char sk_seed[LEN_SKSEED] = {0}; + randombytes(sk_seed, LEN_SKSEED); + + unsigned char pk_seed[LEN_PKSEED] = {0}; + randombytes(pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_generate_keypair_cyclic((cpk_t *)pk, (sk_t *)sk, pk_seed, sk_seed); + return 0; +} + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + + memcpy(sm, m, mlen); + smlen[0] = mlen + _SIGNATURE_BYTE; + + return PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { + int rc; + if (_SIGNATURE_BYTE > smlen) { + rc = -1; + } else { + *mlen = smlen - _SIGNATURE_BYTE; + + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); + + rc = PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); + } + if (!rc) { + memmove(m, sm, smlen - _SIGNATURE_BYTE); + } else { // bad signature + *mlen = (size_t) -1; + memset(m, 0, smlen); + } + return rc; +} + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + *siglen = _SIGNATURE_BYTE; + return PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk) { + if (siglen != _SIGNATURE_BYTE) { + return -1; + } + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + return PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); +} diff --git a/crypto_sign/rainbowIa-classic/clean/utils_hash.c b/crypto_sign/rainbowI-circumzenithal/clean/utils_hash.c similarity index 78% rename from crypto_sign/rainbowIa-classic/clean/utils_hash.c rename to crypto_sign/rainbowI-circumzenithal/clean/utils_hash.c index 052f53c8..75f4c19a 100644 --- a/crypto_sign/rainbowIa-classic/clean/utils_hash.c +++ b/crypto_sign/rainbowI-circumzenithal/clean/utils_hash.c @@ -7,7 +7,7 @@ #include "rainbow_config.h" #include "sha2.h" -static inline int _hash(unsigned char *digest, const unsigned char *m, size_t mlen) { +static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) { sha256(digest, m, mlen); return 0; } @@ -25,14 +25,14 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi n_digest -= _HASH_LEN; while (_HASH_LEN <= n_digest) { - _hash(digest + _HASH_LEN, digest, _HASH_LEN); + h(digest + _HASH_LEN, digest, _HASH_LEN); n_digest -= _HASH_LEN; digest += _HASH_LEN; } unsigned char temp[_HASH_LEN]; if (n_digest) { - _hash(temp, digest, _HASH_LEN); + h(temp, digest, _HASH_LEN); for (size_t i = 0; i < n_digest; i++) { digest[_HASH_LEN + i] = temp[i]; } @@ -40,11 +40,11 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi return 0; } -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(unsigned char *digest, +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen) { unsigned char buf[_HASH_LEN]; - _hash(buf, m, mlen); + h(buf, m, mlen); return expand_hash(digest, len_digest, buf); } diff --git a/crypto_sign/rainbowI-circumzenithal/clean/utils_hash.h b/crypto_sign/rainbowI-circumzenithal/clean/utils_hash.h new file mode 100644 index 00000000..766c232c --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/utils_hash.h @@ -0,0 +1,11 @@ +#ifndef _UTILS_HASH_H_ +#define _UTILS_HASH_H_ +/// @file utils_hash.h +/// @brief the interface for adapting hash functions. +/// + +#include + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); + +#endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowI-circumzenithal/clean/utils_prng.c b/crypto_sign/rainbowI-circumzenithal/clean/utils_prng.c new file mode 100644 index 00000000..08915286 --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/utils_prng.c @@ -0,0 +1,97 @@ +/// @file utils_prng.c +/// @brief The implementation of PRNG related functions. +/// + +#include "utils_prng.h" +#include "aes.h" +#include "randombytes.h" +#include "utils_hash.h" +#include +#include + +static void prng_update(const unsigned char *provided_data, + unsigned char *Key, + unsigned char *V) { + unsigned char temp[48]; + aes256ctx ctx; + aes256_ecb_keyexp(&ctx, Key); + for (int i = 0; i < 3; i++) { + //increment V + for (int j = 15; j >= 0; j--) { + if (V[j] == 0xff) { + V[j] = 0x00; + } else { + V[j]++; + break; + } + } + aes256_ecb(temp + 16 * i, V, 1, &ctx); + } + if (provided_data != NULL) { + for (int i = 0; i < 48; i++) { + temp[i] ^= provided_data[i]; + } + } + aes256_ctx_release(&ctx); + memcpy(Key, temp, 32); + memcpy(V, temp + 32, 16); +} +static void randombytes_init_with_state(prng_t *state, + unsigned char *entropy_input_48bytes) { + memset(state->Key, 0x00, 32); + memset(state->V, 0x00, 16); + prng_update(entropy_input_48bytes, state->Key, state->V); +} + +static int randombytes_with_state(prng_t *state, + unsigned char *x, + size_t xlen) { + + unsigned char block[16]; + int i = 0; + + aes256ctx ctx; + aes256_ecb_keyexp(&ctx, state->Key); + + while (xlen > 0) { + //increment V + for (int j = 15; j >= 0; j--) { + if (state->V[j] == 0xff) { + state->V[j] = 0x00; + } else { + state->V[j]++; + break; + } + } + aes256_ecb(block, state->V, 1, &ctx); + if (xlen > 15) { + memcpy(x + i, block, 16); + i += 16; + xlen -= 16; + } else { + memcpy(x + i, block, xlen); + xlen = 0; + } + } + aes256_ctx_release(&ctx); + prng_update(NULL, state->Key, state->V); + return 0; +} + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { + unsigned char seed[48]; + if (prng_seedlen >= 48) { + memcpy(seed, prng_seed, 48); + } else { + memcpy(seed, prng_seed, prng_seedlen); + PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); + } + + randombytes_init_with_state(ctx, seed); + + return 0; +} + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { + return randombytes_with_state(ctx, out, outlen); +} diff --git a/crypto_sign/rainbowI-circumzenithal/clean/utils_prng.h b/crypto_sign/rainbowI-circumzenithal/clean/utils_prng.h new file mode 100644 index 00000000..2c3649fa --- /dev/null +++ b/crypto_sign/rainbowI-circumzenithal/clean/utils_prng.h @@ -0,0 +1,18 @@ +#ifndef _UTILS_PRNG_H_ +#define _UTILS_PRNG_H_ +/// @file utils_prng.h +/// @brief the interface for adapting PRNG functions. +/// +/// + +#include "randombytes.h" + +typedef struct { + unsigned char Key[32]; + unsigned char V[16]; +} prng_t; + +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); +int PQCLEAN_RAINBOWICIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); + +#endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowI-classic/META.yml b/crypto_sign/rainbowI-classic/META.yml new file mode 100644 index 00000000..8b46fdb9 --- /dev/null +++ b/crypto_sign/rainbowI-classic/META.yml @@ -0,0 +1,20 @@ +name: "RAINBOW(16,36,32,32) - classic" +type: signature +claimed-nist-level: 1 +length-public-key: 161600 +length-secret-key: 103648 +length-signature: 66 +nistkat-sha256: 5cef855ed222382139f2fd91a84c3c651c5c4f8f59f5bb9cb3c8648b6ca34c52 +testvectors-sha256: 4896b97fee529f932396734f8bae1bd11ddf99d77586f7b96a7d87ada3a37ac2 +principal-submitters: + - Jintai Ding +auxiliary-submitters: + - Ming-Shing Chen + - Matthias Kannwischer + - Jacques Patarin + - Albrecht Petzoldt + - Dieter Schmidt + - Bo-Yin Yang +implementations: + - name: clean + version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263 diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/LICENSE b/crypto_sign/rainbowI-classic/clean/LICENSE similarity index 100% rename from crypto_sign/rainbowIIIc-cyclic-compressed/clean/LICENSE rename to crypto_sign/rainbowI-classic/clean/LICENSE diff --git a/crypto_sign/rainbowVc-cyclic/clean/Makefile b/crypto_sign/rainbowI-classic/clean/Makefile similarity index 95% rename from crypto_sign/rainbowVc-cyclic/clean/Makefile rename to crypto_sign/rainbowI-classic/clean/Makefile index d4fd2a80..ed8af18a 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/Makefile +++ b/crypto_sign/rainbowI-classic/clean/Makefile @@ -1,6 +1,6 @@ # This Makefile can be used with GNU Make or BSD Make -LIB=librainbowVc-cyclic_clean.a +LIB=librainbowI-classic_clean.a HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o diff --git a/crypto_sign/rainbowVc-cyclic/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowI-classic/clean/Makefile.Microsoft_nmake similarity index 93% rename from crypto_sign/rainbowVc-cyclic/clean/Makefile.Microsoft_nmake rename to crypto_sign/rainbowI-classic/clean/Makefile.Microsoft_nmake index 4bede9c9..5091e3a1 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/Makefile.Microsoft_nmake +++ b/crypto_sign/rainbowI-classic/clean/Makefile.Microsoft_nmake @@ -1,7 +1,7 @@ # This Makefile can be used with Microsoft Visual Studio's nmake using the command: # nmake /f Makefile.Microsoft_nmake -LIBRARY=librainbowVc-cyclic_clean.lib +LIBRARY=librainbowI-classic_clean.lib OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX diff --git a/crypto_sign/rainbowI-classic/clean/api.h b/crypto_sign/rainbowI-classic/clean/api.h new file mode 100644 index 00000000..1b2bf5b1 --- /dev/null +++ b/crypto_sign/rainbowI-classic/clean/api.h @@ -0,0 +1,32 @@ +#ifndef PQCLEAN_RAINBOWICLASSIC_CLEAN_API_H +#define PQCLEAN_RAINBOWICLASSIC_CLEAN_API_H + +#include +#include + +#define PQCLEAN_RAINBOWICLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 103648 +#define PQCLEAN_RAINBOWICLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 161600 +#define PQCLEAN_RAINBOWICLASSIC_CLEAN_CRYPTO_BYTES 66 +#define PQCLEAN_RAINBOWICLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(16,36,32,32) - classic" + +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); + + +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk); + +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk); + +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, + const uint8_t *m, size_t mlen, + const uint8_t *sk); + +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, + const uint8_t *sm, size_t smlen, + const uint8_t *pk); + + +#endif diff --git a/crypto_sign/rainbowIa-cyclic/clean/blas.c b/crypto_sign/rainbowI-classic/clean/blas.c similarity index 56% rename from crypto_sign/rainbowIa-cyclic/clean/blas.c rename to crypto_sign/rainbowI-classic/clean/blas.c index 4f670828..72f13dd0 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/blas.c +++ b/crypto_sign/rainbowI-classic/clean/blas.c @@ -3,40 +3,40 @@ #include -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); for (size_t i = 0; i < _num_byte; i++) { accu_b[i] ^= (a[i] & pr_u8); } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { accu_b[i] ^= a[i]; } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte) { uint8_t tmp; for (size_t i = 0; i < _num_byte; i++) { - tmp = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); - tmp |= (uint8_t) (PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); + tmp = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); + tmp |= (uint8_t) (PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); a[i] = tmp; } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { - accu_c[i] ^= PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); - accu_c[i] ^= (uint8_t) (PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); + accu_c[i] ^= PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); + accu_c[i] ^= (uint8_t) (PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); } } -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte) { +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte) { uint8_t r = 0; for (size_t i = 0; i < _num_byte; i++) { - r ^= PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_mul(a[i], b[i]); + r ^= PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i], b[i]); } return r; } diff --git a/crypto_sign/rainbowIa-cyclic/clean/blas.h b/crypto_sign/rainbowI-classic/clean/blas.h similarity index 58% rename from crypto_sign/rainbowIa-cyclic/clean/blas.h rename to crypto_sign/rainbowI-classic/clean/blas.h index 0c16213e..57201967 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/blas.h +++ b/crypto_sign/rainbowI-classic/clean/blas.h @@ -8,13 +8,13 @@ #include #include -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte); -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte); -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte); +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte); #endif // _BLAS_H_ diff --git a/crypto_sign/rainbowIa-cyclic/clean/blas_comm.c b/crypto_sign/rainbowI-classic/clean/blas_comm.c similarity index 70% rename from crypto_sign/rainbowIa-cyclic/clean/blas_comm.c rename to crypto_sign/rainbowI-classic/clean/blas_comm.c index b8469e1a..931297b5 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/blas_comm.c +++ b/crypto_sign/rainbowI-classic/clean/blas_comm.c @@ -10,7 +10,7 @@ #include #include -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { for (size_t i = 0; i < _num_byte; i++) { b[i] = 0; } @@ -22,7 +22,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i) { +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i) { uint8_t r = a[i >> 1]; uint8_t r0 = r & 0xf; uint8_t r1 = r >> 4; @@ -37,7 +37,7 @@ uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned i /// @param[in] v - the value for the i-th element in vector a. /// @return the value of the element. /// -static uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_set_ele(uint8_t *a, unsigned int i, uint8_t v) { +static uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_set_ele(uint8_t *a, unsigned int i, uint8_t v) { uint8_t m = (uint8_t)(0xf ^ (-((int8_t)i & 1))); /// 1--> 0xf0 , 0--> 0x0f uint8_t ai_remaining = (uint8_t)(a[i >> 1] & (~m)); /// erase a[i >> 1] = (uint8_t)(ai_remaining | (m & (v << 4)) | (m & v & 0xf)); /// set @@ -45,22 +45,22 @@ static uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_set_ele(uint8_t *a, unsigned } static void gf16mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte); for (unsigned int i = 0; i < n_A_width; i++) { - uint8_t bb = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(b, i); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(c, matA, bb, n_A_vec_byte); + uint8_t bb = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(b, i); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(c, matA, bb, n_A_vec_byte); matA += n_A_vec_byte; } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { unsigned int n_vec_byte = (len_vec + 1) / 2; for (unsigned int k = 0; k < len_vec; k++) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(c, n_vec_byte); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte); const uint8_t *bk = b + n_vec_byte * k; for (unsigned int i = 0; i < len_vec; i++) { - uint8_t bb = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(bk, i); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(c, a + n_vec_byte * i, bb, n_vec_byte); + uint8_t bb = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(bk, i); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(c, a + n_vec_byte * i, bb, n_vec_byte); } c += n_vec_byte; } @@ -74,19 +74,19 @@ static unsigned int gf16mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigne uint8_t *ai = mat + n_w_byte * i; for (unsigned int j = i + 1; j < h; j++) { uint8_t *aj = mat + n_w_byte * j; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_predicated_add(ai + offset_byte, 1 ^ PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_is_nonzero(PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(ai, i)), aj + offset_byte, n_w_byte - offset_byte); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_predicated_add(ai + offset_byte, 1 ^ PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_is_nonzero(PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(ai, i)), aj + offset_byte, n_w_byte - offset_byte); } - uint8_t pivot = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(ai, i); - r8 &= PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_is_nonzero(pivot); - pivot = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_inv(pivot); + uint8_t pivot = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(ai, i); + r8 &= PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_is_nonzero(pivot); + pivot = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_inv(pivot); offset_byte = (i + 1) >> 1; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_mul_scalar(ai + offset_byte, pivot, n_w_byte - offset_byte); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_mul_scalar(ai + offset_byte, pivot, n_w_byte - offset_byte); for (unsigned int j = 0; j < h; j++) { if (i == j) { continue; } uint8_t *aj = mat + n_w_byte * j; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(aj + offset_byte, ai + offset_byte, PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(aj, i), n_w_byte - offset_byte); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(aj + offset_byte, ai + offset_byte, PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(aj, i), n_w_byte - offset_byte); } } return r8; @@ -97,11 +97,11 @@ static unsigned int gf16mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp unsigned int n_byte = (n + 1) >> 1; for (unsigned int i = 0; i < n; i++) { memcpy(mat + i * (n_byte + 1), inp_mat + i * n_byte, n_byte); - mat[i * (n_byte + 1) + n_byte] = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(c_terms, i); + mat[i * (n_byte + 1) + n_byte] = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(c_terms, i); } - unsigned int r8 = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_gauss_elim(mat, n, n + 2); + unsigned int r8 = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_gauss_elim(mat, n, n + 2); for (unsigned int i = 0; i < n; i++) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_set_ele(sol, i, mat[i * (n_byte + 1) + n_byte]); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_set_ele(sol, i, mat[i * (n_byte + 1) + n_byte]); } return r8; } @@ -117,17 +117,17 @@ static inline void gf16mat_submat(uint8_t *mat2, unsigned int w2, unsigned int s } } -unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { +unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { unsigned int n_w_byte = (H + 1) / 2; uint8_t *aa = buffer; for (unsigned int i = 0; i < H; i++) { uint8_t *ai = aa + i * 2 * n_w_byte; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(ai, 2 * n_w_byte); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(ai, a + i * n_w_byte, n_w_byte); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_set_ele(ai + n_w_byte, i, 1); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(ai, 2 * n_w_byte); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(ai, a + i * n_w_byte, n_w_byte); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_set_ele(ai + n_w_byte, i, 1); } - unsigned int r8 = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_gauss_elim(aa, H, 2 * H); + unsigned int r8 = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_gauss_elim(aa, H, 2 * H); gf16mat_submat(inv_a, H, H, aa, 2 * H, H); return r8; } @@ -138,15 +138,15 @@ unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uin #define gf16mat_gauss_elim_impl gf16mat_gauss_elim_ref #define gf16mat_solve_linear_eq_impl gf16mat_solve_linear_eq_ref -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { gf16mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); } -unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { +unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { return gf16mat_gauss_elim_impl(mat, h, w); } -unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { +unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { return gf16mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); } diff --git a/crypto_sign/rainbowIa-cyclic/clean/blas_comm.h b/crypto_sign/rainbowI-classic/clean/blas_comm.h similarity index 85% rename from crypto_sign/rainbowIa-cyclic/clean/blas_comm.h rename to crypto_sign/rainbowI-classic/clean/blas_comm.h index 570e5ede..4278b495 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/blas_comm.h +++ b/crypto_sign/rainbowI-classic/clean/blas_comm.h @@ -12,7 +12,7 @@ /// @param[in,out] b - the vector b. /// @param[in] _num_byte - number of bytes for the vector b. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); /// @brief get an element from GF(16) vector . /// @@ -20,7 +20,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i); +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i); /// @brief matrix-matrix multiplication: c = a * b , in GF(16) /// @@ -29,7 +29,7 @@ uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned i /// @param[in] b - a matrix b. /// @param[in] len_vec - the length of column vectors. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); /// @brief Gauss elimination for a matrix, in GF(16) /// @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, con /// @param[in] w - the width of the matrix. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); +unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); /// @brief Solving linear equations, in GF(16) /// @@ -48,7 +48,7 @@ unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsi /// @param[in] n - the number of equations. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); +unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); /// @brief Computing the inverse matrix, in GF(16) /// @@ -58,7 +58,7 @@ unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, /// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); +unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); /// @brief matrix-vector multiplication: c = matA * b , in GF(16) /// @@ -68,7 +68,7 @@ unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uin /// @param[in] n_A_width - the width of matrix A. /// @param[in] b - the vector b. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); #endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowIa-cyclic/clean/gf.c b/crypto_sign/rainbowI-classic/clean/gf.c similarity index 79% rename from crypto_sign/rainbowIa-cyclic/clean/gf.c rename to crypto_sign/rainbowI-classic/clean/gf.c index 8cc1b2b5..486e0fdc 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/gf.c +++ b/crypto_sign/rainbowI-classic/clean/gf.c @@ -17,7 +17,7 @@ static inline uint8_t gf4_squ(uint8_t a) { } //// gf16 := gf4[y]/y^2+y+x -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 3; uint8_t a1 = (a >> 2); uint8_t b0 = b & 3; @@ -37,18 +37,18 @@ static inline uint8_t gf16_squ(uint8_t a) { return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); } -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_is_nonzero(uint8_t a) { +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_is_nonzero(uint8_t a) { unsigned int a4 = a & 0xf; unsigned int r = ((unsigned int)0) - a4; r >>= 4; return r & 1; } -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_inv(uint8_t a) { +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_inv(uint8_t a) { uint8_t a2 = gf16_squ(a); uint8_t a4 = gf16_squ(a2); uint8_t a8 = gf16_squ(a4); - uint8_t a6 = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_mul(a4, a2); - return PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_mul(a8, a6); + uint8_t a6 = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a4, a2); + return PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a8, a6); } diff --git a/crypto_sign/rainbowIa-cyclic/clean/gf.h b/crypto_sign/rainbowI-classic/clean/gf.h similarity index 50% rename from crypto_sign/rainbowIa-cyclic/clean/gf.h rename to crypto_sign/rainbowI-classic/clean/gf.h index c26bfee6..367e03cd 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/gf.h +++ b/crypto_sign/rainbowI-classic/clean/gf.h @@ -8,11 +8,11 @@ /// @brief Library for arithmetics in GF(16) and GF(256) /// -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_mul(uint8_t a, uint8_t b); +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b); -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_is_nonzero(uint8_t a); -uint8_t PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16_inv(uint8_t a); +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_is_nonzero(uint8_t a); +uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_inv(uint8_t a); #endif // _GF16_H_ diff --git a/crypto_sign/rainbowIa-cyclic/clean/parallel_matrix_op.c b/crypto_sign/rainbowI-classic/clean/parallel_matrix_op.c similarity index 70% rename from crypto_sign/rainbowIa-cyclic/clean/parallel_matrix_op.c rename to crypto_sign/rainbowI-classic/clean/parallel_matrix_op.c index 0abba1dc..91624d6a 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/parallel_matrix_op.c +++ b/crypto_sign/rainbowI-classic/clean/parallel_matrix_op.c @@ -16,7 +16,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { +unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; } @@ -30,25 +30,25 @@ unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, uns /// static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { if (i_row > j_col) { - return PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(j_col, i_row, n_var); + return PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var); } - return PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(i_row, j_col, n_var); + return PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var); } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { unsigned char *runningC = btriC; unsigned int Aheight = Awidth; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < i; j++) { - unsigned int idx = PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(j, i, Aheight); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); + unsigned int idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(j, i, Aheight); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); runningC += size_batch * (Aheight - i); } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; unsigned int Aheight = Awidth; @@ -58,7 +58,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, con if (k < i) { continue; } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -66,7 +66,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, con } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -75,14 +75,14 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, c if (i < k) { continue; } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -91,46 +91,46 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, co if (i == k) { continue; } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { unsigned int Atr_height = Awidth; unsigned int Atr_width = Aheight; for (unsigned int i = 0; i < Atr_height; i++) { for (unsigned int j = 0; j < Atr_width; j++) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); } bC += size_batch * Bwidth; } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { const unsigned char *bA = bA_to_tr; unsigned int Aheight = Awidth_before_tr; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -138,45 +138,45 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch) { unsigned char tmp[128]; unsigned char _x[128]; for (unsigned int i = 0; i < dim_x; i++) { - _x[i] = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(x, i); } unsigned char _y[128]; for (unsigned int i = 0; i < dim_y; i++) { - _y[i] = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(y, i); + _y[i] = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(y, i); } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(z, size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(z, size_batch); for (unsigned int i = 0; i < dim_y; i++) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = 0; j < dim_x; j++) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(tmp, mat, _x[j], size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(tmp, mat, _x[j], size_batch); mat += size_batch; } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(z, tmp, _y[i], size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(z, tmp, _y[i], size_batch); } } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { unsigned char tmp[256]; unsigned char _x[256]; for (unsigned int i = 0; i < dim; i++) { - _x[i] = PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(x, i); } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(y, size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(y, size_batch); for (unsigned int i = 0; i < dim; i++) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = i; j < dim; j++) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(tmp, trimat, _x[j], size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(tmp, trimat, _x[j], size_batch); trimat += size_batch; } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd(y, tmp, _x[i], size_batch); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(y, tmp, _x[i], size_batch); } } diff --git a/crypto_sign/rainbowIa-cyclic/clean/parallel_matrix_op.h b/crypto_sign/rainbowI-classic/clean/parallel_matrix_op.h similarity index 91% rename from crypto_sign/rainbowIa-cyclic/clean/parallel_matrix_op.h rename to crypto_sign/rainbowI-classic/clean/parallel_matrix_op.h index 223fbeea..52f596e5 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/parallel_matrix_op.h +++ b/crypto_sign/rainbowI-classic/clean/parallel_matrix_op.h @@ -15,7 +15,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); +unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); /// /// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. @@ -25,7 +25,7 @@ unsigned int PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, uns /// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); //////////////////// Section: matrix multiplications /////////////////////////////// @@ -40,7 +40,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_UpperTrianglize(unsigned char *btriC, const u /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -54,7 +54,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, con /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -68,7 +68,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, co /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -82,7 +82,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -96,7 +96,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -110,7 +110,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, co /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -125,7 +125,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -141,7 +141,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -157,7 +157,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -172,7 +172,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, con /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -187,7 +187,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, co /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -202,7 +202,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); //////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// @@ -216,7 +216,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief y = x^Tr * trimat * x , in GF(256) @@ -227,7 +227,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief z = y^Tr * mat * x , in GF(16) @@ -240,7 +240,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); /// @@ -254,7 +254,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); #endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowIa-cyclic/clean/rainbow.c b/crypto_sign/rainbowI-classic/clean/rainbow.c similarity index 76% rename from crypto_sign/rainbowIa-cyclic/clean/rainbow.c rename to crypto_sign/rainbowI-classic/clean/rainbow.c index a4b6f45e..05add91c 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/rainbow.c +++ b/crypto_sign/rainbowI-classic/clean/rainbow.c @@ -16,7 +16,7 @@ #define MAX_ATTEMPT_FRMAT 128 -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { +int PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { uint8_t mat_l1[_O1 * _O1_BYTE]; uint8_t mat_l2[_O2 * _O2_BYTE]; uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; @@ -27,8 +27,8 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest uint8_t prng_seed[_HASH_LEN]; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) + PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { prng_preseed[i] ^= prng_preseed[i]; // clean } @@ -44,7 +44,7 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s if (MAX_ATTEMPT_FRMAT <= n_attempt) { break; } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable n_attempt++; @@ -65,7 +65,7 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s uint8_t y[_PUB_M_BYTE]; uint8_t *x_v1 = vinegar; uint8_t x_o1[_O1_BYTE]; - uint8_t x_o2[_O1_BYTE]; + uint8_t x_o2[_O2_BYTE]; uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, _digest, _HASH_LEN); @@ -79,31 +79,31 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s } // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt - PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt + PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) // y = S^-1 * z memcpy(y, _z, _PUB_M_BYTE); // identity part of S gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); // Central Map: // layer 1: calculate x_o1 memcpy(temp_o, r_l1_F1, _O1_BYTE); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); // layer 2: calculate x_o2 - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); // generate the linear equations of the 2nd layer gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs @@ -117,13 +117,13 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); // Computing the t1 part. gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t4 part. gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t3 part. gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 // clean @@ -141,12 +141,12 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s if (MAX_ATTEMPT_FRMAT <= n_attempt) { return -1; } - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); return 0; } -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { +int PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { unsigned char digest_ck[_PUB_M_BYTE]; // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); @@ -155,7 +155,7 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const ui unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, digest, _HASH_LEN); memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) + PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) // check consistancy. unsigned char cc = 0; @@ -166,8 +166,3 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const ui } -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { - unsigned char pk[sizeof(pk_t) + 32]; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. - return PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); -} diff --git a/crypto_sign/rainbowVc-classic/clean/rainbow.h b/crypto_sign/rainbowI-classic/clean/rainbow.h similarity index 73% rename from crypto_sign/rainbowVc-classic/clean/rainbow.h rename to crypto_sign/rainbowI-classic/clean/rainbow.h index e455fe47..cf7f2b4c 100644 --- a/crypto_sign/rainbowVc-classic/clean/rainbow.h +++ b/crypto_sign/rainbowI-classic/clean/rainbow.h @@ -16,7 +16,7 @@ /// @param[in] sk - the secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); /// /// @brief Verifying function. @@ -26,7 +26,7 @@ int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t * /// @param[in] pk - the public key. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); +int PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); diff --git a/crypto_sign/rainbowI-classic/clean/rainbow_blas.h b/crypto_sign/rainbowI-classic/clean/rainbow_blas.h new file mode 100644 index 00000000..99fc5be4 --- /dev/null +++ b/crypto_sign/rainbowI-classic/clean/rainbow_blas.h @@ -0,0 +1,32 @@ +#ifndef _RAINBOW_BLAS_H_ +#define _RAINBOW_BLAS_H_ +/// @file rainbow_blas.h +/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h +/// +/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h + +#include "blas.h" +#include "blas_comm.h" +#include "parallel_matrix_op.h" +#include "rainbow_config.h" + + +#define gfv_get_ele PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele +#define gfv_mul_scalar PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_mul_scalar +#define gfv_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd + +#define gfmat_prod PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_prod +#define gfmat_inv PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_inv + +#define batch_trimat_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimat_madd_gf16 +#define batch_trimatTr_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimatTr_madd_gf16 +#define batch_2trimat_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_2trimat_madd_gf16 +#define batch_matTr_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_matTr_madd_gf16 +#define batch_bmatTr_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_bmatTr_madd_gf16 +#define batch_mat_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_mat_madd_gf16 + +#define batch_quad_trimat_eval PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_trimat_eval_gf16 +#define batch_quad_recmat_eval PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_recmat_eval_gf16 + + +#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIa-cyclic/clean/rainbow_config.h b/crypto_sign/rainbowI-classic/clean/rainbow_config.h similarity index 98% rename from crypto_sign/rainbowIa-cyclic/clean/rainbow_config.h rename to crypto_sign/rainbowI-classic/clean/rainbow_config.h index 36075368..a581af34 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/rainbow_config.h +++ b/crypto_sign/rainbowI-classic/clean/rainbow_config.h @@ -7,7 +7,7 @@ #define _USE_GF16 #define _GFSIZE 16 -#define _V1 32 +#define _V1 36 #define _O1 32 #define _O2 32 #define _MAX_O 32 diff --git a/crypto_sign/rainbowI-classic/clean/rainbow_keypair.c b/crypto_sign/rainbowI-classic/clean/rainbow_keypair.c new file mode 100644 index 00000000..39d059e6 --- /dev/null +++ b/crypto_sign/rainbowI-classic/clean/rainbow_keypair.c @@ -0,0 +1,155 @@ +/// @file rainbow_keypair.c +/// @brief implementations of functions in rainbow_keypair.h +/// + +#include "rainbow_keypair.h" +#include "blas.h" +#include "blas_comm.h" +#include "rainbow_blas.h" +#include "rainbow_keypair_computation.h" +#include "utils_prng.h" +#include +#include +#include + +static +void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) { + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->s1); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t1); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t4); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t3); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); +} + + +static +unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l1_F1); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l1_F2); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + + return n_byte_generated; +} + + +static +unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l2_F1); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F2); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F3); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F5); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F6); + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + + return n_byte_generated; +} + + +static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { + sk += generate_l1_F12(sk, prng0); + generate_l2_F12356(sk, prng0); +} + +static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) { + // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2 + unsigned char temp[_V1_BYTE + 32]; + unsigned char *t4 = t2_to_t4; + for (unsigned int i = 0; i < _O2; i++) { /// t3 width + gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE); + t4 += _V1_BYTE; + t3 += _O1_BYTE; + } +} + +static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) { + unsigned char temp[_O1_BYTE + 32]; + while (n_terms--) { + gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); + PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); + l1_polys += _O1_BYTE; + l2_polys += _O2_BYTE; + } +} + +/////////////////// Classic ////////////////////////////////// + +static void generate_secretkey(sk_t *sk, const unsigned char *sk_seed) { + memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); + + // set up prng + prng_t prng0; + PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); + + // generating secret key with prng. + generate_S_T(sk->s1, &prng0); + generate_B1_B2(sk->l1_F1, &prng0); + + // clean prng + memset(&prng0, 0, sizeof(prng_t)); +} + +void PQCLEAN_RAINBOWICLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) { + generate_secretkey(sk, sk_seed); + + // set up a temporary structure ext_cpk_t for calculating public key. + ext_cpk_t pk; + + PQCLEAN_RAINBOWICLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format. + calculate_t4(sk->t4, sk->t1, sk->t3); + + obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1); + obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1); + obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1); + obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1); + obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1); + obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1); + // so far, the pk contains the full pk but in ext_cpk_t format. + + PQCLEAN_RAINBOWICLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t. +} + + + diff --git a/crypto_sign/rainbowIa-classic/clean/rainbow_keypair.h b/crypto_sign/rainbowI-classic/clean/rainbow_keypair.h similarity index 94% rename from crypto_sign/rainbowIa-classic/clean/rainbow_keypair.h rename to crypto_sign/rainbowI-classic/clean/rainbow_keypair.h index f614f064..a47366f5 100644 --- a/crypto_sign/rainbowIa-classic/clean/rainbow_keypair.h +++ b/crypto_sign/rainbowI-classic/clean/rainbow_keypair.h @@ -52,7 +52,7 @@ typedef struct rainbow_secretkey { /// @param[out] sk - the secret key. /// @param[in] sk_seed - seed for generating the secret key. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed); diff --git a/crypto_sign/rainbowVc-classic/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowI-classic/clean/rainbow_keypair_computation.c similarity index 85% rename from crypto_sign/rainbowVc-classic/clean/rainbow_keypair_computation.c rename to crypto_sign/rainbowI-classic/clean/rainbow_keypair_computation.c index da7851f4..0eb7290c 100644 --- a/crypto_sign/rainbowVc-classic/clean/rainbow_keypair_computation.c +++ b/crypto_sign/rainbowI-classic/clean/rainbow_keypair_computation.c @@ -11,12 +11,12 @@ #include #include -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { const unsigned char *idx_l1 = cpk->l1_Q1; const unsigned char *idx_l2 = cpk->l2_Q1; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = i; j < _V1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -27,7 +27,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q2; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q3; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -49,7 +49,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q5; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = i; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -60,7 +60,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q6; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -71,7 +71,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q9; for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { for (unsigned int j = i; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -106,11 +106,11 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts // l2_Q5 : _O2_BYTE * _V1 * _O1 // l2_Q9 : _O2_BYTE * _V1 * _O2 - unsigned char tempQ[_O1_BYTE * _O1 * _O1 + 32]; + unsigned char tempQ[_MAX_O_BYTE * _MAX_O * _MAX_O + 32]; memset(tempQ, 0, _O1_BYTE * _O1 * _O1); // l1_Q5 batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q2, _O1, _O1_BYTE); // t1_tr*(F1*T1 + F2) - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5 batch_trimatTr_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // Q2 /* @@ -127,7 +127,7 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts memset(tempQ, 0, _O1_BYTE * _O2 * _O2); // l1_Q9 batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9 + PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9 batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 @@ -149,7 +149,7 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts memcpy(Qs->l2_Q5, Fs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); memset(tempQ, 0, _O2_BYTE * _O1 * _O1); // l2_Q5 batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q2, _O1, _O2_BYTE); // t1_tr*(F1*T1 + F2) - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5 batch_trimatTr_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q2 @@ -175,7 +175,7 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts batch_trimat_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 batch_matTr_madd(tempQ, Ts->t3, _O1, _O1_BYTE, _O2, Qs->l2_Q6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9 + PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9 batch_trimatTr_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1_F1T_T2 + F2_T3 + F3 // Q3 @@ -184,6 +184,6 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts batch_matTr_madd(Qs->l2_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q3, _O2, _O2_BYTE); // Q6 } #define calculate_Q_from_F_impl calculate_Q_from_F_ref -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { +void PQCLEAN_RAINBOWICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { calculate_Q_from_F_impl(Qs, Fs, Ts); } diff --git a/crypto_sign/rainbowVc-classic/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowI-classic/clean/rainbow_keypair_computation.h similarity index 90% rename from crypto_sign/rainbowVc-classic/clean/rainbow_keypair_computation.h rename to crypto_sign/rainbowI-classic/clean/rainbow_keypair_computation.h index c9ea1499..13a931e8 100644 --- a/crypto_sign/rainbowVc-classic/clean/rainbow_keypair_computation.h +++ b/crypto_sign/rainbowI-classic/clean/rainbow_keypair_computation.h @@ -37,7 +37,7 @@ typedef struct rainbow_extend_publickey { /// @param[out] pk - the classic public key. /// @param[in] cpk - the internel public key. /// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); ///////////////////////////////////////////////// /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) /// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the secret key: T1, T4, T3 /// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); #endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowVc-cyclic/clean/sign.c b/crypto_sign/rainbowI-classic/clean/sign.c similarity index 57% rename from crypto_sign/rainbowVc-cyclic/clean/sign.c rename to crypto_sign/rainbowI-classic/clean/sign.c index 41a3d999..7ffdca39 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/sign.c +++ b/crypto_sign/rainbowI-classic/clean/sign.c @@ -12,28 +12,26 @@ #include #include -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { unsigned char sk_seed[LEN_SKSEED] = {0}; randombytes(sk_seed, LEN_SKSEED); - unsigned char pk_seed[LEN_PKSEED] = {0}; - randombytes(pk_seed, LEN_PKSEED); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_generate_keypair_cyclic((cpk_t *)pk, (sk_t *)sk, pk_seed, sk_seed); + PQCLEAN_RAINBOWICLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed); return 0; } -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); memcpy(sm, m, mlen); smlen[0] = mlen + _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); + return PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); } -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { int rc; if (_SIGNATURE_BYTE > smlen) { rc = -1; @@ -41,9 +39,9 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mle *mlen = smlen - _SIGNATURE_BYTE; unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); + PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); - rc = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); + rc = PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk); } if (!rc) { memmove(m, sm, smlen - _SIGNATURE_BYTE); @@ -54,23 +52,23 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mle return rc; } -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_signature( +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_signature( uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk) { unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); *siglen = _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); + return PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); } -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_verify( +int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_verify( const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk) { if (siglen != _SIGNATURE_BYTE) { return -1; } unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - return PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); + PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + return PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk); } diff --git a/crypto_sign/rainbowIa-cyclic/clean/utils_hash.c b/crypto_sign/rainbowI-classic/clean/utils_hash.c similarity index 78% rename from crypto_sign/rainbowIa-cyclic/clean/utils_hash.c rename to crypto_sign/rainbowI-classic/clean/utils_hash.c index dba6a633..eab04da8 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/utils_hash.c +++ b/crypto_sign/rainbowI-classic/clean/utils_hash.c @@ -7,7 +7,7 @@ #include "rainbow_config.h" #include "sha2.h" -static inline int _hash(unsigned char *digest, const unsigned char *m, size_t mlen) { +static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) { sha256(digest, m, mlen); return 0; } @@ -25,14 +25,14 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi n_digest -= _HASH_LEN; while (_HASH_LEN <= n_digest) { - _hash(digest + _HASH_LEN, digest, _HASH_LEN); + h(digest + _HASH_LEN, digest, _HASH_LEN); n_digest -= _HASH_LEN; digest += _HASH_LEN; } unsigned char temp[_HASH_LEN]; if (n_digest) { - _hash(temp, digest, _HASH_LEN); + h(temp, digest, _HASH_LEN); for (size_t i = 0; i < n_digest; i++) { digest[_HASH_LEN + i] = temp[i]; } @@ -40,11 +40,11 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi return 0; } -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(unsigned char *digest, +int PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen) { unsigned char buf[_HASH_LEN]; - _hash(buf, m, mlen); + h(buf, m, mlen); return expand_hash(digest, len_digest, buf); } diff --git a/crypto_sign/rainbowIa-cyclic/clean/utils_hash.h b/crypto_sign/rainbowI-classic/clean/utils_hash.h similarity index 78% rename from crypto_sign/rainbowIa-cyclic/clean/utils_hash.h rename to crypto_sign/rainbowI-classic/clean/utils_hash.h index da601579..5faa067a 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/utils_hash.h +++ b/crypto_sign/rainbowI-classic/clean/utils_hash.h @@ -6,6 +6,6 @@ #include -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); +int PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); #endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowVc-cyclic/clean/utils_prng.c b/crypto_sign/rainbowI-classic/clean/utils_prng.c similarity index 92% rename from crypto_sign/rainbowVc-cyclic/clean/utils_prng.c rename to crypto_sign/rainbowI-classic/clean/utils_prng.c index aee9b20e..4d6c9b95 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/utils_prng.c +++ b/crypto_sign/rainbowI-classic/clean/utils_prng.c @@ -78,13 +78,13 @@ static int randombytes_with_state(prng_t *state, return 0; } -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { +int PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { unsigned char seed[48]; if (prng_seedlen >= 48) { memcpy(seed, prng_seed, 48); } else { memcpy(seed, prng_seed, prng_seedlen); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); + PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); } randombytes_init_with_state(ctx, seed); @@ -92,6 +92,6 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, u return 0; } -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { +int PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { return randombytes_with_state(ctx, out, outlen); } diff --git a/crypto_sign/rainbowVc-cyclic/clean/utils_prng.h b/crypto_sign/rainbowI-classic/clean/utils_prng.h similarity index 72% rename from crypto_sign/rainbowVc-cyclic/clean/utils_prng.h rename to crypto_sign/rainbowI-classic/clean/utils_prng.h index 35c4f0a7..76b869f8 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/utils_prng.h +++ b/crypto_sign/rainbowI-classic/clean/utils_prng.h @@ -12,7 +12,7 @@ typedef struct { unsigned char V[16]; } prng_t; -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); +int PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); +int PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); #endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowI-compressed/META.yml b/crypto_sign/rainbowI-compressed/META.yml new file mode 100644 index 00000000..b5aee704 --- /dev/null +++ b/crypto_sign/rainbowI-compressed/META.yml @@ -0,0 +1,20 @@ +name: "RAINBOW(16,36,32,32) - compressed" +type: signature +claimed-nist-level: 1 +length-public-key: 60192 +length-secret-key: 64 +length-signature: 66 +nistkat-sha256: 6ff3ff91f17c85593317f18a9de09acf4204c45d620250cb948c9fbc9042f1e9 +testvectors-sha256: 0a2ebcb8cf748ea51510eecc17d7af73d1f831fbe0db9330fbab9b4916d0c57b +principal-submitters: + - Jintai Ding +auxiliary-submitters: + - Ming-Shing Chen + - Matthias Kannwischer + - Jacques Patarin + - Albrecht Petzoldt + - Dieter Schmidt + - Bo-Yin Yang +implementations: + - name: clean + version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263 diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/LICENSE b/crypto_sign/rainbowI-compressed/clean/LICENSE similarity index 100% rename from crypto_sign/rainbowIIIc-cyclic/clean/LICENSE rename to crypto_sign/rainbowI-compressed/clean/LICENSE diff --git a/crypto_sign/rainbowIIIc-classic/clean/Makefile b/crypto_sign/rainbowI-compressed/clean/Makefile similarity index 95% rename from crypto_sign/rainbowIIIc-classic/clean/Makefile rename to crypto_sign/rainbowI-compressed/clean/Makefile index f6f31469..1e440840 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/Makefile +++ b/crypto_sign/rainbowI-compressed/clean/Makefile @@ -1,6 +1,6 @@ # This Makefile can be used with GNU Make or BSD Make -LIB=librainbowIIIc-classic_clean.a +LIB=librainbowI-compressed_clean.a HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o diff --git a/crypto_sign/rainbowIIIc-classic/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowI-compressed/clean/Makefile.Microsoft_nmake similarity index 92% rename from crypto_sign/rainbowIIIc-classic/clean/Makefile.Microsoft_nmake rename to crypto_sign/rainbowI-compressed/clean/Makefile.Microsoft_nmake index 11303107..d4f08bf3 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/Makefile.Microsoft_nmake +++ b/crypto_sign/rainbowI-compressed/clean/Makefile.Microsoft_nmake @@ -1,7 +1,7 @@ # This Makefile can be used with Microsoft Visual Studio's nmake using the command: # nmake /f Makefile.Microsoft_nmake -LIBRARY=librainbowIIIc-classic_clean.lib +LIBRARY=librainbowI-compressed_clean.lib OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX diff --git a/crypto_sign/rainbowI-compressed/clean/api.h b/crypto_sign/rainbowI-compressed/clean/api.h new file mode 100644 index 00000000..1b1257e7 --- /dev/null +++ b/crypto_sign/rainbowI-compressed/clean/api.h @@ -0,0 +1,32 @@ +#ifndef PQCLEAN_RAINBOWICOMPRESSED_CLEAN_API_H +#define PQCLEAN_RAINBOWICOMPRESSED_CLEAN_API_H + +#include +#include + +#define PQCLEAN_RAINBOWICOMPRESSED_CLEAN_CRYPTO_SECRETKEYBYTES 64 +#define PQCLEAN_RAINBOWICOMPRESSED_CLEAN_CRYPTO_PUBLICKEYBYTES 60192 +#define PQCLEAN_RAINBOWICOMPRESSED_CLEAN_CRYPTO_BYTES 66 +#define PQCLEAN_RAINBOWICOMPRESSED_CLEAN_CRYPTO_ALGNAME "RAINBOW(16,36,32,32) - compressed" + +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); + + +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk); + +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk); + +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, + const uint8_t *m, size_t mlen, + const uint8_t *sk); + +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, + const uint8_t *sm, size_t smlen, + const uint8_t *pk); + + +#endif diff --git a/crypto_sign/rainbowI-compressed/clean/blas.c b/crypto_sign/rainbowI-compressed/clean/blas.c new file mode 100644 index 00000000..52fdd860 --- /dev/null +++ b/crypto_sign/rainbowI-compressed/clean/blas.c @@ -0,0 +1,43 @@ +#include "blas.h" +#include "gf.h" + +#include + +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { + uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= (a[i] & pr_u8); + } +} + +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= a[i]; + } +} + + +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte) { + uint8_t tmp; + for (size_t i = 0; i < _num_byte; i++) { + tmp = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); + tmp |= (uint8_t) (PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); + a[i] = tmp; + } +} + +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_c[i] ^= PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); + accu_c[i] ^= (uint8_t) (PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); + } +} + +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte) { + uint8_t r = 0; + for (size_t i = 0; i < _num_byte; i++) { + r ^= PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_mul(a[i], b[i]); + } + return r; +} + diff --git a/crypto_sign/rainbowI-compressed/clean/blas.h b/crypto_sign/rainbowI-compressed/clean/blas.h new file mode 100644 index 00000000..3ef76356 --- /dev/null +++ b/crypto_sign/rainbowI-compressed/clean/blas.h @@ -0,0 +1,20 @@ +#ifndef _BLAS_H_ +#define _BLAS_H_ +/// @file blas.h +/// @brief Functions for implementing basic linear algebra functions. +/// + +#include "rainbow_config.h" +#include +#include + +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); + + +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte); +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte); + + +#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowIa-classic/clean/blas_comm.c b/crypto_sign/rainbowI-compressed/clean/blas_comm.c similarity index 57% rename from crypto_sign/rainbowIa-classic/clean/blas_comm.c rename to crypto_sign/rainbowI-compressed/clean/blas_comm.c index 10a6f3f6..9da4fd4b 100644 --- a/crypto_sign/rainbowIa-classic/clean/blas_comm.c +++ b/crypto_sign/rainbowI-compressed/clean/blas_comm.c @@ -10,7 +10,7 @@ #include #include -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { for (size_t i = 0; i < _num_byte; i++) { b[i] = 0; } @@ -22,7 +22,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _nu /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i) { +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i) { uint8_t r = a[i >> 1]; uint8_t r0 = r & 0xf; uint8_t r1 = r >> 4; @@ -37,7 +37,7 @@ uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned /// @param[in] v - the value for the i-th element in vector a. /// @return the value of the element. /// -static uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_set_ele(uint8_t *a, unsigned int i, uint8_t v) { +static uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_set_ele(uint8_t *a, unsigned int i, uint8_t v) { uint8_t m = (uint8_t)(0xf ^ (-((int8_t)i & 1))); /// 1--> 0xf0 , 0--> 0x0f uint8_t ai_remaining = (uint8_t)(a[i >> 1] & (~m)); /// erase a[i >> 1] = (uint8_t)(ai_remaining | (m & (v << 4)) | (m & v & 0xf)); /// set @@ -45,22 +45,22 @@ static uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_set_ele(uint8_t *a, unsigned } static void gf16mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(c, n_A_vec_byte); for (unsigned int i = 0; i < n_A_width; i++) { - uint8_t bb = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(b, i); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(c, matA, bb, n_A_vec_byte); + uint8_t bb = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(b, i); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(c, matA, bb, n_A_vec_byte); matA += n_A_vec_byte; } } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { unsigned int n_vec_byte = (len_vec + 1) / 2; for (unsigned int k = 0; k < len_vec; k++) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(c, n_vec_byte); const uint8_t *bk = b + n_vec_byte * k; for (unsigned int i = 0; i < len_vec; i++) { - uint8_t bb = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(bk, i); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(c, a + n_vec_byte * i, bb, n_vec_byte); + uint8_t bb = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(bk, i); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(c, a + n_vec_byte * i, bb, n_vec_byte); } c += n_vec_byte; } @@ -74,19 +74,19 @@ static unsigned int gf16mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigne uint8_t *ai = mat + n_w_byte * i; for (unsigned int j = i + 1; j < h; j++) { uint8_t *aj = mat + n_w_byte * j; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_predicated_add(ai + offset_byte, 1 ^ PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_is_nonzero(PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(ai, i)), aj + offset_byte, n_w_byte - offset_byte); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_predicated_add(ai + offset_byte, 1 ^ PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_is_nonzero(PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(ai, i)), aj + offset_byte, n_w_byte - offset_byte); } - uint8_t pivot = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(ai, i); - r8 &= PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_is_nonzero(pivot); - pivot = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_inv(pivot); + uint8_t pivot = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(ai, i); + r8 &= PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_is_nonzero(pivot); + pivot = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_inv(pivot); offset_byte = (i + 1) >> 1; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_mul_scalar(ai + offset_byte, pivot, n_w_byte - offset_byte); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_mul_scalar(ai + offset_byte, pivot, n_w_byte - offset_byte); for (unsigned int j = 0; j < h; j++) { if (i == j) { continue; } uint8_t *aj = mat + n_w_byte * j; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(aj + offset_byte, ai + offset_byte, PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(aj, i), n_w_byte - offset_byte); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(aj + offset_byte, ai + offset_byte, PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(aj, i), n_w_byte - offset_byte); } } return r8; @@ -97,11 +97,11 @@ static unsigned int gf16mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp unsigned int n_byte = (n + 1) >> 1; for (unsigned int i = 0; i < n; i++) { memcpy(mat + i * (n_byte + 1), inp_mat + i * n_byte, n_byte); - mat[i * (n_byte + 1) + n_byte] = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(c_terms, i); + mat[i * (n_byte + 1) + n_byte] = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(c_terms, i); } - unsigned int r8 = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_gauss_elim(mat, n, n + 2); + unsigned int r8 = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_gauss_elim(mat, n, n + 2); for (unsigned int i = 0; i < n; i++) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_set_ele(sol, i, mat[i * (n_byte + 1) + n_byte]); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_set_ele(sol, i, mat[i * (n_byte + 1) + n_byte]); } return r8; } @@ -117,17 +117,17 @@ static inline void gf16mat_submat(uint8_t *mat2, unsigned int w2, unsigned int s } } -unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { +unsigned int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { unsigned int n_w_byte = (H + 1) / 2; uint8_t *aa = buffer; for (unsigned int i = 0; i < H; i++) { uint8_t *ai = aa + i * 2 * n_w_byte; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(ai, 2 * n_w_byte); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(ai, a + i * n_w_byte, n_w_byte); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_set_ele(ai + n_w_byte, i, 1); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(ai, 2 * n_w_byte); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(ai, a + i * n_w_byte, n_w_byte); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_set_ele(ai + n_w_byte, i, 1); } - unsigned int r8 = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_gauss_elim(aa, H, 2 * H); + unsigned int r8 = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_gauss_elim(aa, H, 2 * H); gf16mat_submat(inv_a, H, H, aa, 2 * H, H); return r8; } @@ -138,15 +138,15 @@ unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const ui #define gf16mat_gauss_elim_impl gf16mat_gauss_elim_ref #define gf16mat_solve_linear_eq_impl gf16mat_solve_linear_eq_ref -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { gf16mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); } -unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { +unsigned int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { return gf16mat_gauss_elim_impl(mat, h, w); } -unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { +unsigned int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { return gf16mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); } diff --git a/crypto_sign/rainbowIa-classic/clean/blas_comm.h b/crypto_sign/rainbowI-compressed/clean/blas_comm.h similarity index 72% rename from crypto_sign/rainbowIa-classic/clean/blas_comm.h rename to crypto_sign/rainbowI-compressed/clean/blas_comm.h index 9cbe8ff1..24b19862 100644 --- a/crypto_sign/rainbowIa-classic/clean/blas_comm.h +++ b/crypto_sign/rainbowI-compressed/clean/blas_comm.h @@ -12,7 +12,7 @@ /// @param[in,out] b - the vector b. /// @param[in] _num_byte - number of bytes for the vector b. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); /// @brief get an element from GF(16) vector . /// @@ -20,7 +20,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _nu /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i); +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i); /// @brief matrix-matrix multiplication: c = a * b , in GF(16) /// @@ -29,7 +29,7 @@ uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned /// @param[in] b - a matrix b. /// @param[in] len_vec - the length of column vectors. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); /// @brief Gauss elimination for a matrix, in GF(16) /// @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, co /// @param[in] w - the width of the matrix. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); +unsigned int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); /// @brief Solving linear equations, in GF(16) /// @@ -48,7 +48,7 @@ unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, uns /// @param[in] n - the number of equations. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); +unsigned int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); /// @brief Computing the inverse matrix, in GF(16) /// @@ -58,7 +58,7 @@ unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol /// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); +unsigned int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); /// @brief matrix-vector multiplication: c = matA * b , in GF(16) /// @@ -68,7 +68,7 @@ unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const ui /// @param[in] n_A_width - the width of matrix A. /// @param[in] b - the vector b. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); #endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowIa-classic/clean/gf.c b/crypto_sign/rainbowI-compressed/clean/gf.c similarity index 77% rename from crypto_sign/rainbowIa-classic/clean/gf.c rename to crypto_sign/rainbowI-compressed/clean/gf.c index ec080f98..6bd36c64 100644 --- a/crypto_sign/rainbowIa-classic/clean/gf.c +++ b/crypto_sign/rainbowI-compressed/clean/gf.c @@ -17,7 +17,7 @@ static inline uint8_t gf4_squ(uint8_t a) { } //// gf16 := gf4[y]/y^2+y+x -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 3; uint8_t a1 = (a >> 2); uint8_t b0 = b & 3; @@ -37,18 +37,18 @@ static inline uint8_t gf16_squ(uint8_t a) { return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); } -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_is_nonzero(uint8_t a) { +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_is_nonzero(uint8_t a) { unsigned int a4 = a & 0xf; unsigned int r = ((unsigned int)0) - a4; r >>= 4; return r & 1; } -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_inv(uint8_t a) { +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_inv(uint8_t a) { uint8_t a2 = gf16_squ(a); uint8_t a4 = gf16_squ(a2); uint8_t a8 = gf16_squ(a4); - uint8_t a6 = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_mul(a4, a2); - return PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_mul(a8, a6); + uint8_t a6 = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_mul(a4, a2); + return PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_mul(a8, a6); } diff --git a/crypto_sign/rainbowI-compressed/clean/gf.h b/crypto_sign/rainbowI-compressed/clean/gf.h new file mode 100644 index 00000000..8f6935a7 --- /dev/null +++ b/crypto_sign/rainbowI-compressed/clean/gf.h @@ -0,0 +1,18 @@ +#ifndef _GF16_H_ +#define _GF16_H_ + +#include "rainbow_config.h" +#include + +/// @file gf16.h +/// @brief Library for arithmetics in GF(16) and GF(256) +/// + +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b); + + +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_is_nonzero(uint8_t a); +uint8_t PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16_inv(uint8_t a); + + +#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIa-classic/clean/parallel_matrix_op.c b/crypto_sign/rainbowI-compressed/clean/parallel_matrix_op.c similarity index 55% rename from crypto_sign/rainbowIa-classic/clean/parallel_matrix_op.c rename to crypto_sign/rainbowI-compressed/clean/parallel_matrix_op.c index fc8c7207..b3ef7a49 100644 --- a/crypto_sign/rainbowIa-classic/clean/parallel_matrix_op.c +++ b/crypto_sign/rainbowI-compressed/clean/parallel_matrix_op.c @@ -16,7 +16,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { +unsigned int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; } @@ -30,25 +30,25 @@ unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, un /// static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { if (i_row > j_col) { - return PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var); + return PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(j_col, i_row, n_var); } - return PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var); + return PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(i_row, j_col, n_var); } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { unsigned char *runningC = btriC; unsigned int Aheight = Awidth; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < i; j++) { - unsigned int idx = PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(j, i, Aheight); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); + unsigned int idx = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(j, i, Aheight); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); runningC += size_batch * (Aheight - i); } } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; unsigned int Aheight = Awidth; @@ -58,7 +58,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, co if (k < i) { continue; } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -66,7 +66,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, co } } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -75,14 +75,14 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, if (i < k) { continue; } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -91,46 +91,46 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, c if (i == k) { continue; } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { unsigned int Atr_height = Awidth; unsigned int Atr_width = Aheight; for (unsigned int i = 0; i < Atr_height; i++) { for (unsigned int j = 0; j < Atr_width; j++) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); } bC += size_batch * Bwidth; } } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { const unsigned char *bA = bA_to_tr; unsigned int Aheight = Awidth_before_tr; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -138,45 +138,45 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const } } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch) { unsigned char tmp[128]; unsigned char _x[128]; for (unsigned int i = 0; i < dim_x; i++) { - _x[i] = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(x, i); } unsigned char _y[128]; for (unsigned int i = 0; i < dim_y; i++) { - _y[i] = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(y, i); + _y[i] = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(y, i); } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(z, size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(z, size_batch); for (unsigned int i = 0; i < dim_y; i++) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = 0; j < dim_x; j++) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(tmp, mat, _x[j], size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(tmp, mat, _x[j], size_batch); mat += size_batch; } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(z, tmp, _y[i], size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(z, tmp, _y[i], size_batch); } } -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { unsigned char tmp[256]; unsigned char _x[256]; for (unsigned int i = 0; i < dim; i++) { - _x[i] = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele(x, i); } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(y, size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(y, size_batch); for (unsigned int i = 0; i < dim; i++) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = i; j < dim; j++) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(tmp, trimat, _x[j], size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(tmp, trimat, _x[j], size_batch); trimat += size_batch; } - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(y, tmp, _x[i], size_batch); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd(y, tmp, _x[i], size_batch); } } diff --git a/crypto_sign/rainbowIIIc-classic/clean/parallel_matrix_op.h b/crypto_sign/rainbowI-compressed/clean/parallel_matrix_op.h similarity index 91% rename from crypto_sign/rainbowIIIc-classic/clean/parallel_matrix_op.h rename to crypto_sign/rainbowI-compressed/clean/parallel_matrix_op.h index 78c1e83f..a88e861e 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/parallel_matrix_op.h +++ b/crypto_sign/rainbowI-compressed/clean/parallel_matrix_op.h @@ -15,7 +15,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); +unsigned int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); /// /// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. @@ -25,7 +25,7 @@ unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, /// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); //////////////////// Section: matrix multiplications /////////////////////////////// @@ -40,7 +40,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, cons /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -54,7 +54,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -68,7 +68,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -82,7 +82,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -96,7 +96,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *b /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -110,7 +110,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -125,7 +125,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -141,7 +141,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -157,7 +157,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -172,7 +172,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -187,7 +187,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -202,7 +202,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, con /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); //////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// @@ -216,7 +216,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, co /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief y = x^Tr * trimat * x , in GF(256) @@ -227,7 +227,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief z = y^Tr * mat * x , in GF(16) @@ -240,7 +240,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); /// @@ -254,7 +254,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); #endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowIIIc-classic/clean/rainbow.c b/crypto_sign/rainbowI-compressed/clean/rainbow.c similarity index 72% rename from crypto_sign/rainbowIIIc-classic/clean/rainbow.c rename to crypto_sign/rainbowI-compressed/clean/rainbow.c index fc808689..c85690fa 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/rainbow.c +++ b/crypto_sign/rainbowI-compressed/clean/rainbow.c @@ -16,7 +16,7 @@ #define MAX_ATTEMPT_FRMAT 128 -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { uint8_t mat_l1[_O1 * _O1_BYTE]; uint8_t mat_l2[_O2 * _O2_BYTE]; uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; @@ -27,8 +27,8 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest uint8_t prng_seed[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { prng_preseed[i] ^= prng_preseed[i]; // clean } @@ -44,7 +44,7 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t if (MAX_ATTEMPT_FRMAT <= n_attempt) { break; } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable n_attempt++; @@ -65,7 +65,7 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t uint8_t y[_PUB_M_BYTE]; uint8_t *x_v1 = vinegar; uint8_t x_o1[_O1_BYTE]; - uint8_t x_o2[_O1_BYTE]; + uint8_t x_o2[_O2_BYTE]; uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, _digest, _HASH_LEN); @@ -79,31 +79,31 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t } // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) // y = S^-1 * z memcpy(y, _z, _PUB_M_BYTE); // identity part of S gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); // Central Map: // layer 1: calculate x_o1 memcpy(temp_o, r_l1_F1, _O1_BYTE); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); // layer 2: calculate x_o2 - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); // generate the linear equations of the 2nd layer gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs @@ -117,13 +117,13 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); // Computing the t1 part. gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t4 part. gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t3 part. gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 // clean @@ -141,12 +141,12 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t if (MAX_ATTEMPT_FRMAT <= n_attempt) { return -1; } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); return 0; } -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { unsigned char digest_ck[_PUB_M_BYTE]; // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); @@ -155,7 +155,7 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, digest, _HASH_LEN); memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) // check consistancy. unsigned char cc = 0; @@ -165,4 +165,15 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const return (0 == cc) ? 0 : -1; } +/////////////// cyclic version /////////////////////////// +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *csk, const uint8_t *digest) { + unsigned char sk[sizeof(sk_t) + 32]; + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_generate_secretkey_cyclic((sk_t *)sk, csk->pk_seed, csk->sk_seed); // generating classic secret key. + return PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_sign(signature, (sk_t *)sk, digest); +} +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { + unsigned char pk[sizeof(pk_t) + 32]; + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. + return PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); +} diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow.h b/crypto_sign/rainbowI-compressed/clean/rainbow.h similarity index 69% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow.h rename to crypto_sign/rainbowI-compressed/clean/rainbow.h index 69112530..9b341caa 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow.h +++ b/crypto_sign/rainbowI-compressed/clean/rainbow.h @@ -16,7 +16,7 @@ /// @param[in] sk - the secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); /// /// @brief Verifying function. @@ -26,7 +26,7 @@ int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, con /// @param[in] pk - the public key. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); /// /// @brief Signing function for compressed secret key of the cyclic rainbow. @@ -35,7 +35,7 @@ int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest /// @param[in] sk - the compressed secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *sk, const uint8_t *digest); /// /// @brief Verifying function for cyclic public keys. @@ -45,6 +45,6 @@ int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signatu /// @param[in] pk - the public key of cyclic rainbow. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); #endif // _RAINBOW_H_ diff --git a/crypto_sign/rainbowI-compressed/clean/rainbow_blas.h b/crypto_sign/rainbowI-compressed/clean/rainbow_blas.h new file mode 100644 index 00000000..78e3bff4 --- /dev/null +++ b/crypto_sign/rainbowI-compressed/clean/rainbow_blas.h @@ -0,0 +1,32 @@ +#ifndef _RAINBOW_BLAS_H_ +#define _RAINBOW_BLAS_H_ +/// @file rainbow_blas.h +/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h +/// +/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h + +#include "blas.h" +#include "blas_comm.h" +#include "parallel_matrix_op.h" +#include "rainbow_config.h" + + +#define gfv_get_ele PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_get_ele +#define gfv_mul_scalar PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_mul_scalar +#define gfv_madd PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16v_madd + +#define gfmat_prod PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_prod +#define gfmat_inv PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf16mat_inv + +#define batch_trimat_madd PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_trimat_madd_gf16 +#define batch_trimatTr_madd PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_trimatTr_madd_gf16 +#define batch_2trimat_madd PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_2trimat_madd_gf16 +#define batch_matTr_madd PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_matTr_madd_gf16 +#define batch_bmatTr_madd PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_bmatTr_madd_gf16 +#define batch_mat_madd PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_mat_madd_gf16 + +#define batch_quad_trimat_eval PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16 +#define batch_quad_recmat_eval PQCLEAN_RAINBOWICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16 + + +#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIa-classic/clean/rainbow_config.h b/crypto_sign/rainbowI-compressed/clean/rainbow_config.h similarity index 98% rename from crypto_sign/rainbowIa-classic/clean/rainbow_config.h rename to crypto_sign/rainbowI-compressed/clean/rainbow_config.h index 36075368..a581af34 100644 --- a/crypto_sign/rainbowIa-classic/clean/rainbow_config.h +++ b/crypto_sign/rainbowI-compressed/clean/rainbow_config.h @@ -7,7 +7,7 @@ #define _USE_GF16 #define _GFSIZE 16 -#define _V1 32 +#define _V1 36 #define _O1 32 #define _O2 32 #define _MAX_O 32 diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair.c b/crypto_sign/rainbowI-compressed/clean/rainbow_keypair.c similarity index 52% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair.c rename to crypto_sign/rainbowI-compressed/clean/rainbow_keypair.c index 3aa376de..a3460d28 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair.c +++ b/crypto_sign/rainbowI-compressed/clean/rainbow_keypair.c @@ -12,52 +12,81 @@ #include #include -static void generate_S_T(unsigned char *s_and_t, prng_t *prng0) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // S1 - s_and_t += _O1_BYTE * _O2; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O1); // T1 - s_and_t += _V1_BYTE * _O1; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O2); // T2 - s_and_t += _V1_BYTE * _O2; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // T3 +static +void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) { + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->s1); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t1); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t4); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t3); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); } -static unsigned int generate_l1_F12(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); // l1_F1 - sk += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O1_BYTE * _V1 * _O1); // l1_F2 - n_byte_generated += _O1_BYTE * _V1 * _O1; +static +unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l1_F1); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l1_F2); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + return n_byte_generated; } -static unsigned int generate_l2_F12356(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // l2_F1 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_V1); +static +unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O1); // l2_F2 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F1); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O2); // l2_F3 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F2); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // l2_F5 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_O1); + size = sizeof(_sk->l2_F3); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _O1 * _O2); // l2_F6 - n_byte_generated += _O2_BYTE * _O1 * _O2; + size = sizeof(_sk->l2_F5); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F6); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; return n_byte_generated; } + static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { sk += generate_l1_F12(sk, prng0); generate_l2_F12356(sk, prng0); @@ -69,7 +98,7 @@ static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t4 = t2_to_t4; for (unsigned int i = 0; i < _O2; i++) { /// t3 width gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(t4, temp, _V1_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(t4, temp, _V1_BYTE); t4 += _V1_BYTE; t3 += _O1_BYTE; } @@ -79,7 +108,7 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ unsigned char temp[_O1_BYTE + 32]; while (n_terms--) { gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); l1_polys += _O1_BYTE; l2_polys += _O2_BYTE; } @@ -89,14 +118,14 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ ///////////////////// Cyclic ////////////////////////////////// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(pk->pk_seed, pk_seed, LEN_PKSEED); memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); // prng for sk prng_t prng; prng_t *prng0 = &prng; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); generate_S_T(sk->s1, prng0); // S,T: only a part of sk unsigned char t2[sizeof(sk->t4)]; @@ -107,18 +136,18 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t inst_Qs; sk_t *Qs = &inst_Qs; prng_t *prng1 = &prng; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1); obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1); // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6. - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T unsigned char t4[sizeof(sk->t4)]; memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4 memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2 - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4 obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1); @@ -131,19 +160,19 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *rsk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *rsk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(rsk->pk_seed, pk_seed, LEN_PKSEED); memcpy(rsk->sk_seed, sk_seed, LEN_SKSEED); sk_t sk; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(pk, &sk, pk_seed, sk_seed); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_generate_keypair_cyclic(pk, &sk, pk_seed, sk_seed); } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); // prng for sk prng_t prng0; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); generate_S_T(sk->s1, &prng0); calculate_t4(sk->t4, sk->t1, sk->t3); @@ -151,19 +180,19 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, sk_t inst_Qs; sk_t *Qs = &inst_Qs; prng_t prng1; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_set(&prng1, pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_set(&prng1, pk_seed, LEN_PKSEED); generate_B1_B2(Qs->l1_F1, &prng1); obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1); obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1); // calcuate the parts of sk according to pk. - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // clean prng for sk memset(&prng0, 0, sizeof(prng_t)); } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { // procedure: cpk_t --> extcpk_t --> pk_t // convert from cpk_t to extcpk_t @@ -171,7 +200,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *c // setup prng prng_t prng0; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); // generating parts of key with prng generate_l1_F12(pk.l1_Q1, &prng0); @@ -184,5 +213,5 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *c memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); // convert from extcpk_t to pk_t - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_extcpk_to_pk(rpk, &pk); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_extcpk_to_pk(rpk, &pk); } diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair.h b/crypto_sign/rainbowI-compressed/clean/rainbow_keypair.h similarity index 88% rename from crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair.h rename to crypto_sign/rainbowI-compressed/clean/rainbow_keypair.h index 4ca8876e..8c2a077b 100644 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair.h +++ b/crypto_sign/rainbowI-compressed/clean/rainbow_keypair.h @@ -77,7 +77,7 @@ typedef struct rainbow_secretkey_cyclic { /// @param[in] pk_seed - seed for generating parts of public key. /// @param[in] sk_seed - seed for generating secret key. /// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); /// /// @brief Generate compressed key pairs for cyclic rainbow. @@ -87,7 +87,7 @@ void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk /// @param[in] pk_seed - seed for generating parts of the public key. /// @param[in] sk_seed - seed for generating the secret key. /// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); /// /// @brief Generate secret key for cyclic rainbow. @@ -96,7 +96,7 @@ void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(c /// @param[in] pk_seed - seed for generating parts of the pbulic key. /// @param[in] sk_seed - seed for generating the secret key. /// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); //////////////////////////////////// @@ -106,6 +106,6 @@ void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *s /// @param[out] pk - the classic public key. /// @param[in] cpk - the cyclic public key. /// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); #endif // _RAINBOW_KEYPAIR_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowI-compressed/clean/rainbow_keypair_computation.c similarity index 87% rename from crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair_computation.c rename to crypto_sign/rainbowI-compressed/clean/rainbow_keypair_computation.c index ab38bca7..83a38adf 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair_computation.c +++ b/crypto_sign/rainbowI-compressed/clean/rainbow_keypair_computation.c @@ -11,12 +11,12 @@ #include #include -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { const unsigned char *idx_l1 = cpk->l1_Q1; const unsigned char *idx_l2 = cpk->l2_Q1; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = i; j < _V1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -27,7 +27,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk idx_l2 = cpk->l2_Q2; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk idx_l2 = cpk->l2_Q3; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -49,7 +49,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk idx_l2 = cpk->l2_Q5; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = i; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -60,7 +60,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk idx_l2 = cpk->l2_Q6; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -71,7 +71,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk idx_l2 = cpk->l2_Q9; for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { for (unsigned int j = i; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -119,7 +119,7 @@ static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { memset(tempQ, 0, _O1 * _O1 * _O2_BYTE); batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2) memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5 - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1 @@ -151,7 +151,7 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t memset(tempQ.l2_F2, 0, sizeof(tempQ.l2_F2)); batch_matTr_madd(tempQ.l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, tempQ.l1_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1)); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 /* F1_T2 = F1 * t2 @@ -170,7 +170,7 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t memset(tempQ.l1_F2, 0, _O1_BYTE * _V1 * _O2); // should be F3. assuming: _O1 >= _O2 batch_matTr_madd(tempQ.l1_F2, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 @@ -197,17 +197,17 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t batch_matTr_madd(tempQ.l2_F3, Ts->t3, _O1, _O1_BYTE, _O2, tempQ.l2_F6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 } // Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_ #define calculate_F_from_Q_impl calculate_F_from_Q_ref #define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { calculate_F_from_Q_impl(Fs, Qs, Ts); } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts); } diff --git a/crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowI-compressed/clean/rainbow_keypair_computation.h similarity index 87% rename from crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair_computation.h rename to crypto_sign/rainbowI-compressed/clean/rainbow_keypair_computation.h index 053e4700..3b20bc59 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair_computation.h +++ b/crypto_sign/rainbowI-compressed/clean/rainbow_keypair_computation.h @@ -37,7 +37,7 @@ typedef struct rainbow_extend_publickey { /// @param[out] pk - the classic public key. /// @param[in] cpk - the internel public key. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); ///////////////////////////////////////////////// /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); /// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the secret key: T1, T4, T3 /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); /// @@ -57,7 +57,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t /// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 /// @param[in] Ts - parts of the sk: T1, T4, T3 /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); /// /// @brief Computing parts of the pk from the secret key @@ -66,6 +66,6 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, /// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the sk: T1, T4, T3 /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWICOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); #endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowIIIc-classic/clean/sign.c b/crypto_sign/rainbowI-compressed/clean/sign.c similarity index 54% rename from crypto_sign/rainbowIIIc-classic/clean/sign.c rename to crypto_sign/rainbowI-compressed/clean/sign.c index 4d7cd1e1..6bdb9461 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/sign.c +++ b/crypto_sign/rainbowI-compressed/clean/sign.c @@ -12,26 +12,28 @@ #include #include -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { unsigned char sk_seed[LEN_SKSEED] = {0}; randombytes(sk_seed, LEN_SKSEED); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed); + unsigned char pk_seed[LEN_PKSEED] = {0}; + randombytes(pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_generate_compact_keypair_cyclic((cpk_t *)pk, (csk_t *)sk, pk_seed, sk_seed); return 0; } -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); memcpy(sm, m, mlen); smlen[0] = mlen + _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); + return PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_sign_cyclic(sm + mlen, (const csk_t *)sk, digest); } -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { int rc; if (_SIGNATURE_BYTE > smlen) { rc = -1; @@ -39,9 +41,9 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t * *mlen = smlen - _SIGNATURE_BYTE; unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); - rc = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk); + rc = PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); } if (!rc) { memmove(m, sm, smlen - _SIGNATURE_BYTE); @@ -52,23 +54,23 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t * return rc; } -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_signature( +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign_signature( uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk) { unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); *siglen = _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); + return PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_sign_cyclic(sig, (const csk_t *)sk, digest); } -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_verify( +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_crypto_sign_verify( const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk) { if (siglen != _SIGNATURE_BYTE) { return -1; } unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - return PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + return PQCLEAN_RAINBOWICOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); } diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_hash.c b/crypto_sign/rainbowI-compressed/clean/utils_hash.c similarity index 78% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/utils_hash.c rename to crypto_sign/rainbowI-compressed/clean/utils_hash.c index 3cec9977..22d61016 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_hash.c +++ b/crypto_sign/rainbowI-compressed/clean/utils_hash.c @@ -7,7 +7,7 @@ #include "rainbow_config.h" #include "sha2.h" -static inline int _hash(unsigned char *digest, const unsigned char *m, size_t mlen) { +static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) { sha256(digest, m, mlen); return 0; } @@ -25,14 +25,14 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi n_digest -= _HASH_LEN; while (_HASH_LEN <= n_digest) { - _hash(digest + _HASH_LEN, digest, _HASH_LEN); + h(digest + _HASH_LEN, digest, _HASH_LEN); n_digest -= _HASH_LEN; digest += _HASH_LEN; } unsigned char temp[_HASH_LEN]; if (n_digest) { - _hash(temp, digest, _HASH_LEN); + h(temp, digest, _HASH_LEN); for (size_t i = 0; i < n_digest; i++) { digest[_HASH_LEN + i] = temp[i]; } @@ -40,11 +40,11 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi return 0; } -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(unsigned char *digest, +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen) { unsigned char buf[_HASH_LEN]; - _hash(buf, m, mlen); + h(buf, m, mlen); return expand_hash(digest, len_digest, buf); } diff --git a/crypto_sign/rainbowIIIc-classic/clean/utils_hash.h b/crypto_sign/rainbowI-compressed/clean/utils_hash.h similarity index 78% rename from crypto_sign/rainbowIIIc-classic/clean/utils_hash.h rename to crypto_sign/rainbowI-compressed/clean/utils_hash.h index 7e7babfb..91916356 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/utils_hash.h +++ b/crypto_sign/rainbowI-compressed/clean/utils_hash.h @@ -6,6 +6,6 @@ #include -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); #endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowIIIc-classic/clean/utils_prng.c b/crypto_sign/rainbowI-compressed/clean/utils_prng.c similarity index 92% rename from crypto_sign/rainbowIIIc-classic/clean/utils_prng.c rename to crypto_sign/rainbowI-compressed/clean/utils_prng.c index 7270715c..2c1399db 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/utils_prng.c +++ b/crypto_sign/rainbowI-compressed/clean/utils_prng.c @@ -78,13 +78,13 @@ static int randombytes_with_state(prng_t *state, return 0; } -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { unsigned char seed[48]; if (prng_seedlen >= 48) { memcpy(seed, prng_seed, 48); } else { memcpy(seed, prng_seed, prng_seedlen); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); + PQCLEAN_RAINBOWICOMPRESSED_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); } randombytes_init_with_state(ctx, seed); @@ -92,6 +92,6 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed return 0; } -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { return randombytes_with_state(ctx, out, outlen); } diff --git a/crypto_sign/rainbowIIIc-classic/clean/utils_prng.h b/crypto_sign/rainbowI-compressed/clean/utils_prng.h similarity index 73% rename from crypto_sign/rainbowIIIc-classic/clean/utils_prng.h rename to crypto_sign/rainbowI-compressed/clean/utils_prng.h index 6b4999c7..98164c91 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/utils_prng.h +++ b/crypto_sign/rainbowI-compressed/clean/utils_prng.h @@ -12,7 +12,7 @@ typedef struct { unsigned char V[16]; } prng_t; -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); +int PQCLEAN_RAINBOWICOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); #endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowIII-circumzenithal/META.yml b/crypto_sign/rainbowIII-circumzenithal/META.yml new file mode 100644 index 00000000..f6c942b9 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/META.yml @@ -0,0 +1,20 @@ +name: "RAINBOW(256,68,32,48) - circumzenithal" +type: signature +claimed-nist-level: 3 +length-public-key: 264608 +length-secret-key: 626048 +length-signature: 164 +nistkat-sha256: 1b5cbbdef12492ba8176309a44461d3d64a05b049f78edb85af1d166f4b64f32 +testvectors-sha256: de0cb0aabde2f779bffde09af2bde4b0b125cbbe9491551869e39051b94a2183 +principal-submitters: + - Jintai Ding +auxiliary-submitters: + - Ming-Shing Chen + - Matthias Kannwischer + - Jacques Patarin + - Albrecht Petzoldt + - Dieter Schmidt + - Bo-Yin Yang +implementations: + - name: clean + version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263 diff --git a/crypto_sign/rainbowIa-classic/clean/LICENSE b/crypto_sign/rainbowIII-circumzenithal/clean/LICENSE similarity index 100% rename from crypto_sign/rainbowIa-classic/clean/LICENSE rename to crypto_sign/rainbowIII-circumzenithal/clean/LICENSE diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/Makefile b/crypto_sign/rainbowIII-circumzenithal/clean/Makefile new file mode 100644 index 00000000..5b429222 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/Makefile @@ -0,0 +1,21 @@ +# This Makefile can be used with GNU Make or BSD Make + +LIB=librainbowIII-circumzenithal_clean.a + +HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h +OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o + + +CFLAGS=-O3 -Wall -Wconversion -Wextra -Wpedantic -Wvla -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS) + +all: $(LIB) + +%.o: %.c $(HEADERS) + $(CC) $(CFLAGS) -c -o $@ $< + +$(LIB): $(OBJECTS) + $(AR) -r $@ $(OBJECTS) + +clean: + $(RM) $(OBJECTS) + $(RM) $(LIB) diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowIII-circumzenithal/clean/Makefile.Microsoft_nmake new file mode 100644 index 00000000..18d4fbf7 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/Makefile.Microsoft_nmake @@ -0,0 +1,19 @@ +# This Makefile can be used with Microsoft Visual Studio's nmake using the command: +# nmake /f Makefile.Microsoft_nmake + +LIBRARY=librainbowIII-circumzenithal_clean.lib +OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj + +CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX + +all: $(LIBRARY) + +# Make sure objects are recompiled if headers change. +$(OBJECTS): *.h + +$(LIBRARY): $(OBJECTS) + LIB.EXE /NOLOGO /WX /OUT:$@ $** + +clean: + -DEL $(OBJECTS) + -DEL $(LIBRARY) diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/api.h b/crypto_sign/rainbowIII-circumzenithal/clean/api.h new file mode 100644 index 00000000..25f21f69 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/api.h @@ -0,0 +1,32 @@ +#ifndef PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_API_H +#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_API_H + +#include +#include + +#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_CRYPTO_SECRETKEYBYTES 626048 +#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_CRYPTO_PUBLICKEYBYTES 264608 +#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_CRYPTO_BYTES 164 +#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,32,48) - circumzenithal" + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); + + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk); + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk); + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, + const uint8_t *m, size_t mlen, + const uint8_t *sk); + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, + const uint8_t *sm, size_t smlen, + const uint8_t *pk); + + +#endif diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/blas.c b/crypto_sign/rainbowIII-circumzenithal/clean/blas.c new file mode 100644 index 00000000..858bf3d1 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/blas.c @@ -0,0 +1,31 @@ +#include "blas.h" +#include "gf.h" + +#include + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { + uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= (a[i] & pr_u8); + } +} + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= a[i]; + } +} + + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + a[i] = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a[i], b); + } +} + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_c[i] ^= PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a[i], gf256_b); + } +} + diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/blas.h b/crypto_sign/rainbowIII-circumzenithal/clean/blas.h new file mode 100644 index 00000000..7e114ba2 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/blas.h @@ -0,0 +1,19 @@ +#ifndef _BLAS_H_ +#define _BLAS_H_ +/// @file blas.h +/// @brief Functions for implementing basic linear algebra functions. +/// + +#include "rainbow_config.h" +#include +#include + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); + + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); + + +#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/blas_comm.c b/crypto_sign/rainbowIII-circumzenithal/clean/blas_comm.c new file mode 100644 index 00000000..e63dc760 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/blas_comm.c @@ -0,0 +1,144 @@ +/// @file blas_comm.c +/// @brief The standard implementations for blas_comm.h +/// + +#include "blas_comm.h" +#include "blas.h" +#include "gf.h" +#include "rainbow_config.h" + +#include +#include + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + b[i] = 0; + } +} +/// @brief get an element from GF(256) vector . +/// +/// @param[in] a - the input vector a. +/// @param[in] i - the index in the vector a. +/// @return the value of the element. +/// +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { + return a[i]; +} + +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { + uint8_t r = 0; + while (_num_byte--) { + r |= a[0]; + a++; + } + return (0 == r); +} + +/// polynomial multplication +/// School boook +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, _num * 2 - 1); + for (unsigned int i = 0; i < _num; i++) { + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(c + i, a, b[i], _num); + } +} + +static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_A_vec_byte); + for (unsigned int i = 0; i < n_A_width; i++) { + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); + matA += n_A_vec_byte; + } +} + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { + unsigned int n_vec_byte = len_vec; + for (unsigned int k = 0; k < len_vec; k++) { + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_vec_byte); + const uint8_t *bk = b + n_vec_byte * k; + for (unsigned int i = 0; i < len_vec; i++) { + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); + } + c += n_vec_byte; + } +} + +static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) { + unsigned int r8 = 1; + + for (unsigned int i = 0; i < h; i++) { + uint8_t *ai = mat + w * i; + unsigned int skip_len_align4 = i & ((unsigned int)~0x3); + + for (unsigned int j = i + 1; j < h; j++) { + uint8_t *aj = mat + w * j; + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); + } + r8 &= PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_is_nonzero(ai[i]); + uint8_t pivot = ai[i]; + pivot = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_inv(pivot); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); + for (unsigned int j = 0; j < h; j++) { + if (i == j) { + continue; + } + uint8_t *aj = mat + w * j; + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); + } + } + + return r8; +} + +static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { + uint8_t mat[64 * 64]; + for (unsigned int i = 0; i < n; i++) { + memcpy(mat + i * (n + 1), inp_mat + i * n, n); + mat[i * (n + 1) + n] = c_terms[i]; + } + unsigned int r8 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); + for (unsigned int i = 0; i < n; i++) { + sol[i] = mat[i * (n + 1) + n]; + } + return r8; +} + +static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) { + for (unsigned int i = 0; i < h; i++) { + for (unsigned int j = 0; j < w2; j++) { + mat2[i * w2 + j] = mat[i * w + st + j]; + } + } +} + +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { + uint8_t *aa = buffer; + for (unsigned int i = 0; i < H; i++) { + uint8_t *ai = aa + i * 2 * H; + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(ai, 2 * H); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(ai, a + i * H, H); + ai[H + i] = 1; + } + unsigned int r8 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); + gf256mat_submat(inv_a, H, H, aa, 2 * H, H); + return r8; +} + + +// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE + +#define gf256mat_prod_impl gf256mat_prod_ref +#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref +#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { + gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); +} + +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { + return gf256mat_gauss_elim_impl(mat, h, w); +} + +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { + return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); +} + diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/blas_comm.h b/crypto_sign/rainbowIII-circumzenithal/clean/blas_comm.h new file mode 100644 index 00000000..3130149d --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/blas_comm.h @@ -0,0 +1,90 @@ +#ifndef _BLAS_COMM_H_ +#define _BLAS_COMM_H_ +/// @file blas_comm.h +/// @brief Common functions for linear algebra. +/// + +#include "rainbow_config.h" +#include + +/// @brief set a vector to 0. +/// +/// @param[in,out] b - the vector b. +/// @param[in] _num_byte - number of bytes for the vector b. +/// +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); + +/// @brief get an element from GF(256) vector . +/// +/// @param[in] a - the input vector a. +/// @param[in] i - the index in the vector a. +/// @return the value of the element. +/// +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); + +/// @brief check if a vector is 0. +/// +/// @param[in] a - the vector a. +/// @param[in] _num_byte - number of bytes for the vector a. +/// @return 1(true) if a is 0. 0(false) else. +/// +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); + +/// @brief polynomial multiplication: c = a*b +/// +/// @param[out] c - the output polynomial c +/// @param[in] a - the vector a. +/// @param[in] b - the vector b. +/// @param[in] _num - number of elements for the polynomials a and b. +/// +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); + +/// @brief matrix-vector multiplication: c = matA * b , in GF(256) +/// +/// @param[out] c - the output vector c +/// @param[in] matA - a column-major matrix A. +/// @param[in] n_A_vec_byte - the size of column vectors in bytes. +/// @param[in] n_A_width - the width of matrix A. +/// @param[in] b - the vector b. +/// +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); + +/// @brief matrix-matrix multiplication: c = a * b , in GF(256) +/// +/// @param[out] c - the output matrix c +/// @param[in] c - a matrix a. +/// @param[in] b - a matrix b. +/// @param[in] len_vec - the length of column vectors. +/// +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); + +/// @brief Gauss elimination for a matrix, in GF(256) +/// +/// @param[in,out] mat - the matrix. +/// @param[in] h - the height of the matrix. +/// @param[in] w - the width of the matrix. +/// @return 1(true) if success. 0(false) if the matrix is singular. +/// +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); + +/// @brief Solving linear equations, in GF(256) +/// +/// @param[out] sol - the solutions. +/// @param[in] inp_mat - the matrix parts of input equations. +/// @param[in] c_terms - the constant terms of the input equations. +/// @param[in] n - the number of equations. +/// @return 1(true) if success. 0(false) if the matrix is singular. +/// +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); + +/// @brief Computing the inverse matrix, in GF(256) +/// +/// @param[out] inv_a - the output of matrix a. +/// @param[in] a - a matrix a. +/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix. +/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. +/// @return 1(true) if success. 0(false) if the matrix is singular. +/// +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); + +#endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/gf.c b/crypto_sign/rainbowIII-circumzenithal/clean/gf.c similarity index 71% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/gf.c rename to crypto_sign/rainbowIII-circumzenithal/clean/gf.c index 1b615926..b93c9a4b 100644 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/gf.c +++ b/crypto_sign/rainbowIII-circumzenithal/clean/gf.c @@ -17,7 +17,7 @@ static inline uint8_t gf4_squ(uint8_t a) { } //// gf16 := gf4[y]/y^2+y+x -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 3; uint8_t a1 = (a >> 2); uint8_t b0 = b & 3; @@ -37,7 +37,7 @@ static inline uint8_t gf16_squ(uint8_t a) { return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); } -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a) { +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_is_nonzero(uint8_t a) { unsigned int a8 = a; unsigned int r = ((unsigned int)0) - a8; r >>= 8; @@ -55,14 +55,14 @@ static inline uint8_t gf16_mul_8(uint8_t a) { } // gf256 := gf16[X]/X^2+X+xy -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 15; uint8_t a1 = (a >> 4); uint8_t b0 = b & 15; uint8_t b1 = (b >> 4); - uint8_t a0b0 = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf16_mul(a0, b0); - uint8_t a1b1 = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf16_mul(a1, b1); - uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; + uint8_t a0b0 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(a0, b0); + uint8_t a1b1 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(a1, b1); + uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; uint8_t a1b1_x8 = gf16_mul_8(a1b1); return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8); } @@ -75,17 +75,17 @@ static inline uint8_t gf256_squ(uint8_t a) { return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0)); } -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_inv(uint8_t a) { +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_inv(uint8_t a) { // 128+64+32+16+8+4+2 = 254 uint8_t a2 = gf256_squ(a); uint8_t a4 = gf256_squ(a2); uint8_t a8 = gf256_squ(a4); - uint8_t a4_2 = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_mul(a4, a2); - uint8_t a8_4_2 = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_mul(a4_2, a8); + uint8_t a4_2 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a4, a2); + uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a4_2, a8); uint8_t a64_ = gf256_squ(a8_4_2); a64_ = gf256_squ(a64_); a64_ = gf256_squ(a64_); - uint8_t a64_2 = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_mul(a64_, a8_4_2); + uint8_t a64_2 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a64_, a8_4_2); uint8_t a128_ = gf256_squ(a64_2); - return PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_mul(a2, a128_); + return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a2, a128_); } diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/gf.h b/crypto_sign/rainbowIII-circumzenithal/clean/gf.h new file mode 100644 index 00000000..75e80cc7 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/gf.h @@ -0,0 +1,19 @@ +#ifndef _GF16_H_ +#define _GF16_H_ + +#include "rainbow_config.h" +#include + +/// @file gf16.h +/// @brief Library for arithmetics in GF(16) and GF(256) +/// + +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b); + + +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_is_nonzero(uint8_t a); +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_inv(uint8_t a); +uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(uint8_t a, uint8_t b); + + +#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/parallel_matrix_op.c b/crypto_sign/rainbowIII-circumzenithal/clean/parallel_matrix_op.c similarity index 58% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/parallel_matrix_op.c rename to crypto_sign/rainbowIII-circumzenithal/clean/parallel_matrix_op.c index 7083c961..50298156 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/parallel_matrix_op.c +++ b/crypto_sign/rainbowIII-circumzenithal/clean/parallel_matrix_op.c @@ -16,7 +16,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; } @@ -30,25 +30,25 @@ unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(unsigned int /// static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { if (i_row > j_col) { - return PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(j_col, i_row, n_var); + return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(j_col, i_row, n_var); } - return PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(i_row, j_col, n_var); + return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i_row, j_col, n_var); } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { unsigned char *runningC = btriC; unsigned int Aheight = Awidth; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < i; j++) { - unsigned int idx = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(j, i, Aheight); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); + unsigned int idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(j, i, Aheight); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); } - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); runningC += size_batch * (Aheight - i); } } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; unsigned int Aheight = Awidth; @@ -58,7 +58,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned cha if (k < i) { continue; } - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -66,7 +66,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned cha } } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -75,14 +75,14 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned c if (i < k) { continue; } - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -91,46 +91,46 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned ch if (i == k) { continue; } - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { unsigned int Atr_height = Awidth; unsigned int Atr_width = Aheight; for (unsigned int i = 0; i < Atr_height; i++) { for (unsigned int j = 0; j < Atr_width; j++) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); } bC += size_batch * Bwidth; } } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { const unsigned char *bA = bA_to_tr; unsigned int Aheight = Awidth_before_tr; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -138,45 +138,46 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char * } } -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, - const unsigned char *x, unsigned int dim_x, unsigned int size_batch) { - unsigned char tmp[128]; - - unsigned char _x[128]; - for (unsigned int i = 0; i < dim_x; i++) { - _x[i] = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(x, i); - } - unsigned char _y[128]; - for (unsigned int i = 0; i < dim_y; i++) { - _y[i] = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(y, i); - } - - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(z, size_batch); - for (unsigned int i = 0; i < dim_y; i++) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); - for (unsigned int j = 0; j < dim_x; j++) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(tmp, mat, _x[j], size_batch); - mat += size_batch; - } - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(z, tmp, _y[i], size_batch); - } -} - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { unsigned char tmp[256]; unsigned char _x[256]; for (unsigned int i = 0; i < dim; i++) { - _x[i] = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(x, i); } - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(y, size_batch); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(y, size_batch); for (unsigned int i = 0; i < dim; i++) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = i; j < dim; j++) { - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(tmp, trimat, _x[j], size_batch); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); trimat += size_batch; } - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(y, tmp, _x[i], size_batch); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); } } + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, + const unsigned char *x, unsigned dim_x, unsigned size_batch) { + unsigned char tmp[128]; + + unsigned char _x[128]; + for (unsigned int i = 0; i < dim_x; i++) { + _x[i] = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(x, i); + } + unsigned char _y[128]; + for (unsigned int i = 0; i < dim_y; i++) { + _y[i] = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(y, i); + } + + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(z, size_batch); + for (unsigned int i = 0; i < dim_y; i++) { + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch); + for (unsigned int j = 0; j < dim_x; j++) { + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); + mat += size_batch; + } + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); + } +} + diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/parallel_matrix_op.h b/crypto_sign/rainbowIII-circumzenithal/clean/parallel_matrix_op.h similarity index 85% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/parallel_matrix_op.h rename to crypto_sign/rainbowIII-circumzenithal/clean/parallel_matrix_op.h index 6ce3d8c6..9d576710 100644 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/parallel_matrix_op.h +++ b/crypto_sign/rainbowIII-circumzenithal/clean/parallel_matrix_op.h @@ -15,7 +15,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); +unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); /// /// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. @@ -25,7 +25,7 @@ unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(unsigned int /// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); //////////////////// Section: matrix multiplications /////////////////////////////// @@ -40,7 +40,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btri /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -54,7 +54,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned cha /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -68,7 +68,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned ch /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -82,7 +82,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -96,7 +96,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -110,7 +110,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned ch /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -125,7 +125,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -141,7 +141,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -157,7 +157,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned cha /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -172,7 +172,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned cha /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -187,7 +187,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned ch /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -202,7 +202,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char * /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); //////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// @@ -216,7 +216,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief y = x^Tr * trimat * x , in GF(256) @@ -227,7 +227,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigne /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief z = y^Tr * mat * x , in GF(16) @@ -240,7 +240,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsign /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); /// @@ -254,7 +254,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigne /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); #endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/rainbow.c b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow.c new file mode 100644 index 00000000..0f8265cb --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow.c @@ -0,0 +1,173 @@ +/// @file rainbow.c +/// @brief The standard implementations for functions in rainbow.h +/// + +#include "blas.h" +#include "parallel_matrix_op.h" +#include "rainbow.h" +#include "rainbow_blas.h" +#include "rainbow_config.h" +#include "rainbow_keypair.h" +#include "utils_hash.h" +#include "utils_prng.h" +#include +#include +#include + +#define MAX_ATTEMPT_FRMAT 128 + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { + uint8_t mat_l1[_O1 * _O1_BYTE]; + uint8_t mat_l2[_O2 * _O2_BYTE]; + uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; + + // setup PRNG + prng_t prng_sign; + uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN]; + memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); + memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest + uint8_t prng_seed[_HASH_LEN]; + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) + for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { + prng_preseed[i] ^= prng_preseed[i]; // clean + } + for (unsigned int i = 0; i < _HASH_LEN; i++) { + prng_seed[i] ^= prng_seed[i]; // clean + } + + // roll vinegars. + uint8_t vinegar[_V1_BYTE]; + unsigned int n_attempt = 0; + unsigned int l1_succ = 0; + while (!l1_succ) { + if (MAX_ATTEMPT_FRMAT <= n_attempt) { + break; + } + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars + gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 + l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable + n_attempt++; + } + + // Given the vinegars, pre-compute variables needed for layer 2 + uint8_t r_l1_F1[_O1_BYTE] = {0}; + uint8_t r_l2_F1[_O2_BYTE] = {0}; + batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE); + batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE); + uint8_t mat_l2_F3[_O2 * _O2_BYTE]; + uint8_t mat_l2_F2[_O1 * _O2_BYTE]; + gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar); + gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar); + + // Some local variables. + uint8_t _z[_PUB_M_BYTE]; + uint8_t y[_PUB_M_BYTE]; + uint8_t *x_v1 = vinegar; + uint8_t x_o1[_O1_BYTE]; + uint8_t x_o2[_O2_BYTE]; + + uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; + memcpy(digest_salt, _digest, _HASH_LEN); + uint8_t *salt = digest_salt + _HASH_LEN; + + uint8_t temp_o[_MAX_O_BYTE + 32] = {0}; + unsigned int succ = 0; + while (!succ) { + if (MAX_ATTEMPT_FRMAT <= n_attempt) { + break; + } + // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w + + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) + + // y = S^-1 * z + memcpy(y, _z, _PUB_M_BYTE); // identity part of S + gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); + + // Central Map: + // layer 1: calculate x_o1 + memcpy(temp_o, r_l1_F1, _O1_BYTE); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); + gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); + + // layer 2: calculate x_o2 + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); + gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 + batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); + + // generate the linear equations of the 2nd layer + gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 + succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); + gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs + + n_attempt++; + }; + // w = T^-1 * y + uint8_t w[_PUB_N_BYTE]; + // identity part of T. + memcpy(w, x_v1, _V1_BYTE); + memcpy(w + _V1_BYTE, x_o1, _O1_BYTE); + memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); + // Computing the t1 part. + gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE); + // Computing the t4 part. + gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE); + // Computing the t3 part. + gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); + + memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 + // clean + memset(&prng_sign, 0, sizeof(prng_t)); + memset(vinegar, 0, _V1_BYTE); + memset(r_l1_F1, 0, _O1_BYTE); + memset(r_l2_F1, 0, _O2_BYTE); + memset(_z, 0, _PUB_M_BYTE); + memset(y, 0, _PUB_M_BYTE); + memset(x_o1, 0, _O1_BYTE); + memset(x_o2, 0, _O2_BYTE); + memset(temp_o, 0, sizeof(temp_o)); + + // return: copy w and salt to the signature. + if (MAX_ATTEMPT_FRMAT <= n_attempt) { + return -1; + } + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); + return 0; +} + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { + unsigned char digest_ck[_PUB_M_BYTE]; + // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. + batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); + + unsigned char correct[_PUB_M_BYTE]; + unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; + memcpy(digest_salt, digest, _HASH_LEN); + memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) + + // check consistancy. + unsigned char cc = 0; + for (unsigned int i = 0; i < _PUB_M_BYTE; i++) { + cc |= (digest_ck[i] ^ correct[i]); + } + return (0 == cc) ? 0 : -1; +} + + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { + unsigned char pk[sizeof(pk_t) + 32]; + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. + return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); +} diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow.h b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow.h similarity index 70% rename from crypto_sign/rainbowIIIc-cyclic/clean/rainbow.h rename to crypto_sign/rainbowIII-circumzenithal/clean/rainbow.h index 08353041..95c02d08 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow.h +++ b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow.h @@ -16,7 +16,7 @@ /// @param[in] sk - the secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); /// /// @brief Verifying function. @@ -26,7 +26,7 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t /// @param[in] pk - the public key. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); /// @@ -37,6 +37,6 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const /// @param[in] pk - the public key of cyclic rainbow. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); #endif // _RAINBOW_H_ diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_blas.h b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_blas.h new file mode 100644 index 00000000..d7275d52 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_blas.h @@ -0,0 +1,32 @@ +#ifndef _RAINBOW_BLAS_H_ +#define _RAINBOW_BLAS_H_ +/// @file rainbow_blas.h +/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h +/// +/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h + +#include "blas.h" +#include "blas_comm.h" +#include "parallel_matrix_op.h" +#include "rainbow_config.h" + + +#define gfv_get_ele PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele +#define gfv_mul_scalar PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_mul_scalar +#define gfv_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd + +#define gfmat_prod PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_prod +#define gfmat_inv PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_inv + +#define batch_trimat_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256 +#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256 +#define batch_2trimat_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256 +#define batch_matTr_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256 +#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256 +#define batch_mat_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256 + +#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256 +#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256 + + +#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIIIc-classic/clean/rainbow_config.h b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_config.h similarity index 95% rename from crypto_sign/rainbowIIIc-classic/clean/rainbow_config.h rename to crypto_sign/rainbowIII-circumzenithal/clean/rainbow_config.h index b8bb361d..f3cbb700 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/rainbow_config.h +++ b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_config.h @@ -7,9 +7,9 @@ #define _GFSIZE 256 #define _V1 68 -#define _O1 36 -#define _O2 36 -#define _MAX_O 36 +#define _O1 32 +#define _O2 48 +#define _MAX_O 48 #define _HASH_LEN 48 diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair.c b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair.c similarity index 54% rename from crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair.c rename to crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair.c index 50450e00..33fd81b2 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair.c +++ b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair.c @@ -12,52 +12,81 @@ #include #include -static void generate_S_T(unsigned char *s_and_t, prng_t *prng0) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // S1 - s_and_t += _O1_BYTE * _O2; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O1); // T1 - s_and_t += _V1_BYTE * _O1; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O2); // T2 - s_and_t += _V1_BYTE * _O2; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // T3 +static +void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) { + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->s1); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t1); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t4); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t3); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); } -static unsigned int generate_l1_F12(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); // l1_F1 - sk += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * _V1 * _O1); // l1_F2 - n_byte_generated += _O1_BYTE * _V1 * _O1; +static +unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l1_F1); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l1_F2); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + return n_byte_generated; } -static unsigned int generate_l2_F12356(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // l2_F1 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_V1); +static +unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O1); // l2_F2 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F1); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O2); // l2_F3 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F2); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // l2_F5 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_O1); + size = sizeof(_sk->l2_F3); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _O1 * _O2); // l2_F6 - n_byte_generated += _O2_BYTE * _O1 * _O2; + size = sizeof(_sk->l2_F5); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F6); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; return n_byte_generated; } + static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { sk += generate_l1_F12(sk, prng0); generate_l2_F12356(sk, prng0); @@ -69,7 +98,7 @@ static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t4 = t2_to_t4; for (unsigned int i = 0; i < _O2; i++) { /// t3 width gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(t4, temp, _V1_BYTE); t4 += _V1_BYTE; t3 += _O1_BYTE; } @@ -79,7 +108,7 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ unsigned char temp[_O1_BYTE + 32]; while (n_terms--) { gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); l1_polys += _O1_BYTE; l2_polys += _O2_BYTE; } @@ -89,14 +118,14 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ ///////////////////// Cyclic ////////////////////////////////// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(pk->pk_seed, pk_seed, LEN_PKSEED); memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); // prng for sk prng_t prng; prng_t *prng0 = &prng; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); generate_S_T(sk->s1, prng0); // S,T: only a part of sk unsigned char t2[sizeof(sk->t4)]; @@ -107,18 +136,18 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk sk_t inst_Qs; sk_t *Qs = &inst_Qs; prng_t *prng1 = &prng; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1); obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1); // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6. - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T unsigned char t4[sizeof(sk->t4)]; memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4 memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2 - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4 obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1); @@ -132,7 +161,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { // procedure: cpk_t --> extcpk_t --> pk_t // convert from cpk_t to extcpk_t @@ -140,7 +169,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { // setup prng prng_t prng0; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); // generating parts of key with prng generate_l1_F12(pk.l1_Q1, &prng0); @@ -153,5 +182,5 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); // convert from extcpk_t to pk_t - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_extcpk_to_pk(rpk, &pk); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_extcpk_to_pk(rpk, &pk); } diff --git a/crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair.h b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair.h similarity index 93% rename from crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair.h rename to crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair.h index 3490ea05..c042135c 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair.h +++ b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair.h @@ -77,7 +77,7 @@ typedef struct rainbow_secretkey_cyclic { /// @param[in] pk_seed - seed for generating parts of public key. /// @param[in] sk_seed - seed for generating secret key. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); @@ -89,6 +89,6 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, /// @param[out] pk - the classic public key. /// @param[in] cpk - the cyclic public key. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); #endif // _RAINBOW_KEYPAIR_H_ diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair_computation.c new file mode 100644 index 00000000..57ca52c7 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair_computation.c @@ -0,0 +1,213 @@ +/// @file rainbow_keypair_computation.c +/// @brief Implementations for functions in rainbow_keypair_computation.h +/// + +#include "rainbow_keypair_computation.h" +#include "blas.h" +#include "blas_comm.h" +#include "rainbow_blas.h" +#include "rainbow_keypair.h" +#include +#include +#include + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { + const unsigned char *idx_l1 = cpk->l1_Q1; + const unsigned char *idx_l2 = cpk->l2_Q1; + for (unsigned int i = 0; i < _V1; i++) { + for (unsigned int j = i; j < _V1; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q2; + idx_l2 = cpk->l2_Q2; + for (unsigned int i = 0; i < _V1; i++) { + for (unsigned int j = _V1; j < _V1 + _O1; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q3; + idx_l2 = cpk->l2_Q3; + for (unsigned int i = 0; i < _V1; i++) { + for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q5; + idx_l2 = cpk->l2_Q5; + for (unsigned int i = _V1; i < _V1 + _O1; i++) { + for (unsigned int j = i; j < _V1 + _O1; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q6; + idx_l2 = cpk->l2_Q6; + for (unsigned int i = _V1; i < _V1 + _O1; i++) { + for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q9; + idx_l2 = cpk->l2_Q9; + for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { + for (unsigned int j = i; j < _PUB_N; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } +} + +static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { + // Layer 1 + // F_sk.l1_F1s[i] = Q_pk.l1_F1s[i] + memcpy(Fs->l1_F1, Qs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); + + // F_sk.l1_F2s[i] = ( Q_pk.l1_F1s[i] + Q_pk.l1_F1s[i].transpose() ) * T_sk.t1 + Q_pk.l1_F2s[i] + memcpy(Fs->l1_F2, Qs->l1_F2, _O1_BYTE * _V1 * _O1); + batch_2trimat_madd(Fs->l1_F2, Qs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); + + /* + Layer 2 + computations: + + F_sk.l2_F1s[i] = Q_pk.l2_F1s[i] + + Q1_T1 = Q_pk.l2_F1s[i]*T_sk.t1 + F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1 + F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i] + + Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4 + #Q1_Q1T_T4 = Q1_Q1T * t4 + Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3 + F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] + F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) + + Q_pk.l2_F2s[i].transpose() * t4 + + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i] + + */ + memcpy(Fs->l2_F1, Qs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // F_sk.l2_F1s[i] = Q_pk.l2_F1s[i] + + // F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1 + // F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i] + memcpy(Fs->l2_F2, Qs->l2_F2, _O2_BYTE * _V1 * _O1); + batch_trimat_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q1_T1+ Q2 + + unsigned char tempQ[_O1 * _O1 * _O2_BYTE + 32]; + memset(tempQ, 0, _O1 * _O1 * _O2_BYTE); + batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2) + memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5 + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) + + batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1 + + // Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4 + // Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3 + // F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] + memcpy(Fs->l2_F3, Qs->l2_F3, _V1 * _O2 * _O2_BYTE); + batch_2trimat_madd(Fs->l2_F3, Qs->l2_F1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); // Q1_Q1T_T4 + batch_mat_madd(Fs->l2_F3, Qs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // Q2_T3 + + // F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) + // + Q_pk.l2_F2s[i].transpose() * t4 + // + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i] + memcpy(Fs->l2_F6, Qs->l2_F6, _O1 * _O2 * _O2_BYTE); + batch_matTr_madd(Fs->l2_F6, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F3, _O2, _O2_BYTE); // t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) + batch_2trimat_madd(Fs->l2_F6, Qs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + batch_bmatTr_madd(Fs->l2_F6, Qs->l2_F2, _O1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); +} + +static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { + // Layer 1: Computing Q5, Q3, Q6, Q9 + + // Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) ) + const unsigned char *t2 = Ts->t4; + sk_t tempQ; + memcpy(tempQ.l1_F2, Fs->l1_F2, _O1_BYTE * _V1 * _O1); + batch_trimat_madd(tempQ.l1_F2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2 + memset(tempQ.l2_F1, 0, sizeof(tempQ.l2_F1)); + memset(tempQ.l2_F2, 0, sizeof(tempQ.l2_F2)); + batch_matTr_madd(tempQ.l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, tempQ.l1_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) + memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1)); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 + + /* + F1_T2 = F1 * t2 + F2_T3 = F2 * t3 + F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2 + Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3 + Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2 + Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) ) + */ + memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2); + memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2); + memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2)); + + batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2 + batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F2_T3 + + memset(tempQ.l1_F2, 0, _O1_BYTE * _V1 * _O2); // should be F3. assuming: _O1 >= _O2 + batch_matTr_madd(tempQ.l1_F2, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 + + batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 + + batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2 + batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6 + /* + Layer 2 + Computing Q9: + + F1_T2 = F1 * t2 + F2_T3 = F2 * t3 + Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) ) + */ + sk_t tempQ2; + memcpy(tempQ2.l2_F3, Fs->l2_F3, _O2_BYTE * _V1 * _O2); /// F3 actually. + batch_trimat_madd(tempQ2.l2_F3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3 + batch_mat_madd(tempQ2.l2_F3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3 + F3 + + memset(tempQ.l2_F3, 0, _O2_BYTE * _V1 * _O2); + batch_matTr_madd(tempQ.l2_F3, t2, _V1, _V1_BYTE, _O2, tempQ2.l2_F3, _O2, _O2_BYTE); // T2tr * ( ..... ) + + memcpy(tempQ.l2_F6, Fs->l2_F6, _O2_BYTE * _O1 * _O2); + batch_trimat_madd(tempQ.l2_F6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 + + batch_matTr_madd(tempQ.l2_F3, Ts->t3, _O1, _O1_BYTE, _O2, tempQ.l2_F6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) + memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 +} + +// Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_ +#define calculate_F_from_Q_impl calculate_F_from_Q_ref +#define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { + calculate_F_from_Q_impl(Fs, Qs, Ts); +} + +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { + calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts); +} diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair_computation.h new file mode 100644 index 00000000..bfb862cb --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/rainbow_keypair_computation.h @@ -0,0 +1,71 @@ +#ifndef _RAINBOW_KEYPAIR_COMP_H_ +#define _RAINBOW_KEYPAIR_COMP_H_ +/// @file rainbow_keypair_computation.h +/// @brief Functions for calculating pk/sk while generating keys. +/// +/// Defining an internal structure of public key. +/// Functions for calculating pk/sk for key generation. +/// + +#include "rainbow_keypair.h" + +/// @brief The (internal use) public key for rainbow +/// +/// The (internal use) public key for rainbow. The public +/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9, +/// l2_Q1, .... , l2_Q9. +/// +typedef struct rainbow_extend_publickey { + unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; + unsigned char l1_Q2[_O1_BYTE * _V1 * _O1]; + unsigned char l1_Q3[_O1_BYTE * _V1 * _O2]; + unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)]; + unsigned char l1_Q6[_O1_BYTE * _O1 * _O2]; + unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)]; + + unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; + unsigned char l2_Q2[_O2_BYTE * _V1 * _O1]; + unsigned char l2_Q3[_O2_BYTE * _V1 * _O2]; + unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; + unsigned char l2_Q6[_O2_BYTE * _O1 * _O2]; + unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)]; +} ext_cpk_t; + +/// +/// @brief converting formats of public keys : from ext_cpk_t version to pk_t +/// +/// @param[out] pk - the classic public key. +/// @param[in] cpk - the internel public key. +/// +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); +///////////////////////////////////////////////// + +/// +/// @brief Computing public key from secret key +/// +/// @param[out] Qs - the public key +/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 +/// @param[in] Ts - parts of the secret key: T1, T4, T3 +/// +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); + + +/// +/// @brief Computing parts of the sk from parts of pk and sk +/// +/// @param[out] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 +/// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 +/// @param[in] Ts - parts of the sk: T1, T4, T3 +/// +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); + +/// +/// @brief Computing parts of the pk from the secret key +/// +/// @param[out] Qs - parts of the pk: l1_Q3, l1_Q5, l2_Q6, l1_Q9, l2_Q9 +/// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 +/// @param[in] Ts - parts of the sk: T1, T4, T3 +/// +void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); + +#endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/sign.c b/crypto_sign/rainbowIII-circumzenithal/clean/sign.c new file mode 100644 index 00000000..bc108be2 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/sign.c @@ -0,0 +1,76 @@ +/// @file sign.c +/// @brief the implementations for functions in api.h +/// +/// + +#include "api.h" +#include "rainbow.h" +#include "rainbow_config.h" +#include "rainbow_keypair.h" +#include "randombytes.h" +#include "utils_hash.h" +#include +#include + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { + unsigned char sk_seed[LEN_SKSEED] = {0}; + randombytes(sk_seed, LEN_SKSEED); + + unsigned char pk_seed[LEN_PKSEED] = {0}; + randombytes(pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_generate_keypair_cyclic((cpk_t *)pk, (sk_t *)sk, pk_seed, sk_seed); + return 0; +} + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + + memcpy(sm, m, mlen); + smlen[0] = mlen + _SIGNATURE_BYTE; + + return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { + int rc; + if (_SIGNATURE_BYTE > smlen) { + rc = -1; + } else { + *mlen = smlen - _SIGNATURE_BYTE; + + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); + + rc = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); + } + if (!rc) { + memmove(m, sm, smlen - _SIGNATURE_BYTE); + } else { // bad signature + *mlen = (size_t) -1; + memset(m, 0, smlen); + } + return rc; +} + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + *siglen = _SIGNATURE_BYTE; + return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk) { + if (siglen != _SIGNATURE_BYTE) { + return -1; + } + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); +} diff --git a/crypto_sign/rainbowIIIc-classic/clean/utils_hash.c b/crypto_sign/rainbowIII-circumzenithal/clean/utils_hash.c similarity index 78% rename from crypto_sign/rainbowIIIc-classic/clean/utils_hash.c rename to crypto_sign/rainbowIII-circumzenithal/clean/utils_hash.c index 58948cd9..05d6b572 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/utils_hash.c +++ b/crypto_sign/rainbowIII-circumzenithal/clean/utils_hash.c @@ -7,7 +7,7 @@ #include "rainbow_config.h" #include "sha2.h" -static inline int _hash(unsigned char *digest, const unsigned char *m, size_t mlen) { +static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) { sha384(digest, m, mlen); return 0; } @@ -25,14 +25,14 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi n_digest -= _HASH_LEN; while (_HASH_LEN <= n_digest) { - _hash(digest + _HASH_LEN, digest, _HASH_LEN); + h(digest + _HASH_LEN, digest, _HASH_LEN); n_digest -= _HASH_LEN; digest += _HASH_LEN; } unsigned char temp[_HASH_LEN]; if (n_digest) { - _hash(temp, digest, _HASH_LEN); + h(temp, digest, _HASH_LEN); for (size_t i = 0; i < n_digest; i++) { digest[_HASH_LEN + i] = temp[i]; } @@ -40,11 +40,11 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi return 0; } -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_hash_msg(unsigned char *digest, +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen) { unsigned char buf[_HASH_LEN]; - _hash(buf, m, mlen); + h(buf, m, mlen); return expand_hash(digest, len_digest, buf); } diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/utils_hash.h b/crypto_sign/rainbowIII-circumzenithal/clean/utils_hash.h new file mode 100644 index 00000000..5a13e3f4 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/utils_hash.h @@ -0,0 +1,11 @@ +#ifndef _UTILS_HASH_H_ +#define _UTILS_HASH_H_ +/// @file utils_hash.h +/// @brief the interface for adapting hash functions. +/// + +#include + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); + +#endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/utils_prng.c b/crypto_sign/rainbowIII-circumzenithal/clean/utils_prng.c new file mode 100644 index 00000000..9a381bcb --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/utils_prng.c @@ -0,0 +1,97 @@ +/// @file utils_prng.c +/// @brief The implementation of PRNG related functions. +/// + +#include "utils_prng.h" +#include "aes.h" +#include "randombytes.h" +#include "utils_hash.h" +#include +#include + +static void prng_update(const unsigned char *provided_data, + unsigned char *Key, + unsigned char *V) { + unsigned char temp[48]; + aes256ctx ctx; + aes256_ecb_keyexp(&ctx, Key); + for (int i = 0; i < 3; i++) { + //increment V + for (int j = 15; j >= 0; j--) { + if (V[j] == 0xff) { + V[j] = 0x00; + } else { + V[j]++; + break; + } + } + aes256_ecb(temp + 16 * i, V, 1, &ctx); + } + if (provided_data != NULL) { + for (int i = 0; i < 48; i++) { + temp[i] ^= provided_data[i]; + } + } + aes256_ctx_release(&ctx); + memcpy(Key, temp, 32); + memcpy(V, temp + 32, 16); +} +static void randombytes_init_with_state(prng_t *state, + unsigned char *entropy_input_48bytes) { + memset(state->Key, 0x00, 32); + memset(state->V, 0x00, 16); + prng_update(entropy_input_48bytes, state->Key, state->V); +} + +static int randombytes_with_state(prng_t *state, + unsigned char *x, + size_t xlen) { + + unsigned char block[16]; + int i = 0; + + aes256ctx ctx; + aes256_ecb_keyexp(&ctx, state->Key); + + while (xlen > 0) { + //increment V + for (int j = 15; j >= 0; j--) { + if (state->V[j] == 0xff) { + state->V[j] = 0x00; + } else { + state->V[j]++; + break; + } + } + aes256_ecb(block, state->V, 1, &ctx); + if (xlen > 15) { + memcpy(x + i, block, 16); + i += 16; + xlen -= 16; + } else { + memcpy(x + i, block, xlen); + xlen = 0; + } + } + aes256_ctx_release(&ctx); + prng_update(NULL, state->Key, state->V); + return 0; +} + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { + unsigned char seed[48]; + if (prng_seedlen >= 48) { + memcpy(seed, prng_seed, 48); + } else { + memcpy(seed, prng_seed, prng_seedlen); + PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); + } + + randombytes_init_with_state(ctx, seed); + + return 0; +} + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { + return randombytes_with_state(ctx, out, outlen); +} diff --git a/crypto_sign/rainbowIII-circumzenithal/clean/utils_prng.h b/crypto_sign/rainbowIII-circumzenithal/clean/utils_prng.h new file mode 100644 index 00000000..52cbb4d8 --- /dev/null +++ b/crypto_sign/rainbowIII-circumzenithal/clean/utils_prng.h @@ -0,0 +1,18 @@ +#ifndef _UTILS_PRNG_H_ +#define _UTILS_PRNG_H_ +/// @file utils_prng.h +/// @brief the interface for adapting PRNG functions. +/// +/// + +#include "randombytes.h" + +typedef struct { + unsigned char Key[32]; + unsigned char V[16]; +} prng_t; + +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); +int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); + +#endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowIII-classic/META.yml b/crypto_sign/rainbowIII-classic/META.yml new file mode 100644 index 00000000..1f6e78f4 --- /dev/null +++ b/crypto_sign/rainbowIII-classic/META.yml @@ -0,0 +1,20 @@ +name: "RAINBOW(256,68,32,48) - classic" +type: signature +claimed-nist-level: 3 +length-public-key: 882080 +length-secret-key: 626048 +length-signature: 164 +nistkat-sha256: 1eb9bb6e63cfdbd05a6eaca9989e969fd234b110b67ff7e6373e1af080b35f41 +testvectors-sha256: 79a7c069612ceb35b6d702a20d9cfdffe7923429820bc4019d3ab9b4b23a1b1b +principal-submitters: + - Jintai Ding +auxiliary-submitters: + - Ming-Shing Chen + - Matthias Kannwischer + - Jacques Patarin + - Albrecht Petzoldt + - Dieter Schmidt + - Bo-Yin Yang +implementations: + - name: clean + version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263 diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/LICENSE b/crypto_sign/rainbowIII-classic/clean/LICENSE similarity index 100% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/LICENSE rename to crypto_sign/rainbowIII-classic/clean/LICENSE diff --git a/crypto_sign/rainbowVc-classic/clean/Makefile b/crypto_sign/rainbowIII-classic/clean/Makefile similarity index 95% rename from crypto_sign/rainbowVc-classic/clean/Makefile rename to crypto_sign/rainbowIII-classic/clean/Makefile index 6ba95365..38c2c2f0 100644 --- a/crypto_sign/rainbowVc-classic/clean/Makefile +++ b/crypto_sign/rainbowIII-classic/clean/Makefile @@ -1,6 +1,6 @@ # This Makefile can be used with GNU Make or BSD Make -LIB=librainbowVc-classic_clean.a +LIB=librainbowIII-classic_clean.a HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowIII-classic/clean/Makefile.Microsoft_nmake similarity index 92% rename from crypto_sign/rainbowIIIc-cyclic/clean/Makefile.Microsoft_nmake rename to crypto_sign/rainbowIII-classic/clean/Makefile.Microsoft_nmake index 7412c3b2..f94fcf58 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/Makefile.Microsoft_nmake +++ b/crypto_sign/rainbowIII-classic/clean/Makefile.Microsoft_nmake @@ -1,7 +1,7 @@ # This Makefile can be used with Microsoft Visual Studio's nmake using the command: # nmake /f Makefile.Microsoft_nmake -LIBRARY=librainbowIIIc-cyclic_clean.lib +LIBRARY=librainbowIII-classic_clean.lib OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX diff --git a/crypto_sign/rainbowIII-classic/clean/api.h b/crypto_sign/rainbowIII-classic/clean/api.h new file mode 100644 index 00000000..8b4d1661 --- /dev/null +++ b/crypto_sign/rainbowIII-classic/clean/api.h @@ -0,0 +1,32 @@ +#ifndef PQCLEAN_RAINBOWIIICLASSIC_CLEAN_API_H +#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_API_H + +#include +#include + +#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 626048 +#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 882080 +#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_BYTES 164 +#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,32,48) - classic" + +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); + + +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk); + +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk); + +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, + const uint8_t *m, size_t mlen, + const uint8_t *sk); + +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, + const uint8_t *sm, size_t smlen, + const uint8_t *pk); + + +#endif diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/blas.c b/crypto_sign/rainbowIII-classic/clean/blas.c similarity index 61% rename from crypto_sign/rainbowIIIc-cyclic/clean/blas.c rename to crypto_sign/rainbowIII-classic/clean/blas.c index 687602fd..aaaefdf5 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/blas.c +++ b/crypto_sign/rainbowIII-classic/clean/blas.c @@ -3,29 +3,29 @@ #include -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); for (size_t i = 0; i < _num_byte; i++) { accu_b[i] ^= (a[i] & pr_u8); } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { accu_b[i] ^= a[i]; } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { - a[i] = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_mul(a[i], b); + a[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a[i], b); } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { - accu_c[i] ^= PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_mul(a[i], gf256_b); + accu_c[i] ^= PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a[i], gf256_b); } } diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/blas.h b/crypto_sign/rainbowIII-classic/clean/blas.h similarity index 61% rename from crypto_sign/rainbowIIIc-cyclic/clean/blas.h rename to crypto_sign/rainbowIII-classic/clean/blas.h index 41bd969c..035cec12 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/blas.h +++ b/crypto_sign/rainbowIII-classic/clean/blas.h @@ -8,12 +8,12 @@ #include #include -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); #endif // _BLAS_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/blas_comm.c b/crypto_sign/rainbowIII-classic/clean/blas_comm.c similarity index 71% rename from crypto_sign/rainbowIIIc-cyclic/clean/blas_comm.c rename to crypto_sign/rainbowIII-classic/clean/blas_comm.c index 5666c879..77aedcd5 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/blas_comm.c +++ b/crypto_sign/rainbowIII-classic/clean/blas_comm.c @@ -10,7 +10,7 @@ #include #include -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { for (size_t i = 0; i < _num_byte; i++) { b[i] = 0; } @@ -21,11 +21,11 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _n /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { return a[i]; } -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { uint8_t r = 0; while (_num_byte--) { r |= a[0]; @@ -36,28 +36,28 @@ unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_is_zero(const uint8_t *a, un /// polynomial multplication /// School boook -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1); for (unsigned int i = 0; i < _num; i++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(c + i, a, b[i], _num); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(c + i, a, b[i], _num); } } static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte); for (unsigned int i = 0; i < n_A_width; i++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); matA += n_A_vec_byte; } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { unsigned int n_vec_byte = len_vec; for (unsigned int k = 0; k < len_vec; k++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(c, n_vec_byte); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte); const uint8_t *bk = b + n_vec_byte * k; for (unsigned int i = 0; i < len_vec; i++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); } c += n_vec_byte; } @@ -72,18 +72,18 @@ static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsign for (unsigned int j = i + 1; j < h; j++) { uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); } - r8 &= PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_is_nonzero(ai[i]); + r8 &= PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(ai[i]); uint8_t pivot = ai[i]; - pivot = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_inv(pivot); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); + pivot = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_inv(pivot); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); for (unsigned int j = 0; j < h; j++) { if (i == j) { continue; } uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); } } @@ -96,7 +96,7 @@ static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *in memcpy(mat + i * (n + 1), inp_mat + i * n, n); mat[i * (n + 1) + n] = c_terms[i]; } - unsigned int r8 = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); + unsigned int r8 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); for (unsigned int i = 0; i < n; i++) { sol[i] = mat[i * (n + 1) + n]; } @@ -111,15 +111,15 @@ static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int } } -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { uint8_t *aa = buffer; for (unsigned int i = 0; i < H; i++) { uint8_t *ai = aa + i * 2 * H; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(ai, 2 * H); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(ai, a + i * H, H); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(ai, 2 * H); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(ai, a + i * H, H); ai[H + i] = 1; } - unsigned int r8 = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); + unsigned int r8 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); gf256mat_submat(inv_a, H, H, aa, 2 * H, H); return r8; } @@ -130,15 +130,15 @@ unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const #define gf256mat_prod_impl gf256mat_prod_ref #define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref #define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); } -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { return gf256mat_gauss_elim_impl(mat, h, w); } -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); } diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/blas_comm.h b/crypto_sign/rainbowIII-classic/clean/blas_comm.h similarity index 84% rename from crypto_sign/rainbowIIIc-cyclic/clean/blas_comm.h rename to crypto_sign/rainbowIII-classic/clean/blas_comm.h index 96ac02d7..c21256e7 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/blas_comm.h +++ b/crypto_sign/rainbowIII-classic/clean/blas_comm.h @@ -12,7 +12,7 @@ /// @param[in,out] b - the vector b. /// @param[in] _num_byte - number of bytes for the vector b. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); /// @brief get an element from GF(256) vector . /// @@ -20,7 +20,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _n /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); /// @brief check if a vector is 0. /// @@ -28,7 +28,7 @@ uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigne /// @param[in] _num_byte - number of bytes for the vector a. /// @return 1(true) if a is 0. 0(false) else. /// -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); /// @brief polynomial multiplication: c = a*b /// @@ -37,7 +37,7 @@ unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_is_zero(const uint8_t *a, un /// @param[in] b - the vector b. /// @param[in] _num - number of elements for the polynomials a and b. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); /// @brief matrix-vector multiplication: c = matA * b , in GF(256) /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a /// @param[in] n_A_width - the width of matrix A. /// @param[in] b - the vector b. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); /// @brief matrix-matrix multiplication: c = a * b , in GF(256) /// @@ -56,7 +56,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *ma /// @param[in] b - a matrix b. /// @param[in] len_vec - the length of column vectors. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); /// @brief Gauss elimination for a matrix, in GF(256) /// @@ -65,7 +65,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, /// @param[in] w - the width of the matrix. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); /// @brief Solving linear equations, in GF(256) /// @@ -75,7 +75,7 @@ unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, u /// @param[in] n - the number of equations. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); /// @brief Computing the inverse matrix, in GF(256) /// @@ -85,6 +85,6 @@ unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *s /// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); #endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/gf.c b/crypto_sign/rainbowIII-classic/clean/gf.c similarity index 76% rename from crypto_sign/rainbowIIIc-cyclic/clean/gf.c rename to crypto_sign/rainbowIII-classic/clean/gf.c index f0a05ccb..b6043f9a 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/gf.c +++ b/crypto_sign/rainbowIII-classic/clean/gf.c @@ -17,7 +17,7 @@ static inline uint8_t gf4_squ(uint8_t a) { } //// gf16 := gf4[y]/y^2+y+x -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 3; uint8_t a1 = (a >> 2); uint8_t b0 = b & 3; @@ -37,7 +37,7 @@ static inline uint8_t gf16_squ(uint8_t a) { return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); } -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_is_nonzero(uint8_t a) { +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(uint8_t a) { unsigned int a8 = a; unsigned int r = ((unsigned int)0) - a8; r >>= 8; @@ -55,14 +55,14 @@ static inline uint8_t gf16_mul_8(uint8_t a) { } // gf256 := gf16[X]/X^2+X+xy -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 15; uint8_t a1 = (a >> 4); uint8_t b0 = b & 15; uint8_t b1 = (b >> 4); - uint8_t a0b0 = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf16_mul(a0, b0); - uint8_t a1b1 = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf16_mul(a1, b1); - uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; + uint8_t a0b0 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(a0, b0); + uint8_t a1b1 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(a1, b1); + uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; uint8_t a1b1_x8 = gf16_mul_8(a1b1); return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8); } @@ -75,17 +75,17 @@ static inline uint8_t gf256_squ(uint8_t a) { return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0)); } -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_inv(uint8_t a) { +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_inv(uint8_t a) { // 128+64+32+16+8+4+2 = 254 uint8_t a2 = gf256_squ(a); uint8_t a4 = gf256_squ(a2); uint8_t a8 = gf256_squ(a4); - uint8_t a4_2 = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_mul(a4, a2); - uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_mul(a4_2, a8); + uint8_t a4_2 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a4, a2); + uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a4_2, a8); uint8_t a64_ = gf256_squ(a8_4_2); a64_ = gf256_squ(a64_); a64_ = gf256_squ(a64_); - uint8_t a64_2 = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_mul(a64_, a8_4_2); + uint8_t a64_2 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a64_, a8_4_2); uint8_t a128_ = gf256_squ(a64_2); - return PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_mul(a2, a128_); + return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a2, a128_); } diff --git a/crypto_sign/rainbowIII-classic/clean/gf.h b/crypto_sign/rainbowIII-classic/clean/gf.h new file mode 100644 index 00000000..021c161d --- /dev/null +++ b/crypto_sign/rainbowIII-classic/clean/gf.h @@ -0,0 +1,19 @@ +#ifndef _GF16_H_ +#define _GF16_H_ + +#include "rainbow_config.h" +#include + +/// @file gf16.h +/// @brief Library for arithmetics in GF(16) and GF(256) +/// + +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b); + + +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(uint8_t a); +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_inv(uint8_t a); +uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b); + + +#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/parallel_matrix_op.c b/crypto_sign/rainbowIII-classic/clean/parallel_matrix_op.c similarity index 71% rename from crypto_sign/rainbowIIIc-cyclic/clean/parallel_matrix_op.c rename to crypto_sign/rainbowIII-classic/clean/parallel_matrix_op.c index 6a968627..dae3807d 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/parallel_matrix_op.c +++ b/crypto_sign/rainbowIII-classic/clean/parallel_matrix_op.c @@ -16,7 +16,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; } @@ -30,25 +30,25 @@ unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, u /// static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { if (i_row > j_col) { - return PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(j_col, i_row, n_var); + return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var); } - return PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(i_row, j_col, n_var); + return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var); } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { unsigned char *runningC = btriC; unsigned int Aheight = Awidth; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < i; j++) { - unsigned int idx = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(j, i, Aheight); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); + unsigned int idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(j, i, Aheight); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); runningC += size_batch * (Aheight - i); } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; unsigned int Aheight = Awidth; @@ -58,7 +58,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, if (k < i) { continue; } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -66,7 +66,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -75,14 +75,14 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC if (i < k) { continue; } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -91,46 +91,46 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, if (i == k) { continue; } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { unsigned int Atr_height = Awidth; unsigned int Atr_width = Aheight; for (unsigned int i = 0; i < Atr_height; i++) { for (unsigned int j = 0; j < Atr_width; j++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); } bC += size_batch * Bwidth; } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { const unsigned char *bA = bA_to_tr; unsigned int Aheight = Awidth_before_tr; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -138,46 +138,46 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, con } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { unsigned char tmp[256]; unsigned char _x[256]; for (unsigned int i = 0; i < dim; i++) { - _x[i] = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(x, i); } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(y, size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(y, size_batch); for (unsigned int i = 0; i < dim; i++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = i; j < dim; j++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); trimat += size_batch; } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); } } -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned dim_x, unsigned size_batch) { unsigned char tmp[128]; unsigned char _x[128]; for (unsigned int i = 0; i < dim_x; i++) { - _x[i] = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(x, i); } unsigned char _y[128]; for (unsigned int i = 0; i < dim_y; i++) { - _y[i] = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele(y, i); + _y[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(y, i); } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(z, size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(z, size_batch); for (unsigned int i = 0; i < dim_y; i++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = 0; j < dim_x; j++) { - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); mat += size_batch; } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); } } diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/parallel_matrix_op.h b/crypto_sign/rainbowIII-classic/clean/parallel_matrix_op.h similarity index 91% rename from crypto_sign/rainbowIIIc-cyclic/clean/parallel_matrix_op.h rename to crypto_sign/rainbowIII-classic/clean/parallel_matrix_op.h index 62dd1404..96a874c7 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/parallel_matrix_op.h +++ b/crypto_sign/rainbowIII-classic/clean/parallel_matrix_op.h @@ -15,7 +15,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); +unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); /// /// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. @@ -25,7 +25,7 @@ unsigned int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, u /// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); //////////////////// Section: matrix multiplications /////////////////////////////// @@ -40,7 +40,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_UpperTrianglize(unsigned char *btriC, const /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -54,7 +54,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -68,7 +68,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -82,7 +82,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -96,7 +96,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -110,7 +110,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -125,7 +125,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -141,7 +141,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -157,7 +157,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -172,7 +172,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -187,7 +187,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -202,7 +202,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, cons /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); //////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// @@ -216,7 +216,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, con /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief y = x^Tr * trimat * x , in GF(256) @@ -227,7 +227,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char * /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief z = y^Tr * mat * x , in GF(16) @@ -240,7 +240,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); /// @@ -254,7 +254,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char * /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); #endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow.c b/crypto_sign/rainbowIII-classic/clean/rainbow.c similarity index 76% rename from crypto_sign/rainbowIIIc-cyclic/clean/rainbow.c rename to crypto_sign/rainbowIII-classic/clean/rainbow.c index 840a2603..3d93036f 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow.c +++ b/crypto_sign/rainbowIII-classic/clean/rainbow.c @@ -16,7 +16,7 @@ #define MAX_ATTEMPT_FRMAT 128 -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { uint8_t mat_l1[_O1 * _O1_BYTE]; uint8_t mat_l2[_O2 * _O2_BYTE]; uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; @@ -27,8 +27,8 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest uint8_t prng_seed[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { prng_preseed[i] ^= prng_preseed[i]; // clean } @@ -44,7 +44,7 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t if (MAX_ATTEMPT_FRMAT <= n_attempt) { break; } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable n_attempt++; @@ -65,7 +65,7 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t uint8_t y[_PUB_M_BYTE]; uint8_t *x_v1 = vinegar; uint8_t x_o1[_O1_BYTE]; - uint8_t x_o2[_O1_BYTE]; + uint8_t x_o2[_O2_BYTE]; uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, _digest, _HASH_LEN); @@ -79,31 +79,31 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t } // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) // y = S^-1 * z memcpy(y, _z, _PUB_M_BYTE); // identity part of S gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); // Central Map: // layer 1: calculate x_o1 memcpy(temp_o, r_l1_F1, _O1_BYTE); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); // layer 2: calculate x_o2 - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); // generate the linear equations of the 2nd layer gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs @@ -117,13 +117,13 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); // Computing the t1 part. gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t4 part. gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t3 part. gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 // clean @@ -141,12 +141,12 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t if (MAX_ATTEMPT_FRMAT <= n_attempt) { return -1; } - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); return 0; } -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { unsigned char digest_ck[_PUB_M_BYTE]; // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); @@ -155,7 +155,7 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, digest, _HASH_LEN); memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) // check consistancy. unsigned char cc = 0; @@ -166,8 +166,3 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const } -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { - unsigned char pk[sizeof(pk_t) + 32]; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. - return PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); -} diff --git a/crypto_sign/rainbowIIIc-classic/clean/rainbow.h b/crypto_sign/rainbowIII-classic/clean/rainbow.h similarity index 73% rename from crypto_sign/rainbowIIIc-classic/clean/rainbow.h rename to crypto_sign/rainbowIII-classic/clean/rainbow.h index 9d3aad32..7d72637d 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/rainbow.h +++ b/crypto_sign/rainbowIII-classic/clean/rainbow.h @@ -16,7 +16,7 @@ /// @param[in] sk - the secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); /// /// @brief Verifying function. @@ -26,7 +26,7 @@ int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t /// @param[in] pk - the public key. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); diff --git a/crypto_sign/rainbowIII-classic/clean/rainbow_blas.h b/crypto_sign/rainbowIII-classic/clean/rainbow_blas.h new file mode 100644 index 00000000..c5c54829 --- /dev/null +++ b/crypto_sign/rainbowIII-classic/clean/rainbow_blas.h @@ -0,0 +1,32 @@ +#ifndef _RAINBOW_BLAS_H_ +#define _RAINBOW_BLAS_H_ +/// @file rainbow_blas.h +/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h +/// +/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h + +#include "blas.h" +#include "blas_comm.h" +#include "parallel_matrix_op.h" +#include "rainbow_config.h" + + +#define gfv_get_ele PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele +#define gfv_mul_scalar PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar +#define gfv_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd + +#define gfmat_prod PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_prod +#define gfmat_inv PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_inv + +#define batch_trimat_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf256 +#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf256 +#define batch_2trimat_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf256 +#define batch_matTr_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf256 +#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf256 +#define batch_mat_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf256 + +#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf256 +#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf256 + + +#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_config.h b/crypto_sign/rainbowIII-classic/clean/rainbow_config.h similarity index 95% rename from crypto_sign/rainbowIIIc-cyclic/clean/rainbow_config.h rename to crypto_sign/rainbowIII-classic/clean/rainbow_config.h index b8bb361d..f3cbb700 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_config.h +++ b/crypto_sign/rainbowIII-classic/clean/rainbow_config.h @@ -7,9 +7,9 @@ #define _GFSIZE 256 #define _V1 68 -#define _O1 36 -#define _O2 36 -#define _MAX_O 36 +#define _O1 32 +#define _O2 48 +#define _MAX_O 48 #define _HASH_LEN 48 diff --git a/crypto_sign/rainbowIII-classic/clean/rainbow_keypair.c b/crypto_sign/rainbowIII-classic/clean/rainbow_keypair.c new file mode 100644 index 00000000..63708a9b --- /dev/null +++ b/crypto_sign/rainbowIII-classic/clean/rainbow_keypair.c @@ -0,0 +1,155 @@ +/// @file rainbow_keypair.c +/// @brief implementations of functions in rainbow_keypair.h +/// + +#include "rainbow_keypair.h" +#include "blas.h" +#include "blas_comm.h" +#include "rainbow_blas.h" +#include "rainbow_keypair_computation.h" +#include "utils_prng.h" +#include +#include +#include + +static +void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) { + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->s1); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t1); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t4); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t3); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); +} + + +static +unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l1_F1); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l1_F2); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + + return n_byte_generated; +} + + +static +unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l2_F1); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F2); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F3); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F5); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F6); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + + return n_byte_generated; +} + + +static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { + sk += generate_l1_F12(sk, prng0); + generate_l2_F12356(sk, prng0); +} + +static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) { + // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2 + unsigned char temp[_V1_BYTE + 32]; + unsigned char *t4 = t2_to_t4; + for (unsigned int i = 0; i < _O2; i++) { /// t3 width + gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE); + t4 += _V1_BYTE; + t3 += _O1_BYTE; + } +} + +static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) { + unsigned char temp[_O1_BYTE + 32]; + while (n_terms--) { + gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); + l1_polys += _O1_BYTE; + l2_polys += _O2_BYTE; + } +} + +/////////////////// Classic ////////////////////////////////// + +static void generate_secretkey(sk_t *sk, const unsigned char *sk_seed) { + memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); + + // set up prng + prng_t prng0; + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); + + // generating secret key with prng. + generate_S_T(sk->s1, &prng0); + generate_B1_B2(sk->l1_F1, &prng0); + + // clean prng + memset(&prng0, 0, sizeof(prng_t)); +} + +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) { + generate_secretkey(sk, sk_seed); + + // set up a temporary structure ext_cpk_t for calculating public key. + ext_cpk_t pk; + + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format. + calculate_t4(sk->t4, sk->t1, sk->t3); + + obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1); + obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1); + obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1); + obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1); + obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1); + obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1); + // so far, the pk contains the full pk but in ext_cpk_t format. + + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t. +} + + + diff --git a/crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair.h b/crypto_sign/rainbowIII-classic/clean/rainbow_keypair.h similarity index 94% rename from crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair.h rename to crypto_sign/rainbowIII-classic/clean/rainbow_keypair.h index 3fd34570..1812f885 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair.h +++ b/crypto_sign/rainbowIII-classic/clean/rainbow_keypair.h @@ -52,7 +52,7 @@ typedef struct rainbow_secretkey { /// @param[out] sk - the secret key. /// @param[in] sk_seed - seed for generating the secret key. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed); diff --git a/crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowIII-classic/clean/rainbow_keypair_computation.c similarity index 85% rename from crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair_computation.c rename to crypto_sign/rainbowIII-classic/clean/rainbow_keypair_computation.c index 796b7de2..62367d44 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair_computation.c +++ b/crypto_sign/rainbowIII-classic/clean/rainbow_keypair_computation.c @@ -11,12 +11,12 @@ #include #include -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { const unsigned char *idx_l1 = cpk->l1_Q1; const unsigned char *idx_l2 = cpk->l2_Q1; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = i; j < _V1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -27,7 +27,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cp idx_l2 = cpk->l2_Q2; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cp idx_l2 = cpk->l2_Q3; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -49,7 +49,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cp idx_l2 = cpk->l2_Q5; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = i; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -60,7 +60,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cp idx_l2 = cpk->l2_Q6; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -71,7 +71,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cp idx_l2 = cpk->l2_Q9; for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { for (unsigned int j = i; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -106,11 +106,11 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts // l2_Q5 : _O2_BYTE * _V1 * _O1 // l2_Q9 : _O2_BYTE * _V1 * _O2 - unsigned char tempQ[_O1_BYTE * _O1 * _O1 + 32]; + unsigned char tempQ[_MAX_O_BYTE * _MAX_O * _MAX_O + 32]; memset(tempQ, 0, _O1_BYTE * _O1 * _O1); // l1_Q5 batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q2, _O1, _O1_BYTE); // t1_tr*(F1*T1 + F2) - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5 batch_trimatTr_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // Q2 /* @@ -127,7 +127,7 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts memset(tempQ, 0, _O1_BYTE * _O2 * _O2); // l1_Q9 batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9 + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9 batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 @@ -149,7 +149,7 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts memcpy(Qs->l2_Q5, Fs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); memset(tempQ, 0, _O2_BYTE * _O1 * _O1); // l2_Q5 batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q2, _O1, _O2_BYTE); // t1_tr*(F1*T1 + F2) - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5 batch_trimatTr_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q2 @@ -175,7 +175,7 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts batch_trimat_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 batch_matTr_madd(tempQ, Ts->t3, _O1, _O1_BYTE, _O2, Qs->l2_Q6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9 + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9 batch_trimatTr_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1_F1T_T2 + F2_T3 + F3 // Q3 @@ -184,6 +184,6 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts batch_matTr_madd(Qs->l2_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q3, _O2, _O2_BYTE); // Q6 } #define calculate_Q_from_F_impl calculate_Q_from_F_ref -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { calculate_Q_from_F_impl(Qs, Fs, Ts); } diff --git a/crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowIII-classic/clean/rainbow_keypair_computation.h similarity index 90% rename from crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair_computation.h rename to crypto_sign/rainbowIII-classic/clean/rainbow_keypair_computation.h index d9aa3446..c9add890 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair_computation.h +++ b/crypto_sign/rainbowIII-classic/clean/rainbow_keypair_computation.h @@ -37,7 +37,7 @@ typedef struct rainbow_extend_publickey { /// @param[out] pk - the classic public key. /// @param[in] cpk - the internel public key. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); ///////////////////////////////////////////////// /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cp /// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the secret key: T1, T4, T3 /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); #endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/sign.c b/crypto_sign/rainbowIII-classic/clean/sign.c similarity index 57% rename from crypto_sign/rainbowIIIc-cyclic/clean/sign.c rename to crypto_sign/rainbowIII-classic/clean/sign.c index 72a6ca39..81e3b0f2 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/sign.c +++ b/crypto_sign/rainbowIII-classic/clean/sign.c @@ -12,28 +12,26 @@ #include #include -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { unsigned char sk_seed[LEN_SKSEED] = {0}; randombytes(sk_seed, LEN_SKSEED); - unsigned char pk_seed[LEN_PKSEED] = {0}; - randombytes(pk_seed, LEN_PKSEED); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_generate_keypair_cyclic((cpk_t *)pk, (sk_t *)sk, pk_seed, sk_seed); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed); return 0; } -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); memcpy(sm, m, mlen); smlen[0] = mlen + _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); + return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); } -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { int rc; if (_SIGNATURE_BYTE > smlen) { rc = -1; @@ -41,9 +39,9 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *m *mlen = smlen - _SIGNATURE_BYTE; unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); - rc = PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); + rc = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk); } if (!rc) { memmove(m, sm, smlen - _SIGNATURE_BYTE); @@ -54,23 +52,23 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *m return rc; } -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_signature( +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_signature( uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk) { unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); *siglen = _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); + return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); } -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_verify( +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_verify( const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk) { if (siglen != _SIGNATURE_BYTE) { return -1; } unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - return PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk); } diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/utils_hash.c b/crypto_sign/rainbowIII-classic/clean/utils_hash.c similarity index 78% rename from crypto_sign/rainbowIIIc-cyclic/clean/utils_hash.c rename to crypto_sign/rainbowIII-classic/clean/utils_hash.c index 4219df75..a00c94e5 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/utils_hash.c +++ b/crypto_sign/rainbowIII-classic/clean/utils_hash.c @@ -7,7 +7,7 @@ #include "rainbow_config.h" #include "sha2.h" -static inline int _hash(unsigned char *digest, const unsigned char *m, size_t mlen) { +static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) { sha384(digest, m, mlen); return 0; } @@ -25,14 +25,14 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi n_digest -= _HASH_LEN; while (_HASH_LEN <= n_digest) { - _hash(digest + _HASH_LEN, digest, _HASH_LEN); + h(digest + _HASH_LEN, digest, _HASH_LEN); n_digest -= _HASH_LEN; digest += _HASH_LEN; } unsigned char temp[_HASH_LEN]; if (n_digest) { - _hash(temp, digest, _HASH_LEN); + h(temp, digest, _HASH_LEN); for (size_t i = 0; i < n_digest; i++) { digest[_HASH_LEN + i] = temp[i]; } @@ -40,11 +40,11 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi return 0; } -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(unsigned char *digest, +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen) { unsigned char buf[_HASH_LEN]; - _hash(buf, m, mlen); + h(buf, m, mlen); return expand_hash(digest, len_digest, buf); } diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/utils_hash.h b/crypto_sign/rainbowIII-classic/clean/utils_hash.h similarity index 78% rename from crypto_sign/rainbowIIIc-cyclic/clean/utils_hash.h rename to crypto_sign/rainbowIII-classic/clean/utils_hash.h index 24231e34..a36aa481 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/utils_hash.h +++ b/crypto_sign/rainbowIII-classic/clean/utils_hash.h @@ -6,6 +6,6 @@ #include -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); #endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/utils_prng.c b/crypto_sign/rainbowIII-classic/clean/utils_prng.c similarity index 92% rename from crypto_sign/rainbowIIIc-cyclic/clean/utils_prng.c rename to crypto_sign/rainbowIII-classic/clean/utils_prng.c index 71f14fbd..2bfa1b1a 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/utils_prng.c +++ b/crypto_sign/rainbowIII-classic/clean/utils_prng.c @@ -78,13 +78,13 @@ static int randombytes_with_state(prng_t *state, return 0; } -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { unsigned char seed[48]; if (prng_seedlen >= 48) { memcpy(seed, prng_seed, 48); } else { memcpy(seed, prng_seed, prng_seedlen); - PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); + PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); } randombytes_init_with_state(ctx, seed); @@ -92,6 +92,6 @@ int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, return 0; } -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { return randombytes_with_state(ctx, out, outlen); } diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/utils_prng.h b/crypto_sign/rainbowIII-classic/clean/utils_prng.h similarity index 73% rename from crypto_sign/rainbowIIIc-cyclic/clean/utils_prng.h rename to crypto_sign/rainbowIII-classic/clean/utils_prng.h index 403a4230..40214f42 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/utils_prng.h +++ b/crypto_sign/rainbowIII-classic/clean/utils_prng.h @@ -12,7 +12,7 @@ typedef struct { unsigned char V[16]; } prng_t; -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); +int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); #endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowIII-compressed/META.yml b/crypto_sign/rainbowIII-compressed/META.yml new file mode 100644 index 00000000..98b7bb72 --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/META.yml @@ -0,0 +1,20 @@ +name: "RAINBOW(256,68,32,48) - compressed" +type: signature +claimed-nist-level: 3 +length-public-key: 264608 +length-secret-key: 64 +length-signature: 164 +nistkat-sha256: 8f895e88918df9e26123b5e0be722e952f3603bfc1f6b2859a8155edf3907969 +testvectors-sha256: 3cefa91b4d9fcc17341ca760a3c22329b08f3f1448e049ba3520d5703f90c863 +principal-submitters: + - Jintai Ding +auxiliary-submitters: + - Ming-Shing Chen + - Matthias Kannwischer + - Jacques Patarin + - Albrecht Petzoldt + - Dieter Schmidt + - Bo-Yin Yang +implementations: + - name: clean + version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263 diff --git a/crypto_sign/rainbowIa-cyclic/clean/LICENSE b/crypto_sign/rainbowIII-compressed/clean/LICENSE similarity index 100% rename from crypto_sign/rainbowIa-cyclic/clean/LICENSE rename to crypto_sign/rainbowIII-compressed/clean/LICENSE diff --git a/crypto_sign/rainbowIa-classic/clean/Makefile b/crypto_sign/rainbowIII-compressed/clean/Makefile similarity index 94% rename from crypto_sign/rainbowIa-classic/clean/Makefile rename to crypto_sign/rainbowIII-compressed/clean/Makefile index 3327c0e3..8db488fa 100644 --- a/crypto_sign/rainbowIa-classic/clean/Makefile +++ b/crypto_sign/rainbowIII-compressed/clean/Makefile @@ -1,6 +1,6 @@ # This Makefile can be used with GNU Make or BSD Make -LIB=librainbowIa-classic_clean.a +LIB=librainbowIII-compressed_clean.a HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o diff --git a/crypto_sign/rainbowIII-compressed/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowIII-compressed/clean/Makefile.Microsoft_nmake new file mode 100644 index 00000000..01381c49 --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/Makefile.Microsoft_nmake @@ -0,0 +1,19 @@ +# This Makefile can be used with Microsoft Visual Studio's nmake using the command: +# nmake /f Makefile.Microsoft_nmake + +LIBRARY=librainbowIII-compressed_clean.lib +OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj + +CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX + +all: $(LIBRARY) + +# Make sure objects are recompiled if headers change. +$(OBJECTS): *.h + +$(LIBRARY): $(OBJECTS) + LIB.EXE /NOLOGO /WX /OUT:$@ $** + +clean: + -DEL $(OBJECTS) + -DEL $(LIBRARY) diff --git a/crypto_sign/rainbowIII-compressed/clean/api.h b/crypto_sign/rainbowIII-compressed/clean/api.h new file mode 100644 index 00000000..4c2dd863 --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/api.h @@ -0,0 +1,32 @@ +#ifndef PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_API_H +#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_API_H + +#include +#include + +#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_CRYPTO_SECRETKEYBYTES 64 +#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_CRYPTO_PUBLICKEYBYTES 264608 +#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_CRYPTO_BYTES 164 +#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,32,48) - compressed" + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); + + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk); + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk); + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, + const uint8_t *m, size_t mlen, + const uint8_t *sk); + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, + const uint8_t *sm, size_t smlen, + const uint8_t *pk); + + +#endif diff --git a/crypto_sign/rainbowIII-compressed/clean/blas.c b/crypto_sign/rainbowIII-compressed/clean/blas.c new file mode 100644 index 00000000..9ee4f0e5 --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/blas.c @@ -0,0 +1,31 @@ +#include "blas.h" +#include "gf.h" + +#include + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { + uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= (a[i] & pr_u8); + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= a[i]; + } +} + + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + a[i] = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a[i], b); + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_c[i] ^= PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a[i], gf256_b); + } +} + diff --git a/crypto_sign/rainbowIII-compressed/clean/blas.h b/crypto_sign/rainbowIII-compressed/clean/blas.h new file mode 100644 index 00000000..f0eaf12f --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/blas.h @@ -0,0 +1,19 @@ +#ifndef _BLAS_H_ +#define _BLAS_H_ +/// @file blas.h +/// @brief Functions for implementing basic linear algebra functions. +/// + +#include "rainbow_config.h" +#include +#include + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); + + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); + + +#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowVc-classic/clean/blas_comm.c b/crypto_sign/rainbowIII-compressed/clean/blas_comm.c similarity index 55% rename from crypto_sign/rainbowVc-classic/clean/blas_comm.c rename to crypto_sign/rainbowIII-compressed/clean/blas_comm.c index 25ba0604..7d5e7865 100644 --- a/crypto_sign/rainbowVc-classic/clean/blas_comm.c +++ b/crypto_sign/rainbowIII-compressed/clean/blas_comm.c @@ -10,7 +10,7 @@ #include #include -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { for (size_t i = 0; i < _num_byte; i++) { b[i] = 0; } @@ -21,11 +21,11 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _nu /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { return a[i]; } -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { uint8_t r = 0; while (_num_byte--) { r |= a[0]; @@ -36,28 +36,28 @@ unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, uns /// polynomial multplication /// School boook -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(c, _num * 2 - 1); for (unsigned int i = 0; i < _num; i++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(c + i, a, b[i], _num); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(c + i, a, b[i], _num); } } static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(c, n_A_vec_byte); for (unsigned int i = 0; i < n_A_width; i++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); matA += n_A_vec_byte; } } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { unsigned int n_vec_byte = len_vec; for (unsigned int k = 0; k < len_vec; k++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(c, n_vec_byte); const uint8_t *bk = b + n_vec_byte * k; for (unsigned int i = 0; i < len_vec; i++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); } c += n_vec_byte; } @@ -72,18 +72,18 @@ static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsign for (unsigned int j = i + 1; j < h; j++) { uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); } - r8 &= PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_is_nonzero(ai[i]); + r8 &= PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]); uint8_t pivot = ai[i]; - pivot = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_inv(pivot); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); + pivot = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_inv(pivot); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); for (unsigned int j = 0; j < h; j++) { if (i == j) { continue; } uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); } } @@ -96,7 +96,7 @@ static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *in memcpy(mat + i * (n + 1), inp_mat + i * n, n); mat[i * (n + 1) + n] = c_terms[i]; } - unsigned int r8 = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); + unsigned int r8 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); for (unsigned int i = 0; i < n; i++) { sol[i] = mat[i * (n + 1) + n]; } @@ -111,15 +111,15 @@ static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int } } -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { uint8_t *aa = buffer; for (unsigned int i = 0; i < H; i++) { uint8_t *ai = aa + i * 2 * H; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(ai, 2 * H); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(ai, a + i * H, H); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(ai, 2 * H); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(ai, a + i * H, H); ai[H + i] = 1; } - unsigned int r8 = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); + unsigned int r8 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); gf256mat_submat(inv_a, H, H, aa, 2 * H, H); return r8; } @@ -130,15 +130,15 @@ unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const u #define gf256mat_prod_impl gf256mat_prod_ref #define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref #define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); } -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { return gf256mat_gauss_elim_impl(mat, h, w); } -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); } diff --git a/crypto_sign/rainbowVc-classic/clean/blas_comm.h b/crypto_sign/rainbowIII-compressed/clean/blas_comm.h similarity index 71% rename from crypto_sign/rainbowVc-classic/clean/blas_comm.h rename to crypto_sign/rainbowIII-compressed/clean/blas_comm.h index 55be9b5e..de5368c3 100644 --- a/crypto_sign/rainbowVc-classic/clean/blas_comm.h +++ b/crypto_sign/rainbowIII-compressed/clean/blas_comm.h @@ -12,7 +12,7 @@ /// @param[in,out] b - the vector b. /// @param[in] _num_byte - number of bytes for the vector b. /// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); /// @brief get an element from GF(256) vector . /// @@ -20,7 +20,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _nu /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); /// @brief check if a vector is 0. /// @@ -28,7 +28,7 @@ uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned /// @param[in] _num_byte - number of bytes for the vector a. /// @return 1(true) if a is 0. 0(false) else. /// -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); /// @brief polynomial multiplication: c = a*b /// @@ -37,7 +37,7 @@ unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, uns /// @param[in] b - the vector b. /// @param[in] _num - number of elements for the polynomials a and b. /// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); /// @brief matrix-vector multiplication: c = matA * b , in GF(256) /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, /// @param[in] n_A_width - the width of matrix A. /// @param[in] b - the vector b. /// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); /// @brief matrix-matrix multiplication: c = a * b , in GF(256) /// @@ -56,7 +56,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *mat /// @param[in] b - a matrix b. /// @param[in] len_vec - the length of column vectors. /// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); /// @brief Gauss elimination for a matrix, in GF(256) /// @@ -65,7 +65,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, c /// @param[in] w - the width of the matrix. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); /// @brief Solving linear equations, in GF(256) /// @@ -75,7 +75,7 @@ unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, un /// @param[in] n - the number of equations. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); /// @brief Computing the inverse matrix, in GF(256) /// @@ -85,6 +85,6 @@ unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *so /// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); #endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowVc-classic/clean/gf.c b/crypto_sign/rainbowIII-compressed/clean/gf.c similarity index 71% rename from crypto_sign/rainbowVc-classic/clean/gf.c rename to crypto_sign/rainbowIII-compressed/clean/gf.c index 048d1937..5b0967f2 100644 --- a/crypto_sign/rainbowVc-classic/clean/gf.c +++ b/crypto_sign/rainbowIII-compressed/clean/gf.c @@ -17,7 +17,7 @@ static inline uint8_t gf4_squ(uint8_t a) { } //// gf16 := gf4[y]/y^2+y+x -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 3; uint8_t a1 = (a >> 2); uint8_t b0 = b & 3; @@ -37,7 +37,7 @@ static inline uint8_t gf16_squ(uint8_t a) { return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); } -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a) { +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a) { unsigned int a8 = a; unsigned int r = ((unsigned int)0) - a8; r >>= 8; @@ -55,14 +55,14 @@ static inline uint8_t gf16_mul_8(uint8_t a) { } // gf256 := gf16[X]/X^2+X+xy -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 15; uint8_t a1 = (a >> 4); uint8_t b0 = b & 15; uint8_t b1 = (b >> 4); - uint8_t a0b0 = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf16_mul(a0, b0); - uint8_t a1b1 = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf16_mul(a1, b1); - uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; + uint8_t a0b0 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(a0, b0); + uint8_t a1b1 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(a1, b1); + uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; uint8_t a1b1_x8 = gf16_mul_8(a1b1); return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8); } @@ -75,17 +75,17 @@ static inline uint8_t gf256_squ(uint8_t a) { return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0)); } -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_inv(uint8_t a) { +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_inv(uint8_t a) { // 128+64+32+16+8+4+2 = 254 uint8_t a2 = gf256_squ(a); uint8_t a4 = gf256_squ(a2); uint8_t a8 = gf256_squ(a4); - uint8_t a4_2 = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_mul(a4, a2); - uint8_t a8_4_2 = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_mul(a4_2, a8); + uint8_t a4_2 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a4, a2); + uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a4_2, a8); uint8_t a64_ = gf256_squ(a8_4_2); a64_ = gf256_squ(a64_); a64_ = gf256_squ(a64_); - uint8_t a64_2 = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_mul(a64_, a8_4_2); + uint8_t a64_2 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a64_, a8_4_2); uint8_t a128_ = gf256_squ(a64_2); - return PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_mul(a2, a128_); + return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a2, a128_); } diff --git a/crypto_sign/rainbowIII-compressed/clean/gf.h b/crypto_sign/rainbowIII-compressed/clean/gf.h new file mode 100644 index 00000000..1f35c8bb --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/gf.h @@ -0,0 +1,19 @@ +#ifndef _GF16_H_ +#define _GF16_H_ + +#include "rainbow_config.h" +#include + +/// @file gf16.h +/// @brief Library for arithmetics in GF(16) and GF(256) +/// + +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b); + + +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a); +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_inv(uint8_t a); +uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b); + + +#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIII-compressed/clean/parallel_matrix_op.c b/crypto_sign/rainbowIII-compressed/clean/parallel_matrix_op.c new file mode 100644 index 00000000..64d5c33c --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/parallel_matrix_op.c @@ -0,0 +1,183 @@ +/// @file parallel_matrix_op.c +/// @brief the standard implementations for functions in parallel_matrix_op.h +/// +/// the standard implementations for functions in parallel_matrix_op.h +/// + +#include "parallel_matrix_op.h" +#include "blas.h" +#include "blas_comm.h" + +/// +/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. +/// +/// @param[in] i_row - the i-th row in an upper-triangle matrix. +/// @param[in] j_col - the j-th column in an upper-triangle matrix. +/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. +/// @return the corresponding index in an array storage. +/// +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { + return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; +} + +/// +/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix. +/// +/// @param[in] i_row - the i-th row in a triangle matrix. +/// @param[in] j_col - the j-th column in a triangle matrix. +/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix. +/// @return the corresponding index in an array storage. +/// +static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { + if (i_row > j_col) { + return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(j_col, i_row, n_var); + } + return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i_row, j_col, n_var); +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { + unsigned char *runningC = btriC; + unsigned int Aheight = Awidth; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < i; j++) { + unsigned int idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(j, i, Aheight); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); + } + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); + runningC += size_batch * (Aheight - i); + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Awidth = Bheight; + unsigned int Aheight = Awidth; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + if (k < i) { + continue; + } + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + btriA += (Aheight - i) * size_batch; + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Aheight = Bheight; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + if (i < k) { + continue; + } + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Aheight = Bheight; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + if (i == k) { + continue; + } + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, + const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Atr_height = Awidth; + unsigned int Atr_width = Aheight; + for (unsigned int i = 0; i < Atr_height; i++) { + for (unsigned int j = 0; j < Atr_width; j++) { + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); + } + bC += size_batch * Bwidth; + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + const unsigned char *bA = bA_to_tr; + unsigned int Aheight = Awidth_before_tr; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { + unsigned int Awidth = Bheight; + for (unsigned int i = 0; i < Aheight; i++) { + for (unsigned int j = 0; j < Bwidth; j++) { + for (unsigned int k = 0; k < Bheight; k++) { + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + } + bC += size_batch; + } + bA += (Awidth) * size_batch; + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { + unsigned char tmp[256]; + + unsigned char _x[256]; + for (unsigned int i = 0; i < dim; i++) { + _x[i] = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(x, i); + } + + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(y, size_batch); + for (unsigned int i = 0; i < dim; i++) { + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); + for (unsigned int j = i; j < dim; j++) { + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); + trimat += size_batch; + } + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); + } +} + +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, + const unsigned char *x, unsigned dim_x, unsigned size_batch) { + unsigned char tmp[128]; + + unsigned char _x[128]; + for (unsigned int i = 0; i < dim_x; i++) { + _x[i] = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(x, i); + } + unsigned char _y[128]; + for (unsigned int i = 0; i < dim_y; i++) { + _y[i] = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(y, i); + } + + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(z, size_batch); + for (unsigned int i = 0; i < dim_y; i++) { + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); + for (unsigned int j = 0; j < dim_x; j++) { + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); + mat += size_batch; + } + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); + } +} + diff --git a/crypto_sign/rainbowIII-compressed/clean/parallel_matrix_op.h b/crypto_sign/rainbowIII-compressed/clean/parallel_matrix_op.h new file mode 100644 index 00000000..f4a5e3ef --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/parallel_matrix_op.h @@ -0,0 +1,260 @@ +#ifndef _P_MATRIX_OP_H_ +#define _P_MATRIX_OP_H_ +/// @file parallel_matrix_op.h +/// @brief Librarys for operations of batched matrixes. +/// +/// + +//////////////// Section: triangle matrix <-> rectangle matrix /////////////////////////////////// + +/// +/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. +/// +/// @param[in] i_row - the i-th row in an upper-triangle matrix. +/// @param[in] j_col - the j-th column in an upper-triangle matrix. +/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. +/// @return the corresponding index in an array storage. +/// +unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); + +/// +/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. +/// +/// @param[out] btriC - the batched upper-trianglized matrix C. +/// @param[in] bA - a batched retangle matrix A. +/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); + +//////////////////// Section: matrix multiplications /////////////////////////////// + +/// +/// @brief bC += btriA * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += btriA * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += btriA^Tr * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += btriA^Tr * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += (btriA + btriA^Tr) *B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += (btriA + btriA^Tr) *B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += A^Tr * bB , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. +/// @param[in] Aheight - the height of A. +/// @param[in] size_Acolvec - the size of a column vector in A. +/// @param[in] Awidth - the width of A. +/// @param[in] bB - a batched matrix B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, + const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, + const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += A^Tr * bB , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. +/// @param[in] Aheight - the height of A. +/// @param[in] size_Acolvec - the size of a column vector in A. +/// @param[in] Awidth - the width of A. +/// @param[in] bB - a batched matrix B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, + const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, + const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA^Tr * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). +/// @param[in] Awidth_befor_tr - the width of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA^Tr * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). +/// @param[in] Awidth_befor_tr - the width of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA - a batched matrix A. +/// @param[in] Aheigh - the height of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA - a batched matrix A. +/// @param[in] Aheigh - the height of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +//////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// + +/// +/// @brief y = x^Tr * trimat * x , in GF(16) +/// +/// @param[out] y - the returned batched element y. +/// @param[in] trimat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim - the dimension of matrix trimat (and x). +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); + +/// +/// @brief y = x^Tr * trimat * x , in GF(256) +/// +/// @param[out] y - the returned batched element y. +/// @param[in] trimat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim - the dimension of matrix trimat (and x). +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); + +/// +/// @brief z = y^Tr * mat * x , in GF(16) +/// +/// @param[out] z - the returned batched element z. +/// @param[in] y - an input vector y. +/// @param[in] dim_y - the length of y. +/// @param[in] mat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim_x - the length of x. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, + const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); + +/// +/// @brief z = y^Tr * mat * x , in GF(256) +/// +/// @param[out] z - the returned batched element z. +/// @param[in] y - an input vector y. +/// @param[in] dim_y - the length of y. +/// @param[in] mat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim_x - the length of x. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, + const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); + +#endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow.c b/crypto_sign/rainbowIII-compressed/clean/rainbow.c similarity index 64% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow.c rename to crypto_sign/rainbowIII-compressed/clean/rainbow.c index 76fc6879..b2d2ac83 100644 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow.c +++ b/crypto_sign/rainbowIII-compressed/clean/rainbow.c @@ -16,7 +16,7 @@ #define MAX_ATTEMPT_FRMAT 128 -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { uint8_t mat_l1[_O1 * _O1_BYTE]; uint8_t mat_l2[_O2 * _O2_BYTE]; uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; @@ -27,8 +27,8 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, con memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest uint8_t prng_seed[_HASH_LEN]; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { prng_preseed[i] ^= prng_preseed[i]; // clean } @@ -44,7 +44,7 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, con if (MAX_ATTEMPT_FRMAT <= n_attempt) { break; } - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable n_attempt++; @@ -65,7 +65,7 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, con uint8_t y[_PUB_M_BYTE]; uint8_t *x_v1 = vinegar; uint8_t x_o1[_O1_BYTE]; - uint8_t x_o2[_O1_BYTE]; + uint8_t x_o2[_O2_BYTE]; uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, _digest, _HASH_LEN); @@ -79,31 +79,31 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, con } // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) // y = S^-1 * z memcpy(y, _z, _PUB_M_BYTE); // identity part of S gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); // Central Map: // layer 1: calculate x_o1 memcpy(temp_o, r_l1_F1, _O1_BYTE); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); // layer 2: calculate x_o2 - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); // generate the linear equations of the 2nd layer gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs @@ -117,13 +117,13 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, con memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); // Computing the t1 part. gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t4 part. gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t3 part. gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 // clean @@ -141,12 +141,12 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, con if (MAX_ATTEMPT_FRMAT <= n_attempt) { return -1; } - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); return 0; } -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { unsigned char digest_ck[_PUB_M_BYTE]; // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); @@ -155,7 +155,7 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, digest, _HASH_LEN); memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) // check consistancy. unsigned char cc = 0; @@ -166,14 +166,14 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest } /////////////// cyclic version /////////////////////////// -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *csk, const uint8_t *digest) { +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *csk, const uint8_t *digest) { unsigned char sk[sizeof(sk_t) + 32]; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic((sk_t *)sk, csk->pk_seed, csk->sk_seed); // generating classic secret key. - return PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(signature, (sk_t *)sk, digest); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_secretkey_cyclic((sk_t *)sk, csk->pk_seed, csk->sk_seed); // generating classic secret key. + return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign(signature, (sk_t *)sk, digest); } -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { unsigned char pk[sizeof(pk_t) + 32]; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. - return PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. + return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); } diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow.h b/crypto_sign/rainbowIII-compressed/clean/rainbow.h similarity index 69% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow.h rename to crypto_sign/rainbowIII-compressed/clean/rainbow.h index 116735d6..954a3a1b 100644 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow.h +++ b/crypto_sign/rainbowIII-compressed/clean/rainbow.h @@ -16,7 +16,7 @@ /// @param[in] sk - the secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); /// /// @brief Verifying function. @@ -26,7 +26,7 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, con /// @param[in] pk - the public key. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); /// /// @brief Signing function for compressed secret key of the cyclic rainbow. @@ -35,7 +35,7 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest /// @param[in] sk - the compressed secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *sk, const uint8_t *digest); /// /// @brief Verifying function for cyclic public keys. @@ -45,6 +45,6 @@ int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signatu /// @param[in] pk - the public key of cyclic rainbow. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); #endif // _RAINBOW_H_ diff --git a/crypto_sign/rainbowIII-compressed/clean/rainbow_blas.h b/crypto_sign/rainbowIII-compressed/clean/rainbow_blas.h new file mode 100644 index 00000000..cc97b929 --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/rainbow_blas.h @@ -0,0 +1,32 @@ +#ifndef _RAINBOW_BLAS_H_ +#define _RAINBOW_BLAS_H_ +/// @file rainbow_blas.h +/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h +/// +/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h + +#include "blas.h" +#include "blas_comm.h" +#include "parallel_matrix_op.h" +#include "rainbow_config.h" + + +#define gfv_get_ele PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele +#define gfv_mul_scalar PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_mul_scalar +#define gfv_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd + +#define gfmat_prod PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_prod +#define gfmat_inv PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_inv + +#define batch_trimat_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimat_madd_gf256 +#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimatTr_madd_gf256 +#define batch_2trimat_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_2trimat_madd_gf256 +#define batch_matTr_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_matTr_madd_gf256 +#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_bmatTr_madd_gf256 +#define batch_mat_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_mat_madd_gf256 + +#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256 +#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256 + + +#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_config.h b/crypto_sign/rainbowIII-compressed/clean/rainbow_config.h similarity index 95% rename from crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_config.h rename to crypto_sign/rainbowIII-compressed/clean/rainbow_config.h index b8bb361d..f3cbb700 100644 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_config.h +++ b/crypto_sign/rainbowIII-compressed/clean/rainbow_config.h @@ -7,9 +7,9 @@ #define _GFSIZE 256 #define _V1 68 -#define _O1 36 -#define _O2 36 -#define _MAX_O 36 +#define _O1 32 +#define _O2 48 +#define _MAX_O 48 #define _HASH_LEN 48 diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair.c b/crypto_sign/rainbowIII-compressed/clean/rainbow_keypair.c similarity index 52% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair.c rename to crypto_sign/rainbowIII-compressed/clean/rainbow_keypair.c index 614fc9e5..cdd4f184 100644 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair.c +++ b/crypto_sign/rainbowIII-compressed/clean/rainbow_keypair.c @@ -12,52 +12,81 @@ #include #include -static void generate_S_T(unsigned char *s_and_t, prng_t *prng0) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // S1 - s_and_t += _O1_BYTE * _O2; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O1); // T1 - s_and_t += _V1_BYTE * _O1; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O2); // T2 - s_and_t += _V1_BYTE * _O2; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // T3 +static +void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) { + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->s1); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t1); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t4); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t3); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); } -static unsigned int generate_l1_F12(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); // l1_F1 - sk += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O1_BYTE * _V1 * _O1); // l1_F2 - n_byte_generated += _O1_BYTE * _V1 * _O1; +static +unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l1_F1); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l1_F2); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + return n_byte_generated; } -static unsigned int generate_l2_F12356(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // l2_F1 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_V1); +static +unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O1); // l2_F2 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F1); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O2); // l2_F3 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F2); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // l2_F5 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_O1); + size = sizeof(_sk->l2_F3); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _O1 * _O2); // l2_F6 - n_byte_generated += _O2_BYTE * _O1 * _O2; + size = sizeof(_sk->l2_F5); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F6); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; return n_byte_generated; } + static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { sk += generate_l1_F12(sk, prng0); generate_l2_F12356(sk, prng0); @@ -69,7 +98,7 @@ static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t4 = t2_to_t4; for (unsigned int i = 0; i < _O2; i++) { /// t3 width gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(t4, temp, _V1_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(t4, temp, _V1_BYTE); t4 += _V1_BYTE; t3 += _O1_BYTE; } @@ -79,7 +108,7 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ unsigned char temp[_O1_BYTE + 32]; while (n_terms--) { gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); l1_polys += _O1_BYTE; l2_polys += _O2_BYTE; } @@ -89,14 +118,14 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ ///////////////////// Cyclic ////////////////////////////////// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(pk->pk_seed, pk_seed, LEN_PKSEED); memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); // prng for sk prng_t prng; prng_t *prng0 = &prng; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); generate_S_T(sk->s1, prng0); // S,T: only a part of sk unsigned char t2[sizeof(sk->t4)]; @@ -107,18 +136,18 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t inst_Qs; sk_t *Qs = &inst_Qs; prng_t *prng1 = &prng; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1); obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1); // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6. - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T unsigned char t4[sizeof(sk->t4)]; memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4 memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2 - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4 obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1); @@ -131,19 +160,19 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, } -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *rsk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *rsk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(rsk->pk_seed, pk_seed, LEN_PKSEED); memcpy(rsk->sk_seed, sk_seed, LEN_SKSEED); sk_t sk; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(pk, &sk, pk_seed, sk_seed); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_keypair_cyclic(pk, &sk, pk_seed, sk_seed); } -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); // prng for sk prng_t prng0; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); generate_S_T(sk->s1, &prng0); calculate_t4(sk->t4, sk->t1, sk->t3); @@ -151,19 +180,19 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, sk_t inst_Qs; sk_t *Qs = &inst_Qs; prng_t prng1; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_set(&prng1, pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(&prng1, pk_seed, LEN_PKSEED); generate_B1_B2(Qs->l1_F1, &prng1); obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1); obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1); // calcuate the parts of sk according to pk. - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // clean prng for sk memset(&prng0, 0, sizeof(prng_t)); } -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { // procedure: cpk_t --> extcpk_t --> pk_t // convert from cpk_t to extcpk_t @@ -171,7 +200,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *c // setup prng prng_t prng0; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); // generating parts of key with prng generate_l1_F12(pk.l1_Q1, &prng0); @@ -184,5 +213,5 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *c memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); // convert from extcpk_t to pk_t - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(rpk, &pk); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_extcpk_to_pk(rpk, &pk); } diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair.h b/crypto_sign/rainbowIII-compressed/clean/rainbow_keypair.h similarity index 87% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair.h rename to crypto_sign/rainbowIII-compressed/clean/rainbow_keypair.h index f0ccb746..59933f32 100644 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair.h +++ b/crypto_sign/rainbowIII-compressed/clean/rainbow_keypair.h @@ -77,7 +77,7 @@ typedef struct rainbow_secretkey_cyclic { /// @param[in] pk_seed - seed for generating parts of public key. /// @param[in] sk_seed - seed for generating secret key. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); /// /// @brief Generate compressed key pairs for cyclic rainbow. @@ -87,7 +87,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, /// @param[in] pk_seed - seed for generating parts of the public key. /// @param[in] sk_seed - seed for generating the secret key. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); /// /// @brief Generate secret key for cyclic rainbow. @@ -96,7 +96,7 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk /// @param[in] pk_seed - seed for generating parts of the pbulic key. /// @param[in] sk_seed - seed for generating the secret key. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); //////////////////////////////////// @@ -106,6 +106,6 @@ void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, /// @param[out] pk - the classic public key. /// @param[in] cpk - the cyclic public key. /// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); #endif // _RAINBOW_KEYPAIR_H_ diff --git a/crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowIII-compressed/clean/rainbow_keypair_computation.c similarity index 87% rename from crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair_computation.c rename to crypto_sign/rainbowIII-compressed/clean/rainbow_keypair_computation.c index db23a907..2070cdb1 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/rainbow_keypair_computation.c +++ b/crypto_sign/rainbowIII-compressed/clean/rainbow_keypair_computation.c @@ -11,12 +11,12 @@ #include #include -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { const unsigned char *idx_l1 = cpk->l1_Q1; const unsigned char *idx_l2 = cpk->l2_Q1; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = i; j < _V1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -27,7 +27,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q2; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q3; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -49,7 +49,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q5; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = i; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -60,7 +60,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q6; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -71,7 +71,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q9; for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { for (unsigned int j = i; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -119,7 +119,7 @@ static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { memset(tempQ, 0, _O1 * _O1 * _O2_BYTE); batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2) memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5 - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1 @@ -151,7 +151,7 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t memset(tempQ.l2_F2, 0, sizeof(tempQ.l2_F2)); batch_matTr_madd(tempQ.l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, tempQ.l1_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1)); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 /* F1_T2 = F1 * t2 @@ -170,7 +170,7 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t memset(tempQ.l1_F2, 0, _O1_BYTE * _V1 * _O2); // should be F3. assuming: _O1 >= _O2 batch_matTr_madd(tempQ.l1_F2, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 @@ -197,17 +197,17 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t batch_matTr_madd(tempQ.l2_F3, Ts->t3, _O1, _O1_BYTE, _O2, tempQ.l2_F6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 } // Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_ #define calculate_F_from_Q_impl calculate_F_from_Q_ref #define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { calculate_F_from_Q_impl(Fs, Qs, Ts); } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts); } diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowIII-compressed/clean/rainbow_keypair_computation.h similarity index 87% rename from crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair_computation.h rename to crypto_sign/rainbowIII-compressed/clean/rainbow_keypair_computation.h index 6e6eeef9..760a691e 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair_computation.h +++ b/crypto_sign/rainbowIII-compressed/clean/rainbow_keypair_computation.h @@ -37,7 +37,7 @@ typedef struct rainbow_extend_publickey { /// @param[out] pk - the classic public key. /// @param[in] cpk - the internel public key. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); ///////////////////////////////////////////////// /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk /// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the secret key: T1, T4, T3 /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); /// @@ -57,7 +57,7 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_ /// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 /// @param[in] Ts - parts of the sk: T1, T4, T3 /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); /// /// @brief Computing parts of the pk from the secret key @@ -66,6 +66,6 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs /// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the sk: T1, T4, T3 /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); #endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowIII-compressed/clean/sign.c b/crypto_sign/rainbowIII-compressed/clean/sign.c new file mode 100644 index 00000000..59eb8991 --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/sign.c @@ -0,0 +1,76 @@ +/// @file sign.c +/// @brief the implementations for functions in api.h +/// +/// + +#include "api.h" +#include "rainbow.h" +#include "rainbow_config.h" +#include "rainbow_keypair.h" +#include "randombytes.h" +#include "utils_hash.h" +#include +#include + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { + unsigned char sk_seed[LEN_SKSEED] = {0}; + randombytes(sk_seed, LEN_SKSEED); + + unsigned char pk_seed[LEN_PKSEED] = {0}; + randombytes(pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_compact_keypair_cyclic((cpk_t *)pk, (csk_t *)sk, pk_seed, sk_seed); + return 0; +} + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + + memcpy(sm, m, mlen); + smlen[0] = mlen + _SIGNATURE_BYTE; + + return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign_cyclic(sm + mlen, (const csk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { + int rc; + if (_SIGNATURE_BYTE > smlen) { + rc = -1; + } else { + *mlen = smlen - _SIGNATURE_BYTE; + + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); + + rc = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); + } + if (!rc) { + memmove(m, sm, smlen - _SIGNATURE_BYTE); + } else { // bad signature + *mlen = (size_t) -1; + memset(m, 0, smlen); + } + return rc; +} + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + *siglen = _SIGNATURE_BYTE; + return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign_cyclic(sig, (const csk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk) { + if (siglen != _SIGNATURE_BYTE) { + return -1; + } + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); +} diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_hash.c b/crypto_sign/rainbowIII-compressed/clean/utils_hash.c similarity index 77% rename from crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_hash.c rename to crypto_sign/rainbowIII-compressed/clean/utils_hash.c index 77cbed93..74f5596e 100644 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_hash.c +++ b/crypto_sign/rainbowIII-compressed/clean/utils_hash.c @@ -7,7 +7,7 @@ #include "rainbow_config.h" #include "sha2.h" -static inline int _hash(unsigned char *digest, const unsigned char *m, size_t mlen) { +static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) { sha384(digest, m, mlen); return 0; } @@ -25,14 +25,14 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi n_digest -= _HASH_LEN; while (_HASH_LEN <= n_digest) { - _hash(digest + _HASH_LEN, digest, _HASH_LEN); + h(digest + _HASH_LEN, digest, _HASH_LEN); n_digest -= _HASH_LEN; digest += _HASH_LEN; } unsigned char temp[_HASH_LEN]; if (n_digest) { - _hash(temp, digest, _HASH_LEN); + h(temp, digest, _HASH_LEN); for (size_t i = 0; i < n_digest; i++) { digest[_HASH_LEN + i] = temp[i]; } @@ -40,11 +40,11 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi return 0; } -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(unsigned char *digest, +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen) { unsigned char buf[_HASH_LEN]; - _hash(buf, m, mlen); + h(buf, m, mlen); return expand_hash(digest, len_digest, buf); } diff --git a/crypto_sign/rainbowIII-compressed/clean/utils_hash.h b/crypto_sign/rainbowIII-compressed/clean/utils_hash.h new file mode 100644 index 00000000..aa127899 --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/utils_hash.h @@ -0,0 +1,11 @@ +#ifndef _UTILS_HASH_H_ +#define _UTILS_HASH_H_ +/// @file utils_hash.h +/// @brief the interface for adapting hash functions. +/// + +#include + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); + +#endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowIII-compressed/clean/utils_prng.c b/crypto_sign/rainbowIII-compressed/clean/utils_prng.c new file mode 100644 index 00000000..c865fd1e --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/utils_prng.c @@ -0,0 +1,97 @@ +/// @file utils_prng.c +/// @brief The implementation of PRNG related functions. +/// + +#include "utils_prng.h" +#include "aes.h" +#include "randombytes.h" +#include "utils_hash.h" +#include +#include + +static void prng_update(const unsigned char *provided_data, + unsigned char *Key, + unsigned char *V) { + unsigned char temp[48]; + aes256ctx ctx; + aes256_ecb_keyexp(&ctx, Key); + for (int i = 0; i < 3; i++) { + //increment V + for (int j = 15; j >= 0; j--) { + if (V[j] == 0xff) { + V[j] = 0x00; + } else { + V[j]++; + break; + } + } + aes256_ecb(temp + 16 * i, V, 1, &ctx); + } + if (provided_data != NULL) { + for (int i = 0; i < 48; i++) { + temp[i] ^= provided_data[i]; + } + } + aes256_ctx_release(&ctx); + memcpy(Key, temp, 32); + memcpy(V, temp + 32, 16); +} +static void randombytes_init_with_state(prng_t *state, + unsigned char *entropy_input_48bytes) { + memset(state->Key, 0x00, 32); + memset(state->V, 0x00, 16); + prng_update(entropy_input_48bytes, state->Key, state->V); +} + +static int randombytes_with_state(prng_t *state, + unsigned char *x, + size_t xlen) { + + unsigned char block[16]; + int i = 0; + + aes256ctx ctx; + aes256_ecb_keyexp(&ctx, state->Key); + + while (xlen > 0) { + //increment V + for (int j = 15; j >= 0; j--) { + if (state->V[j] == 0xff) { + state->V[j] = 0x00; + } else { + state->V[j]++; + break; + } + } + aes256_ecb(block, state->V, 1, &ctx); + if (xlen > 15) { + memcpy(x + i, block, 16); + i += 16; + xlen -= 16; + } else { + memcpy(x + i, block, xlen); + xlen = 0; + } + } + aes256_ctx_release(&ctx); + prng_update(NULL, state->Key, state->V); + return 0; +} + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { + unsigned char seed[48]; + if (prng_seedlen >= 48) { + memcpy(seed, prng_seed, 48); + } else { + memcpy(seed, prng_seed, prng_seedlen); + PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); + } + + randombytes_init_with_state(ctx, seed); + + return 0; +} + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { + return randombytes_with_state(ctx, out, outlen); +} diff --git a/crypto_sign/rainbowIII-compressed/clean/utils_prng.h b/crypto_sign/rainbowIII-compressed/clean/utils_prng.h new file mode 100644 index 00000000..c7f76c46 --- /dev/null +++ b/crypto_sign/rainbowIII-compressed/clean/utils_prng.h @@ -0,0 +1,18 @@ +#ifndef _UTILS_PRNG_H_ +#define _UTILS_PRNG_H_ +/// @file utils_prng.h +/// @brief the interface for adapting PRNG functions. +/// +/// + +#include "randombytes.h" + +typedef struct { + unsigned char Key[32]; + unsigned char V[16]; +} prng_t; + +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); +int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); + +#endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowIIIc-classic/META.yml b/crypto_sign/rainbowIIIc-classic/META.yml deleted file mode 100644 index 6251a8da..00000000 --- a/crypto_sign/rainbowIIIc-classic/META.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: "RAINBOW(256,68,36,36) - classic" -type: signature -claimed-nist-level: 3 -length-public-key: 710640 -length-secret-key: 511448 -length-signature: 156 -nistkat-sha256: 199cf313d96a4fbb481c50e568ac0222ec955b3e20551d0fadbb6c5e97bd1ada -testvectors-sha256: e738081bcc34228184645dd79237daabc89b7ed22172637b6c10f51dd1e417d9 -principal-submitters: - - Jintai Ding -auxiliary-submitters: - - Ming-Shing Chen - - Albrecht Petzoldt - - Dieter Schmidt - - Bo-Yin Yang -implementations: - - name: clean - version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/af826fcb78f6af51a02d0352cff28a9690467bfd diff --git a/crypto_sign/rainbowIIIc-classic/clean/api.h b/crypto_sign/rainbowIIIc-classic/clean/api.h deleted file mode 100644 index 9dc88a7d..00000000 --- a/crypto_sign/rainbowIIIc-classic/clean/api.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_API_H -#define PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_API_H - -#include -#include - -#define PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 511448 -#define PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 710640 -#define PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_CRYPTO_BYTES 156 -#define PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,36,36) - classic" - -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); - - -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk); - -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk); - -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, - const uint8_t *m, size_t mlen, - const uint8_t *sk); - -int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, - const uint8_t *sm, size_t smlen, - const uint8_t *pk); - - -#endif diff --git a/crypto_sign/rainbowIIIc-classic/clean/gf.h b/crypto_sign/rainbowIIIc-classic/clean/gf.h deleted file mode 100644 index 92d72be0..00000000 --- a/crypto_sign/rainbowIIIc-classic/clean/gf.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _GF16_H_ -#define _GF16_H_ - -#include "rainbow_config.h" -#include - -/// @file gf16.h -/// @brief Library for arithmetics in GF(16) and GF(256) -/// - -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b); - - -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a); -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_inv(uint8_t a); -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b); - - -#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIIIc-classic/clean/rainbow_blas.h b/crypto_sign/rainbowIIIc-classic/clean/rainbow_blas.h deleted file mode 100644 index b8048608..00000000 --- a/crypto_sign/rainbowIIIc-classic/clean/rainbow_blas.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef _RAINBOW_BLAS_H_ -#define _RAINBOW_BLAS_H_ -/// @file rainbow_blas.h -/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h -/// -/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h - -#include "blas.h" -#include "blas_comm.h" -#include "parallel_matrix_op.h" -#include "rainbow_config.h" - - -#define gfv_get_ele PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele -#define gfv_mul_scalar PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_mul_scalar -#define gfv_madd PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd - -#define gfmat_prod PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_prod -#define gfmat_inv PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_inv - -#define batch_trimat_madd PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimat_madd_gf256 -#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimatTr_madd_gf256 -#define batch_2trimat_madd PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_2trimat_madd_gf256 -#define batch_matTr_madd PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_matTr_madd_gf256 -#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_bmatTr_madd_gf256 -#define batch_mat_madd PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_mat_madd_gf256 - -#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_trimat_eval_gf256 -#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_recmat_eval_gf256 - - -#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair.c b/crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair.c deleted file mode 100644 index 656704e7..00000000 --- a/crypto_sign/rainbowIIIc-classic/clean/rainbow_keypair.c +++ /dev/null @@ -1,126 +0,0 @@ -/// @file rainbow_keypair.c -/// @brief implementations of functions in rainbow_keypair.h -/// - -#include "rainbow_keypair.h" -#include "blas.h" -#include "blas_comm.h" -#include "rainbow_blas.h" -#include "rainbow_keypair_computation.h" -#include "utils_prng.h" -#include -#include -#include - -static void generate_S_T(unsigned char *s_and_t, prng_t *prng0) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // S1 - s_and_t += _O1_BYTE * _O2; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O1); // T1 - s_and_t += _V1_BYTE * _O1; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O2); // T2 - s_and_t += _V1_BYTE * _O2; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // T3 -} - -static unsigned int generate_l1_F12(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); // l1_F1 - sk += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * _V1 * _O1); // l1_F2 - n_byte_generated += _O1_BYTE * _V1 * _O1; - return n_byte_generated; -} - -static unsigned int generate_l2_F12356(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // l2_F1 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O1); // l2_F2 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; - - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O2); // l2_F3 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; - - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // l2_F5 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _O1 * _O2); // l2_F6 - n_byte_generated += _O2_BYTE * _O1 * _O2; - - return n_byte_generated; -} - -static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { - sk += generate_l1_F12(sk, prng0); - generate_l2_F12356(sk, prng0); -} - -static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) { - // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2 - unsigned char temp[_V1_BYTE + 32]; - unsigned char *t4 = t2_to_t4; - for (unsigned int i = 0; i < _O2; i++) { /// t3 width - gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE); - t4 += _V1_BYTE; - t3 += _O1_BYTE; - } -} - -static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) { - unsigned char temp[_O1_BYTE + 32]; - while (n_terms--) { - gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); - l1_polys += _O1_BYTE; - l2_polys += _O2_BYTE; - } -} - -/////////////////// Classic ////////////////////////////////// - -static void _generate_secretkey(sk_t *sk, const unsigned char *sk_seed) { - memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); - - // set up prng - prng_t prng0; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); - - // generating secret key with prng. - generate_S_T(sk->s1, &prng0); - generate_B1_B2(sk->l1_F1, &prng0); - - // clean prng - memset(&prng0, 0, sizeof(prng_t)); -} - -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) { - _generate_secretkey(sk, sk_seed); - - // set up a temporary structure ext_cpk_t for calculating public key. - ext_cpk_t pk; - - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format. - calculate_t4(sk->t4, sk->t1, sk->t3); - - obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1); - obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1); - obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1); - obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1); - obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1); - obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1); - // so far, the pk contains the full pk but in ext_cpk_t format. - - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t. -} - - - diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/META.yml b/crypto_sign/rainbowIIIc-cyclic-compressed/META.yml deleted file mode 100644 index d5a71f47..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/META.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: "RAINBOW(256,68,36,36) - cyclic compressed" -type: signature -claimed-nist-level: 3 -length-public-key: 206744 -length-secret-key: 64 -length-signature: 156 -nistkat-sha256: 1ad6d22a9e98c3e05a6aceb5b892dd75908924733aadfe074b6556e1dbd881c0 -testvectors-sha256: 40df2d3b2eb52aada14469c95e6890c486eaf22dcfca9604bbf528a0b7b75070 -principal-submitters: - - Jintai Ding -auxiliary-submitters: - - Ming-Shing Chen - - Albrecht Petzoldt - - Dieter Schmidt - - Bo-Yin Yang -implementations: - - name: clean - version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/af826fcb78f6af51a02d0352cff28a9690467bfd diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/Makefile b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/Makefile deleted file mode 100644 index 81a0daf4..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# This Makefile can be used with GNU Make or BSD Make - -LIB=librainbowIIIc-cyclic-compressed_clean.a - -HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h -OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o - - -CFLAGS=-O3 -Wall -Wconversion -Wextra -Wpedantic -Wvla -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS) - -all: $(LIB) - -%.o: %.c $(HEADERS) - $(CC) $(CFLAGS) -c -o $@ $< - -$(LIB): $(OBJECTS) - $(AR) -r $@ $(OBJECTS) - -clean: - $(RM) $(OBJECTS) - $(RM) $(LIB) diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/Makefile.Microsoft_nmake deleted file mode 100644 index 071e07fe..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/Makefile.Microsoft_nmake +++ /dev/null @@ -1,19 +0,0 @@ -# This Makefile can be used with Microsoft Visual Studio's nmake using the command: -# nmake /f Makefile.Microsoft_nmake - -LIBRARY=librainbowIIIc-cyclic-compressed_clean.lib -OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj - -CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX - -all: $(LIBRARY) - -# Make sure objects are recompiled if headers change. -$(OBJECTS): *.h - -$(LIBRARY): $(OBJECTS) - LIB.EXE /NOLOGO /WX /OUT:$@ $** - -clean: - -DEL $(OBJECTS) - -DEL $(LIBRARY) diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/api.h b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/api.h deleted file mode 100644 index a4a171a9..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/api.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_API_H -#define PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_API_H - -#include -#include - -#define PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_CRYPTO_SECRETKEYBYTES 64 -#define PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_CRYPTO_PUBLICKEYBYTES 206744 -#define PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_CRYPTO_BYTES 156 -#define PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,36,36) - cyclic compressed" - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); - - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk); - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk); - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, - const uint8_t *m, size_t mlen, - const uint8_t *sk); - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, - const uint8_t *sm, size_t smlen, - const uint8_t *pk); - - -#endif diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas.c b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas.c deleted file mode 100644 index 624432f2..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas.c +++ /dev/null @@ -1,31 +0,0 @@ -#include "blas.h" -#include "gf.h" - -#include - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { - uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= (a[i] & pr_u8); - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= a[i]; - } -} - - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - a[i] = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_mul(a[i], b); - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_c[i] ^= PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_mul(a[i], gf256_b); - } -} - diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas.h b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas.h deleted file mode 100644 index b3b0a33f..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _BLAS_H_ -#define _BLAS_H_ -/// @file blas.h -/// @brief Functions for implementing basic linear algebra functions. -/// - -#include "rainbow_config.h" -#include -#include - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); - - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); - - -#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas_comm.c b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas_comm.c deleted file mode 100644 index 64feed34..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas_comm.c +++ /dev/null @@ -1,144 +0,0 @@ -/// @file blas_comm.c -/// @brief The standard implementations for blas_comm.h -/// - -#include "blas_comm.h" -#include "blas.h" -#include "gf.h" -#include "rainbow_config.h" - -#include -#include - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - b[i] = 0; - } -} -/// @brief get an element from GF(256) vector . -/// -/// @param[in] a - the input vector a. -/// @param[in] i - the index in the vector a. -/// @return the value of the element. -/// -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { - return a[i]; -} - -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { - uint8_t r = 0; - while (_num_byte--) { - r |= a[0]; - a++; - } - return (0 == r); -} - -/// polynomial multplication -/// School boook -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(c, _num * 2 - 1); - for (unsigned int i = 0; i < _num; i++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(c + i, a, b[i], _num); - } -} - -static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(c, n_A_vec_byte); - for (unsigned int i = 0; i < n_A_width; i++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); - matA += n_A_vec_byte; - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { - unsigned int n_vec_byte = len_vec; - for (unsigned int k = 0; k < len_vec; k++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(c, n_vec_byte); - const uint8_t *bk = b + n_vec_byte * k; - for (unsigned int i = 0; i < len_vec; i++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); - } - c += n_vec_byte; - } -} - -static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) { - unsigned int r8 = 1; - - for (unsigned int i = 0; i < h; i++) { - uint8_t *ai = mat + w * i; - unsigned int skip_len_align4 = i & ((unsigned int)~0x3); - - for (unsigned int j = i + 1; j < h; j++) { - uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); - } - r8 &= PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]); - uint8_t pivot = ai[i]; - pivot = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_inv(pivot); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); - for (unsigned int j = 0; j < h; j++) { - if (i == j) { - continue; - } - uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); - } - } - - return r8; -} - -static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { - uint8_t mat[64 * 64]; - for (unsigned int i = 0; i < n; i++) { - memcpy(mat + i * (n + 1), inp_mat + i * n, n); - mat[i * (n + 1) + n] = c_terms[i]; - } - unsigned int r8 = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); - for (unsigned int i = 0; i < n; i++) { - sol[i] = mat[i * (n + 1) + n]; - } - return r8; -} - -static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) { - for (unsigned int i = 0; i < h; i++) { - for (unsigned int j = 0; j < w2; j++) { - mat2[i * w2 + j] = mat[i * w + st + j]; - } - } -} - -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { - uint8_t *aa = buffer; - for (unsigned int i = 0; i < H; i++) { - uint8_t *ai = aa + i * 2 * H; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(ai, 2 * H); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(ai, a + i * H, H); - ai[H + i] = 1; - } - unsigned int r8 = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); - gf256mat_submat(inv_a, H, H, aa, 2 * H, H); - return r8; -} - - -// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE - -#define gf256mat_prod_impl gf256mat_prod_ref -#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref -#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); -} - -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { - return gf256mat_gauss_elim_impl(mat, h, w); -} - -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { - return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); -} - diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas_comm.h b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas_comm.h deleted file mode 100644 index e86298fe..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/blas_comm.h +++ /dev/null @@ -1,90 +0,0 @@ -#ifndef _BLAS_COMM_H_ -#define _BLAS_COMM_H_ -/// @file blas_comm.h -/// @brief Common functions for linear algebra. -/// - -#include "rainbow_config.h" -#include - -/// @brief set a vector to 0. -/// -/// @param[in,out] b - the vector b. -/// @param[in] _num_byte - number of bytes for the vector b. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); - -/// @brief get an element from GF(256) vector . -/// -/// @param[in] a - the input vector a. -/// @param[in] i - the index in the vector a. -/// @return the value of the element. -/// -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); - -/// @brief check if a vector is 0. -/// -/// @param[in] a - the vector a. -/// @param[in] _num_byte - number of bytes for the vector a. -/// @return 1(true) if a is 0. 0(false) else. -/// -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); - -/// @brief polynomial multiplication: c = a*b -/// -/// @param[out] c - the output polynomial c -/// @param[in] a - the vector a. -/// @param[in] b - the vector b. -/// @param[in] _num - number of elements for the polynomials a and b. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); - -/// @brief matrix-vector multiplication: c = matA * b , in GF(256) -/// -/// @param[out] c - the output vector c -/// @param[in] matA - a column-major matrix A. -/// @param[in] n_A_vec_byte - the size of column vectors in bytes. -/// @param[in] n_A_width - the width of matrix A. -/// @param[in] b - the vector b. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); - -/// @brief matrix-matrix multiplication: c = a * b , in GF(256) -/// -/// @param[out] c - the output matrix c -/// @param[in] c - a matrix a. -/// @param[in] b - a matrix b. -/// @param[in] len_vec - the length of column vectors. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); - -/// @brief Gauss elimination for a matrix, in GF(256) -/// -/// @param[in,out] mat - the matrix. -/// @param[in] h - the height of the matrix. -/// @param[in] w - the width of the matrix. -/// @return 1(true) if success. 0(false) if the matrix is singular. -/// -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); - -/// @brief Solving linear equations, in GF(256) -/// -/// @param[out] sol - the solutions. -/// @param[in] inp_mat - the matrix parts of input equations. -/// @param[in] c_terms - the constant terms of the input equations. -/// @param[in] n - the number of equations. -/// @return 1(true) if success. 0(false) if the matrix is singular. -/// -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); - -/// @brief Computing the inverse matrix, in GF(256) -/// -/// @param[out] inv_a - the output of matrix a. -/// @param[in] a - a matrix a. -/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix. -/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. -/// @return 1(true) if success. 0(false) if the matrix is singular. -/// -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); - -#endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/gf.c b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/gf.c deleted file mode 100644 index 4f046250..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/gf.c +++ /dev/null @@ -1,91 +0,0 @@ -#include "gf.h" - -//// gf4 := gf2[x]/x^2+x+1 -static inline uint8_t gf4_mul_2(uint8_t a) { - uint8_t r = (uint8_t)(a << 1); - r ^= (uint8_t)((a >> 1) * 7); - return r; -} - -static inline uint8_t gf4_mul(uint8_t a, uint8_t b) { - uint8_t r = (uint8_t)(a * (b & 1)); - return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1)); -} - -static inline uint8_t gf4_squ(uint8_t a) { - return a ^ (a >> 1); -} - -//// gf16 := gf4[y]/y^2+y+x -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b) { - uint8_t a0 = a & 3; - uint8_t a1 = (a >> 2); - uint8_t b0 = b & 3; - uint8_t b1 = (b >> 2); - uint8_t a0b0 = gf4_mul(a0, b0); - uint8_t a1b1 = gf4_mul(a1, b1); - uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; - uint8_t a1b1_x2 = gf4_mul_2(a1b1); - return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2); -} - -static inline uint8_t gf16_squ(uint8_t a) { - uint8_t a0 = a & 3; - uint8_t a1 = (a >> 2); - a1 = gf4_squ(a1); - uint8_t a1squ_x2 = gf4_mul_2(a1); - return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); -} - -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a) { - unsigned int a8 = a; - unsigned int r = ((unsigned int)0) - a8; - r >>= 8; - return r & 1; -} - -static inline uint8_t gf4_mul_3(uint8_t a) { - uint8_t msk = (uint8_t)((a - 2) >> 1); - return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1))); -} -static inline uint8_t gf16_mul_8(uint8_t a) { - uint8_t a0 = a & 3; - uint8_t a1 = a >> 2; - return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1)); -} - -// gf256 := gf16[X]/X^2+X+xy -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b) { - uint8_t a0 = a & 15; - uint8_t a1 = (a >> 4); - uint8_t b0 = b & 15; - uint8_t b1 = (b >> 4); - uint8_t a0b0 = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf16_mul(a0, b0); - uint8_t a1b1 = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf16_mul(a1, b1); - uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; - uint8_t a1b1_x8 = gf16_mul_8(a1b1); - return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8); -} - -static inline uint8_t gf256_squ(uint8_t a) { - uint8_t a0 = a & 15; - uint8_t a1 = (a >> 4); - a1 = gf16_squ(a1); - uint8_t a1squ_x8 = gf16_mul_8(a1); - return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0)); -} - -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_inv(uint8_t a) { - // 128+64+32+16+8+4+2 = 254 - uint8_t a2 = gf256_squ(a); - uint8_t a4 = gf256_squ(a2); - uint8_t a8 = gf256_squ(a4); - uint8_t a4_2 = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_mul(a4, a2); - uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_mul(a4_2, a8); - uint8_t a64_ = gf256_squ(a8_4_2); - a64_ = gf256_squ(a64_); - a64_ = gf256_squ(a64_); - uint8_t a64_2 = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_mul(a64_, a8_4_2); - uint8_t a128_ = gf256_squ(a64_2); - return PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_mul(a2, a128_); -} diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/gf.h b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/gf.h deleted file mode 100644 index e8c06d84..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/gf.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _GF16_H_ -#define _GF16_H_ - -#include "rainbow_config.h" -#include - -/// @file gf16.h -/// @brief Library for arithmetics in GF(16) and GF(256) -/// - -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b); - - -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a); -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_inv(uint8_t a); -uint8_t PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b); - - -#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/parallel_matrix_op.c b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/parallel_matrix_op.c deleted file mode 100644 index 540ae738..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/parallel_matrix_op.c +++ /dev/null @@ -1,183 +0,0 @@ -/// @file parallel_matrix_op.c -/// @brief the standard implementations for functions in parallel_matrix_op.h -/// -/// the standard implementations for functions in parallel_matrix_op.h -/// - -#include "parallel_matrix_op.h" -#include "blas.h" -#include "blas_comm.h" - -/// -/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. -/// -/// @param[in] i_row - the i-th row in an upper-triangle matrix. -/// @param[in] j_col - the j-th column in an upper-triangle matrix. -/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. -/// @return the corresponding index in an array storage. -/// -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { - return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; -} - -/// -/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix. -/// -/// @param[in] i_row - the i-th row in a triangle matrix. -/// @param[in] j_col - the j-th column in a triangle matrix. -/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix. -/// @return the corresponding index in an array storage. -/// -static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { - if (i_row > j_col) { - return PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(j_col, i_row, n_var); - } - return PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i_row, j_col, n_var); -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { - unsigned char *runningC = btriC; - unsigned int Aheight = Awidth; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < i; j++) { - unsigned int idx = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(j, i, Aheight); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); - } - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); - runningC += size_batch * (Aheight - i); - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Awidth = Bheight; - unsigned int Aheight = Awidth; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - if (k < i) { - continue; - } - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - btriA += (Aheight - i) * size_batch; - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Aheight = Bheight; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - if (i < k) { - continue; - } - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Aheight = Bheight; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - if (i == k) { - continue; - } - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, - const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Atr_height = Awidth; - unsigned int Atr_width = Aheight; - for (unsigned int i = 0; i < Atr_height; i++) { - for (unsigned int j = 0; j < Atr_width; j++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); - } - bC += size_batch * Bwidth; - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - const unsigned char *bA = bA_to_tr; - unsigned int Aheight = Awidth_before_tr; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Awidth = Bheight; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - bA += (Awidth) * size_batch; - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { - unsigned char tmp[256]; - - unsigned char _x[256]; - for (unsigned int i = 0; i < dim; i++) { - _x[i] = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(x, i); - } - - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(y, size_batch); - for (unsigned int i = 0; i < dim; i++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); - for (unsigned int j = i; j < dim; j++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); - trimat += size_batch; - } - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); - } -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, - const unsigned char *x, unsigned dim_x, unsigned size_batch) { - unsigned char tmp[128]; - - unsigned char _x[128]; - for (unsigned int i = 0; i < dim_x; i++) { - _x[i] = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(x, i); - } - unsigned char _y[128]; - for (unsigned int i = 0; i < dim_y; i++) { - _y[i] = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(y, i); - } - - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(z, size_batch); - for (unsigned int i = 0; i < dim_y; i++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); - for (unsigned int j = 0; j < dim_x; j++) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); - mat += size_batch; - } - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); - } -} - diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/parallel_matrix_op.h b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/parallel_matrix_op.h deleted file mode 100644 index 63d82311..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/parallel_matrix_op.h +++ /dev/null @@ -1,260 +0,0 @@ -#ifndef _P_MATRIX_OP_H_ -#define _P_MATRIX_OP_H_ -/// @file parallel_matrix_op.h -/// @brief Librarys for operations of batched matrixes. -/// -/// - -//////////////// Section: triangle matrix <-> rectangle matrix /////////////////////////////////// - -/// -/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. -/// -/// @param[in] i_row - the i-th row in an upper-triangle matrix. -/// @param[in] j_col - the j-th column in an upper-triangle matrix. -/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. -/// @return the corresponding index in an array storage. -/// -unsigned int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); - -/// -/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. -/// -/// @param[out] btriC - the batched upper-trianglized matrix C. -/// @param[in] bA - a batched retangle matrix A. -/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); - -//////////////////// Section: matrix multiplications /////////////////////////////// - -/// -/// @brief bC += btriA * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += btriA * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += btriA^Tr * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += btriA^Tr * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += (btriA + btriA^Tr) *B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += (btriA + btriA^Tr) *B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += A^Tr * bB , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. -/// @param[in] Aheight - the height of A. -/// @param[in] size_Acolvec - the size of a column vector in A. -/// @param[in] Awidth - the width of A. -/// @param[in] bB - a batched matrix B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, - const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, - const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += A^Tr * bB , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. -/// @param[in] Aheight - the height of A. -/// @param[in] size_Acolvec - the size of a column vector in A. -/// @param[in] Awidth - the width of A. -/// @param[in] bB - a batched matrix B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, - const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, - const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA^Tr * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). -/// @param[in] Awidth_befor_tr - the width of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA^Tr * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). -/// @param[in] Awidth_befor_tr - the width of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA - a batched matrix A. -/// @param[in] Aheigh - the height of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA - a batched matrix A. -/// @param[in] Aheigh - the height of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -//////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// - -/// -/// @brief y = x^Tr * trimat * x , in GF(16) -/// -/// @param[out] y - the returned batched element y. -/// @param[in] trimat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim - the dimension of matrix trimat (and x). -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); - -/// -/// @brief y = x^Tr * trimat * x , in GF(256) -/// -/// @param[out] y - the returned batched element y. -/// @param[in] trimat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim - the dimension of matrix trimat (and x). -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); - -/// -/// @brief z = y^Tr * mat * x , in GF(16) -/// -/// @param[out] z - the returned batched element z. -/// @param[in] y - an input vector y. -/// @param[in] dim_y - the length of y. -/// @param[in] mat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim_x - the length of x. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, - const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); - -/// -/// @brief z = y^Tr * mat * x , in GF(256) -/// -/// @param[out] z - the returned batched element z. -/// @param[in] y - an input vector y. -/// @param[in] dim_y - the length of y. -/// @param[in] mat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim_x - the length of x. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, - const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); - -#endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow.c b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow.c deleted file mode 100644 index 4dc14cfa..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow.c +++ /dev/null @@ -1,179 +0,0 @@ -/// @file rainbow.c -/// @brief The standard implementations for functions in rainbow.h -/// - -#include "blas.h" -#include "parallel_matrix_op.h" -#include "rainbow.h" -#include "rainbow_blas.h" -#include "rainbow_config.h" -#include "rainbow_keypair.h" -#include "utils_hash.h" -#include "utils_prng.h" -#include -#include -#include - -#define MAX_ATTEMPT_FRMAT 128 - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { - uint8_t mat_l1[_O1 * _O1_BYTE]; - uint8_t mat_l2[_O2 * _O2_BYTE]; - uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; - - // setup PRNG - prng_t prng_sign; - uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN]; - memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); - memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest - uint8_t prng_seed[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) - for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { - prng_preseed[i] ^= prng_preseed[i]; // clean - } - for (unsigned int i = 0; i < _HASH_LEN; i++) { - prng_seed[i] ^= prng_seed[i]; // clean - } - - // roll vinegars. - uint8_t vinegar[_V1_BYTE]; - unsigned int n_attempt = 0; - unsigned int l1_succ = 0; - while (!l1_succ) { - if (MAX_ATTEMPT_FRMAT <= n_attempt) { - break; - } - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars - gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 - l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable - n_attempt++; - } - - // Given the vinegars, pre-compute variables needed for layer 2 - uint8_t r_l1_F1[_O1_BYTE] = {0}; - uint8_t r_l2_F1[_O2_BYTE] = {0}; - batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE); - batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE); - uint8_t mat_l2_F3[_O2 * _O2_BYTE]; - uint8_t mat_l2_F2[_O1 * _O2_BYTE]; - gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar); - gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar); - - // Some local variables. - uint8_t _z[_PUB_M_BYTE]; - uint8_t y[_PUB_M_BYTE]; - uint8_t *x_v1 = vinegar; - uint8_t x_o1[_O1_BYTE]; - uint8_t x_o2[_O1_BYTE]; - - uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; - memcpy(digest_salt, _digest, _HASH_LEN); - uint8_t *salt = digest_salt + _HASH_LEN; - - uint8_t temp_o[_MAX_O_BYTE + 32] = {0}; - unsigned int succ = 0; - while (!succ) { - if (MAX_ATTEMPT_FRMAT <= n_attempt) { - break; - } - // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w - - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) - - // y = S^-1 * z - memcpy(y, _z, _PUB_M_BYTE); // identity part of S - gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); - - // Central Map: - // layer 1: calculate x_o1 - memcpy(temp_o, r_l1_F1, _O1_BYTE); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); - gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); - - // layer 2: calculate x_o2 - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); - gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 - batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); - - // generate the linear equations of the 2nd layer - gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 - succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); - gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs - - n_attempt++; - }; - // w = T^-1 * y - uint8_t w[_PUB_N_BYTE]; - // identity part of T. - memcpy(w, x_v1, _V1_BYTE); - memcpy(w + _V1_BYTE, x_o1, _O1_BYTE); - memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); - // Computing the t1 part. - gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); - // Computing the t4 part. - gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); - // Computing the t3 part. - gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); - - memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 - // clean - memset(&prng_sign, 0, sizeof(prng_t)); - memset(vinegar, 0, _V1_BYTE); - memset(r_l1_F1, 0, _O1_BYTE); - memset(r_l2_F1, 0, _O2_BYTE); - memset(_z, 0, _PUB_M_BYTE); - memset(y, 0, _PUB_M_BYTE); - memset(x_o1, 0, _O1_BYTE); - memset(x_o2, 0, _O2_BYTE); - memset(temp_o, 0, sizeof(temp_o)); - - // return: copy w and salt to the signature. - if (MAX_ATTEMPT_FRMAT <= n_attempt) { - return -1; - } - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); - return 0; -} - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { - unsigned char digest_ck[_PUB_M_BYTE]; - // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. - batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); - - unsigned char correct[_PUB_M_BYTE]; - unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; - memcpy(digest_salt, digest, _HASH_LEN); - memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) - - // check consistancy. - unsigned char cc = 0; - for (unsigned int i = 0; i < _PUB_M_BYTE; i++) { - cc |= (digest_ck[i] ^ correct[i]); - } - return (0 == cc) ? 0 : -1; -} - -/////////////// cyclic version /////////////////////////// -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *csk, const uint8_t *digest) { - unsigned char sk[sizeof(sk_t) + 32]; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic((sk_t *)sk, csk->pk_seed, csk->sk_seed); // generating classic secret key. - return PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_sign(signature, (sk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { - unsigned char pk[sizeof(pk_t) + 32]; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. - return PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); -} diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_blas.h b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_blas.h deleted file mode 100644 index 90fd2a01..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_blas.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef _RAINBOW_BLAS_H_ -#define _RAINBOW_BLAS_H_ -/// @file rainbow_blas.h -/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h -/// -/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h - -#include "blas.h" -#include "blas_comm.h" -#include "parallel_matrix_op.h" -#include "rainbow_config.h" - - -#define gfv_get_ele PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_get_ele -#define gfv_mul_scalar PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_mul_scalar -#define gfv_madd PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_madd - -#define gfmat_prod PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_prod -#define gfmat_inv PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256mat_inv - -#define batch_trimat_madd PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf256 -#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256 -#define batch_2trimat_madd PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf256 -#define batch_matTr_madd PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf256 -#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256 -#define batch_mat_madd PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf256 - -#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256 -#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256 - - -#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair_computation.c deleted file mode 100644 index 2e577e03..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair_computation.c +++ /dev/null @@ -1,213 +0,0 @@ -/// @file rainbow_keypair_computation.c -/// @brief Implementations for functions in rainbow_keypair_computation.h -/// - -#include "rainbow_keypair_computation.h" -#include "blas.h" -#include "blas_comm.h" -#include "rainbow_blas.h" -#include "rainbow_keypair.h" -#include -#include -#include - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { - const unsigned char *idx_l1 = cpk->l1_Q1; - const unsigned char *idx_l2 = cpk->l2_Q1; - for (unsigned int i = 0; i < _V1; i++) { - for (unsigned int j = i; j < _V1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q2; - idx_l2 = cpk->l2_Q2; - for (unsigned int i = 0; i < _V1; i++) { - for (unsigned int j = _V1; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q3; - idx_l2 = cpk->l2_Q3; - for (unsigned int i = 0; i < _V1; i++) { - for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q5; - idx_l2 = cpk->l2_Q5; - for (unsigned int i = _V1; i < _V1 + _O1; i++) { - for (unsigned int j = i; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q6; - idx_l2 = cpk->l2_Q6; - for (unsigned int i = _V1; i < _V1 + _O1; i++) { - for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q9; - idx_l2 = cpk->l2_Q9; - for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { - for (unsigned int j = i; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } -} - -static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { - // Layer 1 - // F_sk.l1_F1s[i] = Q_pk.l1_F1s[i] - memcpy(Fs->l1_F1, Qs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); - - // F_sk.l1_F2s[i] = ( Q_pk.l1_F1s[i] + Q_pk.l1_F1s[i].transpose() ) * T_sk.t1 + Q_pk.l1_F2s[i] - memcpy(Fs->l1_F2, Qs->l1_F2, _O1_BYTE * _V1 * _O1); - batch_2trimat_madd(Fs->l1_F2, Qs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); - - /* - Layer 2 - computations: - - F_sk.l2_F1s[i] = Q_pk.l2_F1s[i] - - Q1_T1 = Q_pk.l2_F1s[i]*T_sk.t1 - F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1 - F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i] - - Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4 - #Q1_Q1T_T4 = Q1_Q1T * t4 - Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3 - F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] - F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) - + Q_pk.l2_F2s[i].transpose() * t4 - + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i] - - */ - memcpy(Fs->l2_F1, Qs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // F_sk.l2_F1s[i] = Q_pk.l2_F1s[i] - - // F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1 - // F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i] - memcpy(Fs->l2_F2, Qs->l2_F2, _O2_BYTE * _V1 * _O1); - batch_trimat_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q1_T1+ Q2 - - unsigned char tempQ[_O1 * _O1 * _O2_BYTE + 32]; - memset(tempQ, 0, _O1 * _O1 * _O2_BYTE); - batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2) - memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5 - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) - - batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1 - - // Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4 - // Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3 - // F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] - memcpy(Fs->l2_F3, Qs->l2_F3, _V1 * _O2 * _O2_BYTE); - batch_2trimat_madd(Fs->l2_F3, Qs->l2_F1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); // Q1_Q1T_T4 - batch_mat_madd(Fs->l2_F3, Qs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // Q2_T3 - - // F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) - // + Q_pk.l2_F2s[i].transpose() * t4 - // + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i] - memcpy(Fs->l2_F6, Qs->l2_F6, _O1 * _O2 * _O2_BYTE); - batch_matTr_madd(Fs->l2_F6, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F3, _O2, _O2_BYTE); // t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) - batch_2trimat_madd(Fs->l2_F6, Qs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 - batch_bmatTr_madd(Fs->l2_F6, Qs->l2_F2, _O1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); -} - -static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { - // Layer 1: Computing Q5, Q3, Q6, Q9 - - // Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) ) - const unsigned char *t2 = Ts->t4; - sk_t tempQ; - memcpy(tempQ.l1_F2, Fs->l1_F2, _O1_BYTE * _V1 * _O1); - batch_trimat_madd(tempQ.l1_F2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2 - memset(tempQ.l2_F1, 0, sizeof(tempQ.l2_F1)); - memset(tempQ.l2_F2, 0, sizeof(tempQ.l2_F2)); - batch_matTr_madd(tempQ.l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, tempQ.l1_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) - memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1)); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 - - /* - F1_T2 = F1 * t2 - F2_T3 = F2 * t3 - F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2 - Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3 - Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2 - Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) ) - */ - memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2); - memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2); - memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2)); - - batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2 - batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F2_T3 - - memset(tempQ.l1_F2, 0, _O1_BYTE * _V1 * _O2); // should be F3. assuming: _O1 >= _O2 - batch_matTr_madd(tempQ.l1_F2, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 - - batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 - - batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2 - batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6 - /* - Layer 2 - Computing Q9: - - F1_T2 = F1 * t2 - F2_T3 = F2 * t3 - Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) ) - */ - sk_t tempQ2; - memcpy(tempQ2.l2_F3, Fs->l2_F3, _O2_BYTE * _V1 * _O2); /// F3 actually. - batch_trimat_madd(tempQ2.l2_F3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3 - batch_mat_madd(tempQ2.l2_F3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3 + F3 - - memset(tempQ.l2_F3, 0, _O2_BYTE * _V1 * _O2); - batch_matTr_madd(tempQ.l2_F3, t2, _V1, _V1_BYTE, _O2, tempQ2.l2_F3, _O2, _O2_BYTE); // T2tr * ( ..... ) - - memcpy(tempQ.l2_F6, Fs->l2_F6, _O2_BYTE * _O1 * _O2); - batch_trimat_madd(tempQ.l2_F6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 - - batch_matTr_madd(tempQ.l2_F3, Ts->t3, _O1, _O1_BYTE, _O2, tempQ.l2_F6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) - memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 -} - -// Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_ -#define calculate_F_from_Q_impl calculate_F_from_Q_ref -#define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { - calculate_F_from_Q_impl(Fs, Qs, Ts); -} - -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { - calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts); -} diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair_computation.h deleted file mode 100644 index 22bb2c08..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair_computation.h +++ /dev/null @@ -1,71 +0,0 @@ -#ifndef _RAINBOW_KEYPAIR_COMP_H_ -#define _RAINBOW_KEYPAIR_COMP_H_ -/// @file rainbow_keypair_computation.h -/// @brief Functions for calculating pk/sk while generating keys. -/// -/// Defining an internal structure of public key. -/// Functions for calculating pk/sk for key generation. -/// - -#include "rainbow_keypair.h" - -/// @brief The (internal use) public key for rainbow -/// -/// The (internal use) public key for rainbow. The public -/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9, -/// l2_Q1, .... , l2_Q9. -/// -typedef struct rainbow_extend_publickey { - unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; - unsigned char l1_Q2[_O1_BYTE * _V1 * _O1]; - unsigned char l1_Q3[_O1_BYTE * _V1 * _O2]; - unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)]; - unsigned char l1_Q6[_O1_BYTE * _O1 * _O2]; - unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)]; - - unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; - unsigned char l2_Q2[_O2_BYTE * _V1 * _O1]; - unsigned char l2_Q3[_O2_BYTE * _V1 * _O2]; - unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; - unsigned char l2_Q6[_O2_BYTE * _O1 * _O2]; - unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)]; -} ext_cpk_t; - -/// -/// @brief converting formats of public keys : from ext_cpk_t version to pk_t -/// -/// @param[out] pk - the classic public key. -/// @param[in] cpk - the internel public key. -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); -///////////////////////////////////////////////// - -/// -/// @brief Computing public key from secret key -/// -/// @param[out] Qs - the public key -/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 -/// @param[in] Ts - parts of the secret key: T1, T4, T3 -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); - - -/// -/// @brief Computing parts of the sk from parts of pk and sk -/// -/// @param[out] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 -/// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 -/// @param[in] Ts - parts of the sk: T1, T4, T3 -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); - -/// -/// @brief Computing parts of the pk from the secret key -/// -/// @param[out] Qs - parts of the pk: l1_Q3, l1_Q5, l2_Q6, l1_Q9, l2_Q9 -/// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 -/// @param[in] Ts - parts of the sk: T1, T4, T3 -/// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); - -#endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/sign.c b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/sign.c deleted file mode 100644 index 8e83a52c..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/sign.c +++ /dev/null @@ -1,76 +0,0 @@ -/// @file sign.c -/// @brief the implementations for functions in api.h -/// -/// - -#include "api.h" -#include "rainbow.h" -#include "rainbow_config.h" -#include "rainbow_keypair.h" -#include "randombytes.h" -#include "utils_hash.h" -#include -#include - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { - unsigned char sk_seed[LEN_SKSEED] = {0}; - randombytes(sk_seed, LEN_SKSEED); - - unsigned char pk_seed[LEN_PKSEED] = {0}; - randombytes(pk_seed, LEN_PKSEED); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic((cpk_t *)pk, (csk_t *)sk, pk_seed, sk_seed); - return 0; -} - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - - memcpy(sm, m, mlen); - smlen[0] = mlen + _SIGNATURE_BYTE; - - return PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(sm + mlen, (const csk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - int rc; - if (_SIGNATURE_BYTE > smlen) { - rc = -1; - } else { - *mlen = smlen - _SIGNATURE_BYTE; - - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); - - rc = PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); - } - if (!rc) { - memmove(m, sm, smlen - _SIGNATURE_BYTE); - } else { // bad signature - *mlen = (size_t) -1; - memset(m, 0, smlen); - } - return rc; -} - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - *siglen = _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(sig, (const csk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk) { - if (siglen != _SIGNATURE_BYTE) { - return -1; - } - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - return PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); -} diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_hash.h b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_hash.h deleted file mode 100644 index 0f034bfc..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_hash.h +++ /dev/null @@ -1,11 +0,0 @@ -#ifndef _UTILS_HASH_H_ -#define _UTILS_HASH_H_ -/// @file utils_hash.h -/// @brief the interface for adapting hash functions. -/// - -#include - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); - -#endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.c b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.c deleted file mode 100644 index c2c2ba78..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.c +++ /dev/null @@ -1,97 +0,0 @@ -/// @file utils_prng.c -/// @brief The implementation of PRNG related functions. -/// - -#include "utils_prng.h" -#include "aes.h" -#include "randombytes.h" -#include "utils_hash.h" -#include -#include - -static void prng_update(const unsigned char *provided_data, - unsigned char *Key, - unsigned char *V) { - unsigned char temp[48]; - aes256ctx ctx; - aes256_ecb_keyexp(&ctx, Key); - for (int i = 0; i < 3; i++) { - //increment V - for (int j = 15; j >= 0; j--) { - if (V[j] == 0xff) { - V[j] = 0x00; - } else { - V[j]++; - break; - } - } - aes256_ecb(temp + 16 * i, V, 1, &ctx); - } - if (provided_data != NULL) { - for (int i = 0; i < 48; i++) { - temp[i] ^= provided_data[i]; - } - } - aes256_ctx_release(&ctx); - memcpy(Key, temp, 32); - memcpy(V, temp + 32, 16); -} -static void randombytes_init_with_state(prng_t *state, - unsigned char *entropy_input_48bytes) { - memset(state->Key, 0x00, 32); - memset(state->V, 0x00, 16); - prng_update(entropy_input_48bytes, state->Key, state->V); -} - -static int randombytes_with_state(prng_t *state, - unsigned char *x, - size_t xlen) { - - unsigned char block[16]; - int i = 0; - - aes256ctx ctx; - aes256_ecb_keyexp(&ctx, state->Key); - - while (xlen > 0) { - //increment V - for (int j = 15; j >= 0; j--) { - if (state->V[j] == 0xff) { - state->V[j] = 0x00; - } else { - state->V[j]++; - break; - } - } - aes256_ecb(block, state->V, 1, &ctx); - if (xlen > 15) { - memcpy(x + i, block, 16); - i += 16; - xlen -= 16; - } else { - memcpy(x + i, block, xlen); - xlen = 0; - } - } - aes256_ctx_release(&ctx); - prng_update(NULL, state->Key, state->V); - return 0; -} - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { - unsigned char seed[48]; - if (prng_seedlen >= 48) { - memcpy(seed, prng_seed, 48); - } else { - memcpy(seed, prng_seed, prng_seedlen); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); - } - - randombytes_init_with_state(ctx, seed); - - return 0; -} - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { - return randombytes_with_state(ctx, out, outlen); -} diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.h b/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.h deleted file mode 100644 index 9e47af8a..00000000 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.h +++ /dev/null @@ -1,18 +0,0 @@ -#ifndef _UTILS_PRNG_H_ -#define _UTILS_PRNG_H_ -/// @file utils_prng.h -/// @brief the interface for adapting PRNG functions. -/// -/// - -#include "randombytes.h" - -typedef struct { - unsigned char Key[32]; - unsigned char V[16]; -} prng_t; - -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); - -#endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/META.yml b/crypto_sign/rainbowIIIc-cyclic/META.yml deleted file mode 100644 index a7b9a695..00000000 --- a/crypto_sign/rainbowIIIc-cyclic/META.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: "RAINBOW(256,68,36,36) - cyclic" -type: signature -claimed-nist-level: 3 -length-public-key: 206744 -length-secret-key: 511448 -length-signature: 156 -nistkat-sha256: 607fa94312778210c443431974087ce99357494ab16c8ad5a8418784b811223d -testvectors-sha256: 51559c38aefe636abd36094741be3b5f65de9e09cf9a5d37866b2e8d0eb58d22 -principal-submitters: - - Jintai Ding -auxiliary-submitters: - - Ming-Shing Chen - - Albrecht Petzoldt - - Dieter Schmidt - - Bo-Yin Yang -implementations: - - name: clean - version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/af826fcb78f6af51a02d0352cff28a9690467bfd diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/api.h b/crypto_sign/rainbowIIIc-cyclic/clean/api.h deleted file mode 100644 index cf8628c2..00000000 --- a/crypto_sign/rainbowIIIc-cyclic/clean/api.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_API_H -#define PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_API_H - -#include -#include - -#define PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_CRYPTO_SECRETKEYBYTES 511448 -#define PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_CRYPTO_PUBLICKEYBYTES 206744 -#define PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_CRYPTO_BYTES 156 -#define PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,36,36) - cyclic" - -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); - - -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk); - -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk); - -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, - const uint8_t *m, size_t mlen, - const uint8_t *sk); - -int PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, - const uint8_t *sm, size_t smlen, - const uint8_t *pk); - - -#endif diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/gf.h b/crypto_sign/rainbowIIIc-cyclic/clean/gf.h deleted file mode 100644 index cf90f323..00000000 --- a/crypto_sign/rainbowIIIc-cyclic/clean/gf.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _GF16_H_ -#define _GF16_H_ - -#include "rainbow_config.h" -#include - -/// @file gf16.h -/// @brief Library for arithmetics in GF(16) and GF(256) -/// - -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf16_mul(uint8_t a, uint8_t b); - - -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_is_nonzero(uint8_t a); -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_inv(uint8_t a); -uint8_t PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256_mul(uint8_t a, uint8_t b); - - -#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_blas.h b/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_blas.h deleted file mode 100644 index e897cdb3..00000000 --- a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_blas.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef _RAINBOW_BLAS_H_ -#define _RAINBOW_BLAS_H_ -/// @file rainbow_blas.h -/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h -/// -/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h - -#include "blas.h" -#include "blas_comm.h" -#include "parallel_matrix_op.h" -#include "rainbow_config.h" - - -#define gfv_get_ele PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_get_ele -#define gfv_mul_scalar PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_mul_scalar -#define gfv_madd PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256v_madd - -#define gfmat_prod PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_prod -#define gfmat_inv PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_gf256mat_inv - -#define batch_trimat_madd PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimat_madd_gf256 -#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_trimatTr_madd_gf256 -#define batch_2trimat_madd PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_2trimat_madd_gf256 -#define batch_matTr_madd PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_matTr_madd_gf256 -#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_bmatTr_madd_gf256 -#define batch_mat_madd PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_mat_madd_gf256 - -#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_trimat_eval_gf256 -#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_batch_quad_recmat_eval_gf256 - - -#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIa-classic/META.yml b/crypto_sign/rainbowIa-classic/META.yml deleted file mode 100644 index 3d1af1c6..00000000 --- a/crypto_sign/rainbowIa-classic/META.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: "RAINBOW(16,32,32,32) - classic" -type: signature -claimed-nist-level: 1 -length-public-key: 148992 -length-secret-key: 92960 -length-signature: 64 -nistkat-sha256: b75c6fcda2100e2f6f56e9b97c4cbdda4b533116ab217f24f12e08788eb37fd0 -testvectors-sha256: edc48db3f93a66c0aa497fbbdba0bad173e3ab9cd0e3f651004b3e94d2187b75 -principal-submitters: - - Jintai Ding -auxiliary-submitters: - - Ming-Shing Chen - - Albrecht Petzoldt - - Dieter Schmidt - - Bo-Yin Yang -implementations: - - name: clean - version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/af826fcb78f6af51a02d0352cff28a9690467bfd diff --git a/crypto_sign/rainbowIa-classic/clean/api.h b/crypto_sign/rainbowIa-classic/clean/api.h deleted file mode 100644 index f4447b75..00000000 --- a/crypto_sign/rainbowIa-classic/clean/api.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef PQCLEAN_RAINBOWIACLASSIC_CLEAN_API_H -#define PQCLEAN_RAINBOWIACLASSIC_CLEAN_API_H - -#include -#include - -#define PQCLEAN_RAINBOWIACLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 92960 -#define PQCLEAN_RAINBOWIACLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 148992 -#define PQCLEAN_RAINBOWIACLASSIC_CLEAN_CRYPTO_BYTES 64 -#define PQCLEAN_RAINBOWIACLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(16,32,32,32) - classic" - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); - - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk); - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk); - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, - const uint8_t *m, size_t mlen, - const uint8_t *sk); - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, - const uint8_t *sm, size_t smlen, - const uint8_t *pk); - - -#endif diff --git a/crypto_sign/rainbowIa-classic/clean/blas.c b/crypto_sign/rainbowIa-classic/clean/blas.c deleted file mode 100644 index 835ef68a..00000000 --- a/crypto_sign/rainbowIa-classic/clean/blas.c +++ /dev/null @@ -1,43 +0,0 @@ -#include "blas.h" -#include "gf.h" - -#include - -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { - uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= (a[i] & pr_u8); - } -} - -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= a[i]; - } -} - - -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte) { - uint8_t tmp; - for (size_t i = 0; i < _num_byte; i++) { - tmp = PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); - tmp |= (uint8_t) (PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); - a[i] = tmp; - } -} - -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_c[i] ^= PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); - accu_c[i] ^= (uint8_t) (PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); - } -} - -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte) { - uint8_t r = 0; - for (size_t i = 0; i < _num_byte; i++) { - r ^= PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_mul(a[i], b[i]); - } - return r; -} - diff --git a/crypto_sign/rainbowIa-classic/clean/blas.h b/crypto_sign/rainbowIa-classic/clean/blas.h deleted file mode 100644 index 11970b64..00000000 --- a/crypto_sign/rainbowIa-classic/clean/blas.h +++ /dev/null @@ -1,20 +0,0 @@ -#ifndef _BLAS_H_ -#define _BLAS_H_ -/// @file blas.h -/// @brief Functions for implementing basic linear algebra functions. -/// - -#include "rainbow_config.h" -#include -#include - -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); - - -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte); -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte); -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte); - - -#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowIa-classic/clean/gf.h b/crypto_sign/rainbowIa-classic/clean/gf.h deleted file mode 100644 index f9c98a8e..00000000 --- a/crypto_sign/rainbowIa-classic/clean/gf.h +++ /dev/null @@ -1,18 +0,0 @@ -#ifndef _GF16_H_ -#define _GF16_H_ - -#include "rainbow_config.h" -#include - -/// @file gf16.h -/// @brief Library for arithmetics in GF(16) and GF(256) -/// - -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b); - - -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_is_nonzero(uint8_t a); -uint8_t PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16_inv(uint8_t a); - - -#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIa-classic/clean/rainbow_blas.h b/crypto_sign/rainbowIa-classic/clean/rainbow_blas.h deleted file mode 100644 index 20af8f16..00000000 --- a/crypto_sign/rainbowIa-classic/clean/rainbow_blas.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef _RAINBOW_BLAS_H_ -#define _RAINBOW_BLAS_H_ -/// @file rainbow_blas.h -/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h -/// -/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h - -#include "blas.h" -#include "blas_comm.h" -#include "parallel_matrix_op.h" -#include "rainbow_config.h" - - -#define gfv_get_ele PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_get_ele -#define gfv_mul_scalar PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_mul_scalar -#define gfv_madd PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16v_madd - -#define gfmat_prod PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_prod -#define gfmat_inv PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf16mat_inv - -#define batch_trimat_madd PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimat_madd_gf16 -#define batch_trimatTr_madd PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimatTr_madd_gf16 -#define batch_2trimat_madd PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_2trimat_madd_gf16 -#define batch_matTr_madd PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_matTr_madd_gf16 -#define batch_bmatTr_madd PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_bmatTr_madd_gf16 -#define batch_mat_madd PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_mat_madd_gf16 - -#define batch_quad_trimat_eval PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_trimat_eval_gf16 -#define batch_quad_recmat_eval PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_recmat_eval_gf16 - - -#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIa-classic/clean/rainbow_keypair.c b/crypto_sign/rainbowIa-classic/clean/rainbow_keypair.c deleted file mode 100644 index c7b395fc..00000000 --- a/crypto_sign/rainbowIa-classic/clean/rainbow_keypair.c +++ /dev/null @@ -1,126 +0,0 @@ -/// @file rainbow_keypair.c -/// @brief implementations of functions in rainbow_keypair.h -/// - -#include "rainbow_keypair.h" -#include "blas.h" -#include "blas_comm.h" -#include "rainbow_blas.h" -#include "rainbow_keypair_computation.h" -#include "utils_prng.h" -#include -#include -#include - -static void generate_S_T(unsigned char *s_and_t, prng_t *prng0) { - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // S1 - s_and_t += _O1_BYTE * _O2; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O1); // T1 - s_and_t += _V1_BYTE * _O1; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O2); // T2 - s_and_t += _V1_BYTE * _O2; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // T3 -} - -static unsigned int generate_l1_F12(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); // l1_F1 - sk += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * _V1 * _O1); // l1_F2 - n_byte_generated += _O1_BYTE * _V1 * _O1; - return n_byte_generated; -} - -static unsigned int generate_l2_F12356(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // l2_F1 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O1); // l2_F2 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O2); // l2_F3 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // l2_F5 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _O1 * _O2); // l2_F6 - n_byte_generated += _O2_BYTE * _O1 * _O2; - - return n_byte_generated; -} - -static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { - sk += generate_l1_F12(sk, prng0); - generate_l2_F12356(sk, prng0); -} - -static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) { - // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2 - unsigned char temp[_V1_BYTE + 32]; - unsigned char *t4 = t2_to_t4; - for (unsigned int i = 0; i < _O2; i++) { /// t3 width - gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE); - t4 += _V1_BYTE; - t3 += _O1_BYTE; - } -} - -static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) { - unsigned char temp[_O1_BYTE + 32]; - while (n_terms--) { - gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); - l1_polys += _O1_BYTE; - l2_polys += _O2_BYTE; - } -} - -/////////////////// Classic ////////////////////////////////// - -static void _generate_secretkey(sk_t *sk, const unsigned char *sk_seed) { - memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); - - // set up prng - prng_t prng0; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); - - // generating secret key with prng. - generate_S_T(sk->s1, &prng0); - generate_B1_B2(sk->l1_F1, &prng0); - - // clean prng - memset(&prng0, 0, sizeof(prng_t)); -} - -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) { - _generate_secretkey(sk, sk_seed); - - // set up a temporary structure ext_cpk_t for calculating public key. - ext_cpk_t pk; - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format. - calculate_t4(sk->t4, sk->t1, sk->t3); - - obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1); - obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1); - obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1); - obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1); - obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1); - obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1); - // so far, the pk contains the full pk but in ext_cpk_t format. - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t. -} - - - diff --git a/crypto_sign/rainbowIa-classic/clean/sign.c b/crypto_sign/rainbowIa-classic/clean/sign.c deleted file mode 100644 index ad0647a9..00000000 --- a/crypto_sign/rainbowIa-classic/clean/sign.c +++ /dev/null @@ -1,74 +0,0 @@ -/// @file sign.c -/// @brief the implementations for functions in api.h -/// -/// - -#include "api.h" -#include "rainbow.h" -#include "rainbow_config.h" -#include "rainbow_keypair.h" -#include "randombytes.h" -#include "utils_hash.h" -#include -#include - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { - unsigned char sk_seed[LEN_SKSEED] = {0}; - randombytes(sk_seed, LEN_SKSEED); - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed); - return 0; -} - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - - memcpy(sm, m, mlen); - smlen[0] = mlen + _SIGNATURE_BYTE; - - return PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - int rc; - if (_SIGNATURE_BYTE > smlen) { - rc = -1; - } else { - *mlen = smlen - _SIGNATURE_BYTE; - - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); - - rc = PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk); - } - if (!rc) { - memmove(m, sm, smlen - _SIGNATURE_BYTE); - } else { // bad signature - *mlen = (size_t) -1; - memset(m, 0, smlen); - } - return rc; -} - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - *siglen = _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk) { - if (siglen != _SIGNATURE_BYTE) { - return -1; - } - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - return PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk); -} diff --git a/crypto_sign/rainbowIa-cyclic-compressed/META.yml b/crypto_sign/rainbowIa-cyclic-compressed/META.yml deleted file mode 100644 index ee83ad61..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/META.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: "RAINBOW(16,32,32,32) - cyclic compressed" -type: signature -claimed-nist-level: 1 -length-public-key: 58144 -length-secret-key: 64 -length-signature: 64 -nistkat-sha256: 65bb9e9b68b3114105e86d1107ede320901e174770ff8474722b4f459c3f2a51 -testvectors-sha256: 79d0bfaee00d058aa39981397016279738925f65bfec1aebb42372030abc4056 -principal-submitters: - - Jintai Ding -auxiliary-submitters: - - Ming-Shing Chen - - Albrecht Petzoldt - - Dieter Schmidt - - Bo-Yin Yang -implementations: - - name: clean - version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/af826fcb78f6af51a02d0352cff28a9690467bfd diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/Makefile b/crypto_sign/rainbowIa-cyclic-compressed/clean/Makefile deleted file mode 100644 index afe0bf76..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# This Makefile can be used with GNU Make or BSD Make - -LIB=librainbowIa-cyclic-compressed_clean.a - -HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h -OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o - - -CFLAGS=-O3 -Wall -Wconversion -Wextra -Wpedantic -Wvla -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS) - -all: $(LIB) - -%.o: %.c $(HEADERS) - $(CC) $(CFLAGS) -c -o $@ $< - -$(LIB): $(OBJECTS) - $(AR) -r $@ $(OBJECTS) - -clean: - $(RM) $(OBJECTS) - $(RM) $(LIB) diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowIa-cyclic-compressed/clean/Makefile.Microsoft_nmake deleted file mode 100644 index de075c55..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/Makefile.Microsoft_nmake +++ /dev/null @@ -1,19 +0,0 @@ -# This Makefile can be used with Microsoft Visual Studio's nmake using the command: -# nmake /f Makefile.Microsoft_nmake - -LIBRARY=librainbowIa-cyclic-compressed_clean.lib -OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj - -CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX - -all: $(LIBRARY) - -# Make sure objects are recompiled if headers change. -$(OBJECTS): *.h - -$(LIBRARY): $(OBJECTS) - LIB.EXE /NOLOGO /WX /OUT:$@ $** - -clean: - -DEL $(OBJECTS) - -DEL $(LIBRARY) diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/api.h b/crypto_sign/rainbowIa-cyclic-compressed/clean/api.h deleted file mode 100644 index 6d2f6c21..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/api.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_API_H -#define PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_API_H - -#include -#include - -#define PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_CRYPTO_SECRETKEYBYTES 64 -#define PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_CRYPTO_PUBLICKEYBYTES 58144 -#define PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_CRYPTO_BYTES 64 -#define PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_CRYPTO_ALGNAME "RAINBOW(16,32,32,32) - cyclic compressed" - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); - - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk); - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk); - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, - const uint8_t *m, size_t mlen, - const uint8_t *sk); - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, - const uint8_t *sm, size_t smlen, - const uint8_t *pk); - - -#endif diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/blas.c b/crypto_sign/rainbowIa-cyclic-compressed/clean/blas.c deleted file mode 100644 index 4acac4e7..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/blas.c +++ /dev/null @@ -1,43 +0,0 @@ -#include "blas.h" -#include "gf.h" - -#include - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { - uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= (a[i] & pr_u8); - } -} - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= a[i]; - } -} - - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte) { - uint8_t tmp; - for (size_t i = 0; i < _num_byte; i++) { - tmp = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); - tmp |= (uint8_t) (PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); - a[i] = tmp; - } -} - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_c[i] ^= PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_mul(a[i] & 0xF, gf16_b); - accu_c[i] ^= (uint8_t) (PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4); - } -} - -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte) { - uint8_t r = 0; - for (size_t i = 0; i < _num_byte; i++) { - r ^= PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_mul(a[i], b[i]); - } - return r; -} - diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/blas.h b/crypto_sign/rainbowIa-cyclic-compressed/clean/blas.h deleted file mode 100644 index b2d36f3a..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/blas.h +++ /dev/null @@ -1,20 +0,0 @@ -#ifndef _BLAS_H_ -#define _BLAS_H_ -/// @file blas.h -/// @brief Functions for implementing basic linear algebra functions. -/// - -#include "rainbow_config.h" -#include -#include - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); - - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte); -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte); -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte); - - -#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/gf.h b/crypto_sign/rainbowIa-cyclic-compressed/clean/gf.h deleted file mode 100644 index 5c300082..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/gf.h +++ /dev/null @@ -1,18 +0,0 @@ -#ifndef _GF16_H_ -#define _GF16_H_ - -#include "rainbow_config.h" -#include - -/// @file gf16.h -/// @brief Library for arithmetics in GF(16) and GF(256) -/// - -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b); - - -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_is_nonzero(uint8_t a); -uint8_t PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16_inv(uint8_t a); - - -#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/parallel_matrix_op.h b/crypto_sign/rainbowIa-cyclic-compressed/clean/parallel_matrix_op.h deleted file mode 100644 index 00c40ed7..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/parallel_matrix_op.h +++ /dev/null @@ -1,260 +0,0 @@ -#ifndef _P_MATRIX_OP_H_ -#define _P_MATRIX_OP_H_ -/// @file parallel_matrix_op.h -/// @brief Librarys for operations of batched matrixes. -/// -/// - -//////////////// Section: triangle matrix <-> rectangle matrix /////////////////////////////////// - -/// -/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. -/// -/// @param[in] i_row - the i-th row in an upper-triangle matrix. -/// @param[in] j_col - the j-th column in an upper-triangle matrix. -/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. -/// @return the corresponding index in an array storage. -/// -unsigned int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); - -/// -/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. -/// -/// @param[out] btriC - the batched upper-trianglized matrix C. -/// @param[in] bA - a batched retangle matrix A. -/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); - -//////////////////// Section: matrix multiplications /////////////////////////////// - -/// -/// @brief bC += btriA * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += btriA * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += btriA^Tr * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += btriA^Tr * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += (btriA + btriA^Tr) *B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += (btriA + btriA^Tr) *B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += A^Tr * bB , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. -/// @param[in] Aheight - the height of A. -/// @param[in] size_Acolvec - the size of a column vector in A. -/// @param[in] Awidth - the width of A. -/// @param[in] bB - a batched matrix B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, - const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, - const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += A^Tr * bB , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. -/// @param[in] Aheight - the height of A. -/// @param[in] size_Acolvec - the size of a column vector in A. -/// @param[in] Awidth - the width of A. -/// @param[in] bB - a batched matrix B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, - const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, - const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA^Tr * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). -/// @param[in] Awidth_befor_tr - the width of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA^Tr * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). -/// @param[in] Awidth_befor_tr - the width of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA - a batched matrix A. -/// @param[in] Aheigh - the height of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA - a batched matrix A. -/// @param[in] Aheigh - the height of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -//////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// - -/// -/// @brief y = x^Tr * trimat * x , in GF(16) -/// -/// @param[out] y - the returned batched element y. -/// @param[in] trimat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim - the dimension of matrix trimat (and x). -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); - -/// -/// @brief y = x^Tr * trimat * x , in GF(256) -/// -/// @param[out] y - the returned batched element y. -/// @param[in] trimat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim - the dimension of matrix trimat (and x). -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); - -/// -/// @brief z = y^Tr * mat * x , in GF(16) -/// -/// @param[out] z - the returned batched element z. -/// @param[in] y - an input vector y. -/// @param[in] dim_y - the length of y. -/// @param[in] mat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim_x - the length of x. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, - const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); - -/// -/// @brief z = y^Tr * mat * x , in GF(256) -/// -/// @param[out] z - the returned batched element z. -/// @param[in] y - an input vector y. -/// @param[in] dim_y - the length of y. -/// @param[in] mat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim_x - the length of x. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, - const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); - -#endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow.c b/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow.c deleted file mode 100644 index c25cabac..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow.c +++ /dev/null @@ -1,179 +0,0 @@ -/// @file rainbow.c -/// @brief The standard implementations for functions in rainbow.h -/// - -#include "blas.h" -#include "parallel_matrix_op.h" -#include "rainbow.h" -#include "rainbow_blas.h" -#include "rainbow_config.h" -#include "rainbow_keypair.h" -#include "utils_hash.h" -#include "utils_prng.h" -#include -#include -#include - -#define MAX_ATTEMPT_FRMAT 128 - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { - uint8_t mat_l1[_O1 * _O1_BYTE]; - uint8_t mat_l2[_O2 * _O2_BYTE]; - uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; - - // setup PRNG - prng_t prng_sign; - uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN]; - memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); - memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest - uint8_t prng_seed[_HASH_LEN]; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) - for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { - prng_preseed[i] ^= prng_preseed[i]; // clean - } - for (unsigned int i = 0; i < _HASH_LEN; i++) { - prng_seed[i] ^= prng_seed[i]; // clean - } - - // roll vinegars. - uint8_t vinegar[_V1_BYTE]; - unsigned int n_attempt = 0; - unsigned int l1_succ = 0; - while (!l1_succ) { - if (MAX_ATTEMPT_FRMAT <= n_attempt) { - break; - } - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars - gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 - l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable - n_attempt++; - } - - // Given the vinegars, pre-compute variables needed for layer 2 - uint8_t r_l1_F1[_O1_BYTE] = {0}; - uint8_t r_l2_F1[_O2_BYTE] = {0}; - batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE); - batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE); - uint8_t mat_l2_F3[_O2 * _O2_BYTE]; - uint8_t mat_l2_F2[_O1 * _O2_BYTE]; - gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar); - gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar); - - // Some local variables. - uint8_t _z[_PUB_M_BYTE]; - uint8_t y[_PUB_M_BYTE]; - uint8_t *x_v1 = vinegar; - uint8_t x_o1[_O1_BYTE]; - uint8_t x_o2[_O1_BYTE]; - - uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; - memcpy(digest_salt, _digest, _HASH_LEN); - uint8_t *salt = digest_salt + _HASH_LEN; - - uint8_t temp_o[_MAX_O_BYTE + 32] = {0}; - unsigned int succ = 0; - while (!succ) { - if (MAX_ATTEMPT_FRMAT <= n_attempt) { - break; - } - // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w - - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) - - // y = S^-1 * z - memcpy(y, _z, _PUB_M_BYTE); // identity part of S - gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); - - // Central Map: - // layer 1: calculate x_o1 - memcpy(temp_o, r_l1_F1, _O1_BYTE); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); - gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); - - // layer 2: calculate x_o2 - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); - gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 - batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); - - // generate the linear equations of the 2nd layer - gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 - succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); - gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs - - n_attempt++; - }; - // w = T^-1 * y - uint8_t w[_PUB_N_BYTE]; - // identity part of T. - memcpy(w, x_v1, _V1_BYTE); - memcpy(w + _V1_BYTE, x_o1, _O1_BYTE); - memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); - // Computing the t1 part. - gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); - // Computing the t4 part. - gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); - // Computing the t3 part. - gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); - - memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 - // clean - memset(&prng_sign, 0, sizeof(prng_t)); - memset(vinegar, 0, _V1_BYTE); - memset(r_l1_F1, 0, _O1_BYTE); - memset(r_l2_F1, 0, _O2_BYTE); - memset(_z, 0, _PUB_M_BYTE); - memset(y, 0, _PUB_M_BYTE); - memset(x_o1, 0, _O1_BYTE); - memset(x_o2, 0, _O2_BYTE); - memset(temp_o, 0, sizeof(temp_o)); - - // return: copy w and salt to the signature. - if (MAX_ATTEMPT_FRMAT <= n_attempt) { - return -1; - } - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); - return 0; -} - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { - unsigned char digest_ck[_PUB_M_BYTE]; - // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. - batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); - - unsigned char correct[_PUB_M_BYTE]; - unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; - memcpy(digest_salt, digest, _HASH_LEN); - memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) - - // check consistancy. - unsigned char cc = 0; - for (unsigned int i = 0; i < _PUB_M_BYTE; i++) { - cc |= (digest_ck[i] ^ correct[i]); - } - return (0 == cc) ? 0 : -1; -} - -/////////////// cyclic version /////////////////////////// -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *csk, const uint8_t *digest) { - unsigned char sk[sizeof(sk_t) + 32]; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic((sk_t *)sk, csk->pk_seed, csk->sk_seed); // generating classic secret key. - return PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_sign(signature, (sk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { - unsigned char pk[sizeof(pk_t) + 32]; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. - return PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); -} diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_blas.h b/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_blas.h deleted file mode 100644 index 2c3aee20..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_blas.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef _RAINBOW_BLAS_H_ -#define _RAINBOW_BLAS_H_ -/// @file rainbow_blas.h -/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h -/// -/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h - -#include "blas.h" -#include "blas_comm.h" -#include "parallel_matrix_op.h" -#include "rainbow_config.h" - - -#define gfv_get_ele PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_get_ele -#define gfv_mul_scalar PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_mul_scalar -#define gfv_madd PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16v_madd - -#define gfmat_prod PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_prod -#define gfmat_inv PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_gf16mat_inv - -#define batch_trimat_madd PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf16 -#define batch_trimatTr_madd PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf16 -#define batch_2trimat_madd PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf16 -#define batch_matTr_madd PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf16 -#define batch_bmatTr_madd PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf16 -#define batch_mat_madd PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf16 - -#define batch_quad_trimat_eval PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16 -#define batch_quad_recmat_eval PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16 - - -#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair_computation.c deleted file mode 100644 index ab7756b3..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair_computation.c +++ /dev/null @@ -1,213 +0,0 @@ -/// @file rainbow_keypair_computation.c -/// @brief Implementations for functions in rainbow_keypair_computation.h -/// - -#include "rainbow_keypair_computation.h" -#include "blas.h" -#include "blas_comm.h" -#include "rainbow_blas.h" -#include "rainbow_keypair.h" -#include -#include -#include - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { - const unsigned char *idx_l1 = cpk->l1_Q1; - const unsigned char *idx_l2 = cpk->l2_Q1; - for (unsigned int i = 0; i < _V1; i++) { - for (unsigned int j = i; j < _V1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q2; - idx_l2 = cpk->l2_Q2; - for (unsigned int i = 0; i < _V1; i++) { - for (unsigned int j = _V1; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q3; - idx_l2 = cpk->l2_Q3; - for (unsigned int i = 0; i < _V1; i++) { - for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q5; - idx_l2 = cpk->l2_Q5; - for (unsigned int i = _V1; i < _V1 + _O1; i++) { - for (unsigned int j = i; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q6; - idx_l2 = cpk->l2_Q6; - for (unsigned int i = _V1; i < _V1 + _O1; i++) { - for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } - idx_l1 = cpk->l1_Q9; - idx_l2 = cpk->l2_Q9; - for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { - for (unsigned int j = i; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); - memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); - memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); - idx_l1 += _O1_BYTE; - idx_l2 += _O2_BYTE; - } - } -} - -static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { - // Layer 1 - // F_sk.l1_F1s[i] = Q_pk.l1_F1s[i] - memcpy(Fs->l1_F1, Qs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); - - // F_sk.l1_F2s[i] = ( Q_pk.l1_F1s[i] + Q_pk.l1_F1s[i].transpose() ) * T_sk.t1 + Q_pk.l1_F2s[i] - memcpy(Fs->l1_F2, Qs->l1_F2, _O1_BYTE * _V1 * _O1); - batch_2trimat_madd(Fs->l1_F2, Qs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); - - /* - Layer 2 - computations: - - F_sk.l2_F1s[i] = Q_pk.l2_F1s[i] - - Q1_T1 = Q_pk.l2_F1s[i]*T_sk.t1 - F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1 - F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i] - - Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4 - #Q1_Q1T_T4 = Q1_Q1T * t4 - Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3 - F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] - F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) - + Q_pk.l2_F2s[i].transpose() * t4 - + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i] - - */ - memcpy(Fs->l2_F1, Qs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // F_sk.l2_F1s[i] = Q_pk.l2_F1s[i] - - // F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1 - // F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i] - memcpy(Fs->l2_F2, Qs->l2_F2, _O2_BYTE * _V1 * _O1); - batch_trimat_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q1_T1+ Q2 - - unsigned char tempQ[_O1 * _O1 * _O2_BYTE + 32]; - memset(tempQ, 0, _O1 * _O1 * _O2_BYTE); - batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2) - memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5 - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) - - batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1 - - // Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4 - // Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3 - // F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] - memcpy(Fs->l2_F3, Qs->l2_F3, _V1 * _O2 * _O2_BYTE); - batch_2trimat_madd(Fs->l2_F3, Qs->l2_F1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); // Q1_Q1T_T4 - batch_mat_madd(Fs->l2_F3, Qs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // Q2_T3 - - // F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) - // + Q_pk.l2_F2s[i].transpose() * t4 - // + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i] - memcpy(Fs->l2_F6, Qs->l2_F6, _O1 * _O2 * _O2_BYTE); - batch_matTr_madd(Fs->l2_F6, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F3, _O2, _O2_BYTE); // t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) - batch_2trimat_madd(Fs->l2_F6, Qs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 - batch_bmatTr_madd(Fs->l2_F6, Qs->l2_F2, _O1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); -} - -static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { - // Layer 1: Computing Q5, Q3, Q6, Q9 - - // Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) ) - const unsigned char *t2 = Ts->t4; - sk_t tempQ; - memcpy(tempQ.l1_F2, Fs->l1_F2, _O1_BYTE * _V1 * _O1); - batch_trimat_madd(tempQ.l1_F2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2 - memset(tempQ.l2_F1, 0, sizeof(tempQ.l2_F1)); - memset(tempQ.l2_F2, 0, sizeof(tempQ.l2_F2)); - batch_matTr_madd(tempQ.l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, tempQ.l1_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) - memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1)); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 - - /* - F1_T2 = F1 * t2 - F2_T3 = F2 * t3 - F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2 - Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3 - Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2 - Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) ) - */ - memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2); - memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2); - memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2)); - - batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2 - batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F2_T3 - - memset(tempQ.l1_F2, 0, _O1_BYTE * _V1 * _O2); // should be F3. assuming: _O1 >= _O2 - batch_matTr_madd(tempQ.l1_F2, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 - - batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 - - batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2 - batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6 - /* - Layer 2 - Computing Q9: - - F1_T2 = F1 * t2 - F2_T3 = F2 * t3 - Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) ) - */ - sk_t tempQ2; - memcpy(tempQ2.l2_F3, Fs->l2_F3, _O2_BYTE * _V1 * _O2); /// F3 actually. - batch_trimat_madd(tempQ2.l2_F3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3 - batch_mat_madd(tempQ2.l2_F3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3 + F3 - - memset(tempQ.l2_F3, 0, _O2_BYTE * _V1 * _O2); - batch_matTr_madd(tempQ.l2_F3, t2, _V1, _V1_BYTE, _O2, tempQ2.l2_F3, _O2, _O2_BYTE); // T2tr * ( ..... ) - - memcpy(tempQ.l2_F6, Fs->l2_F6, _O2_BYTE * _O1 * _O2); - batch_trimat_madd(tempQ.l2_F6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 - - batch_matTr_madd(tempQ.l2_F3, Ts->t3, _O1, _O1_BYTE, _O2, tempQ.l2_F6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) - memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 -} - -// Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_ -#define calculate_F_from_Q_impl calculate_F_from_Q_ref -#define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { - calculate_F_from_Q_impl(Fs, Qs, Ts); -} - -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { - calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts); -} diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/sign.c b/crypto_sign/rainbowIa-cyclic-compressed/clean/sign.c deleted file mode 100644 index 3dc5694f..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/sign.c +++ /dev/null @@ -1,76 +0,0 @@ -/// @file sign.c -/// @brief the implementations for functions in api.h -/// -/// - -#include "api.h" -#include "rainbow.h" -#include "rainbow_config.h" -#include "rainbow_keypair.h" -#include "randombytes.h" -#include "utils_hash.h" -#include -#include - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { - unsigned char sk_seed[LEN_SKSEED] = {0}; - randombytes(sk_seed, LEN_SKSEED); - - unsigned char pk_seed[LEN_PKSEED] = {0}; - randombytes(pk_seed, LEN_PKSEED); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic((cpk_t *)pk, (csk_t *)sk, pk_seed, sk_seed); - return 0; -} - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - - memcpy(sm, m, mlen); - smlen[0] = mlen + _SIGNATURE_BYTE; - - return PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(sm + mlen, (const csk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - int rc; - if (_SIGNATURE_BYTE > smlen) { - rc = -1; - } else { - *mlen = smlen - _SIGNATURE_BYTE; - - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); - - rc = PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); - } - if (!rc) { - memmove(m, sm, smlen - _SIGNATURE_BYTE); - } else { // bad signature - *mlen = (size_t) -1; - memset(m, 0, smlen); - } - return rc; -} - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - *siglen = _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(sig, (const csk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk) { - if (siglen != _SIGNATURE_BYTE) { - return -1; - } - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - return PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); -} diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_hash.h b/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_hash.h deleted file mode 100644 index 2e7fde28..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_hash.h +++ /dev/null @@ -1,11 +0,0 @@ -#ifndef _UTILS_HASH_H_ -#define _UTILS_HASH_H_ -/// @file utils_hash.h -/// @brief the interface for adapting hash functions. -/// - -#include - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); - -#endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.c b/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.c deleted file mode 100644 index 8dbeef90..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.c +++ /dev/null @@ -1,97 +0,0 @@ -/// @file utils_prng.c -/// @brief The implementation of PRNG related functions. -/// - -#include "utils_prng.h" -#include "aes.h" -#include "randombytes.h" -#include "utils_hash.h" -#include -#include - -static void prng_update(const unsigned char *provided_data, - unsigned char *Key, - unsigned char *V) { - unsigned char temp[48]; - aes256ctx ctx; - aes256_ecb_keyexp(&ctx, Key); - for (int i = 0; i < 3; i++) { - //increment V - for (int j = 15; j >= 0; j--) { - if (V[j] == 0xff) { - V[j] = 0x00; - } else { - V[j]++; - break; - } - } - aes256_ecb(temp + 16 * i, V, 1, &ctx); - } - if (provided_data != NULL) { - for (int i = 0; i < 48; i++) { - temp[i] ^= provided_data[i]; - } - } - aes256_ctx_release(&ctx); - memcpy(Key, temp, 32); - memcpy(V, temp + 32, 16); -} -static void randombytes_init_with_state(prng_t *state, - unsigned char *entropy_input_48bytes) { - memset(state->Key, 0x00, 32); - memset(state->V, 0x00, 16); - prng_update(entropy_input_48bytes, state->Key, state->V); -} - -static int randombytes_with_state(prng_t *state, - unsigned char *x, - size_t xlen) { - - unsigned char block[16]; - int i = 0; - - aes256ctx ctx; - aes256_ecb_keyexp(&ctx, state->Key); - - while (xlen > 0) { - //increment V - for (int j = 15; j >= 0; j--) { - if (state->V[j] == 0xff) { - state->V[j] = 0x00; - } else { - state->V[j]++; - break; - } - } - aes256_ecb(block, state->V, 1, &ctx); - if (xlen > 15) { - memcpy(x + i, block, 16); - i += 16; - xlen -= 16; - } else { - memcpy(x + i, block, xlen); - xlen = 0; - } - } - aes256_ctx_release(&ctx); - prng_update(NULL, state->Key, state->V); - return 0; -} - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { - unsigned char seed[48]; - if (prng_seedlen >= 48) { - memcpy(seed, prng_seed, 48); - } else { - memcpy(seed, prng_seed, prng_seedlen); - PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); - } - - randombytes_init_with_state(ctx, seed); - - return 0; -} - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { - return randombytes_with_state(ctx, out, outlen); -} diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.h b/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.h deleted file mode 100644 index ab9ea9ea..00000000 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.h +++ /dev/null @@ -1,18 +0,0 @@ -#ifndef _UTILS_PRNG_H_ -#define _UTILS_PRNG_H_ -/// @file utils_prng.h -/// @brief the interface for adapting PRNG functions. -/// -/// - -#include "randombytes.h" - -typedef struct { - unsigned char Key[32]; - unsigned char V[16]; -} prng_t; - -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); -int PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); - -#endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowIa-cyclic/META.yml b/crypto_sign/rainbowIa-cyclic/META.yml deleted file mode 100644 index 4df585b5..00000000 --- a/crypto_sign/rainbowIa-cyclic/META.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: "RAINBOW(16,32,32,32) - cyclic" -type: signature -claimed-nist-level: 1 -length-public-key: 58144 -length-secret-key: 92960 -length-signature: 64 -nistkat-sha256: 16f53bf0966b433451ae26e47f09f2dc8ea42db6a5c58fff1a2e7954f94dac0a -testvectors-sha256: b7341bd862a8f683339e03cf236b885804854d9e0479cb53955761864ecc18bf -principal-submitters: - - Jintai Ding -auxiliary-submitters: - - Ming-Shing Chen - - Albrecht Petzoldt - - Dieter Schmidt - - Bo-Yin Yang -implementations: - - name: clean - version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/af826fcb78f6af51a02d0352cff28a9690467bfd diff --git a/crypto_sign/rainbowIa-cyclic/clean/api.h b/crypto_sign/rainbowIa-cyclic/clean/api.h deleted file mode 100644 index a37bb952..00000000 --- a/crypto_sign/rainbowIa-cyclic/clean/api.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef PQCLEAN_RAINBOWIACYCLIC_CLEAN_API_H -#define PQCLEAN_RAINBOWIACYCLIC_CLEAN_API_H - -#include -#include - -#define PQCLEAN_RAINBOWIACYCLIC_CLEAN_CRYPTO_SECRETKEYBYTES 92960 -#define PQCLEAN_RAINBOWIACYCLIC_CLEAN_CRYPTO_PUBLICKEYBYTES 58144 -#define PQCLEAN_RAINBOWIACYCLIC_CLEAN_CRYPTO_BYTES 64 -#define PQCLEAN_RAINBOWIACYCLIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(16,32,32,32) - cyclic" - -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); - - -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk); - -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk); - -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, - const uint8_t *m, size_t mlen, - const uint8_t *sk); - -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, - const uint8_t *sm, size_t smlen, - const uint8_t *pk); - - -#endif diff --git a/crypto_sign/rainbowIa-cyclic/clean/rainbow_blas.h b/crypto_sign/rainbowIa-cyclic/clean/rainbow_blas.h deleted file mode 100644 index a78caf54..00000000 --- a/crypto_sign/rainbowIa-cyclic/clean/rainbow_blas.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef _RAINBOW_BLAS_H_ -#define _RAINBOW_BLAS_H_ -/// @file rainbow_blas.h -/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h -/// -/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h - -#include "blas.h" -#include "blas_comm.h" -#include "parallel_matrix_op.h" -#include "rainbow_config.h" - - -#define gfv_get_ele PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_get_ele -#define gfv_mul_scalar PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_mul_scalar -#define gfv_madd PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16v_madd - -#define gfmat_prod PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_prod -#define gfmat_inv PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf16mat_inv - -#define batch_trimat_madd PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimat_madd_gf16 -#define batch_trimatTr_madd PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_trimatTr_madd_gf16 -#define batch_2trimat_madd PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_2trimat_madd_gf16 -#define batch_matTr_madd PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_matTr_madd_gf16 -#define batch_bmatTr_madd PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_bmatTr_madd_gf16 -#define batch_mat_madd PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_mat_madd_gf16 - -#define batch_quad_trimat_eval PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_trimat_eval_gf16 -#define batch_quad_recmat_eval PQCLEAN_RAINBOWIACYCLIC_CLEAN_batch_quad_recmat_eval_gf16 - - -#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowV-circumzenithal/META.yml b/crypto_sign/rainbowV-circumzenithal/META.yml new file mode 100644 index 00000000..d3b8f7e9 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/META.yml @@ -0,0 +1,20 @@ +name: "RAINBOW(256,96,36,64) - circumzenithal" +type: signature +claimed-nist-level: 5 +length-public-key: 536136 +length-secret-key: 1408736 +length-signature: 212 +nistkat-sha256: fba7a186c7f809da0d7ee0dcbc64d2573d824b44e539539b30c7ef1a36911760 +testvectors-sha256: 917d50fa2bd37eacbc977a877bc50b5f3dcbed7c5d9e7baf02bde13f25b0fbc7 +principal-submitters: + - Jintai Ding +auxiliary-submitters: + - Ming-Shing Chen + - Matthias Kannwischer + - Jacques Patarin + - Albrecht Petzoldt + - Dieter Schmidt + - Bo-Yin Yang +implementations: + - name: clean + version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263 diff --git a/crypto_sign/rainbowVc-classic/clean/LICENSE b/crypto_sign/rainbowV-circumzenithal/clean/LICENSE similarity index 100% rename from crypto_sign/rainbowVc-classic/clean/LICENSE rename to crypto_sign/rainbowV-circumzenithal/clean/LICENSE diff --git a/crypto_sign/rainbowV-circumzenithal/clean/Makefile b/crypto_sign/rainbowV-circumzenithal/clean/Makefile new file mode 100644 index 00000000..8dd614ad --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/Makefile @@ -0,0 +1,21 @@ +# This Makefile can be used with GNU Make or BSD Make + +LIB=librainbowV-circumzenithal_clean.a + +HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h +OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o + + +CFLAGS=-O3 -Wall -Wconversion -Wextra -Wpedantic -Wvla -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS) + +all: $(LIB) + +%.o: %.c $(HEADERS) + $(CC) $(CFLAGS) -c -o $@ $< + +$(LIB): $(OBJECTS) + $(AR) -r $@ $(OBJECTS) + +clean: + $(RM) $(OBJECTS) + $(RM) $(LIB) diff --git a/crypto_sign/rainbowV-circumzenithal/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowV-circumzenithal/clean/Makefile.Microsoft_nmake new file mode 100644 index 00000000..df8b952e --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/Makefile.Microsoft_nmake @@ -0,0 +1,19 @@ +# This Makefile can be used with Microsoft Visual Studio's nmake using the command: +# nmake /f Makefile.Microsoft_nmake + +LIBRARY=librainbowV-circumzenithal_clean.lib +OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj + +CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX + +all: $(LIBRARY) + +# Make sure objects are recompiled if headers change. +$(OBJECTS): *.h + +$(LIBRARY): $(OBJECTS) + LIB.EXE /NOLOGO /WX /OUT:$@ $** + +clean: + -DEL $(OBJECTS) + -DEL $(LIBRARY) diff --git a/crypto_sign/rainbowV-circumzenithal/clean/api.h b/crypto_sign/rainbowV-circumzenithal/clean/api.h new file mode 100644 index 00000000..f5f49c79 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/api.h @@ -0,0 +1,32 @@ +#ifndef PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_API_H +#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_API_H + +#include +#include + +#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_CRYPTO_SECRETKEYBYTES 1408736 +#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_CRYPTO_PUBLICKEYBYTES 536136 +#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_CRYPTO_BYTES 212 +#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,96,36,64) - circumzenithal" + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); + + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk); + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk); + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, + const uint8_t *m, size_t mlen, + const uint8_t *sk); + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, + const uint8_t *sm, size_t smlen, + const uint8_t *pk); + + +#endif diff --git a/crypto_sign/rainbowV-circumzenithal/clean/blas.c b/crypto_sign/rainbowV-circumzenithal/clean/blas.c new file mode 100644 index 00000000..8a3fa971 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/blas.c @@ -0,0 +1,31 @@ +#include "blas.h" +#include "gf.h" + +#include + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { + uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= (a[i] & pr_u8); + } +} + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_b[i] ^= a[i]; + } +} + + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + a[i] = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a[i], b); + } +} + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + accu_c[i] ^= PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a[i], gf256_b); + } +} + diff --git a/crypto_sign/rainbowV-circumzenithal/clean/blas.h b/crypto_sign/rainbowV-circumzenithal/clean/blas.h new file mode 100644 index 00000000..dffa9531 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/blas.h @@ -0,0 +1,19 @@ +#ifndef _BLAS_H_ +#define _BLAS_H_ +/// @file blas.h +/// @brief Functions for implementing basic linear algebra functions. +/// + +#include "rainbow_config.h" +#include +#include + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); + + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); + + +#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowV-circumzenithal/clean/blas_comm.c b/crypto_sign/rainbowV-circumzenithal/clean/blas_comm.c new file mode 100644 index 00000000..5cd14d03 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/blas_comm.c @@ -0,0 +1,144 @@ +/// @file blas_comm.c +/// @brief The standard implementations for blas_comm.h +/// + +#include "blas_comm.h" +#include "blas.h" +#include "gf.h" +#include "rainbow_config.h" + +#include +#include + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { + for (size_t i = 0; i < _num_byte; i++) { + b[i] = 0; + } +} +/// @brief get an element from GF(256) vector . +/// +/// @param[in] a - the input vector a. +/// @param[in] i - the index in the vector a. +/// @return the value of the element. +/// +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { + return a[i]; +} + +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { + uint8_t r = 0; + while (_num_byte--) { + r |= a[0]; + a++; + } + return (0 == r); +} + +/// polynomial multplication +/// School boook +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, _num * 2 - 1); + for (unsigned int i = 0; i < _num; i++) { + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(c + i, a, b[i], _num); + } +} + +static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_A_vec_byte); + for (unsigned int i = 0; i < n_A_width; i++) { + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); + matA += n_A_vec_byte; + } +} + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { + unsigned int n_vec_byte = len_vec; + for (unsigned int k = 0; k < len_vec; k++) { + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_vec_byte); + const uint8_t *bk = b + n_vec_byte * k; + for (unsigned int i = 0; i < len_vec; i++) { + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); + } + c += n_vec_byte; + } +} + +static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) { + unsigned int r8 = 1; + + for (unsigned int i = 0; i < h; i++) { + uint8_t *ai = mat + w * i; + unsigned int skip_len_align4 = i & ((unsigned int)~0x3); + + for (unsigned int j = i + 1; j < h; j++) { + uint8_t *aj = mat + w * j; + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); + } + r8 &= PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_is_nonzero(ai[i]); + uint8_t pivot = ai[i]; + pivot = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_inv(pivot); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); + for (unsigned int j = 0; j < h; j++) { + if (i == j) { + continue; + } + uint8_t *aj = mat + w * j; + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); + } + } + + return r8; +} + +static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { + uint8_t mat[64 * 64]; + for (unsigned int i = 0; i < n; i++) { + memcpy(mat + i * (n + 1), inp_mat + i * n, n); + mat[i * (n + 1) + n] = c_terms[i]; + } + unsigned int r8 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); + for (unsigned int i = 0; i < n; i++) { + sol[i] = mat[i * (n + 1) + n]; + } + return r8; +} + +static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) { + for (unsigned int i = 0; i < h; i++) { + for (unsigned int j = 0; j < w2; j++) { + mat2[i * w2 + j] = mat[i * w + st + j]; + } + } +} + +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { + uint8_t *aa = buffer; + for (unsigned int i = 0; i < H; i++) { + uint8_t *ai = aa + i * 2 * H; + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(ai, 2 * H); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(ai, a + i * H, H); + ai[H + i] = 1; + } + unsigned int r8 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); + gf256mat_submat(inv_a, H, H, aa, 2 * H, H); + return r8; +} + + +// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE + +#define gf256mat_prod_impl gf256mat_prod_ref +#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref +#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { + gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); +} + +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { + return gf256mat_gauss_elim_impl(mat, h, w); +} + +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { + return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); +} + diff --git a/crypto_sign/rainbowV-circumzenithal/clean/blas_comm.h b/crypto_sign/rainbowV-circumzenithal/clean/blas_comm.h new file mode 100644 index 00000000..195010ad --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/blas_comm.h @@ -0,0 +1,90 @@ +#ifndef _BLAS_COMM_H_ +#define _BLAS_COMM_H_ +/// @file blas_comm.h +/// @brief Common functions for linear algebra. +/// + +#include "rainbow_config.h" +#include + +/// @brief set a vector to 0. +/// +/// @param[in,out] b - the vector b. +/// @param[in] _num_byte - number of bytes for the vector b. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); + +/// @brief get an element from GF(256) vector . +/// +/// @param[in] a - the input vector a. +/// @param[in] i - the index in the vector a. +/// @return the value of the element. +/// +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); + +/// @brief check if a vector is 0. +/// +/// @param[in] a - the vector a. +/// @param[in] _num_byte - number of bytes for the vector a. +/// @return 1(true) if a is 0. 0(false) else. +/// +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); + +/// @brief polynomial multiplication: c = a*b +/// +/// @param[out] c - the output polynomial c +/// @param[in] a - the vector a. +/// @param[in] b - the vector b. +/// @param[in] _num - number of elements for the polynomials a and b. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); + +/// @brief matrix-vector multiplication: c = matA * b , in GF(256) +/// +/// @param[out] c - the output vector c +/// @param[in] matA - a column-major matrix A. +/// @param[in] n_A_vec_byte - the size of column vectors in bytes. +/// @param[in] n_A_width - the width of matrix A. +/// @param[in] b - the vector b. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); + +/// @brief matrix-matrix multiplication: c = a * b , in GF(256) +/// +/// @param[out] c - the output matrix c +/// @param[in] c - a matrix a. +/// @param[in] b - a matrix b. +/// @param[in] len_vec - the length of column vectors. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); + +/// @brief Gauss elimination for a matrix, in GF(256) +/// +/// @param[in,out] mat - the matrix. +/// @param[in] h - the height of the matrix. +/// @param[in] w - the width of the matrix. +/// @return 1(true) if success. 0(false) if the matrix is singular. +/// +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); + +/// @brief Solving linear equations, in GF(256) +/// +/// @param[out] sol - the solutions. +/// @param[in] inp_mat - the matrix parts of input equations. +/// @param[in] c_terms - the constant terms of the input equations. +/// @param[in] n - the number of equations. +/// @return 1(true) if success. 0(false) if the matrix is singular. +/// +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); + +/// @brief Computing the inverse matrix, in GF(256) +/// +/// @param[out] inv_a - the output of matrix a. +/// @param[in] a - a matrix a. +/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix. +/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. +/// @return 1(true) if success. 0(false) if the matrix is singular. +/// +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); + +#endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowV-circumzenithal/clean/gf.c b/crypto_sign/rainbowV-circumzenithal/clean/gf.c new file mode 100644 index 00000000..db522649 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/gf.c @@ -0,0 +1,91 @@ +#include "gf.h" + +//// gf4 := gf2[x]/x^2+x+1 +static inline uint8_t gf4_mul_2(uint8_t a) { + uint8_t r = (uint8_t)(a << 1); + r ^= (uint8_t)((a >> 1) * 7); + return r; +} + +static inline uint8_t gf4_mul(uint8_t a, uint8_t b) { + uint8_t r = (uint8_t)(a * (b & 1)); + return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1)); +} + +static inline uint8_t gf4_squ(uint8_t a) { + return a ^ (a >> 1); +} + +//// gf16 := gf4[y]/y^2+y+x +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b) { + uint8_t a0 = a & 3; + uint8_t a1 = (a >> 2); + uint8_t b0 = b & 3; + uint8_t b1 = (b >> 2); + uint8_t a0b0 = gf4_mul(a0, b0); + uint8_t a1b1 = gf4_mul(a1, b1); + uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; + uint8_t a1b1_x2 = gf4_mul_2(a1b1); + return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2); +} + +static inline uint8_t gf16_squ(uint8_t a) { + uint8_t a0 = a & 3; + uint8_t a1 = (a >> 2); + a1 = gf4_squ(a1); + uint8_t a1squ_x2 = gf4_mul_2(a1); + return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); +} + +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_is_nonzero(uint8_t a) { + unsigned int a8 = a; + unsigned int r = ((unsigned int)0) - a8; + r >>= 8; + return r & 1; +} + +static inline uint8_t gf4_mul_3(uint8_t a) { + uint8_t msk = (uint8_t)((a - 2) >> 1); + return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1))); +} +static inline uint8_t gf16_mul_8(uint8_t a) { + uint8_t a0 = a & 3; + uint8_t a1 = a >> 2; + return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1)); +} + +// gf256 := gf16[X]/X^2+X+xy +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(uint8_t a, uint8_t b) { + uint8_t a0 = a & 15; + uint8_t a1 = (a >> 4); + uint8_t b0 = b & 15; + uint8_t b1 = (b >> 4); + uint8_t a0b0 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(a0, b0); + uint8_t a1b1 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(a1, b1); + uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; + uint8_t a1b1_x8 = gf16_mul_8(a1b1); + return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8); +} + +static inline uint8_t gf256_squ(uint8_t a) { + uint8_t a0 = a & 15; + uint8_t a1 = (a >> 4); + a1 = gf16_squ(a1); + uint8_t a1squ_x8 = gf16_mul_8(a1); + return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0)); +} + +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_inv(uint8_t a) { + // 128+64+32+16+8+4+2 = 254 + uint8_t a2 = gf256_squ(a); + uint8_t a4 = gf256_squ(a2); + uint8_t a8 = gf256_squ(a4); + uint8_t a4_2 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a4, a2); + uint8_t a8_4_2 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a4_2, a8); + uint8_t a64_ = gf256_squ(a8_4_2); + a64_ = gf256_squ(a64_); + a64_ = gf256_squ(a64_); + uint8_t a64_2 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a64_, a8_4_2); + uint8_t a128_ = gf256_squ(a64_2); + return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a2, a128_); +} diff --git a/crypto_sign/rainbowV-circumzenithal/clean/gf.h b/crypto_sign/rainbowV-circumzenithal/clean/gf.h new file mode 100644 index 00000000..f5247053 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/gf.h @@ -0,0 +1,19 @@ +#ifndef _GF16_H_ +#define _GF16_H_ + +#include "rainbow_config.h" +#include + +/// @file gf16.h +/// @brief Library for arithmetics in GF(16) and GF(256) +/// + +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b); + + +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_is_nonzero(uint8_t a); +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_inv(uint8_t a); +uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(uint8_t a, uint8_t b); + + +#endif // _GF16_H_ diff --git a/crypto_sign/rainbowVc-classic/clean/parallel_matrix_op.c b/crypto_sign/rainbowV-circumzenithal/clean/parallel_matrix_op.c similarity index 54% rename from crypto_sign/rainbowVc-classic/clean/parallel_matrix_op.c rename to crypto_sign/rainbowV-circumzenithal/clean/parallel_matrix_op.c index 89d75ed9..2143c47e 100644 --- a/crypto_sign/rainbowVc-classic/clean/parallel_matrix_op.c +++ b/crypto_sign/rainbowV-circumzenithal/clean/parallel_matrix_op.c @@ -16,7 +16,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; } @@ -30,25 +30,25 @@ unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, un /// static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { if (i_row > j_col) { - return PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var); + return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(j_col, i_row, n_var); } - return PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var); + return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i_row, j_col, n_var); } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { unsigned char *runningC = btriC; unsigned int Aheight = Awidth; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < i; j++) { - unsigned int idx = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(j, i, Aheight); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); + unsigned int idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(j, i, Aheight); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); runningC += size_batch * (Aheight - i); } } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; unsigned int Aheight = Awidth; @@ -58,7 +58,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, c if (k < i) { continue; } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -66,7 +66,7 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, c } } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -75,14 +75,14 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, if (i < k) { continue; } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -91,46 +91,46 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, if (i == k) { continue; } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { unsigned int Atr_height = Awidth; unsigned int Atr_width = Aheight; for (unsigned int i = 0; i < Atr_height; i++) { for (unsigned int j = 0; j < Atr_width; j++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); } bC += size_batch * Bwidth; } } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { const unsigned char *bA = bA_to_tr; unsigned int Aheight = Awidth_before_tr; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -138,46 +138,46 @@ void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, cons } } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { unsigned char tmp[256]; unsigned char _x[256]; for (unsigned int i = 0; i < dim; i++) { - _x[i] = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(x, i); } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(y, size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(y, size_batch); for (unsigned int i = 0; i < dim; i++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = i; j < dim; j++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); trimat += size_batch; } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); } } -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned dim_x, unsigned size_batch) { unsigned char tmp[128]; unsigned char _x[128]; for (unsigned int i = 0; i < dim_x; i++) { - _x[i] = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(x, i); } unsigned char _y[128]; for (unsigned int i = 0; i < dim_y; i++) { - _y[i] = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele(y, i); + _y[i] = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(y, i); } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(z, size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(z, size_batch); for (unsigned int i = 0; i < dim_y; i++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = 0; j < dim_x; j++) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); mat += size_batch; } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); } } diff --git a/crypto_sign/rainbowV-circumzenithal/clean/parallel_matrix_op.h b/crypto_sign/rainbowV-circumzenithal/clean/parallel_matrix_op.h new file mode 100644 index 00000000..02209235 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/parallel_matrix_op.h @@ -0,0 +1,260 @@ +#ifndef _P_MATRIX_OP_H_ +#define _P_MATRIX_OP_H_ +/// @file parallel_matrix_op.h +/// @brief Librarys for operations of batched matrixes. +/// +/// + +//////////////// Section: triangle matrix <-> rectangle matrix /////////////////////////////////// + +/// +/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. +/// +/// @param[in] i_row - the i-th row in an upper-triangle matrix. +/// @param[in] j_col - the j-th column in an upper-triangle matrix. +/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. +/// @return the corresponding index in an array storage. +/// +unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); + +/// +/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. +/// +/// @param[out] btriC - the batched upper-trianglized matrix C. +/// @param[in] bA - a batched retangle matrix A. +/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); + +//////////////////// Section: matrix multiplications /////////////////////////////// + +/// +/// @brief bC += btriA * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += btriA * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += btriA^Tr * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += btriA^Tr * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += (btriA + btriA^Tr) *B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += (btriA + btriA^Tr) *B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += A^Tr * bB , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. +/// @param[in] Aheight - the height of A. +/// @param[in] size_Acolvec - the size of a column vector in A. +/// @param[in] Awidth - the width of A. +/// @param[in] bB - a batched matrix B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, + const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, + const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += A^Tr * bB , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. +/// @param[in] Aheight - the height of A. +/// @param[in] size_Acolvec - the size of a column vector in A. +/// @param[in] Awidth - the width of A. +/// @param[in] bB - a batched matrix B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, + const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, + const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA^Tr * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). +/// @param[in] Awidth_befor_tr - the width of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA^Tr * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). +/// @param[in] Awidth_befor_tr - the width of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA * B , in GF(16) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA - a batched matrix A. +/// @param[in] Aheigh - the height of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +/// +/// @brief bC += bA * B , in GF(256) +/// +/// @param[out] bC - the batched matrix C. +/// @param[in] bA - a batched matrix A. +/// @param[in] Aheigh - the height of A. +/// @param[in] B - a column-major matrix B. +/// @param[in] Bheight - the height of B. +/// @param[in] size_Bcolvec - the size of the column vector in B. +/// @param[in] Bwidth - the width of B. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, + const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); + +//////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// + +/// +/// @brief y = x^Tr * trimat * x , in GF(16) +/// +/// @param[out] y - the returned batched element y. +/// @param[in] trimat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim - the dimension of matrix trimat (and x). +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); + +/// +/// @brief y = x^Tr * trimat * x , in GF(256) +/// +/// @param[out] y - the returned batched element y. +/// @param[in] trimat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim - the dimension of matrix trimat (and x). +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); + +/// +/// @brief z = y^Tr * mat * x , in GF(16) +/// +/// @param[out] z - the returned batched element z. +/// @param[in] y - an input vector y. +/// @param[in] dim_y - the length of y. +/// @param[in] mat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim_x - the length of x. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, + const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); + +/// +/// @brief z = y^Tr * mat * x , in GF(256) +/// +/// @param[out] z - the returned batched element z. +/// @param[in] y - an input vector y. +/// @param[in] dim_y - the length of y. +/// @param[in] mat - a batched matrix. +/// @param[in] x - an input vector x. +/// @param[in] dim_x - the length of x. +/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, + const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); + +#endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowV-circumzenithal/clean/rainbow.c b/crypto_sign/rainbowV-circumzenithal/clean/rainbow.c new file mode 100644 index 00000000..93ee9726 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/rainbow.c @@ -0,0 +1,173 @@ +/// @file rainbow.c +/// @brief The standard implementations for functions in rainbow.h +/// + +#include "blas.h" +#include "parallel_matrix_op.h" +#include "rainbow.h" +#include "rainbow_blas.h" +#include "rainbow_config.h" +#include "rainbow_keypair.h" +#include "utils_hash.h" +#include "utils_prng.h" +#include +#include +#include + +#define MAX_ATTEMPT_FRMAT 128 + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { + uint8_t mat_l1[_O1 * _O1_BYTE]; + uint8_t mat_l2[_O2 * _O2_BYTE]; + uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; + + // setup PRNG + prng_t prng_sign; + uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN]; + memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); + memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest + uint8_t prng_seed[_HASH_LEN]; + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) + for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { + prng_preseed[i] ^= prng_preseed[i]; // clean + } + for (unsigned int i = 0; i < _HASH_LEN; i++) { + prng_seed[i] ^= prng_seed[i]; // clean + } + + // roll vinegars. + uint8_t vinegar[_V1_BYTE]; + unsigned int n_attempt = 0; + unsigned int l1_succ = 0; + while (!l1_succ) { + if (MAX_ATTEMPT_FRMAT <= n_attempt) { + break; + } + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars + gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 + l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable + n_attempt++; + } + + // Given the vinegars, pre-compute variables needed for layer 2 + uint8_t r_l1_F1[_O1_BYTE] = {0}; + uint8_t r_l2_F1[_O2_BYTE] = {0}; + batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE); + batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE); + uint8_t mat_l2_F3[_O2 * _O2_BYTE]; + uint8_t mat_l2_F2[_O1 * _O2_BYTE]; + gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar); + gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar); + + // Some local variables. + uint8_t _z[_PUB_M_BYTE]; + uint8_t y[_PUB_M_BYTE]; + uint8_t *x_v1 = vinegar; + uint8_t x_o1[_O1_BYTE]; + uint8_t x_o2[_O2_BYTE]; + + uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; + memcpy(digest_salt, _digest, _HASH_LEN); + uint8_t *salt = digest_salt + _HASH_LEN; + + uint8_t temp_o[_MAX_O_BYTE + 32] = {0}; + unsigned int succ = 0; + while (!succ) { + if (MAX_ATTEMPT_FRMAT <= n_attempt) { + break; + } + // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w + + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) + + // y = S^-1 * z + memcpy(y, _z, _PUB_M_BYTE); // identity part of S + gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); + + // Central Map: + // layer 1: calculate x_o1 + memcpy(temp_o, r_l1_F1, _O1_BYTE); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); + gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); + + // layer 2: calculate x_o2 + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); + gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 + batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); + + // generate the linear equations of the 2nd layer + gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 + succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); + gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs + + n_attempt++; + }; + // w = T^-1 * y + uint8_t w[_PUB_N_BYTE]; + // identity part of T. + memcpy(w, x_v1, _V1_BYTE); + memcpy(w + _V1_BYTE, x_o1, _O1_BYTE); + memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); + // Computing the t1 part. + gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE); + // Computing the t4 part. + gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE); + // Computing the t3 part. + gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); + + memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 + // clean + memset(&prng_sign, 0, sizeof(prng_t)); + memset(vinegar, 0, _V1_BYTE); + memset(r_l1_F1, 0, _O1_BYTE); + memset(r_l2_F1, 0, _O2_BYTE); + memset(_z, 0, _PUB_M_BYTE); + memset(y, 0, _PUB_M_BYTE); + memset(x_o1, 0, _O1_BYTE); + memset(x_o2, 0, _O2_BYTE); + memset(temp_o, 0, sizeof(temp_o)); + + // return: copy w and salt to the signature. + if (MAX_ATTEMPT_FRMAT <= n_attempt) { + return -1; + } + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); + return 0; +} + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { + unsigned char digest_ck[_PUB_M_BYTE]; + // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. + batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); + + unsigned char correct[_PUB_M_BYTE]; + unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; + memcpy(digest_salt, digest, _HASH_LEN); + memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) + + // check consistancy. + unsigned char cc = 0; + for (unsigned int i = 0; i < _PUB_M_BYTE; i++) { + cc |= (digest_ck[i] ^ correct[i]); + } + return (0 == cc) ? 0 : -1; +} + + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { + unsigned char pk[sizeof(pk_t) + 32]; + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. + return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); +} diff --git a/crypto_sign/rainbowIa-cyclic/clean/rainbow.h b/crypto_sign/rainbowV-circumzenithal/clean/rainbow.h similarity index 71% rename from crypto_sign/rainbowIa-cyclic/clean/rainbow.h rename to crypto_sign/rainbowV-circumzenithal/clean/rainbow.h index dca27b11..36763f09 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/rainbow.h +++ b/crypto_sign/rainbowV-circumzenithal/clean/rainbow.h @@ -16,7 +16,7 @@ /// @param[in] sk - the secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); /// /// @brief Verifying function. @@ -26,7 +26,7 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s /// @param[in] pk - the public key. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); /// @@ -37,6 +37,6 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const ui /// @param[in] pk - the public key of cyclic rainbow. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); #endif // _RAINBOW_H_ diff --git a/crypto_sign/rainbowV-circumzenithal/clean/rainbow_blas.h b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_blas.h new file mode 100644 index 00000000..2d28765c --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_blas.h @@ -0,0 +1,32 @@ +#ifndef _RAINBOW_BLAS_H_ +#define _RAINBOW_BLAS_H_ +/// @file rainbow_blas.h +/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h +/// +/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h + +#include "blas.h" +#include "blas_comm.h" +#include "parallel_matrix_op.h" +#include "rainbow_config.h" + + +#define gfv_get_ele PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele +#define gfv_mul_scalar PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_mul_scalar +#define gfv_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd + +#define gfmat_prod PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_prod +#define gfmat_inv PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_inv + +#define batch_trimat_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256 +#define batch_trimatTr_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256 +#define batch_2trimat_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256 +#define batch_matTr_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256 +#define batch_bmatTr_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256 +#define batch_mat_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256 + +#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256 +#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256 + + +#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_config.h b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_config.h similarity index 93% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_config.h rename to crypto_sign/rainbowV-circumzenithal/clean/rainbow_config.h index f691dfb1..e668ff3c 100644 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_config.h +++ b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_config.h @@ -6,10 +6,10 @@ /// #define _GFSIZE 256 -#define _V1 92 -#define _O1 48 -#define _O2 48 -#define _MAX_O 48 +#define _V1 96 +#define _O1 36 +#define _O2 64 +#define _MAX_O 64 #define _HASH_LEN 64 diff --git a/crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair.c b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair.c similarity index 54% rename from crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair.c rename to crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair.c index 3c6258d2..5ee23bdf 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair.c +++ b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair.c @@ -12,52 +12,81 @@ #include #include -static void generate_S_T(unsigned char *s_and_t, prng_t *prng0) { - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // S1 - s_and_t += _O1_BYTE * _O2; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O1); // T1 - s_and_t += _V1_BYTE * _O1; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O2); // T2 - s_and_t += _V1_BYTE * _O2; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // T3 +static +void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) { + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->s1); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t1); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t4); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t3); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size ); } -static unsigned int generate_l1_F12(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); // l1_F1 - sk += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * _V1 * _O1); // l1_F2 - n_byte_generated += _O1_BYTE * _V1 * _O1; +static +unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l1_F1); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l1_F2); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + return n_byte_generated; } -static unsigned int generate_l2_F12356(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // l2_F1 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_V1); +static +unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O1); // l2_F2 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F1); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O2); // l2_F3 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F2); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // l2_F5 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_O1); + size = sizeof(_sk->l2_F3); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _O1 * _O2); // l2_F6 - n_byte_generated += _O2_BYTE * _O1 * _O2; + size = sizeof(_sk->l2_F5); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F6); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; return n_byte_generated; } + static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { sk += generate_l1_F12(sk, prng0); generate_l2_F12356(sk, prng0); @@ -69,7 +98,7 @@ static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t4 = t2_to_t4; for (unsigned int i = 0; i < _O2; i++) { /// t3 width gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(t4, temp, _V1_BYTE); t4 += _V1_BYTE; t3 += _O1_BYTE; } @@ -79,7 +108,7 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ unsigned char temp[_O1_BYTE + 32]; while (n_terms--) { gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); l1_polys += _O1_BYTE; l2_polys += _O2_BYTE; } @@ -89,14 +118,14 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ ///////////////////// Cyclic ////////////////////////////////// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(pk->pk_seed, pk_seed, LEN_PKSEED); memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); // prng for sk prng_t prng; prng_t *prng0 = &prng; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); generate_S_T(sk->s1, prng0); // S,T: only a part of sk unsigned char t2[sizeof(sk->t4)]; @@ -107,18 +136,18 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, sk_t inst_Qs; sk_t *Qs = &inst_Qs; prng_t *prng1 = &prng; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1); obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1); // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6. - PQCLEAN_RAINBOWIACYCLIC_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T unsigned char t4[sizeof(sk->t4)]; memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4 memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2 - PQCLEAN_RAINBOWIACYCLIC_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4 obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1); @@ -132,7 +161,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { // procedure: cpk_t --> extcpk_t --> pk_t // convert from cpk_t to extcpk_t @@ -140,7 +169,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { // setup prng prng_t prng0; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); // generating parts of key with prng generate_l1_F12(pk.l1_Q1, &prng0); @@ -153,5 +182,5 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); // convert from extcpk_t to pk_t - PQCLEAN_RAINBOWIACYCLIC_CLEAN_extcpk_to_pk(rpk, &pk); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_extcpk_to_pk(rpk, &pk); } diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair.h b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair.h similarity index 93% rename from crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair.h rename to crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair.h index 33f55e32..16e0e1b9 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/rainbow_keypair.h +++ b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair.h @@ -77,7 +77,7 @@ typedef struct rainbow_secretkey_cyclic { /// @param[in] pk_seed - seed for generating parts of public key. /// @param[in] sk_seed - seed for generating secret key. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); @@ -89,6 +89,6 @@ void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk /// @param[out] pk - the classic public key. /// @param[in] cpk - the cyclic public key. /// -void PQCLEAN_RAINBOWIIICCYCLIC_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); #endif // _RAINBOW_KEYPAIR_H_ diff --git a/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair_computation.c new file mode 100644 index 00000000..0722808f --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair_computation.c @@ -0,0 +1,213 @@ +/// @file rainbow_keypair_computation.c +/// @brief Implementations for functions in rainbow_keypair_computation.h +/// + +#include "rainbow_keypair_computation.h" +#include "blas.h" +#include "blas_comm.h" +#include "rainbow_blas.h" +#include "rainbow_keypair.h" +#include +#include +#include + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { + const unsigned char *idx_l1 = cpk->l1_Q1; + const unsigned char *idx_l2 = cpk->l2_Q1; + for (unsigned int i = 0; i < _V1; i++) { + for (unsigned int j = i; j < _V1; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q2; + idx_l2 = cpk->l2_Q2; + for (unsigned int i = 0; i < _V1; i++) { + for (unsigned int j = _V1; j < _V1 + _O1; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q3; + idx_l2 = cpk->l2_Q3; + for (unsigned int i = 0; i < _V1; i++) { + for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q5; + idx_l2 = cpk->l2_Q5; + for (unsigned int i = _V1; i < _V1 + _O1; i++) { + for (unsigned int j = i; j < _V1 + _O1; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q6; + idx_l2 = cpk->l2_Q6; + for (unsigned int i = _V1; i < _V1 + _O1; i++) { + for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } + idx_l1 = cpk->l1_Q9; + idx_l2 = cpk->l2_Q9; + for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { + for (unsigned int j = i; j < _PUB_N; j++) { + unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N); + memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); + memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); + idx_l1 += _O1_BYTE; + idx_l2 += _O2_BYTE; + } + } +} + +static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { + // Layer 1 + // F_sk.l1_F1s[i] = Q_pk.l1_F1s[i] + memcpy(Fs->l1_F1, Qs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); + + // F_sk.l1_F2s[i] = ( Q_pk.l1_F1s[i] + Q_pk.l1_F1s[i].transpose() ) * T_sk.t1 + Q_pk.l1_F2s[i] + memcpy(Fs->l1_F2, Qs->l1_F2, _O1_BYTE * _V1 * _O1); + batch_2trimat_madd(Fs->l1_F2, Qs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); + + /* + Layer 2 + computations: + + F_sk.l2_F1s[i] = Q_pk.l2_F1s[i] + + Q1_T1 = Q_pk.l2_F1s[i]*T_sk.t1 + F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1 + F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i] + + Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4 + #Q1_Q1T_T4 = Q1_Q1T * t4 + Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3 + F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] + F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) + + Q_pk.l2_F2s[i].transpose() * t4 + + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i] + + */ + memcpy(Fs->l2_F1, Qs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // F_sk.l2_F1s[i] = Q_pk.l2_F1s[i] + + // F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1 + // F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i] + memcpy(Fs->l2_F2, Qs->l2_F2, _O2_BYTE * _V1 * _O1); + batch_trimat_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q1_T1+ Q2 + + unsigned char tempQ[_O1 * _O1 * _O2_BYTE + 32]; + memset(tempQ, 0, _O1 * _O1 * _O2_BYTE); + batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2) + memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5 + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) + + batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1 + + // Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4 + // Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3 + // F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] + memcpy(Fs->l2_F3, Qs->l2_F3, _V1 * _O2 * _O2_BYTE); + batch_2trimat_madd(Fs->l2_F3, Qs->l2_F1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); // Q1_Q1T_T4 + batch_mat_madd(Fs->l2_F3, Qs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // Q2_T3 + + // F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) + // + Q_pk.l2_F2s[i].transpose() * t4 + // + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i] + memcpy(Fs->l2_F6, Qs->l2_F6, _O1 * _O2 * _O2_BYTE); + batch_matTr_madd(Fs->l2_F6, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F3, _O2, _O2_BYTE); // t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] ) + batch_2trimat_madd(Fs->l2_F6, Qs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + batch_bmatTr_madd(Fs->l2_F6, Qs->l2_F2, _O1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); +} + +static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { + // Layer 1: Computing Q5, Q3, Q6, Q9 + + // Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) ) + const unsigned char *t2 = Ts->t4; + sk_t tempQ; + memcpy(tempQ.l1_F2, Fs->l1_F2, _O1_BYTE * _V1 * _O1); + batch_trimat_madd(tempQ.l1_F2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2 + memset(tempQ.l2_F1, 0, sizeof(tempQ.l2_F1)); + memset(tempQ.l2_F2, 0, sizeof(tempQ.l2_F2)); + batch_matTr_madd(tempQ.l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, tempQ.l1_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) + memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1)); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 + + /* + F1_T2 = F1 * t2 + F2_T3 = F2 * t3 + F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2 + Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3 + Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2 + Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) ) + */ + memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2); + memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2); + memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2)); + + batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2 + batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F2_T3 + + memset(tempQ.l1_F2, 0, _O1_BYTE * _V1 * _O2); // should be F3. assuming: _O1 >= _O2 + batch_matTr_madd(tempQ.l1_F2, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 + + batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 + + batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2 + batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6 + /* + Layer 2 + Computing Q9: + + F1_T2 = F1 * t2 + F2_T3 = F2 * t3 + Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) ) + */ + sk_t tempQ2; + memcpy(tempQ2.l2_F3, Fs->l2_F3, _O2_BYTE * _V1 * _O2); /// F3 actually. + batch_trimat_madd(tempQ2.l2_F3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3 + batch_mat_madd(tempQ2.l2_F3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3 + F3 + + memset(tempQ.l2_F3, 0, _O2_BYTE * _V1 * _O2); + batch_matTr_madd(tempQ.l2_F3, t2, _V1, _V1_BYTE, _O2, tempQ2.l2_F3, _O2, _O2_BYTE); // T2tr * ( ..... ) + + memcpy(tempQ.l2_F6, Fs->l2_F6, _O2_BYTE * _O1 * _O2); + batch_trimat_madd(tempQ.l2_F6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 + + batch_matTr_madd(tempQ.l2_F3, Ts->t3, _O1, _O1_BYTE, _O2, tempQ.l2_F6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) + memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 +} + +// Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_ +#define calculate_F_from_Q_impl calculate_F_from_Q_ref +#define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { + calculate_F_from_Q_impl(Fs, Qs, Ts); +} + +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { + calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts); +} diff --git a/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair_computation.h new file mode 100644 index 00000000..be9fd685 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/rainbow_keypair_computation.h @@ -0,0 +1,71 @@ +#ifndef _RAINBOW_KEYPAIR_COMP_H_ +#define _RAINBOW_KEYPAIR_COMP_H_ +/// @file rainbow_keypair_computation.h +/// @brief Functions for calculating pk/sk while generating keys. +/// +/// Defining an internal structure of public key. +/// Functions for calculating pk/sk for key generation. +/// + +#include "rainbow_keypair.h" + +/// @brief The (internal use) public key for rainbow +/// +/// The (internal use) public key for rainbow. The public +/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9, +/// l2_Q1, .... , l2_Q9. +/// +typedef struct rainbow_extend_publickey { + unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; + unsigned char l1_Q2[_O1_BYTE * _V1 * _O1]; + unsigned char l1_Q3[_O1_BYTE * _V1 * _O2]; + unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)]; + unsigned char l1_Q6[_O1_BYTE * _O1 * _O2]; + unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)]; + + unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; + unsigned char l2_Q2[_O2_BYTE * _V1 * _O1]; + unsigned char l2_Q3[_O2_BYTE * _V1 * _O2]; + unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; + unsigned char l2_Q6[_O2_BYTE * _O1 * _O2]; + unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)]; +} ext_cpk_t; + +/// +/// @brief converting formats of public keys : from ext_cpk_t version to pk_t +/// +/// @param[out] pk - the classic public key. +/// @param[in] cpk - the internel public key. +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); +///////////////////////////////////////////////// + +/// +/// @brief Computing public key from secret key +/// +/// @param[out] Qs - the public key +/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 +/// @param[in] Ts - parts of the secret key: T1, T4, T3 +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); + + +/// +/// @brief Computing parts of the sk from parts of pk and sk +/// +/// @param[out] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 +/// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 +/// @param[in] Ts - parts of the sk: T1, T4, T3 +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); + +/// +/// @brief Computing parts of the pk from the secret key +/// +/// @param[out] Qs - parts of the pk: l1_Q3, l1_Q5, l2_Q6, l1_Q9, l2_Q9 +/// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 +/// @param[in] Ts - parts of the sk: T1, T4, T3 +/// +void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); + +#endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowV-circumzenithal/clean/sign.c b/crypto_sign/rainbowV-circumzenithal/clean/sign.c new file mode 100644 index 00000000..8d14a966 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/sign.c @@ -0,0 +1,76 @@ +/// @file sign.c +/// @brief the implementations for functions in api.h +/// +/// + +#include "api.h" +#include "rainbow.h" +#include "rainbow_config.h" +#include "rainbow_keypair.h" +#include "randombytes.h" +#include "utils_hash.h" +#include +#include + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { + unsigned char sk_seed[LEN_SKSEED] = {0}; + randombytes(sk_seed, LEN_SKSEED); + + unsigned char pk_seed[LEN_PKSEED] = {0}; + randombytes(pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_generate_keypair_cyclic((cpk_t *)pk, (sk_t *)sk, pk_seed, sk_seed); + return 0; +} + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + + memcpy(sm, m, mlen); + smlen[0] = mlen + _SIGNATURE_BYTE; + + return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { + int rc; + if (_SIGNATURE_BYTE > smlen) { + rc = -1; + } else { + *mlen = smlen - _SIGNATURE_BYTE; + + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); + + rc = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); + } + if (!rc) { + memmove(m, sm, smlen - _SIGNATURE_BYTE); + } else { // bad signature + *mlen = (size_t) -1; + memset(m, 0, smlen); + } + return rc; +} + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + *siglen = _SIGNATURE_BYTE; + return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk) { + if (siglen != _SIGNATURE_BYTE) { + return -1; + } + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); +} diff --git a/crypto_sign/rainbowVc-classic/clean/utils_hash.c b/crypto_sign/rainbowV-circumzenithal/clean/utils_hash.c similarity index 78% rename from crypto_sign/rainbowVc-classic/clean/utils_hash.c rename to crypto_sign/rainbowV-circumzenithal/clean/utils_hash.c index b7bb5f3b..00082d97 100644 --- a/crypto_sign/rainbowVc-classic/clean/utils_hash.c +++ b/crypto_sign/rainbowV-circumzenithal/clean/utils_hash.c @@ -7,7 +7,7 @@ #include "rainbow_config.h" #include "sha2.h" -static inline int _hash(unsigned char *digest, const unsigned char *m, size_t mlen) { +static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) { sha512(digest, m, mlen); return 0; } @@ -25,14 +25,14 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi n_digest -= _HASH_LEN; while (_HASH_LEN <= n_digest) { - _hash(digest + _HASH_LEN, digest, _HASH_LEN); + h(digest + _HASH_LEN, digest, _HASH_LEN); n_digest -= _HASH_LEN; digest += _HASH_LEN; } unsigned char temp[_HASH_LEN]; if (n_digest) { - _hash(temp, digest, _HASH_LEN); + h(temp, digest, _HASH_LEN); for (size_t i = 0; i < n_digest; i++) { digest[_HASH_LEN + i] = temp[i]; } @@ -40,11 +40,11 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi return 0; } -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(unsigned char *digest, +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen) { unsigned char buf[_HASH_LEN]; - _hash(buf, m, mlen); + h(buf, m, mlen); return expand_hash(digest, len_digest, buf); } diff --git a/crypto_sign/rainbowV-circumzenithal/clean/utils_hash.h b/crypto_sign/rainbowV-circumzenithal/clean/utils_hash.h new file mode 100644 index 00000000..df4593d9 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/utils_hash.h @@ -0,0 +1,11 @@ +#ifndef _UTILS_HASH_H_ +#define _UTILS_HASH_H_ +/// @file utils_hash.h +/// @brief the interface for adapting hash functions. +/// + +#include + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); + +#endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowV-circumzenithal/clean/utils_prng.c b/crypto_sign/rainbowV-circumzenithal/clean/utils_prng.c new file mode 100644 index 00000000..712dc301 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/utils_prng.c @@ -0,0 +1,97 @@ +/// @file utils_prng.c +/// @brief The implementation of PRNG related functions. +/// + +#include "utils_prng.h" +#include "aes.h" +#include "randombytes.h" +#include "utils_hash.h" +#include +#include + +static void prng_update(const unsigned char *provided_data, + unsigned char *Key, + unsigned char *V) { + unsigned char temp[48]; + aes256ctx ctx; + aes256_ecb_keyexp(&ctx, Key); + for (int i = 0; i < 3; i++) { + //increment V + for (int j = 15; j >= 0; j--) { + if (V[j] == 0xff) { + V[j] = 0x00; + } else { + V[j]++; + break; + } + } + aes256_ecb(temp + 16 * i, V, 1, &ctx); + } + if (provided_data != NULL) { + for (int i = 0; i < 48; i++) { + temp[i] ^= provided_data[i]; + } + } + aes256_ctx_release(&ctx); + memcpy(Key, temp, 32); + memcpy(V, temp + 32, 16); +} +static void randombytes_init_with_state(prng_t *state, + unsigned char *entropy_input_48bytes) { + memset(state->Key, 0x00, 32); + memset(state->V, 0x00, 16); + prng_update(entropy_input_48bytes, state->Key, state->V); +} + +static int randombytes_with_state(prng_t *state, + unsigned char *x, + size_t xlen) { + + unsigned char block[16]; + int i = 0; + + aes256ctx ctx; + aes256_ecb_keyexp(&ctx, state->Key); + + while (xlen > 0) { + //increment V + for (int j = 15; j >= 0; j--) { + if (state->V[j] == 0xff) { + state->V[j] = 0x00; + } else { + state->V[j]++; + break; + } + } + aes256_ecb(block, state->V, 1, &ctx); + if (xlen > 15) { + memcpy(x + i, block, 16); + i += 16; + xlen -= 16; + } else { + memcpy(x + i, block, xlen); + xlen = 0; + } + } + aes256_ctx_release(&ctx); + prng_update(NULL, state->Key, state->V); + return 0; +} + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { + unsigned char seed[48]; + if (prng_seedlen >= 48) { + memcpy(seed, prng_seed, 48); + } else { + memcpy(seed, prng_seed, prng_seedlen); + PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); + } + + randombytes_init_with_state(ctx, seed); + + return 0; +} + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { + return randombytes_with_state(ctx, out, outlen); +} diff --git a/crypto_sign/rainbowV-circumzenithal/clean/utils_prng.h b/crypto_sign/rainbowV-circumzenithal/clean/utils_prng.h new file mode 100644 index 00000000..7acfc039 --- /dev/null +++ b/crypto_sign/rainbowV-circumzenithal/clean/utils_prng.h @@ -0,0 +1,18 @@ +#ifndef _UTILS_PRNG_H_ +#define _UTILS_PRNG_H_ +/// @file utils_prng.h +/// @brief the interface for adapting PRNG functions. +/// +/// + +#include "randombytes.h" + +typedef struct { + unsigned char Key[32]; + unsigned char V[16]; +} prng_t; + +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); +int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); + +#endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowV-classic/META.yml b/crypto_sign/rainbowV-classic/META.yml new file mode 100644 index 00000000..10e524f8 --- /dev/null +++ b/crypto_sign/rainbowV-classic/META.yml @@ -0,0 +1,20 @@ +name: "RAINBOW(256,96,36,64) - classic" +type: signature +claimed-nist-level: 5 +length-public-key: 1930600 +length-secret-key: 1408736 +length-signature: 212 +nistkat-sha256: 3b13607b2761cd4b5ccf3206d3fec04f2568e0b01d6f370a336d0de7c70051ff +testvectors-sha256: 079f2020b30dc69ca95499e3cf4bb5eaa70fae40be63fa0d3e542b504c8acd6c +principal-submitters: + - Jintai Ding +auxiliary-submitters: + - Ming-Shing Chen + - Matthias Kannwischer + - Jacques Patarin + - Albrecht Petzoldt + - Dieter Schmidt + - Bo-Yin Yang +implementations: + - name: clean + version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263 diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/LICENSE b/crypto_sign/rainbowV-classic/clean/LICENSE similarity index 100% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/LICENSE rename to crypto_sign/rainbowV-classic/clean/LICENSE diff --git a/crypto_sign/rainbowIa-cyclic/clean/Makefile b/crypto_sign/rainbowV-classic/clean/Makefile similarity index 95% rename from crypto_sign/rainbowIa-cyclic/clean/Makefile rename to crypto_sign/rainbowV-classic/clean/Makefile index 83d388f2..ce1830ba 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/Makefile +++ b/crypto_sign/rainbowV-classic/clean/Makefile @@ -1,6 +1,6 @@ # This Makefile can be used with GNU Make or BSD Make -LIB=librainbowIa-cyclic_clean.a +LIB=librainbowV-classic_clean.a HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o diff --git a/crypto_sign/rainbowIa-cyclic/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowV-classic/clean/Makefile.Microsoft_nmake similarity index 93% rename from crypto_sign/rainbowIa-cyclic/clean/Makefile.Microsoft_nmake rename to crypto_sign/rainbowV-classic/clean/Makefile.Microsoft_nmake index 9ab1fef1..e828be35 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/Makefile.Microsoft_nmake +++ b/crypto_sign/rainbowV-classic/clean/Makefile.Microsoft_nmake @@ -1,7 +1,7 @@ # This Makefile can be used with Microsoft Visual Studio's nmake using the command: # nmake /f Makefile.Microsoft_nmake -LIBRARY=librainbowIa-cyclic_clean.lib +LIBRARY=librainbowV-classic_clean.lib OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX diff --git a/crypto_sign/rainbowV-classic/clean/api.h b/crypto_sign/rainbowV-classic/clean/api.h new file mode 100644 index 00000000..b26496e1 --- /dev/null +++ b/crypto_sign/rainbowV-classic/clean/api.h @@ -0,0 +1,32 @@ +#ifndef PQCLEAN_RAINBOWVCLASSIC_CLEAN_API_H +#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_API_H + +#include +#include + +#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 1408736 +#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 1930600 +#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_BYTES 212 +#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,96,36,64) - classic" + +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); + + +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk); + +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk); + +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, + const uint8_t *m, size_t mlen, + const uint8_t *sk); + +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, + const uint8_t *sm, size_t smlen, + const uint8_t *pk); + + +#endif diff --git a/crypto_sign/rainbowVc-cyclic/clean/blas.c b/crypto_sign/rainbowV-classic/clean/blas.c similarity index 60% rename from crypto_sign/rainbowVc-cyclic/clean/blas.c rename to crypto_sign/rainbowV-classic/clean/blas.c index 6f617dd9..4a0b7d3e 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/blas.c +++ b/crypto_sign/rainbowV-classic/clean/blas.c @@ -3,29 +3,29 @@ #include -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); for (size_t i = 0; i < _num_byte; i++) { accu_b[i] ^= (a[i] & pr_u8); } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { accu_b[i] ^= a[i]; } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { - a[i] = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_mul(a[i], b); + a[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a[i], b); } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { - accu_c[i] ^= PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_mul(a[i], gf256_b); + accu_c[i] ^= PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a[i], gf256_b); } } diff --git a/crypto_sign/rainbowVc-cyclic/clean/blas.h b/crypto_sign/rainbowV-classic/clean/blas.h similarity index 61% rename from crypto_sign/rainbowVc-cyclic/clean/blas.h rename to crypto_sign/rainbowV-classic/clean/blas.h index c19fe23b..78dc991a 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/blas.h +++ b/crypto_sign/rainbowV-classic/clean/blas.h @@ -8,12 +8,12 @@ #include #include -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); #endif // _BLAS_H_ diff --git a/crypto_sign/rainbowVc-cyclic/clean/blas_comm.c b/crypto_sign/rainbowV-classic/clean/blas_comm.c similarity index 70% rename from crypto_sign/rainbowVc-cyclic/clean/blas_comm.c rename to crypto_sign/rainbowV-classic/clean/blas_comm.c index 481b7699..9cb4979a 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/blas_comm.c +++ b/crypto_sign/rainbowV-classic/clean/blas_comm.c @@ -10,7 +10,7 @@ #include #include -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { for (size_t i = 0; i < _num_byte; i++) { b[i] = 0; } @@ -21,11 +21,11 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { return a[i]; } -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { uint8_t r = 0; while (_num_byte--) { r |= a[0]; @@ -36,28 +36,28 @@ unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsi /// polynomial multplication /// School boook -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1); for (unsigned int i = 0; i < _num; i++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(c + i, a, b[i], _num); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(c + i, a, b[i], _num); } } static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte); for (unsigned int i = 0; i < n_A_width; i++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); matA += n_A_vec_byte; } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { unsigned int n_vec_byte = len_vec; for (unsigned int k = 0; k < len_vec; k++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(c, n_vec_byte); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte); const uint8_t *bk = b + n_vec_byte * k; for (unsigned int i = 0; i < len_vec; i++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); } c += n_vec_byte; } @@ -72,18 +72,18 @@ static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsign for (unsigned int j = i + 1; j < h; j++) { uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); } - r8 &= PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_is_nonzero(ai[i]); + r8 &= PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(ai[i]); uint8_t pivot = ai[i]; - pivot = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_inv(pivot); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); + pivot = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_inv(pivot); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); for (unsigned int j = 0; j < h; j++) { if (i == j) { continue; } uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); } } @@ -96,7 +96,7 @@ static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *in memcpy(mat + i * (n + 1), inp_mat + i * n, n); mat[i * (n + 1) + n] = c_terms[i]; } - unsigned int r8 = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); + unsigned int r8 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); for (unsigned int i = 0; i < n; i++) { sol[i] = mat[i * (n + 1) + n]; } @@ -111,15 +111,15 @@ static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int } } -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { uint8_t *aa = buffer; for (unsigned int i = 0; i < H; i++) { uint8_t *ai = aa + i * 2 * H; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(ai, 2 * H); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(ai, a + i * H, H); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(ai, 2 * H); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(ai, a + i * H, H); ai[H + i] = 1; } - unsigned int r8 = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); + unsigned int r8 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); gf256mat_submat(inv_a, H, H, aa, 2 * H, H); return r8; } @@ -130,15 +130,15 @@ unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const ui #define gf256mat_prod_impl gf256mat_prod_ref #define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref #define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); } -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { return gf256mat_gauss_elim_impl(mat, h, w); } -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); } diff --git a/crypto_sign/rainbowVc-cyclic/clean/blas_comm.h b/crypto_sign/rainbowV-classic/clean/blas_comm.h similarity index 84% rename from crypto_sign/rainbowVc-cyclic/clean/blas_comm.h rename to crypto_sign/rainbowV-classic/clean/blas_comm.h index 08ae23c0..0db6bb28 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/blas_comm.h +++ b/crypto_sign/rainbowV-classic/clean/blas_comm.h @@ -12,7 +12,7 @@ /// @param[in,out] b - the vector b. /// @param[in] _num_byte - number of bytes for the vector b. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); /// @brief get an element from GF(256) vector . /// @@ -20,7 +20,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); /// @brief check if a vector is 0. /// @@ -28,7 +28,7 @@ uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned /// @param[in] _num_byte - number of bytes for the vector a. /// @return 1(true) if a is 0. 0(false) else. /// -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); /// @brief polynomial multiplication: c = a*b /// @@ -37,7 +37,7 @@ unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsi /// @param[in] b - the vector b. /// @param[in] _num - number of elements for the polynomials a and b. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); /// @brief matrix-vector multiplication: c = matA * b , in GF(256) /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, /// @param[in] n_A_width - the width of matrix A. /// @param[in] b - the vector b. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); /// @brief matrix-matrix multiplication: c = a * b , in GF(256) /// @@ -56,7 +56,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA /// @param[in] b - a matrix b. /// @param[in] len_vec - the length of column vectors. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); /// @brief Gauss elimination for a matrix, in GF(256) /// @@ -65,7 +65,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, co /// @param[in] w - the width of the matrix. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); /// @brief Solving linear equations, in GF(256) /// @@ -75,7 +75,7 @@ unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, uns /// @param[in] n - the number of equations. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); /// @brief Computing the inverse matrix, in GF(256) /// @@ -85,6 +85,6 @@ unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol /// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); #endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowVc-cyclic/clean/gf.c b/crypto_sign/rainbowV-classic/clean/gf.c similarity index 75% rename from crypto_sign/rainbowVc-cyclic/clean/gf.c rename to crypto_sign/rainbowV-classic/clean/gf.c index f2b0b859..f1abbc4e 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/gf.c +++ b/crypto_sign/rainbowV-classic/clean/gf.c @@ -17,7 +17,7 @@ static inline uint8_t gf4_squ(uint8_t a) { } //// gf16 := gf4[y]/y^2+y+x -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 3; uint8_t a1 = (a >> 2); uint8_t b0 = b & 3; @@ -37,7 +37,7 @@ static inline uint8_t gf16_squ(uint8_t a) { return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); } -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_is_nonzero(uint8_t a) { +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a) { unsigned int a8 = a; unsigned int r = ((unsigned int)0) - a8; r >>= 8; @@ -55,14 +55,14 @@ static inline uint8_t gf16_mul_8(uint8_t a) { } // gf256 := gf16[X]/X^2+X+xy -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 15; uint8_t a1 = (a >> 4); uint8_t b0 = b & 15; uint8_t b1 = (b >> 4); - uint8_t a0b0 = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf16_mul(a0, b0); - uint8_t a1b1 = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf16_mul(a1, b1); - uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; + uint8_t a0b0 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(a0, b0); + uint8_t a1b1 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(a1, b1); + uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; uint8_t a1b1_x8 = gf16_mul_8(a1b1); return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8); } @@ -75,17 +75,17 @@ static inline uint8_t gf256_squ(uint8_t a) { return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0)); } -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_inv(uint8_t a) { +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_inv(uint8_t a) { // 128+64+32+16+8+4+2 = 254 uint8_t a2 = gf256_squ(a); uint8_t a4 = gf256_squ(a2); uint8_t a8 = gf256_squ(a4); - uint8_t a4_2 = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_mul(a4, a2); - uint8_t a8_4_2 = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_mul(a4_2, a8); + uint8_t a4_2 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a4, a2); + uint8_t a8_4_2 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a4_2, a8); uint8_t a64_ = gf256_squ(a8_4_2); a64_ = gf256_squ(a64_); a64_ = gf256_squ(a64_); - uint8_t a64_2 = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_mul(a64_, a8_4_2); + uint8_t a64_2 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a64_, a8_4_2); uint8_t a128_ = gf256_squ(a64_2); - return PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_mul(a2, a128_); + return PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a2, a128_); } diff --git a/crypto_sign/rainbowV-classic/clean/gf.h b/crypto_sign/rainbowV-classic/clean/gf.h new file mode 100644 index 00000000..8fa48d2e --- /dev/null +++ b/crypto_sign/rainbowV-classic/clean/gf.h @@ -0,0 +1,19 @@ +#ifndef _GF16_H_ +#define _GF16_H_ + +#include "rainbow_config.h" +#include + +/// @file gf16.h +/// @brief Library for arithmetics in GF(16) and GF(256) +/// + +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b); + + +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a); +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_inv(uint8_t a); +uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b); + + +#endif // _GF16_H_ diff --git a/crypto_sign/rainbowVc-cyclic/clean/parallel_matrix_op.c b/crypto_sign/rainbowV-classic/clean/parallel_matrix_op.c similarity index 71% rename from crypto_sign/rainbowVc-cyclic/clean/parallel_matrix_op.c rename to crypto_sign/rainbowV-classic/clean/parallel_matrix_op.c index 04b1beb6..44713eaf 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/parallel_matrix_op.c +++ b/crypto_sign/rainbowV-classic/clean/parallel_matrix_op.c @@ -16,7 +16,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; } @@ -30,25 +30,25 @@ unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, uns /// static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { if (i_row > j_col) { - return PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(j_col, i_row, n_var); + return PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var); } - return PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(i_row, j_col, n_var); + return PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var); } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { unsigned char *runningC = btriC; unsigned int Aheight = Awidth; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < i; j++) { - unsigned int idx = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(j, i, Aheight); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); + unsigned int idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(j, i, Aheight); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); runningC += size_batch * (Aheight - i); } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; unsigned int Aheight = Awidth; @@ -58,7 +58,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, co if (k < i) { continue; } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -66,7 +66,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, co } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -75,14 +75,14 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, if (i < k) { continue; } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -91,46 +91,46 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, c if (i == k) { continue; } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { unsigned int Atr_height = Awidth; unsigned int Atr_width = Aheight; for (unsigned int i = 0; i < Atr_height; i++) { for (unsigned int j = 0; j < Atr_width; j++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); } bC += size_batch * Bwidth; } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { const unsigned char *bA = bA_to_tr; unsigned int Aheight = Awidth_before_tr; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -138,46 +138,46 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { unsigned char tmp[256]; unsigned char _x[256]; for (unsigned int i = 0; i < dim; i++) { - _x[i] = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(x, i); } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(y, size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(y, size_batch); for (unsigned int i = 0; i < dim; i++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = i; j < dim; j++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); trimat += size_batch; } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); } } -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned dim_x, unsigned size_batch) { unsigned char tmp[128]; unsigned char _x[128]; for (unsigned int i = 0; i < dim_x; i++) { - _x[i] = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(x, i); } unsigned char _y[128]; for (unsigned int i = 0; i < dim_y; i++) { - _y[i] = PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele(y, i); + _y[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(y, i); } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(z, size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(z, size_batch); for (unsigned int i = 0; i < dim_y; i++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = 0; j < dim_x; j++) { - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); mat += size_batch; } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); } } diff --git a/crypto_sign/rainbowVc-cyclic/clean/parallel_matrix_op.h b/crypto_sign/rainbowV-classic/clean/parallel_matrix_op.h similarity index 91% rename from crypto_sign/rainbowVc-cyclic/clean/parallel_matrix_op.h rename to crypto_sign/rainbowV-classic/clean/parallel_matrix_op.h index 2a3308de..b85c603b 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/parallel_matrix_op.h +++ b/crypto_sign/rainbowV-classic/clean/parallel_matrix_op.h @@ -15,7 +15,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); +unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); /// /// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. @@ -25,7 +25,7 @@ unsigned int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_idx_of_trimat(unsigned int i_row, uns /// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); //////////////////// Section: matrix multiplications /////////////////////////////// @@ -40,7 +40,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_UpperTrianglize(unsigned char *btriC, const u /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -54,7 +54,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, con /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -68,7 +68,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, co /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -82,7 +82,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -96,7 +96,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -110,7 +110,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, co /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -125,7 +125,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -141,7 +141,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -157,7 +157,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -172,7 +172,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, con /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -187,7 +187,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, co /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -202,7 +202,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); //////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// @@ -216,7 +216,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief y = x^Tr * trimat * x , in GF(256) @@ -227,7 +227,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief z = y^Tr * mat * x , in GF(16) @@ -240,7 +240,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); /// @@ -254,7 +254,7 @@ void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); #endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowVc-cyclic/clean/rainbow.c b/crypto_sign/rainbowV-classic/clean/rainbow.c similarity index 76% rename from crypto_sign/rainbowVc-cyclic/clean/rainbow.c rename to crypto_sign/rainbowV-classic/clean/rainbow.c index 6d8631ad..85452232 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/rainbow.c +++ b/crypto_sign/rainbowV-classic/clean/rainbow.c @@ -16,7 +16,7 @@ #define MAX_ATTEMPT_FRMAT 128 -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { uint8_t mat_l1[_O1 * _O1_BYTE]; uint8_t mat_l2[_O2 * _O2_BYTE]; uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; @@ -27,8 +27,8 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest uint8_t prng_seed[_HASH_LEN]; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) + PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { prng_preseed[i] ^= prng_preseed[i]; // clean } @@ -44,7 +44,7 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s if (MAX_ATTEMPT_FRMAT <= n_attempt) { break; } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable n_attempt++; @@ -65,7 +65,7 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s uint8_t y[_PUB_M_BYTE]; uint8_t *x_v1 = vinegar; uint8_t x_o1[_O1_BYTE]; - uint8_t x_o2[_O1_BYTE]; + uint8_t x_o2[_O2_BYTE]; uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, _digest, _HASH_LEN); @@ -79,31 +79,31 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s } // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt + PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) // y = S^-1 * z memcpy(y, _z, _PUB_M_BYTE); // identity part of S gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); // Central Map: // layer 1: calculate x_o1 memcpy(temp_o, r_l1_F1, _O1_BYTE); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); // layer 2: calculate x_o2 - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); // generate the linear equations of the 2nd layer gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs @@ -117,13 +117,13 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); // Computing the t1 part. gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t4 part. gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(w, y, _V1_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); // Computing the t3 part. gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 // clean @@ -141,12 +141,12 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *s if (MAX_ATTEMPT_FRMAT <= n_attempt) { return -1; } - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); return 0; } -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { unsigned char digest_ck[_PUB_M_BYTE]; // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); @@ -155,7 +155,7 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const ui unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; memcpy(digest_salt, digest, _HASH_LEN); memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) + PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) // check consistancy. unsigned char cc = 0; @@ -166,8 +166,3 @@ int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify(const uint8_t *digest, const ui } -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { - unsigned char pk[sizeof(pk_t) + 32]; - PQCLEAN_RAINBOWVCCYCLIC_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. - return PQCLEAN_RAINBOWVCCYCLIC_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); -} diff --git a/crypto_sign/rainbowIa-classic/clean/rainbow.h b/crypto_sign/rainbowV-classic/clean/rainbow.h similarity index 73% rename from crypto_sign/rainbowIa-classic/clean/rainbow.h rename to crypto_sign/rainbowV-classic/clean/rainbow.h index 7cf8e077..1b8e379f 100644 --- a/crypto_sign/rainbowIa-classic/clean/rainbow.h +++ b/crypto_sign/rainbowV-classic/clean/rainbow.h @@ -16,7 +16,7 @@ /// @param[in] sk - the secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); /// /// @brief Verifying function. @@ -26,7 +26,7 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t * /// @param[in] pk - the public key. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); diff --git a/crypto_sign/rainbowV-classic/clean/rainbow_blas.h b/crypto_sign/rainbowV-classic/clean/rainbow_blas.h new file mode 100644 index 00000000..e0114ab7 --- /dev/null +++ b/crypto_sign/rainbowV-classic/clean/rainbow_blas.h @@ -0,0 +1,32 @@ +#ifndef _RAINBOW_BLAS_H_ +#define _RAINBOW_BLAS_H_ +/// @file rainbow_blas.h +/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h +/// +/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h + +#include "blas.h" +#include "blas_comm.h" +#include "parallel_matrix_op.h" +#include "rainbow_config.h" + + +#define gfv_get_ele PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele +#define gfv_mul_scalar PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar +#define gfv_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd + +#define gfmat_prod PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_prod +#define gfmat_inv PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_inv + +#define batch_trimat_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf256 +#define batch_trimatTr_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf256 +#define batch_2trimat_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf256 +#define batch_matTr_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf256 +#define batch_bmatTr_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf256 +#define batch_mat_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf256 + +#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf256 +#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf256 + + +#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowVc-cyclic/clean/rainbow_config.h b/crypto_sign/rainbowV-classic/clean/rainbow_config.h similarity index 93% rename from crypto_sign/rainbowVc-cyclic/clean/rainbow_config.h rename to crypto_sign/rainbowV-classic/clean/rainbow_config.h index f691dfb1..e668ff3c 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/rainbow_config.h +++ b/crypto_sign/rainbowV-classic/clean/rainbow_config.h @@ -6,10 +6,10 @@ /// #define _GFSIZE 256 -#define _V1 92 -#define _O1 48 -#define _O2 48 -#define _MAX_O 48 +#define _V1 96 +#define _O1 36 +#define _O2 64 +#define _MAX_O 64 #define _HASH_LEN 64 diff --git a/crypto_sign/rainbowV-classic/clean/rainbow_keypair.c b/crypto_sign/rainbowV-classic/clean/rainbow_keypair.c new file mode 100644 index 00000000..7dff94f1 --- /dev/null +++ b/crypto_sign/rainbowV-classic/clean/rainbow_keypair.c @@ -0,0 +1,155 @@ +/// @file rainbow_keypair.c +/// @brief implementations of functions in rainbow_keypair.h +/// + +#include "rainbow_keypair.h" +#include "blas.h" +#include "blas_comm.h" +#include "rainbow_blas.h" +#include "rainbow_keypair_computation.h" +#include "utils_prng.h" +#include +#include +#include + +static +void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) { + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->s1); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t1); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t4); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t3); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size ); +} + + +static +unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l1_F1); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l1_F2); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + + return n_byte_generated; +} + + +static +unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l2_F1); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F2); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F3); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F5); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F6); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + + return n_byte_generated; +} + + +static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { + sk += generate_l1_F12(sk, prng0); + generate_l2_F12356(sk, prng0); +} + +static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) { + // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2 + unsigned char temp[_V1_BYTE + 32]; + unsigned char *t4 = t2_to_t4; + for (unsigned int i = 0; i < _O2; i++) { /// t3 width + gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE); + t4 += _V1_BYTE; + t3 += _O1_BYTE; + } +} + +static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) { + unsigned char temp[_O1_BYTE + 32]; + while (n_terms--) { + gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); + l1_polys += _O1_BYTE; + l2_polys += _O2_BYTE; + } +} + +/////////////////// Classic ////////////////////////////////// + +static void generate_secretkey(sk_t *sk, const unsigned char *sk_seed) { + memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); + + // set up prng + prng_t prng0; + PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); + + // generating secret key with prng. + generate_S_T(sk->s1, &prng0); + generate_B1_B2(sk->l1_F1, &prng0); + + // clean prng + memset(&prng0, 0, sizeof(prng_t)); +} + +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) { + generate_secretkey(sk, sk_seed); + + // set up a temporary structure ext_cpk_t for calculating public key. + ext_cpk_t pk; + + PQCLEAN_RAINBOWVCLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format. + calculate_t4(sk->t4, sk->t1, sk->t3); + + obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1); + obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1); + obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1); + obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1); + obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1); + obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1); + // so far, the pk contains the full pk but in ext_cpk_t format. + + PQCLEAN_RAINBOWVCLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t. +} + + + diff --git a/crypto_sign/rainbowVc-classic/clean/rainbow_keypair.h b/crypto_sign/rainbowV-classic/clean/rainbow_keypair.h similarity index 94% rename from crypto_sign/rainbowVc-classic/clean/rainbow_keypair.h rename to crypto_sign/rainbowV-classic/clean/rainbow_keypair.h index 2092aa86..d7994033 100644 --- a/crypto_sign/rainbowVc-classic/clean/rainbow_keypair.h +++ b/crypto_sign/rainbowV-classic/clean/rainbow_keypair.h @@ -52,7 +52,7 @@ typedef struct rainbow_secretkey { /// @param[out] sk - the secret key. /// @param[in] sk_seed - seed for generating the secret key. /// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed); diff --git a/crypto_sign/rainbowIa-classic/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowV-classic/clean/rainbow_keypair_computation.c similarity index 85% rename from crypto_sign/rainbowIa-classic/clean/rainbow_keypair_computation.c rename to crypto_sign/rainbowV-classic/clean/rainbow_keypair_computation.c index 88ad49bd..a2848619 100644 --- a/crypto_sign/rainbowIa-classic/clean/rainbow_keypair_computation.c +++ b/crypto_sign/rainbowV-classic/clean/rainbow_keypair_computation.c @@ -11,12 +11,12 @@ #include #include -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { const unsigned char *idx_l1 = cpk->l1_Q1; const unsigned char *idx_l2 = cpk->l2_Q1; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = i; j < _V1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -27,7 +27,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q2; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q3; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -49,7 +49,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q5; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = i; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -60,7 +60,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q6; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -71,7 +71,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q9; for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { for (unsigned int j = i; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -106,11 +106,11 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts // l2_Q5 : _O2_BYTE * _V1 * _O1 // l2_Q9 : _O2_BYTE * _V1 * _O2 - unsigned char tempQ[_O1_BYTE * _O1 * _O1 + 32]; + unsigned char tempQ[_MAX_O_BYTE * _MAX_O * _MAX_O + 32]; memset(tempQ, 0, _O1_BYTE * _O1 * _O1); // l1_Q5 batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q2, _O1, _O1_BYTE); // t1_tr*(F1*T1 + F2) - PQCLEAN_RAINBOWIACLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5 batch_trimatTr_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // Q2 /* @@ -127,7 +127,7 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts memset(tempQ, 0, _O1_BYTE * _O2 * _O2); // l1_Q9 batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) - PQCLEAN_RAINBOWIACLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9 + PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9 batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 @@ -149,7 +149,7 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts memcpy(Qs->l2_Q5, Fs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); memset(tempQ, 0, _O2_BYTE * _O1 * _O1); // l2_Q5 batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q2, _O1, _O2_BYTE); // t1_tr*(F1*T1 + F2) - PQCLEAN_RAINBOWIACLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5 batch_trimatTr_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q2 @@ -175,7 +175,7 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts batch_trimat_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 batch_matTr_madd(tempQ, Ts->t3, _O1, _O1_BYTE, _O2, Qs->l2_Q6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9 + PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9 batch_trimatTr_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1_F1T_T2 + F2_T3 + F3 // Q3 @@ -184,6 +184,6 @@ static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts batch_matTr_madd(Qs->l2_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q3, _O2, _O2_BYTE); // Q6 } #define calculate_Q_from_F_impl calculate_Q_from_F_ref -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { calculate_Q_from_F_impl(Qs, Fs, Ts); } diff --git a/crypto_sign/rainbowIa-classic/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowV-classic/clean/rainbow_keypair_computation.h similarity index 90% rename from crypto_sign/rainbowIa-classic/clean/rainbow_keypair_computation.h rename to crypto_sign/rainbowV-classic/clean/rainbow_keypair_computation.h index 7f8b96d2..d37923e3 100644 --- a/crypto_sign/rainbowIa-classic/clean/rainbow_keypair_computation.h +++ b/crypto_sign/rainbowV-classic/clean/rainbow_keypair_computation.h @@ -37,7 +37,7 @@ typedef struct rainbow_extend_publickey { /// @param[out] pk - the classic public key. /// @param[in] cpk - the internel public key. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); ///////////////////////////////////////////////// /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) /// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the secret key: T1, T4, T3 /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWVCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); #endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowIa-cyclic/clean/sign.c b/crypto_sign/rainbowV-classic/clean/sign.c similarity index 57% rename from crypto_sign/rainbowIa-cyclic/clean/sign.c rename to crypto_sign/rainbowV-classic/clean/sign.c index e0a2abc4..1cf228e9 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/sign.c +++ b/crypto_sign/rainbowV-classic/clean/sign.c @@ -12,28 +12,26 @@ #include #include -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { unsigned char sk_seed[LEN_SKSEED] = {0}; randombytes(sk_seed, LEN_SKSEED); - unsigned char pk_seed[LEN_PKSEED] = {0}; - randombytes(pk_seed, LEN_PKSEED); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_generate_keypair_cyclic((cpk_t *)pk, (sk_t *)sk, pk_seed, sk_seed); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed); return 0; } -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); memcpy(sm, m, mlen); smlen[0] = mlen + _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); + return PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); } -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { int rc; if (_SIGNATURE_BYTE > smlen) { rc = -1; @@ -41,9 +39,9 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mle *mlen = smlen - _SIGNATURE_BYTE; unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); - rc = PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); + rc = PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk); } if (!rc) { memmove(m, sm, smlen - _SIGNATURE_BYTE); @@ -54,23 +52,23 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mle return rc; } -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_signature( +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_signature( uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk) { unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); *siglen = _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); + return PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); } -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_crypto_sign_verify( +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_verify( const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk) { if (siglen != _SIGNATURE_BYTE) { return -1; } unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - return PQCLEAN_RAINBOWIACYCLIC_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + return PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk); } diff --git a/crypto_sign/rainbowVc-cyclic/clean/utils_hash.c b/crypto_sign/rainbowV-classic/clean/utils_hash.c similarity index 78% rename from crypto_sign/rainbowVc-cyclic/clean/utils_hash.c rename to crypto_sign/rainbowV-classic/clean/utils_hash.c index 37ee1064..ca045fbf 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/utils_hash.c +++ b/crypto_sign/rainbowV-classic/clean/utils_hash.c @@ -7,7 +7,7 @@ #include "rainbow_config.h" #include "sha2.h" -static inline int _hash(unsigned char *digest, const unsigned char *m, size_t mlen) { +static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) { sha512(digest, m, mlen); return 0; } @@ -25,14 +25,14 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi n_digest -= _HASH_LEN; while (_HASH_LEN <= n_digest) { - _hash(digest + _HASH_LEN, digest, _HASH_LEN); + h(digest + _HASH_LEN, digest, _HASH_LEN); n_digest -= _HASH_LEN; digest += _HASH_LEN; } unsigned char temp[_HASH_LEN]; if (n_digest) { - _hash(temp, digest, _HASH_LEN); + h(temp, digest, _HASH_LEN); for (size_t i = 0; i < n_digest; i++) { digest[_HASH_LEN + i] = temp[i]; } @@ -40,11 +40,11 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi return 0; } -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(unsigned char *digest, +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen) { unsigned char buf[_HASH_LEN]; - _hash(buf, m, mlen); + h(buf, m, mlen); return expand_hash(digest, len_digest, buf); } diff --git a/crypto_sign/rainbowVc-cyclic/clean/utils_hash.h b/crypto_sign/rainbowV-classic/clean/utils_hash.h similarity index 78% rename from crypto_sign/rainbowVc-cyclic/clean/utils_hash.h rename to crypto_sign/rainbowV-classic/clean/utils_hash.h index 6c38bbd5..9624ee69 100644 --- a/crypto_sign/rainbowVc-cyclic/clean/utils_hash.h +++ b/crypto_sign/rainbowV-classic/clean/utils_hash.h @@ -6,6 +6,6 @@ #include -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); #endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowIa-cyclic/clean/utils_prng.c b/crypto_sign/rainbowV-classic/clean/utils_prng.c similarity index 92% rename from crypto_sign/rainbowIa-cyclic/clean/utils_prng.c rename to crypto_sign/rainbowV-classic/clean/utils_prng.c index 18c2e5cf..4e552b6a 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/utils_prng.c +++ b/crypto_sign/rainbowV-classic/clean/utils_prng.c @@ -78,13 +78,13 @@ static int randombytes_with_state(prng_t *state, return 0; } -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { unsigned char seed[48]; if (prng_seedlen >= 48) { memcpy(seed, prng_seed, 48); } else { memcpy(seed, prng_seed, prng_seedlen); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); + PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); } randombytes_init_with_state(ctx, seed); @@ -92,6 +92,6 @@ int PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, u return 0; } -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { return randombytes_with_state(ctx, out, outlen); } diff --git a/crypto_sign/rainbowIa-cyclic/clean/utils_prng.h b/crypto_sign/rainbowV-classic/clean/utils_prng.h similarity index 72% rename from crypto_sign/rainbowIa-cyclic/clean/utils_prng.h rename to crypto_sign/rainbowV-classic/clean/utils_prng.h index 4465547e..c0e58288 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/utils_prng.h +++ b/crypto_sign/rainbowV-classic/clean/utils_prng.h @@ -12,7 +12,7 @@ typedef struct { unsigned char V[16]; } prng_t; -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); -int PQCLEAN_RAINBOWIACYCLIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); +int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); #endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowV-compressed/META.yml b/crypto_sign/rainbowV-compressed/META.yml new file mode 100644 index 00000000..1ef75280 --- /dev/null +++ b/crypto_sign/rainbowV-compressed/META.yml @@ -0,0 +1,20 @@ +name: "RAINBOW(256,96,36,64) - compressed" +type: signature +claimed-nist-level: 5 +length-public-key: 536136 +length-secret-key: 64 +length-signature: 212 +nistkat-sha256: 452159bbc353bcb8e209d466df8c2ba3816d66a8dcf2059aa96185e10016feec +testvectors-sha256: 1262856e5aebcc2e9455f6fc6d88960df2999e18a41d69d9573eb56f00006278 +principal-submitters: + - Jintai Ding +auxiliary-submitters: + - Ming-Shing Chen + - Matthias Kannwischer + - Jacques Patarin + - Albrecht Petzoldt + - Dieter Schmidt + - Bo-Yin Yang +implementations: + - name: clean + version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263 diff --git a/crypto_sign/rainbowVc-cyclic/clean/LICENSE b/crypto_sign/rainbowV-compressed/clean/LICENSE similarity index 100% rename from crypto_sign/rainbowVc-cyclic/clean/LICENSE rename to crypto_sign/rainbowV-compressed/clean/LICENSE diff --git a/crypto_sign/rainbowIIIc-cyclic/clean/Makefile b/crypto_sign/rainbowV-compressed/clean/Makefile similarity index 95% rename from crypto_sign/rainbowIIIc-cyclic/clean/Makefile rename to crypto_sign/rainbowV-compressed/clean/Makefile index ce4c7a9c..fe73a9d7 100644 --- a/crypto_sign/rainbowIIIc-cyclic/clean/Makefile +++ b/crypto_sign/rainbowV-compressed/clean/Makefile @@ -1,6 +1,6 @@ # This Makefile can be used with GNU Make or BSD Make -LIB=librainbowIIIc-cyclic_clean.a +LIB=librainbowV-compressed_clean.a HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o diff --git a/crypto_sign/rainbowIa-classic/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowV-compressed/clean/Makefile.Microsoft_nmake similarity index 92% rename from crypto_sign/rainbowIa-classic/clean/Makefile.Microsoft_nmake rename to crypto_sign/rainbowV-compressed/clean/Makefile.Microsoft_nmake index d712dfe6..f6a4489b 100644 --- a/crypto_sign/rainbowIa-classic/clean/Makefile.Microsoft_nmake +++ b/crypto_sign/rainbowV-compressed/clean/Makefile.Microsoft_nmake @@ -1,7 +1,7 @@ # This Makefile can be used with Microsoft Visual Studio's nmake using the command: # nmake /f Makefile.Microsoft_nmake -LIBRARY=librainbowIa-classic_clean.lib +LIBRARY=librainbowV-compressed_clean.lib OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX diff --git a/crypto_sign/rainbowV-compressed/clean/api.h b/crypto_sign/rainbowV-compressed/clean/api.h new file mode 100644 index 00000000..89e7b3d8 --- /dev/null +++ b/crypto_sign/rainbowV-compressed/clean/api.h @@ -0,0 +1,32 @@ +#ifndef PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_API_H +#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_API_H + +#include +#include + +#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_CRYPTO_SECRETKEYBYTES 64 +#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_CRYPTO_PUBLICKEYBYTES 536136 +#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_CRYPTO_BYTES 212 +#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,96,36,64) - compressed" + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); + + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk); + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk); + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, + const uint8_t *m, size_t mlen, + const uint8_t *sk); + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, + const uint8_t *sm, size_t smlen, + const uint8_t *pk); + + +#endif diff --git a/crypto_sign/rainbowIIIc-classic/clean/blas.c b/crypto_sign/rainbowV-compressed/clean/blas.c similarity index 61% rename from crypto_sign/rainbowIIIc-classic/clean/blas.c rename to crypto_sign/rainbowV-compressed/clean/blas.c index 5e14d7bd..6a981547 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/blas.c +++ b/crypto_sign/rainbowV-compressed/clean/blas.c @@ -3,29 +3,29 @@ #include -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); for (size_t i = 0; i < _num_byte; i++) { accu_b[i] ^= (a[i] & pr_u8); } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { accu_b[i] ^= a[i]; } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { - a[i] = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_mul(a[i], b); + a[i] = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a[i], b); } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { for (size_t i = 0; i < _num_byte; i++) { - accu_c[i] ^= PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_mul(a[i], gf256_b); + accu_c[i] ^= PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a[i], gf256_b); } } diff --git a/crypto_sign/rainbowIIIc-classic/clean/blas.h b/crypto_sign/rainbowV-compressed/clean/blas.h similarity index 61% rename from crypto_sign/rainbowIIIc-classic/clean/blas.h rename to crypto_sign/rainbowV-compressed/clean/blas.h index da4eda64..fba6cfef 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/blas.h +++ b/crypto_sign/rainbowV-compressed/clean/blas.h @@ -8,12 +8,12 @@ #include #include -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); #endif // _BLAS_H_ diff --git a/crypto_sign/rainbowIIIc-classic/clean/blas_comm.c b/crypto_sign/rainbowV-compressed/clean/blas_comm.c similarity index 71% rename from crypto_sign/rainbowIIIc-classic/clean/blas_comm.c rename to crypto_sign/rainbowV-compressed/clean/blas_comm.c index 82686971..1f9a40ce 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/blas_comm.c +++ b/crypto_sign/rainbowV-compressed/clean/blas_comm.c @@ -10,7 +10,7 @@ #include #include -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { for (size_t i = 0; i < _num_byte; i++) { b[i] = 0; } @@ -21,11 +21,11 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _ /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { return a[i]; } -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { uint8_t r = 0; while (_num_byte--) { r |= a[0]; @@ -36,28 +36,28 @@ unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, u /// polynomial multplication /// School boook -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(c, _num * 2 - 1); for (unsigned int i = 0; i < _num; i++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(c + i, a, b[i], _num); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(c + i, a, b[i], _num); } } static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(c, n_A_vec_byte); for (unsigned int i = 0; i < n_A_width; i++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); matA += n_A_vec_byte; } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { unsigned int n_vec_byte = len_vec; for (unsigned int k = 0; k < len_vec; k++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(c, n_vec_byte); const uint8_t *bk = b + n_vec_byte * k; for (unsigned int i = 0; i < len_vec; i++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); } c += n_vec_byte; } @@ -72,18 +72,18 @@ static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsign for (unsigned int j = i + 1; j < h; j++) { uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); } - r8 &= PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_is_nonzero(ai[i]); + r8 &= PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]); uint8_t pivot = ai[i]; - pivot = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_inv(pivot); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); + pivot = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_inv(pivot); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); for (unsigned int j = 0; j < h; j++) { if (i == j) { continue; } uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); } } @@ -96,7 +96,7 @@ static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *in memcpy(mat + i * (n + 1), inp_mat + i * n, n); mat[i * (n + 1) + n] = c_terms[i]; } - unsigned int r8 = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); + unsigned int r8 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); for (unsigned int i = 0; i < n; i++) { sol[i] = mat[i * (n + 1) + n]; } @@ -111,15 +111,15 @@ static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int } } -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { uint8_t *aa = buffer; for (unsigned int i = 0; i < H; i++) { uint8_t *ai = aa + i * 2 * H; - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(ai, 2 * H); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(ai, a + i * H, H); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(ai, 2 * H); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(ai, a + i * H, H); ai[H + i] = 1; } - unsigned int r8 = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); + unsigned int r8 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); gf256mat_submat(inv_a, H, H, aa, 2 * H, H); return r8; } @@ -130,15 +130,15 @@ unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const #define gf256mat_prod_impl gf256mat_prod_ref #define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref #define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); } -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { return gf256mat_gauss_elim_impl(mat, h, w); } -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); } diff --git a/crypto_sign/rainbowIIIc-classic/clean/blas_comm.h b/crypto_sign/rainbowV-compressed/clean/blas_comm.h similarity index 84% rename from crypto_sign/rainbowIIIc-classic/clean/blas_comm.h rename to crypto_sign/rainbowV-compressed/clean/blas_comm.h index 6357c0ab..89fde09c 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/blas_comm.h +++ b/crypto_sign/rainbowV-compressed/clean/blas_comm.h @@ -12,7 +12,7 @@ /// @param[in,out] b - the vector b. /// @param[in] _num_byte - number of bytes for the vector b. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); /// @brief get an element from GF(256) vector . /// @@ -20,7 +20,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _ /// @param[in] i - the index in the vector a. /// @return the value of the element. /// -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); /// @brief check if a vector is 0. /// @@ -28,7 +28,7 @@ uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsign /// @param[in] _num_byte - number of bytes for the vector a. /// @return 1(true) if a is 0. 0(false) else. /// -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); /// @brief polynomial multiplication: c = a*b /// @@ -37,7 +37,7 @@ unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, u /// @param[in] b - the vector b. /// @param[in] _num - number of elements for the polynomials a and b. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); /// @brief matrix-vector multiplication: c = matA * b , in GF(256) /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t * /// @param[in] n_A_width - the width of matrix A. /// @param[in] b - the vector b. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); /// @brief matrix-matrix multiplication: c = a * b , in GF(256) /// @@ -56,7 +56,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *m /// @param[in] b - a matrix b. /// @param[in] len_vec - the length of column vectors. /// -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); /// @brief Gauss elimination for a matrix, in GF(256) /// @@ -65,7 +65,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, /// @param[in] w - the width of the matrix. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); /// @brief Solving linear equations, in GF(256) /// @@ -75,7 +75,7 @@ unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, /// @param[in] n - the number of equations. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); /// @brief Computing the inverse matrix, in GF(256) /// @@ -85,6 +85,6 @@ unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t * /// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. /// @return 1(true) if success. 0(false) if the matrix is singular. /// -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); #endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowIIIc-classic/clean/gf.c b/crypto_sign/rainbowV-compressed/clean/gf.c similarity index 76% rename from crypto_sign/rainbowIIIc-classic/clean/gf.c rename to crypto_sign/rainbowV-compressed/clean/gf.c index 130e193f..1652b5bb 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/gf.c +++ b/crypto_sign/rainbowV-compressed/clean/gf.c @@ -17,7 +17,7 @@ static inline uint8_t gf4_squ(uint8_t a) { } //// gf16 := gf4[y]/y^2+y+x -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 3; uint8_t a1 = (a >> 2); uint8_t b0 = b & 3; @@ -37,7 +37,7 @@ static inline uint8_t gf16_squ(uint8_t a) { return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0)); } -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a) { +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a) { unsigned int a8 = a; unsigned int r = ((unsigned int)0) - a8; r >>= 8; @@ -55,14 +55,14 @@ static inline uint8_t gf16_mul_8(uint8_t a) { } // gf256 := gf16[X]/X^2+X+xy -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) { +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b) { uint8_t a0 = a & 15; uint8_t a1 = (a >> 4); uint8_t b0 = b & 15; uint8_t b1 = (b >> 4); - uint8_t a0b0 = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf16_mul(a0, b0); - uint8_t a1b1 = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf16_mul(a1, b1); - uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; + uint8_t a0b0 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(a0, b0); + uint8_t a1b1 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(a1, b1); + uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1; uint8_t a1b1_x8 = gf16_mul_8(a1b1); return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8); } @@ -75,17 +75,17 @@ static inline uint8_t gf256_squ(uint8_t a) { return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0)); } -uint8_t PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_inv(uint8_t a) { +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_inv(uint8_t a) { // 128+64+32+16+8+4+2 = 254 uint8_t a2 = gf256_squ(a); uint8_t a4 = gf256_squ(a2); uint8_t a8 = gf256_squ(a4); - uint8_t a4_2 = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_mul(a4, a2); - uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_mul(a4_2, a8); + uint8_t a4_2 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a4, a2); + uint8_t a8_4_2 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a4_2, a8); uint8_t a64_ = gf256_squ(a8_4_2); a64_ = gf256_squ(a64_); a64_ = gf256_squ(a64_); - uint8_t a64_2 = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_mul(a64_, a8_4_2); + uint8_t a64_2 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a64_, a8_4_2); uint8_t a128_ = gf256_squ(a64_2); - return PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256_mul(a2, a128_); + return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a2, a128_); } diff --git a/crypto_sign/rainbowV-compressed/clean/gf.h b/crypto_sign/rainbowV-compressed/clean/gf.h new file mode 100644 index 00000000..07d7a54b --- /dev/null +++ b/crypto_sign/rainbowV-compressed/clean/gf.h @@ -0,0 +1,19 @@ +#ifndef _GF16_H_ +#define _GF16_H_ + +#include "rainbow_config.h" +#include + +/// @file gf16.h +/// @brief Library for arithmetics in GF(16) and GF(256) +/// + +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b); + + +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a); +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_inv(uint8_t a); +uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b); + + +#endif // _GF16_H_ diff --git a/crypto_sign/rainbowIIIc-classic/clean/parallel_matrix_op.c b/crypto_sign/rainbowV-compressed/clean/parallel_matrix_op.c similarity index 71% rename from crypto_sign/rainbowIIIc-classic/clean/parallel_matrix_op.c rename to crypto_sign/rainbowV-compressed/clean/parallel_matrix_op.c index 5dc73ab3..9b8d4eac 100644 --- a/crypto_sign/rainbowIIIc-classic/clean/parallel_matrix_op.c +++ b/crypto_sign/rainbowV-compressed/clean/parallel_matrix_op.c @@ -16,7 +16,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; } @@ -30,25 +30,25 @@ unsigned int PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, /// static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { if (i_row > j_col) { - return PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var); + return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(j_col, i_row, n_var); } - return PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var); + return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i_row, j_col, n_var); } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { unsigned char *runningC = btriC; unsigned int Aheight = Awidth; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < i; j++) { - unsigned int idx = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(j, i, Aheight); - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); + unsigned int idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(j, i, Aheight); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); runningC += size_batch * (Aheight - i); } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; unsigned int Aheight = Awidth; @@ -58,7 +58,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, if (k < i) { continue; } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -66,7 +66,7 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -75,14 +75,14 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *b if (i < k) { continue; } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Aheight = Bheight; for (unsigned int i = 0; i < Aheight; i++) { @@ -91,46 +91,46 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC if (i == k) { continue; } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { unsigned int Atr_height = Awidth; unsigned int Atr_width = Aheight; for (unsigned int i = 0; i < Atr_height; i++) { for (unsigned int j = 0; j < Atr_width; j++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); } bC += size_batch * Bwidth; } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { const unsigned char *bA = bA_to_tr; unsigned int Aheight = Awidth_before_tr; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { unsigned int Awidth = Bheight; for (unsigned int i = 0; i < Aheight; i++) { for (unsigned int j = 0; j < Bwidth; j++) { for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); } bC += size_batch; } @@ -138,46 +138,46 @@ void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, co } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { unsigned char tmp[256]; unsigned char _x[256]; for (unsigned int i = 0; i < dim; i++) { - _x[i] = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(x, i); } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(y, size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(y, size_batch); for (unsigned int i = 0; i < dim; i++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = i; j < dim; j++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); trimat += size_batch; } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); } } -void PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned dim_x, unsigned size_batch) { unsigned char tmp[128]; unsigned char _x[128]; for (unsigned int i = 0; i < dim_x; i++) { - _x[i] = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(x, i); + _x[i] = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(x, i); } unsigned char _y[128]; for (unsigned int i = 0; i < dim_y; i++) { - _y[i] = PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_get_ele(y, i); + _y[i] = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(y, i); } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(z, size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(z, size_batch); for (unsigned int i = 0; i < dim_y; i++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); for (unsigned int j = 0; j < dim_x; j++) { - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); mat += size_batch; } - PQCLEAN_RAINBOWIIICCLASSIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); } } diff --git a/crypto_sign/rainbowIa-classic/clean/parallel_matrix_op.h b/crypto_sign/rainbowV-compressed/clean/parallel_matrix_op.h similarity index 84% rename from crypto_sign/rainbowIa-classic/clean/parallel_matrix_op.h rename to crypto_sign/rainbowV-compressed/clean/parallel_matrix_op.h index b9f8b8c5..5d7d632d 100644 --- a/crypto_sign/rainbowIa-classic/clean/parallel_matrix_op.h +++ b/crypto_sign/rainbowV-compressed/clean/parallel_matrix_op.h @@ -15,7 +15,7 @@ /// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. /// @return the corresponding index in an array storage. /// -unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); +unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); /// /// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. @@ -25,7 +25,7 @@ unsigned int PQCLEAN_RAINBOWIACLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, un /// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); //////////////////// Section: matrix multiplications /////////////////////////////// @@ -40,7 +40,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -54,7 +54,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, co /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -68,7 +68,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -82,7 +82,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -96,7 +96,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -110,7 +110,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -125,7 +125,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -141,7 +141,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); @@ -157,7 +157,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -172,7 +172,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, co /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -187,7 +187,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, c /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); /// @@ -202,7 +202,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const /// @param[in] Bwidth - the width of B. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); //////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// @@ -216,7 +216,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, cons /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief y = x^Tr * trimat * x , in GF(256) @@ -227,7 +227,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y /// @param[in] dim - the dimension of matrix trimat (and x). /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); /// /// @brief z = y^Tr * mat * x , in GF(16) @@ -240,7 +240,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char * /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); /// @@ -254,7 +254,7 @@ void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z /// @param[in] dim_x - the length of x. /// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. /// -void PQCLEAN_RAINBOWIACLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); #endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowV-compressed/clean/rainbow.c b/crypto_sign/rainbowV-compressed/clean/rainbow.c new file mode 100644 index 00000000..ca8e6f80 --- /dev/null +++ b/crypto_sign/rainbowV-compressed/clean/rainbow.c @@ -0,0 +1,179 @@ +/// @file rainbow.c +/// @brief The standard implementations for functions in rainbow.h +/// + +#include "blas.h" +#include "parallel_matrix_op.h" +#include "rainbow.h" +#include "rainbow_blas.h" +#include "rainbow_config.h" +#include "rainbow_keypair.h" +#include "utils_hash.h" +#include "utils_prng.h" +#include +#include +#include + +#define MAX_ATTEMPT_FRMAT 128 + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { + uint8_t mat_l1[_O1 * _O1_BYTE]; + uint8_t mat_l2[_O2 * _O2_BYTE]; + uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; + + // setup PRNG + prng_t prng_sign; + uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN]; + memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); + memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest + uint8_t prng_seed[_HASH_LEN]; + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) + for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { + prng_preseed[i] ^= prng_preseed[i]; // clean + } + for (unsigned int i = 0; i < _HASH_LEN; i++) { + prng_seed[i] ^= prng_seed[i]; // clean + } + + // roll vinegars. + uint8_t vinegar[_V1_BYTE]; + unsigned int n_attempt = 0; + unsigned int l1_succ = 0; + while (!l1_succ) { + if (MAX_ATTEMPT_FRMAT <= n_attempt) { + break; + } + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars + gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 + l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable + n_attempt++; + } + + // Given the vinegars, pre-compute variables needed for layer 2 + uint8_t r_l1_F1[_O1_BYTE] = {0}; + uint8_t r_l2_F1[_O2_BYTE] = {0}; + batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE); + batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE); + uint8_t mat_l2_F3[_O2 * _O2_BYTE]; + uint8_t mat_l2_F2[_O1 * _O2_BYTE]; + gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar); + gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar); + + // Some local variables. + uint8_t _z[_PUB_M_BYTE]; + uint8_t y[_PUB_M_BYTE]; + uint8_t *x_v1 = vinegar; + uint8_t x_o1[_O1_BYTE]; + uint8_t x_o2[_O2_BYTE]; + + uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; + memcpy(digest_salt, _digest, _HASH_LEN); + uint8_t *salt = digest_salt + _HASH_LEN; + + uint8_t temp_o[_MAX_O_BYTE + 32] = {0}; + unsigned int succ = 0; + while (!succ) { + if (MAX_ATTEMPT_FRMAT <= n_attempt) { + break; + } + // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w + + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) + + // y = S^-1 * z + memcpy(y, _z, _PUB_M_BYTE); // identity part of S + gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); + + // Central Map: + // layer 1: calculate x_o1 + memcpy(temp_o, r_l1_F1, _O1_BYTE); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); + gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); + + // layer 2: calculate x_o2 + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); + gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 + batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); + + // generate the linear equations of the 2nd layer + gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 + succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); + gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs + + n_attempt++; + }; + // w = T^-1 * y + uint8_t w[_PUB_N_BYTE]; + // identity part of T. + memcpy(w, x_v1, _V1_BYTE); + memcpy(w + _V1_BYTE, x_o1, _O1_BYTE); + memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); + // Computing the t1 part. + gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); + // Computing the t4 part. + gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE); + // Computing the t3 part. + gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); + + memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 + // clean + memset(&prng_sign, 0, sizeof(prng_t)); + memset(vinegar, 0, _V1_BYTE); + memset(r_l1_F1, 0, _O1_BYTE); + memset(r_l2_F1, 0, _O2_BYTE); + memset(_z, 0, _PUB_M_BYTE); + memset(y, 0, _PUB_M_BYTE); + memset(x_o1, 0, _O1_BYTE); + memset(x_o2, 0, _O2_BYTE); + memset(temp_o, 0, sizeof(temp_o)); + + // return: copy w and salt to the signature. + if (MAX_ATTEMPT_FRMAT <= n_attempt) { + return -1; + } + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); + return 0; +} + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { + unsigned char digest_ck[_PUB_M_BYTE]; + // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. + batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); + + unsigned char correct[_PUB_M_BYTE]; + unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; + memcpy(digest_salt, digest, _HASH_LEN); + memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) + + // check consistancy. + unsigned char cc = 0; + for (unsigned int i = 0; i < _PUB_M_BYTE; i++) { + cc |= (digest_ck[i] ^ correct[i]); + } + return (0 == cc) ? 0 : -1; +} + +/////////////// cyclic version /////////////////////////// +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *csk, const uint8_t *digest) { + unsigned char sk[sizeof(sk_t) + 32]; + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_secretkey_cyclic((sk_t *)sk, csk->pk_seed, csk->sk_seed); // generating classic secret key. + return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign(signature, (sk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) { + unsigned char pk[sizeof(pk_t) + 32]; + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key. + return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk); +} diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow.h b/crypto_sign/rainbowV-compressed/clean/rainbow.h similarity index 69% rename from crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow.h rename to crypto_sign/rainbowV-compressed/clean/rainbow.h index 7decea2a..a1c69bc5 100644 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow.h +++ b/crypto_sign/rainbowV-compressed/clean/rainbow.h @@ -16,7 +16,7 @@ /// @param[in] sk - the secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest); /// /// @brief Verifying function. @@ -26,7 +26,7 @@ int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, c /// @param[in] pk - the public key. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk); /// /// @brief Signing function for compressed secret key of the cyclic rainbow. @@ -35,7 +35,7 @@ int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *dige /// @param[in] sk - the compressed secret key. /// @param[in] digest - the digest. /// -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *sk, const uint8_t *digest); +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *sk, const uint8_t *digest); /// /// @brief Verifying function for cyclic public keys. @@ -45,6 +45,6 @@ int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signa /// @param[in] pk - the public key of cyclic rainbow. /// @return 0 for successful verified. -1 for failed verification. /// -int PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk); #endif // _RAINBOW_H_ diff --git a/crypto_sign/rainbowV-compressed/clean/rainbow_blas.h b/crypto_sign/rainbowV-compressed/clean/rainbow_blas.h new file mode 100644 index 00000000..b33125f8 --- /dev/null +++ b/crypto_sign/rainbowV-compressed/clean/rainbow_blas.h @@ -0,0 +1,32 @@ +#ifndef _RAINBOW_BLAS_H_ +#define _RAINBOW_BLAS_H_ +/// @file rainbow_blas.h +/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h +/// +/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h + +#include "blas.h" +#include "blas_comm.h" +#include "parallel_matrix_op.h" +#include "rainbow_config.h" + + +#define gfv_get_ele PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele +#define gfv_mul_scalar PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_mul_scalar +#define gfv_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd + +#define gfmat_prod PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_prod +#define gfmat_inv PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_inv + +#define batch_trimat_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimat_madd_gf256 +#define batch_trimatTr_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256 +#define batch_2trimat_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_2trimat_madd_gf256 +#define batch_matTr_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_matTr_madd_gf256 +#define batch_bmatTr_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256 +#define batch_mat_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_mat_madd_gf256 + +#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256 +#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256 + + +#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowVc-classic/clean/rainbow_config.h b/crypto_sign/rainbowV-compressed/clean/rainbow_config.h similarity index 93% rename from crypto_sign/rainbowVc-classic/clean/rainbow_config.h rename to crypto_sign/rainbowV-compressed/clean/rainbow_config.h index f691dfb1..e668ff3c 100644 --- a/crypto_sign/rainbowVc-classic/clean/rainbow_config.h +++ b/crypto_sign/rainbowV-compressed/clean/rainbow_config.h @@ -6,10 +6,10 @@ /// #define _GFSIZE 256 -#define _V1 92 -#define _O1 48 -#define _O2 48 -#define _MAX_O 48 +#define _V1 96 +#define _O1 36 +#define _O2 64 +#define _MAX_O 64 #define _HASH_LEN 64 diff --git a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair.c b/crypto_sign/rainbowV-compressed/clean/rainbow_keypair.c similarity index 52% rename from crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair.c rename to crypto_sign/rainbowV-compressed/clean/rainbow_keypair.c index 9c316854..d202b8af 100644 --- a/crypto_sign/rainbowIIIc-cyclic-compressed/clean/rainbow_keypair.c +++ b/crypto_sign/rainbowV-compressed/clean/rainbow_keypair.c @@ -12,52 +12,81 @@ #include #include -static void generate_S_T(unsigned char *s_and_t, prng_t *prng0) { - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // S1 - s_and_t += _O1_BYTE * _O2; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O1); // T1 - s_and_t += _V1_BYTE * _O1; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O2); // T2 - s_and_t += _V1_BYTE * _O2; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // T3 +static +void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) { + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->s1); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t1); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t4); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); + s_and_t += size; + + size = sizeof(_sk->t3); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size ); } -static unsigned int generate_l1_F12(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); // l1_F1 - sk += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O1_BYTE * _V1 * _O1); // l1_F2 - n_byte_generated += _O1_BYTE * _V1 * _O1; +static +unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; + + size = sizeof(_sk->l1_F1); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l1_F2); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; + return n_byte_generated; } -static unsigned int generate_l2_F12356(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // l2_F1 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_V1); +static +unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) { + unsigned n_byte_generated = 0; + sk_t *_sk; + unsigned size; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O1); // l2_F2 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F1); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O2); // l2_F3 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; + size = sizeof(_sk->l2_F2); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // l2_F5 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_O1); + size = sizeof(_sk->l2_F3); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _O1 * _O2); // l2_F6 - n_byte_generated += _O2_BYTE * _O1 * _O2; + size = sizeof(_sk->l2_F5); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + sk += size; + n_byte_generated += size; + + size = sizeof(_sk->l2_F6); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size ); + n_byte_generated += size; return n_byte_generated; } + static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { sk += generate_l1_F12(sk, prng0); generate_l2_F12356(sk, prng0); @@ -69,7 +98,7 @@ static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t4 = t2_to_t4; for (unsigned int i = 0; i < _O2; i++) { /// t3 width gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(t4, temp, _V1_BYTE); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(t4, temp, _V1_BYTE); t4 += _V1_BYTE; t3 += _O1_BYTE; } @@ -79,7 +108,7 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ unsigned char temp[_O1_BYTE + 32]; while (n_terms--) { gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); l1_polys += _O1_BYTE; l2_polys += _O2_BYTE; } @@ -89,14 +118,14 @@ static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_ ///////////////////// Cyclic ////////////////////////////////// -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(pk->pk_seed, pk_seed, LEN_PKSEED); memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); // prng for sk prng_t prng; prng_t *prng0 = &prng; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED); generate_S_T(sk->s1, prng0); // S,T: only a part of sk unsigned char t2[sizeof(sk->t4)]; @@ -107,18 +136,18 @@ void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk sk_t inst_Qs; sk_t *Qs = &inst_Qs; prng_t *prng1 = &prng; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED); generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1); obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1); // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6. - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T unsigned char t4[sizeof(sk->t4)]; memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4 memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2 - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9 memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4 obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1); @@ -131,19 +160,19 @@ void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk } -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *rsk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *rsk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(rsk->pk_seed, pk_seed, LEN_PKSEED); memcpy(rsk->sk_seed, sk_seed, LEN_SKSEED); sk_t sk; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(pk, &sk, pk_seed, sk_seed); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_keypair_cyclic(pk, &sk, pk_seed, sk_seed); } -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) { memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); // prng for sk prng_t prng0; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); generate_S_T(sk->s1, &prng0); calculate_t4(sk->t4, sk->t1, sk->t3); @@ -151,19 +180,19 @@ void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *s sk_t inst_Qs; sk_t *Qs = &inst_Qs; prng_t prng1; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_set(&prng1, pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(&prng1, pk_seed, LEN_PKSEED); generate_B1_B2(Qs->l1_F1, &prng1); obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1); obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1); // calcuate the parts of sk according to pk. - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // clean prng for sk memset(&prng0, 0, sizeof(prng_t)); } -void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) { // procedure: cpk_t --> extcpk_t --> pk_t // convert from cpk_t to extcpk_t @@ -171,7 +200,7 @@ void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t // setup prng prng_t prng0; - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED); // generating parts of key with prng generate_l1_F12(pk.l1_Q1, &prng0); @@ -184,5 +213,5 @@ void PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); // convert from extcpk_t to pk_t - PQCLEAN_RAINBOWIIICCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(rpk, &pk); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_extcpk_to_pk(rpk, &pk); } diff --git a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair.h b/crypto_sign/rainbowV-compressed/clean/rainbow_keypair.h similarity index 87% rename from crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair.h rename to crypto_sign/rainbowV-compressed/clean/rainbow_keypair.h index 718b959c..9204d2c0 100644 --- a/crypto_sign/rainbowIa-cyclic-compressed/clean/rainbow_keypair.h +++ b/crypto_sign/rainbowV-compressed/clean/rainbow_keypair.h @@ -77,7 +77,7 @@ typedef struct rainbow_secretkey_cyclic { /// @param[in] pk_seed - seed for generating parts of public key. /// @param[in] sk_seed - seed for generating secret key. /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); /// /// @brief Generate compressed key pairs for cyclic rainbow. @@ -87,7 +87,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, /// @param[in] pk_seed - seed for generating parts of the public key. /// @param[in] sk_seed - seed for generating the secret key. /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); /// /// @brief Generate secret key for cyclic rainbow. @@ -96,7 +96,7 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk /// @param[in] pk_seed - seed for generating parts of the pbulic key. /// @param[in] sk_seed - seed for generating the secret key. /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed); //////////////////////////////////// @@ -106,6 +106,6 @@ void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, /// @param[out] pk - the classic public key. /// @param[in] cpk - the cyclic public key. /// -void PQCLEAN_RAINBOWIACYCLICCOMPRESSED_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk); #endif // _RAINBOW_KEYPAIR_H_ diff --git a/crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair_computation.c b/crypto_sign/rainbowV-compressed/clean/rainbow_keypair_computation.c similarity index 87% rename from crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair_computation.c rename to crypto_sign/rainbowV-compressed/clean/rainbow_keypair_computation.c index 982d13b1..add3b8c7 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair_computation.c +++ b/crypto_sign/rainbowV-compressed/clean/rainbow_keypair_computation.c @@ -11,12 +11,12 @@ #include #include -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) { const unsigned char *idx_l1 = cpk->l1_Q1; const unsigned char *idx_l2 = cpk->l2_Q1; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = i; j < _V1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -27,7 +27,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q2; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -38,7 +38,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q3; for (unsigned int i = 0; i < _V1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -49,7 +49,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q5; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = i; j < _V1 + _O1; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -60,7 +60,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q6; for (unsigned int i = _V1; i < _V1 + _O1; i++) { for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -71,7 +71,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) idx_l2 = cpk->l2_Q9; for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) { for (unsigned int j = i; j < _PUB_N; j++) { - unsigned int pub_idx = PQCLEAN_RAINBOWIACYCLIC_CLEAN_idx_of_trimat(i, j, _PUB_N); + unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N); memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE); memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE); idx_l1 += _O1_BYTE; @@ -119,7 +119,7 @@ static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { memset(tempQ, 0, _O1 * _O1 * _O2_BYTE); batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2) memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5 - PQCLEAN_RAINBOWIACYCLIC_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... ) batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1 @@ -151,7 +151,7 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t memset(tempQ.l2_F2, 0, sizeof(tempQ.l2_F2)); batch_matTr_madd(tempQ.l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, tempQ.l1_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1)); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ.l2_F1, _O1, _O1_BYTE); // UT( ... ) // Q5 /* F1_T2 = F1 * t2 @@ -170,7 +170,7 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t memset(tempQ.l1_F2, 0, _O1_BYTE * _V1 * _O2); // should be F3. assuming: _O1 >= _O2 batch_matTr_madd(tempQ.l1_F2, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 ) - PQCLEAN_RAINBOWIACYCLIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ.l1_F2, _O2, _O1_BYTE); // Q9 batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3 @@ -197,17 +197,17 @@ static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t batch_matTr_madd(tempQ.l2_F3, Ts->t3, _O1, _O1_BYTE, _O2, tempQ.l2_F6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... ) memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2)); - PQCLEAN_RAINBOWIACYCLIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ.l2_F3, _O2, _O2_BYTE); // Q9 } // Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_ #define calculate_F_from_Q_impl calculate_F_from_Q_ref #define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) { calculate_F_from_Q_impl(Fs, Qs, Ts); } -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) { calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts); } diff --git a/crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowV-compressed/clean/rainbow_keypair_computation.h similarity index 87% rename from crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair_computation.h rename to crypto_sign/rainbowV-compressed/clean/rainbow_keypair_computation.h index 9416abb4..68e7234a 100644 --- a/crypto_sign/rainbowIa-cyclic/clean/rainbow_keypair_computation.h +++ b/crypto_sign/rainbowV-compressed/clean/rainbow_keypair_computation.h @@ -37,7 +37,7 @@ typedef struct rainbow_extend_publickey { /// @param[out] pk - the classic public key. /// @param[in] cpk - the internel public key. /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); ///////////////////////////////////////////////// /// @@ -47,7 +47,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); /// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the secret key: T1, T4, T3 /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); /// @@ -57,7 +57,7 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t /// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 /// @param[in] Ts - parts of the sk: T1, T4, T3 /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); /// /// @brief Computing parts of the pk from the secret key @@ -66,6 +66,6 @@ void PQCLEAN_RAINBOWIACYCLIC_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, /// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 /// @param[in] Ts - parts of the sk: T1, T4, T3 /// -void PQCLEAN_RAINBOWIACYCLIC_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); +void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); #endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowV-compressed/clean/sign.c b/crypto_sign/rainbowV-compressed/clean/sign.c new file mode 100644 index 00000000..335e7bfd --- /dev/null +++ b/crypto_sign/rainbowV-compressed/clean/sign.c @@ -0,0 +1,76 @@ +/// @file sign.c +/// @brief the implementations for functions in api.h +/// +/// + +#include "api.h" +#include "rainbow.h" +#include "rainbow_config.h" +#include "rainbow_keypair.h" +#include "randombytes.h" +#include "utils_hash.h" +#include +#include + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { + unsigned char sk_seed[LEN_SKSEED] = {0}; + randombytes(sk_seed, LEN_SKSEED); + + unsigned char pk_seed[LEN_PKSEED] = {0}; + randombytes(pk_seed, LEN_PKSEED); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_compact_keypair_cyclic((cpk_t *)pk, (csk_t *)sk, pk_seed, sk_seed); + return 0; +} + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + + memcpy(sm, m, mlen); + smlen[0] = mlen + _SIGNATURE_BYTE; + + return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign_cyclic(sm + mlen, (const csk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { + int rc; + if (_SIGNATURE_BYTE > smlen) { + rc = -1; + } else { + *mlen = smlen - _SIGNATURE_BYTE; + + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); + + rc = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); + } + if (!rc) { + memmove(m, sm, smlen - _SIGNATURE_BYTE); + } else { // bad signature + *mlen = (size_t) -1; + memset(m, 0, smlen); + } + return rc; +} + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_signature( + uint8_t *sig, size_t *siglen, + const uint8_t *m, size_t mlen, const uint8_t *sk) { + unsigned char digest[_HASH_LEN]; + + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + *siglen = _SIGNATURE_BYTE; + return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign_cyclic(sig, (const csk_t *)sk, digest); +} + +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_verify( + const uint8_t *sig, size_t siglen, + const uint8_t *m, size_t mlen, const uint8_t *pk) { + if (siglen != _SIGNATURE_BYTE) { + return -1; + } + unsigned char digest[_HASH_LEN]; + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); + return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); +} diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_hash.c b/crypto_sign/rainbowV-compressed/clean/utils_hash.c similarity index 78% rename from crypto_sign/rainbowVc-cyclic-compressed/clean/utils_hash.c rename to crypto_sign/rainbowV-compressed/clean/utils_hash.c index f3bffff1..d3ab9aec 100644 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_hash.c +++ b/crypto_sign/rainbowV-compressed/clean/utils_hash.c @@ -7,7 +7,7 @@ #include "rainbow_config.h" #include "sha2.h" -static inline int _hash(unsigned char *digest, const unsigned char *m, size_t mlen) { +static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) { sha512(digest, m, mlen); return 0; } @@ -25,14 +25,14 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi n_digest -= _HASH_LEN; while (_HASH_LEN <= n_digest) { - _hash(digest + _HASH_LEN, digest, _HASH_LEN); + h(digest + _HASH_LEN, digest, _HASH_LEN); n_digest -= _HASH_LEN; digest += _HASH_LEN; } unsigned char temp[_HASH_LEN]; if (n_digest) { - _hash(temp, digest, _HASH_LEN); + h(temp, digest, _HASH_LEN); for (size_t i = 0; i < n_digest; i++) { digest[_HASH_LEN + i] = temp[i]; } @@ -40,11 +40,11 @@ static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsi return 0; } -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(unsigned char *digest, +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen) { unsigned char buf[_HASH_LEN]; - _hash(buf, m, mlen); + h(buf, m, mlen); return expand_hash(digest, len_digest, buf); } diff --git a/crypto_sign/rainbowIa-classic/clean/utils_hash.h b/crypto_sign/rainbowV-compressed/clean/utils_hash.h similarity index 58% rename from crypto_sign/rainbowIa-classic/clean/utils_hash.h rename to crypto_sign/rainbowV-compressed/clean/utils_hash.h index da190bac..b1577ac1 100644 --- a/crypto_sign/rainbowIa-classic/clean/utils_hash.h +++ b/crypto_sign/rainbowV-compressed/clean/utils_hash.h @@ -6,6 +6,6 @@ #include -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); #endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowIa-classic/clean/utils_prng.c b/crypto_sign/rainbowV-compressed/clean/utils_prng.c similarity index 86% rename from crypto_sign/rainbowIa-classic/clean/utils_prng.c rename to crypto_sign/rainbowV-compressed/clean/utils_prng.c index 5b6f3523..378939db 100644 --- a/crypto_sign/rainbowIa-classic/clean/utils_prng.c +++ b/crypto_sign/rainbowV-compressed/clean/utils_prng.c @@ -78,13 +78,13 @@ static int randombytes_with_state(prng_t *state, return 0; } -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { unsigned char seed[48]; if (prng_seedlen >= 48) { memcpy(seed, prng_seed, 48); } else { memcpy(seed, prng_seed, prng_seedlen); - PQCLEAN_RAINBOWIACLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); + PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); } randombytes_init_with_state(ctx, seed); @@ -92,6 +92,6 @@ int PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, return 0; } -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { return randombytes_with_state(ctx, out, outlen); } diff --git a/crypto_sign/rainbowIa-classic/clean/utils_prng.h b/crypto_sign/rainbowV-compressed/clean/utils_prng.h similarity index 55% rename from crypto_sign/rainbowIa-classic/clean/utils_prng.h rename to crypto_sign/rainbowV-compressed/clean/utils_prng.h index 0c1a5323..fdd2a7b2 100644 --- a/crypto_sign/rainbowIa-classic/clean/utils_prng.h +++ b/crypto_sign/rainbowV-compressed/clean/utils_prng.h @@ -12,7 +12,7 @@ typedef struct { unsigned char V[16]; } prng_t; -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); -int PQCLEAN_RAINBOWIACLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); +int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); #endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowVc-classic/META.yml b/crypto_sign/rainbowVc-classic/META.yml deleted file mode 100644 index 5a99c67b..00000000 --- a/crypto_sign/rainbowVc-classic/META.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: "RAINBOW(256,92,48,48) - classic" -type: signature -claimed-nist-level: 5 -length-public-key: 1705536 -length-secret-key: 1227104 -length-signature: 204 -nistkat-sha256: e9d065cbdd5736f4ad2bf5c910fcdf163c3e93828a2e59cd4d1dbebb8c1de202 -testvectors-sha256: 729d88ca4b5a64508c15c86f986ab81489275ee84d371b5ec0792f89b9ca5ac3 -principal-submitters: - - Jintai Ding -auxiliary-submitters: - - Ming-Shing Chen - - Albrecht Petzoldt - - Dieter Schmidt - - Bo-Yin Yang -implementations: - - name: clean - version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/af826fcb78f6af51a02d0352cff28a9690467bfd diff --git a/crypto_sign/rainbowVc-classic/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowVc-classic/clean/Makefile.Microsoft_nmake deleted file mode 100644 index 4ca3f5ba..00000000 --- a/crypto_sign/rainbowVc-classic/clean/Makefile.Microsoft_nmake +++ /dev/null @@ -1,19 +0,0 @@ -# This Makefile can be used with Microsoft Visual Studio's nmake using the command: -# nmake /f Makefile.Microsoft_nmake - -LIBRARY=librainbowVc-classic_clean.lib -OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj - -CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX - -all: $(LIBRARY) - -# Make sure objects are recompiled if headers change. -$(OBJECTS): *.h - -$(LIBRARY): $(OBJECTS) - LIB.EXE /NOLOGO /WX /OUT:$@ $** - -clean: - -DEL $(OBJECTS) - -DEL $(LIBRARY) diff --git a/crypto_sign/rainbowVc-classic/clean/api.h b/crypto_sign/rainbowVc-classic/clean/api.h deleted file mode 100644 index 11edfb14..00000000 --- a/crypto_sign/rainbowVc-classic/clean/api.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef PQCLEAN_RAINBOWVCCLASSIC_CLEAN_API_H -#define PQCLEAN_RAINBOWVCCLASSIC_CLEAN_API_H - -#include -#include - -#define PQCLEAN_RAINBOWVCCLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 1227104 -#define PQCLEAN_RAINBOWVCCLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 1705536 -#define PQCLEAN_RAINBOWVCCLASSIC_CLEAN_CRYPTO_BYTES 204 -#define PQCLEAN_RAINBOWVCCLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,92,48,48) - classic" - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); - - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk); - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk); - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, - const uint8_t *m, size_t mlen, - const uint8_t *sk); - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, - const uint8_t *sm, size_t smlen, - const uint8_t *pk); - - -#endif diff --git a/crypto_sign/rainbowVc-classic/clean/blas.c b/crypto_sign/rainbowVc-classic/clean/blas.c deleted file mode 100644 index 7bc7b489..00000000 --- a/crypto_sign/rainbowVc-classic/clean/blas.c +++ /dev/null @@ -1,31 +0,0 @@ -#include "blas.h" -#include "gf.h" - -#include - -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { - uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= (a[i] & pr_u8); - } -} - -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= a[i]; - } -} - - -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - a[i] = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_mul(a[i], b); - } -} - -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_c[i] ^= PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_mul(a[i], gf256_b); - } -} - diff --git a/crypto_sign/rainbowVc-classic/clean/blas.h b/crypto_sign/rainbowVc-classic/clean/blas.h deleted file mode 100644 index 426f09a0..00000000 --- a/crypto_sign/rainbowVc-classic/clean/blas.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _BLAS_H_ -#define _BLAS_H_ -/// @file blas.h -/// @brief Functions for implementing basic linear algebra functions. -/// - -#include "rainbow_config.h" -#include -#include - -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); - - -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); - - -#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowVc-classic/clean/gf.h b/crypto_sign/rainbowVc-classic/clean/gf.h deleted file mode 100644 index 5053e82a..00000000 --- a/crypto_sign/rainbowVc-classic/clean/gf.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _GF16_H_ -#define _GF16_H_ - -#include "rainbow_config.h" -#include - -/// @file gf16.h -/// @brief Library for arithmetics in GF(16) and GF(256) -/// - -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b); - - -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a); -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_inv(uint8_t a); -uint8_t PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b); - - -#endif // _GF16_H_ diff --git a/crypto_sign/rainbowVc-classic/clean/parallel_matrix_op.h b/crypto_sign/rainbowVc-classic/clean/parallel_matrix_op.h deleted file mode 100644 index 2af16a7e..00000000 --- a/crypto_sign/rainbowVc-classic/clean/parallel_matrix_op.h +++ /dev/null @@ -1,260 +0,0 @@ -#ifndef _P_MATRIX_OP_H_ -#define _P_MATRIX_OP_H_ -/// @file parallel_matrix_op.h -/// @brief Librarys for operations of batched matrixes. -/// -/// - -//////////////// Section: triangle matrix <-> rectangle matrix /////////////////////////////////// - -/// -/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. -/// -/// @param[in] i_row - the i-th row in an upper-triangle matrix. -/// @param[in] j_col - the j-th column in an upper-triangle matrix. -/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. -/// @return the corresponding index in an array storage. -/// -unsigned int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim); - -/// -/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix. -/// -/// @param[out] btriC - the batched upper-trianglized matrix C. -/// @param[in] bA - a batched retangle matrix A. -/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch); - -//////////////////// Section: matrix multiplications /////////////////////////////// - -/// -/// @brief bC += btriA * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += btriA * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += btriA^Tr * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += btriA^Tr * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += (btriA + btriA^Tr) *B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += (btriA + btriA^Tr) *B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr). -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += A^Tr * bB , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. -/// @param[in] Aheight - the height of A. -/// @param[in] size_Acolvec - the size of a column vector in A. -/// @param[in] Awidth - the width of A. -/// @param[in] bB - a batched matrix B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, - const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, - const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += A^Tr * bB , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr. -/// @param[in] Aheight - the height of A. -/// @param[in] size_Acolvec - the size of a column vector in A. -/// @param[in] Awidth - the width of A. -/// @param[in] bB - a batched matrix B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, - const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, - const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA^Tr * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). -/// @param[in] Awidth_befor_tr - the width of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA^Tr * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr). -/// @param[in] Awidth_befor_tr - the width of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA * B , in GF(16) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA - a batched matrix A. -/// @param[in] Aheigh - the height of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -/// -/// @brief bC += bA * B , in GF(256) -/// -/// @param[out] bC - the batched matrix C. -/// @param[in] bA - a batched matrix A. -/// @param[in] Aheigh - the height of A. -/// @param[in] B - a column-major matrix B. -/// @param[in] Bheight - the height of B. -/// @param[in] size_Bcolvec - the size of the column vector in B. -/// @param[in] Bwidth - the width of B. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch); - -//////////////////// Section: "quadratric" matrix evaluation /////////////////////////////// - -/// -/// @brief y = x^Tr * trimat * x , in GF(16) -/// -/// @param[out] y - the returned batched element y. -/// @param[in] trimat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim - the dimension of matrix trimat (and x). -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); - -/// -/// @brief y = x^Tr * trimat * x , in GF(256) -/// -/// @param[out] y - the returned batched element y. -/// @param[in] trimat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim - the dimension of matrix trimat (and x). -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch); - -/// -/// @brief z = y^Tr * mat * x , in GF(16) -/// -/// @param[out] z - the returned batched element z. -/// @param[in] y - an input vector y. -/// @param[in] dim_y - the length of y. -/// @param[in] mat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim_x - the length of x. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, - const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); - -/// -/// @brief z = y^Tr * mat * x , in GF(256) -/// -/// @param[out] z - the returned batched element z. -/// @param[in] y - an input vector y. -/// @param[in] dim_y - the length of y. -/// @param[in] mat - a batched matrix. -/// @param[in] x - an input vector x. -/// @param[in] dim_x - the length of x. -/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix. -/// -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, - const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch); - -#endif // _P_MATRIX_OP_H_ diff --git a/crypto_sign/rainbowVc-classic/clean/rainbow.c b/crypto_sign/rainbowVc-classic/clean/rainbow.c deleted file mode 100644 index 97f7616a..00000000 --- a/crypto_sign/rainbowVc-classic/clean/rainbow.c +++ /dev/null @@ -1,168 +0,0 @@ -/// @file rainbow.c -/// @brief The standard implementations for functions in rainbow.h -/// - -#include "blas.h" -#include "parallel_matrix_op.h" -#include "rainbow.h" -#include "rainbow_blas.h" -#include "rainbow_config.h" -#include "rainbow_keypair.h" -#include "utils_hash.h" -#include "utils_prng.h" -#include -#include -#include - -#define MAX_ATTEMPT_FRMAT 128 - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) { - uint8_t mat_l1[_O1 * _O1_BYTE]; - uint8_t mat_l2[_O2 * _O2_BYTE]; - uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE]; - - // setup PRNG - prng_t prng_sign; - uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN]; - memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED); - memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest - uint8_t prng_seed[_HASH_LEN]; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest ) - for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) { - prng_preseed[i] ^= prng_preseed[i]; // clean - } - for (unsigned int i = 0; i < _HASH_LEN; i++) { - prng_seed[i] ^= prng_seed[i]; // clean - } - - // roll vinegars. - uint8_t vinegar[_V1_BYTE]; - unsigned int n_attempt = 0; - unsigned int l1_succ = 0; - while (!l1_succ) { - if (MAX_ATTEMPT_FRMAT <= n_attempt) { - break; - } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars - gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1 - l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable - n_attempt++; - } - - // Given the vinegars, pre-compute variables needed for layer 2 - uint8_t r_l1_F1[_O1_BYTE] = {0}; - uint8_t r_l2_F1[_O2_BYTE] = {0}; - batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE); - batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE); - uint8_t mat_l2_F3[_O2 * _O2_BYTE]; - uint8_t mat_l2_F2[_O1 * _O2_BYTE]; - gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar); - gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar); - - // Some local variables. - uint8_t _z[_PUB_M_BYTE]; - uint8_t y[_PUB_M_BYTE]; - uint8_t *x_v1 = vinegar; - uint8_t x_o1[_O1_BYTE]; - uint8_t x_o2[_O1_BYTE]; - - uint8_t digest_salt[_HASH_LEN + _SALT_BYTE]; - memcpy(digest_salt, _digest, _HASH_LEN); - uint8_t *salt = digest_salt + _HASH_LEN; - - uint8_t temp_o[_MAX_O_BYTE + 32] = {0}; - unsigned int succ = 0; - while (!succ) { - if (MAX_ATTEMPT_FRMAT <= n_attempt) { - break; - } - // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt) - - // y = S^-1 * z - memcpy(y, _z, _PUB_M_BYTE); // identity part of S - gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE); - - // Central Map: - // layer 1: calculate x_o1 - memcpy(temp_o, r_l1_F1, _O1_BYTE); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE); - gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o); - - // layer 2: calculate x_o2 - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE); - gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2 - batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5 - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1 - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE); - - // generate the linear equations of the 2nd layer - gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6 - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3 - succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer); - gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs - - n_attempt++; - }; - // w = T^-1 * y - uint8_t w[_PUB_N_BYTE]; - // identity part of T. - memcpy(w, x_v1, _V1_BYTE); - memcpy(w + _V1_BYTE, x_o1, _O1_BYTE); - memcpy(w + _V2_BYTE, x_o2, _O2_BYTE); - // Computing the t1 part. - gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); - // Computing the t4 part. - gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE); - // Computing the t3 part. - gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE); - - memset(signature, 0, _SIGNATURE_BYTE); // set the output 0 - // clean - memset(&prng_sign, 0, sizeof(prng_t)); - memset(vinegar, 0, _V1_BYTE); - memset(r_l1_F1, 0, _O1_BYTE); - memset(r_l2_F1, 0, _O2_BYTE); - memset(_z, 0, _PUB_M_BYTE); - memset(y, 0, _PUB_M_BYTE); - memset(x_o1, 0, _O1_BYTE); - memset(x_o2, 0, _O2_BYTE); - memset(temp_o, 0, sizeof(temp_o)); - - // return: copy w and salt to the signature. - if (MAX_ATTEMPT_FRMAT <= n_attempt) { - return -1; - } - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE); - return 0; -} - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) { - unsigned char digest_ck[_PUB_M_BYTE]; - // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials. - batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE); - - unsigned char correct[_PUB_M_BYTE]; - unsigned char digest_salt[_HASH_LEN + _SALT_BYTE]; - memcpy(digest_salt, digest, _HASH_LEN); - memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt ) - - // check consistancy. - unsigned char cc = 0; - for (unsigned int i = 0; i < _PUB_M_BYTE; i++) { - cc |= (digest_ck[i] ^ correct[i]); - } - return (0 == cc) ? 0 : -1; -} - - diff --git a/crypto_sign/rainbowVc-classic/clean/rainbow_blas.h b/crypto_sign/rainbowVc-classic/clean/rainbow_blas.h deleted file mode 100644 index d4a0d1cc..00000000 --- a/crypto_sign/rainbowVc-classic/clean/rainbow_blas.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef _RAINBOW_BLAS_H_ -#define _RAINBOW_BLAS_H_ -/// @file rainbow_blas.h -/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h -/// -/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h - -#include "blas.h" -#include "blas_comm.h" -#include "parallel_matrix_op.h" -#include "rainbow_config.h" - - -#define gfv_get_ele PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_get_ele -#define gfv_mul_scalar PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_mul_scalar -#define gfv_madd PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_madd - -#define gfmat_prod PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_prod -#define gfmat_inv PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256mat_inv - -#define batch_trimat_madd PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimat_madd_gf256 -#define batch_trimatTr_madd PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_trimatTr_madd_gf256 -#define batch_2trimat_madd PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_2trimat_madd_gf256 -#define batch_matTr_madd PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_matTr_madd_gf256 -#define batch_bmatTr_madd PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_bmatTr_madd_gf256 -#define batch_mat_madd PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_mat_madd_gf256 - -#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_quad_trimat_eval_gf256 -#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCCLASSIC_CLEAN_batch_quad_recmat_eval_gf256 - - -#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowVc-classic/clean/rainbow_keypair.c b/crypto_sign/rainbowVc-classic/clean/rainbow_keypair.c deleted file mode 100644 index 27005dfc..00000000 --- a/crypto_sign/rainbowVc-classic/clean/rainbow_keypair.c +++ /dev/null @@ -1,126 +0,0 @@ -/// @file rainbow_keypair.c -/// @brief implementations of functions in rainbow_keypair.h -/// - -#include "rainbow_keypair.h" -#include "blas.h" -#include "blas_comm.h" -#include "rainbow_blas.h" -#include "rainbow_keypair_computation.h" -#include "utils_prng.h" -#include -#include -#include - -static void generate_S_T(unsigned char *s_and_t, prng_t *prng0) { - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // S1 - s_and_t += _O1_BYTE * _O2; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O1); // T1 - s_and_t += _V1_BYTE * _O1; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, s_and_t, _V1_BYTE * _O2); // T2 - s_and_t += _V1_BYTE * _O2; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, s_and_t, _O1_BYTE * _O2); // T3 -} - -static unsigned int generate_l1_F12(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * N_TRIANGLE_TERMS(_V1)); // l1_F1 - sk += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O1_BYTE * N_TRIANGLE_TERMS(_V1); - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, sk, _O1_BYTE * _V1 * _O1); // l1_F2 - n_byte_generated += _O1_BYTE * _V1 * _O1; - return n_byte_generated; -} - -static unsigned int generate_l2_F12356(unsigned char *sk, prng_t *prng0) { - unsigned int n_byte_generated = 0; - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // l2_F1 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_V1); - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O1); // l2_F2 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _V1 * _O2); // l2_F3 - sk += _O2_BYTE * _V1 * _O1; - n_byte_generated += _O2_BYTE * _V1 * _O1; - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // l2_F5 - sk += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - n_byte_generated += _O2_BYTE * N_TRIANGLE_TERMS(_O1); - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng0, sk, _O2_BYTE * _O1 * _O2); // l2_F6 - n_byte_generated += _O2_BYTE * _O1 * _O2; - - return n_byte_generated; -} - -static void generate_B1_B2(unsigned char *sk, prng_t *prng0) { - sk += generate_l1_F12(sk, prng0); - generate_l2_F12356(sk, prng0); -} - -static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) { - // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2 - unsigned char temp[_V1_BYTE + 32]; - unsigned char *t4 = t2_to_t4; - for (unsigned int i = 0; i < _O2; i++) { /// t3 width - gfmat_prod(temp, t1, _V1_BYTE, _O1, t3); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE); - t4 += _V1_BYTE; - t3 += _O1_BYTE; - } -} - -static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) { - unsigned char temp[_O1_BYTE + 32]; - while (n_terms--) { - gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE); - l1_polys += _O1_BYTE; - l2_polys += _O2_BYTE; - } -} - -/////////////////// Classic ////////////////////////////////// - -static void _generate_secretkey(sk_t *sk, const unsigned char *sk_seed) { - memcpy(sk->sk_seed, sk_seed, LEN_SKSEED); - - // set up prng - prng_t prng0; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED); - - // generating secret key with prng. - generate_S_T(sk->s1, &prng0); - generate_B1_B2(sk->l1_F1, &prng0); - - // clean prng - memset(&prng0, 0, sizeof(prng_t)); -} - -void PQCLEAN_RAINBOWVCCLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) { - _generate_secretkey(sk, sk_seed); - - // set up a temporary structure ext_cpk_t for calculating public key. - ext_cpk_t pk; - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format. - calculate_t4(sk->t4, sk->t1, sk->t3); - - obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1); - obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1); - obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1); - obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1); - obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1); - obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1); - // so far, the pk contains the full pk but in ext_cpk_t format. - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t. -} - - - diff --git a/crypto_sign/rainbowVc-classic/clean/sign.c b/crypto_sign/rainbowVc-classic/clean/sign.c deleted file mode 100644 index 3c0e56a0..00000000 --- a/crypto_sign/rainbowVc-classic/clean/sign.c +++ /dev/null @@ -1,74 +0,0 @@ -/// @file sign.c -/// @brief the implementations for functions in api.h -/// -/// - -#include "api.h" -#include "rainbow.h" -#include "rainbow_config.h" -#include "rainbow_keypair.h" -#include "randombytes.h" -#include "utils_hash.h" -#include -#include - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { - unsigned char sk_seed[LEN_SKSEED] = {0}; - randombytes(sk_seed, LEN_SKSEED); - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed); - return 0; -} - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - - memcpy(sm, m, mlen); - smlen[0] = mlen + _SIGNATURE_BYTE; - - return PQCLEAN_RAINBOWVCCLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - int rc; - if (_SIGNATURE_BYTE > smlen) { - rc = -1; - } else { - *mlen = smlen - _SIGNATURE_BYTE; - - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); - - rc = PQCLEAN_RAINBOWVCCLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk); - } - if (!rc) { - memmove(m, sm, smlen - _SIGNATURE_BYTE); - } else { // bad signature - *mlen = (size_t) -1; - memset(m, 0, smlen); - } - return rc; -} - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - *siglen = _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWVCCLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk) { - if (siglen != _SIGNATURE_BYTE) { - return -1; - } - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - return PQCLEAN_RAINBOWVCCLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk); -} diff --git a/crypto_sign/rainbowVc-classic/clean/utils_hash.h b/crypto_sign/rainbowVc-classic/clean/utils_hash.h deleted file mode 100644 index bab03631..00000000 --- a/crypto_sign/rainbowVc-classic/clean/utils_hash.h +++ /dev/null @@ -1,11 +0,0 @@ -#ifndef _UTILS_HASH_H_ -#define _UTILS_HASH_H_ -/// @file utils_hash.h -/// @brief the interface for adapting hash functions. -/// - -#include - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); - -#endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowVc-classic/clean/utils_prng.c b/crypto_sign/rainbowVc-classic/clean/utils_prng.c deleted file mode 100644 index 0803c451..00000000 --- a/crypto_sign/rainbowVc-classic/clean/utils_prng.c +++ /dev/null @@ -1,97 +0,0 @@ -/// @file utils_prng.c -/// @brief The implementation of PRNG related functions. -/// - -#include "utils_prng.h" -#include "aes.h" -#include "randombytes.h" -#include "utils_hash.h" -#include -#include - -static void prng_update(const unsigned char *provided_data, - unsigned char *Key, - unsigned char *V) { - unsigned char temp[48]; - aes256ctx ctx; - aes256_ecb_keyexp(&ctx, Key); - for (int i = 0; i < 3; i++) { - //increment V - for (int j = 15; j >= 0; j--) { - if (V[j] == 0xff) { - V[j] = 0x00; - } else { - V[j]++; - break; - } - } - aes256_ecb(temp + 16 * i, V, 1, &ctx); - } - if (provided_data != NULL) { - for (int i = 0; i < 48; i++) { - temp[i] ^= provided_data[i]; - } - } - aes256_ctx_release(&ctx); - memcpy(Key, temp, 32); - memcpy(V, temp + 32, 16); -} -static void randombytes_init_with_state(prng_t *state, - unsigned char *entropy_input_48bytes) { - memset(state->Key, 0x00, 32); - memset(state->V, 0x00, 16); - prng_update(entropy_input_48bytes, state->Key, state->V); -} - -static int randombytes_with_state(prng_t *state, - unsigned char *x, - size_t xlen) { - - unsigned char block[16]; - int i = 0; - - aes256ctx ctx; - aes256_ecb_keyexp(&ctx, state->Key); - - while (xlen > 0) { - //increment V - for (int j = 15; j >= 0; j--) { - if (state->V[j] == 0xff) { - state->V[j] = 0x00; - } else { - state->V[j]++; - break; - } - } - aes256_ecb(block, state->V, 1, &ctx); - if (xlen > 15) { - memcpy(x + i, block, 16); - i += 16; - xlen -= 16; - } else { - memcpy(x + i, block, xlen); - xlen = 0; - } - } - aes256_ctx_release(&ctx); - prng_update(NULL, state->Key, state->V); - return 0; -} - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { - unsigned char seed[48]; - if (prng_seedlen >= 48) { - memcpy(seed, prng_seed, 48); - } else { - memcpy(seed, prng_seed, prng_seedlen); - PQCLEAN_RAINBOWVCCLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); - } - - randombytes_init_with_state(ctx, seed); - - return 0; -} - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { - return randombytes_with_state(ctx, out, outlen); -} diff --git a/crypto_sign/rainbowVc-classic/clean/utils_prng.h b/crypto_sign/rainbowVc-classic/clean/utils_prng.h deleted file mode 100644 index ea9457b4..00000000 --- a/crypto_sign/rainbowVc-classic/clean/utils_prng.h +++ /dev/null @@ -1,18 +0,0 @@ -#ifndef _UTILS_PRNG_H_ -#define _UTILS_PRNG_H_ -/// @file utils_prng.h -/// @brief the interface for adapting PRNG functions. -/// -/// - -#include "randombytes.h" - -typedef struct { - unsigned char Key[32]; - unsigned char V[16]; -} prng_t; - -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); -int PQCLEAN_RAINBOWVCCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); - -#endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/META.yml b/crypto_sign/rainbowVc-cyclic-compressed/META.yml deleted file mode 100644 index 7fa036f6..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/META.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: "RAINBOW(256,92,48,48) - cyclic compressed" -type: signature -claimed-nist-level: 5 -length-public-key: 491936 -length-secret-key: 64 -length-signature: 204 -nistkat-sha256: 7bc9f57b718843d525d893fc361d97417de0b06e954f2687f808bebaaf2c762c -testvectors-sha256: acd054aed76af99bf0b31438226bdcca8ac34efde180cf80732c30bc00a63a9c -principal-submitters: - - Jintai Ding -auxiliary-submitters: - - Ming-Shing Chen - - Albrecht Petzoldt - - Dieter Schmidt - - Bo-Yin Yang -implementations: - - name: clean - version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/af826fcb78f6af51a02d0352cff28a9690467bfd diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/Makefile b/crypto_sign/rainbowVc-cyclic-compressed/clean/Makefile deleted file mode 100644 index 74a9b5ef..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# This Makefile can be used with GNU Make or BSD Make - -LIB=librainbowVc-cyclic-compressed_clean.a - -HEADERS = api.h blas_comm.h blas.h gf.h parallel_matrix_op.h rainbow_blas.h rainbow_config.h rainbow.h rainbow_keypair_computation.h rainbow_keypair.h utils_hash.h utils_prng.h -OBJECTS = blas_comm.o parallel_matrix_op.o rainbow.o rainbow_keypair.o rainbow_keypair_computation.o sign.o utils_hash.o utils_prng.o blas.o gf.o - - -CFLAGS=-O3 -Wall -Wconversion -Wextra -Wpedantic -Wvla -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS) - -all: $(LIB) - -%.o: %.c $(HEADERS) - $(CC) $(CFLAGS) -c -o $@ $< - -$(LIB): $(OBJECTS) - $(AR) -r $@ $(OBJECTS) - -clean: - $(RM) $(OBJECTS) - $(RM) $(LIB) diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/Makefile.Microsoft_nmake b/crypto_sign/rainbowVc-cyclic-compressed/clean/Makefile.Microsoft_nmake deleted file mode 100644 index ef3dbd24..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/Makefile.Microsoft_nmake +++ /dev/null @@ -1,19 +0,0 @@ -# This Makefile can be used with Microsoft Visual Studio's nmake using the command: -# nmake /f Makefile.Microsoft_nmake - -LIBRARY=librainbowVc-cyclic-compressed_clean.lib -OBJECTS = blas_comm.obj parallel_matrix_op.obj rainbow.obj rainbow_keypair.obj rainbow_keypair_computation.obj sign.obj utils_hash.obj utils_prng.obj blas.obj gf.obj - -CFLAGS=/nologo /O2 /I ..\..\..\common /W4 /WX - -all: $(LIBRARY) - -# Make sure objects are recompiled if headers change. -$(OBJECTS): *.h - -$(LIBRARY): $(OBJECTS) - LIB.EXE /NOLOGO /WX /OUT:$@ $** - -clean: - -DEL $(OBJECTS) - -DEL $(LIBRARY) diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/api.h b/crypto_sign/rainbowVc-cyclic-compressed/clean/api.h deleted file mode 100644 index 7f4a866c..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/api.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_API_H -#define PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_API_H - -#include -#include - -#define PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_CRYPTO_SECRETKEYBYTES 64 -#define PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_CRYPTO_PUBLICKEYBYTES 491936 -#define PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_CRYPTO_BYTES 204 -#define PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,92,48,48) - cyclic compressed" - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); - - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk); - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk); - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, - const uint8_t *m, size_t mlen, - const uint8_t *sk); - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, - const uint8_t *sm, size_t smlen, - const uint8_t *pk); - - -#endif diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/blas.c b/crypto_sign/rainbowVc-cyclic-compressed/clean/blas.c deleted file mode 100644 index 7bb41d52..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/blas.c +++ /dev/null @@ -1,31 +0,0 @@ -#include "blas.h" -#include "gf.h" - -#include - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) { - uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate); - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= (a[i] & pr_u8); - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_b[i] ^= a[i]; - } -} - - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - a[i] = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_mul(a[i], b); - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - accu_c[i] ^= PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_mul(a[i], gf256_b); - } -} - diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/blas.h b/crypto_sign/rainbowVc-cyclic-compressed/clean/blas.h deleted file mode 100644 index 11bd9351..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/blas.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _BLAS_H_ -#define _BLAS_H_ -/// @file blas.h -/// @brief Functions for implementing basic linear algebra functions. -/// - -#include "rainbow_config.h" -#include -#include - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte); -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte); - - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte); -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte); - - -#endif // _BLAS_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/blas_comm.c b/crypto_sign/rainbowVc-cyclic-compressed/clean/blas_comm.c deleted file mode 100644 index 606c2fc5..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/blas_comm.c +++ /dev/null @@ -1,144 +0,0 @@ -/// @file blas_comm.c -/// @brief The standard implementations for blas_comm.h -/// - -#include "blas_comm.h" -#include "blas.h" -#include "gf.h" -#include "rainbow_config.h" - -#include -#include - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) { - for (size_t i = 0; i < _num_byte; i++) { - b[i] = 0; - } -} -/// @brief get an element from GF(256) vector . -/// -/// @param[in] a - the input vector a. -/// @param[in] i - the index in the vector a. -/// @return the value of the element. -/// -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) { - return a[i]; -} - -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) { - uint8_t r = 0; - while (_num_byte--) { - r |= a[0]; - a++; - } - return (0 == r); -} - -/// polynomial multplication -/// School boook -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(c, _num * 2 - 1); - for (unsigned int i = 0; i < _num; i++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(c + i, a, b[i], _num); - } -} - -static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(c, n_A_vec_byte); - for (unsigned int i = 0; i < n_A_width; i++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte); - matA += n_A_vec_byte; - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) { - unsigned int n_vec_byte = len_vec; - for (unsigned int k = 0; k < len_vec; k++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(c, n_vec_byte); - const uint8_t *bk = b + n_vec_byte * k; - for (unsigned int i = 0; i < len_vec; i++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte); - } - c += n_vec_byte; - } -} - -static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) { - unsigned int r8 = 1; - - for (unsigned int i = 0; i < h; i++) { - uint8_t *ai = mat + w * i; - unsigned int skip_len_align4 = i & ((unsigned int)~0x3); - - for (unsigned int j = i + 1; j < h; j++) { - uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4); - } - r8 &= PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]); - uint8_t pivot = ai[i]; - pivot = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_inv(pivot); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4); - for (unsigned int j = 0; j < h; j++) { - if (i == j) { - continue; - } - uint8_t *aj = mat + w * j; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4); - } - } - - return r8; -} - -static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { - uint8_t mat[64 * 64]; - for (unsigned int i = 0; i < n; i++) { - memcpy(mat + i * (n + 1), inp_mat + i * n, n); - mat[i * (n + 1) + n] = c_terms[i]; - } - unsigned int r8 = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_gauss_elim(mat, n, n + 1); - for (unsigned int i = 0; i < n; i++) { - sol[i] = mat[i * (n + 1) + n]; - } - return r8; -} - -static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) { - for (unsigned int i = 0; i < h; i++) { - for (unsigned int j = 0; j < w2; j++) { - mat2[i * w2 + j] = mat[i * w + st + j]; - } - } -} - -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) { - uint8_t *aa = buffer; - for (unsigned int i = 0; i < H; i++) { - uint8_t *ai = aa + i * 2 * H; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(ai, 2 * H); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(ai, a + i * H, H); - ai[H + i] = 1; - } - unsigned int r8 = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H); - gf256mat_submat(inv_a, H, H, aa, 2 * H, H); - return r8; -} - - -// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE - -#define gf256mat_prod_impl gf256mat_prod_ref -#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref -#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) { - gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b); -} - -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) { - return gf256mat_gauss_elim_impl(mat, h, w); -} - -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) { - return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n); -} - diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/blas_comm.h b/crypto_sign/rainbowVc-cyclic-compressed/clean/blas_comm.h deleted file mode 100644 index af5715c6..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/blas_comm.h +++ /dev/null @@ -1,90 +0,0 @@ -#ifndef _BLAS_COMM_H_ -#define _BLAS_COMM_H_ -/// @file blas_comm.h -/// @brief Common functions for linear algebra. -/// - -#include "rainbow_config.h" -#include - -/// @brief set a vector to 0. -/// -/// @param[in,out] b - the vector b. -/// @param[in] _num_byte - number of bytes for the vector b. -/// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte); - -/// @brief get an element from GF(256) vector . -/// -/// @param[in] a - the input vector a. -/// @param[in] i - the index in the vector a. -/// @return the value of the element. -/// -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i); - -/// @brief check if a vector is 0. -/// -/// @param[in] a - the vector a. -/// @param[in] _num_byte - number of bytes for the vector a. -/// @return 1(true) if a is 0. 0(false) else. -/// -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte); - -/// @brief polynomial multiplication: c = a*b -/// -/// @param[out] c - the output polynomial c -/// @param[in] a - the vector a. -/// @param[in] b - the vector b. -/// @param[in] _num - number of elements for the polynomials a and b. -/// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num); - -/// @brief matrix-vector multiplication: c = matA * b , in GF(256) -/// -/// @param[out] c - the output vector c -/// @param[in] matA - a column-major matrix A. -/// @param[in] n_A_vec_byte - the size of column vectors in bytes. -/// @param[in] n_A_width - the width of matrix A. -/// @param[in] b - the vector b. -/// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b); - -/// @brief matrix-matrix multiplication: c = a * b , in GF(256) -/// -/// @param[out] c - the output matrix c -/// @param[in] c - a matrix a. -/// @param[in] b - a matrix b. -/// @param[in] len_vec - the length of column vectors. -/// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec); - -/// @brief Gauss elimination for a matrix, in GF(256) -/// -/// @param[in,out] mat - the matrix. -/// @param[in] h - the height of the matrix. -/// @param[in] w - the width of the matrix. -/// @return 1(true) if success. 0(false) if the matrix is singular. -/// -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w); - -/// @brief Solving linear equations, in GF(256) -/// -/// @param[out] sol - the solutions. -/// @param[in] inp_mat - the matrix parts of input equations. -/// @param[in] c_terms - the constant terms of the input equations. -/// @param[in] n - the number of equations. -/// @return 1(true) if success. 0(false) if the matrix is singular. -/// -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n); - -/// @brief Computing the inverse matrix, in GF(256) -/// -/// @param[out] inv_a - the output of matrix a. -/// @param[in] a - a matrix a. -/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix. -/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes. -/// @return 1(true) if success. 0(false) if the matrix is singular. -/// -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer); - -#endif // _BLAS_COMM_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/gf.h b/crypto_sign/rainbowVc-cyclic-compressed/clean/gf.h deleted file mode 100644 index b99e533f..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/gf.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _GF16_H_ -#define _GF16_H_ - -#include "rainbow_config.h" -#include - -/// @file gf16.h -/// @brief Library for arithmetics in GF(16) and GF(256) -/// - -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b); - - -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a); -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_inv(uint8_t a); -uint8_t PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b); - - -#endif // _GF16_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/parallel_matrix_op.c b/crypto_sign/rainbowVc-cyclic-compressed/clean/parallel_matrix_op.c deleted file mode 100644 index 2a444d7c..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/parallel_matrix_op.c +++ /dev/null @@ -1,183 +0,0 @@ -/// @file parallel_matrix_op.c -/// @brief the standard implementations for functions in parallel_matrix_op.h -/// -/// the standard implementations for functions in parallel_matrix_op.h -/// - -#include "parallel_matrix_op.h" -#include "blas.h" -#include "blas_comm.h" - -/// -/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix. -/// -/// @param[in] i_row - the i-th row in an upper-triangle matrix. -/// @param[in] j_col - the j-th column in an upper-triangle matrix. -/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix. -/// @return the corresponding index in an array storage. -/// -unsigned int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) { - return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row; -} - -/// -/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix. -/// -/// @param[in] i_row - the i-th row in a triangle matrix. -/// @param[in] j_col - the j-th column in a triangle matrix. -/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix. -/// @return the corresponding index in an array storage. -/// -static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) { - if (i_row > j_col) { - return PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(j_col, i_row, n_var); - } - return PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(i_row, j_col, n_var); -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) { - unsigned char *runningC = btriC; - unsigned int Aheight = Awidth; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < i; j++) { - unsigned int idx = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(j, i, Aheight); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch); - } - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i)); - runningC += size_batch * (Aheight - i); - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Awidth = Bheight; - unsigned int Aheight = Awidth; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - if (k < i) { - continue; - } - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - btriA += (Aheight - i) * size_batch; - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Aheight = Bheight; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - if (i < k) { - continue; - } - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Aheight = Bheight; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - if (i == k) { - continue; - } - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth, - const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Atr_height = Awidth; - unsigned int Atr_width = Aheight; - for (unsigned int i = 0; i < Atr_height; i++) { - for (unsigned int j = 0; j < Atr_width; j++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth); - } - bC += size_batch * Bwidth; - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - const unsigned char *bA = bA_to_tr; - unsigned int Aheight = Awidth_before_tr; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight, - const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) { - unsigned int Awidth = Bheight; - for (unsigned int i = 0; i < Aheight; i++) { - for (unsigned int j = 0; j < Bwidth; j++) { - for (unsigned int k = 0; k < Bheight; k++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch); - } - bC += size_batch; - } - bA += (Awidth) * size_batch; - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) { - unsigned char tmp[256]; - - unsigned char _x[256]; - for (unsigned int i = 0; i < dim; i++) { - _x[i] = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(x, i); - } - - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(y, size_batch); - for (unsigned int i = 0; i < dim; i++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); - for (unsigned int j = i; j < dim; j++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch); - trimat += size_batch; - } - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch); - } -} - -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat, - const unsigned char *x, unsigned dim_x, unsigned size_batch) { - unsigned char tmp[128]; - - unsigned char _x[128]; - for (unsigned int i = 0; i < dim_x; i++) { - _x[i] = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(x, i); - } - unsigned char _y[128]; - for (unsigned int i = 0; i < dim_y; i++) { - _y[i] = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele(y, i); - } - - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(z, size_batch); - for (unsigned int i = 0; i < dim_y; i++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch); - for (unsigned int j = 0; j < dim_x; j++) { - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch); - mat += size_batch; - } - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch); - } -} - diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_blas.h b/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_blas.h deleted file mode 100644 index 6d83db42..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_blas.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef _RAINBOW_BLAS_H_ -#define _RAINBOW_BLAS_H_ -/// @file rainbow_blas.h -/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h -/// -/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h - -#include "blas.h" -#include "blas_comm.h" -#include "parallel_matrix_op.h" -#include "rainbow_config.h" - - -#define gfv_get_ele PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_get_ele -#define gfv_mul_scalar PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_mul_scalar -#define gfv_madd PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256v_madd - -#define gfmat_prod PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_prod -#define gfmat_inv PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_gf256mat_inv - -#define batch_trimat_madd PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimat_madd_gf256 -#define batch_trimatTr_madd PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256 -#define batch_2trimat_madd PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_2trimat_madd_gf256 -#define batch_matTr_madd PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_matTr_madd_gf256 -#define batch_bmatTr_madd PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256 -#define batch_mat_madd PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_mat_madd_gf256 - -#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256 -#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256 - - -#endif // _RAINBOW_BLAS_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair_computation.h b/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair_computation.h deleted file mode 100644 index ea3a279d..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/rainbow_keypair_computation.h +++ /dev/null @@ -1,71 +0,0 @@ -#ifndef _RAINBOW_KEYPAIR_COMP_H_ -#define _RAINBOW_KEYPAIR_COMP_H_ -/// @file rainbow_keypair_computation.h -/// @brief Functions for calculating pk/sk while generating keys. -/// -/// Defining an internal structure of public key. -/// Functions for calculating pk/sk for key generation. -/// - -#include "rainbow_keypair.h" - -/// @brief The (internal use) public key for rainbow -/// -/// The (internal use) public key for rainbow. The public -/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9, -/// l2_Q1, .... , l2_Q9. -/// -typedef struct rainbow_extend_publickey { - unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; - unsigned char l1_Q2[_O1_BYTE * _V1 * _O1]; - unsigned char l1_Q3[_O1_BYTE * _V1 * _O2]; - unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)]; - unsigned char l1_Q6[_O1_BYTE * _O1 * _O2]; - unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)]; - - unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; - unsigned char l2_Q2[_O2_BYTE * _V1 * _O1]; - unsigned char l2_Q3[_O2_BYTE * _V1 * _O2]; - unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; - unsigned char l2_Q6[_O2_BYTE * _O1 * _O2]; - unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)]; -} ext_cpk_t; - -/// -/// @brief converting formats of public keys : from ext_cpk_t version to pk_t -/// -/// @param[out] pk - the classic public key. -/// @param[in] cpk - the internel public key. -/// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk); -///////////////////////////////////////////////// - -/// -/// @brief Computing public key from secret key -/// -/// @param[out] Qs - the public key -/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 -/// @param[in] Ts - parts of the secret key: T1, T4, T3 -/// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); - - -/// -/// @brief Computing parts of the sk from parts of pk and sk -/// -/// @param[out] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 -/// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6 -/// @param[in] Ts - parts of the sk: T1, T4, T3 -/// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts); - -/// -/// @brief Computing parts of the pk from the secret key -/// -/// @param[out] Qs - parts of the pk: l1_Q3, l1_Q5, l2_Q6, l1_Q9, l2_Q9 -/// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6 -/// @param[in] Ts - parts of the sk: T1, T4, T3 -/// -void PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts); - -#endif // _RAINBOW_KEYPAIR_COMP_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/sign.c b/crypto_sign/rainbowVc-cyclic-compressed/clean/sign.c deleted file mode 100644 index 83241187..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/sign.c +++ /dev/null @@ -1,76 +0,0 @@ -/// @file sign.c -/// @brief the implementations for functions in api.h -/// -/// - -#include "api.h" -#include "rainbow.h" -#include "rainbow_config.h" -#include "rainbow_keypair.h" -#include "randombytes.h" -#include "utils_hash.h" -#include -#include - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { - unsigned char sk_seed[LEN_SKSEED] = {0}; - randombytes(sk_seed, LEN_SKSEED); - - unsigned char pk_seed[LEN_PKSEED] = {0}; - randombytes(pk_seed, LEN_PKSEED); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_generate_compact_keypair_cyclic((cpk_t *)pk, (csk_t *)sk, pk_seed, sk_seed); - return 0; -} - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - - memcpy(sm, m, mlen); - smlen[0] = mlen + _SIGNATURE_BYTE; - - return PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(sm + mlen, (const csk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - int rc; - if (_SIGNATURE_BYTE > smlen) { - rc = -1; - } else { - *mlen = smlen - _SIGNATURE_BYTE; - - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen); - - rc = PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk); - } - if (!rc) { - memmove(m, sm, smlen - _SIGNATURE_BYTE); - } else { // bad signature - *mlen = (size_t) -1; - memset(m, 0, smlen); - } - return rc; -} - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk) { - unsigned char digest[_HASH_LEN]; - - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - *siglen = _SIGNATURE_BYTE; - return PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_sign_cyclic(sig, (const csk_t *)sk, digest); -} - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk) { - if (siglen != _SIGNATURE_BYTE) { - return -1; - } - unsigned char digest[_HASH_LEN]; - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen); - return PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk); -} diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_hash.h b/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_hash.h deleted file mode 100644 index 651fd686..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_hash.h +++ /dev/null @@ -1,11 +0,0 @@ -#ifndef _UTILS_HASH_H_ -#define _UTILS_HASH_H_ -/// @file utils_hash.h -/// @brief the interface for adapting hash functions. -/// - -#include - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen); - -#endif // _UTILS_HASH_H_ diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.c b/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.c deleted file mode 100644 index 78ed6219..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.c +++ /dev/null @@ -1,97 +0,0 @@ -/// @file utils_prng.c -/// @brief The implementation of PRNG related functions. -/// - -#include "utils_prng.h" -#include "aes.h" -#include "randombytes.h" -#include "utils_hash.h" -#include -#include - -static void prng_update(const unsigned char *provided_data, - unsigned char *Key, - unsigned char *V) { - unsigned char temp[48]; - aes256ctx ctx; - aes256_ecb_keyexp(&ctx, Key); - for (int i = 0; i < 3; i++) { - //increment V - for (int j = 15; j >= 0; j--) { - if (V[j] == 0xff) { - V[j] = 0x00; - } else { - V[j]++; - break; - } - } - aes256_ecb(temp + 16 * i, V, 1, &ctx); - } - if (provided_data != NULL) { - for (int i = 0; i < 48; i++) { - temp[i] ^= provided_data[i]; - } - } - aes256_ctx_release(&ctx); - memcpy(Key, temp, 32); - memcpy(V, temp + 32, 16); -} -static void randombytes_init_with_state(prng_t *state, - unsigned char *entropy_input_48bytes) { - memset(state->Key, 0x00, 32); - memset(state->V, 0x00, 16); - prng_update(entropy_input_48bytes, state->Key, state->V); -} - -static int randombytes_with_state(prng_t *state, - unsigned char *x, - size_t xlen) { - - unsigned char block[16]; - int i = 0; - - aes256ctx ctx; - aes256_ecb_keyexp(&ctx, state->Key); - - while (xlen > 0) { - //increment V - for (int j = 15; j >= 0; j--) { - if (state->V[j] == 0xff) { - state->V[j] = 0x00; - } else { - state->V[j]++; - break; - } - } - aes256_ecb(block, state->V, 1, &ctx); - if (xlen > 15) { - memcpy(x + i, block, 16); - i += 16; - xlen -= 16; - } else { - memcpy(x + i, block, xlen); - xlen = 0; - } - } - aes256_ctx_release(&ctx); - prng_update(NULL, state->Key, state->V); - return 0; -} - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) { - unsigned char seed[48]; - if (prng_seedlen >= 48) { - memcpy(seed, prng_seed, 48); - } else { - memcpy(seed, prng_seed, prng_seedlen); - PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen); - } - - randombytes_init_with_state(ctx, seed); - - return 0; -} - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) { - return randombytes_with_state(ctx, out, outlen); -} diff --git a/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.h b/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.h deleted file mode 100644 index a4e331ee..00000000 --- a/crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.h +++ /dev/null @@ -1,18 +0,0 @@ -#ifndef _UTILS_PRNG_H_ -#define _UTILS_PRNG_H_ -/// @file utils_prng.h -/// @brief the interface for adapting PRNG functions. -/// -/// - -#include "randombytes.h" - -typedef struct { - unsigned char Key[32]; - unsigned char V[16]; -} prng_t; - -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen); -int PQCLEAN_RAINBOWVCCYCLICCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen); - -#endif // _UTILS_PRNG_H_ diff --git a/crypto_sign/rainbowVc-cyclic/META.yml b/crypto_sign/rainbowVc-cyclic/META.yml deleted file mode 100644 index ebc05e14..00000000 --- a/crypto_sign/rainbowVc-cyclic/META.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: "RAINBOW(256,92,48,48) - cyclic" -type: signature -claimed-nist-level: 5 -length-public-key: 491936 -length-secret-key: 1227104 -length-signature: 204 -nistkat-sha256: f33608a7f2db6ea71394f38a9e1ee06b96330759ccd4fc1719ac2286dac43650 -testvectors-sha256: d760ae98b24bdc3f8d22e8324ba73e0dd759a99a58b9e8860a168182de02b669 -principal-submitters: - - Jintai Ding -auxiliary-submitters: - - Ming-Shing Chen - - Albrecht Petzoldt - - Dieter Schmidt - - Bo-Yin Yang -implementations: - - name: clean - version: https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/af826fcb78f6af51a02d0352cff28a9690467bfd diff --git a/crypto_sign/rainbowVc-cyclic/clean/api.h b/crypto_sign/rainbowVc-cyclic/clean/api.h deleted file mode 100644 index e7106779..00000000 --- a/crypto_sign/rainbowVc-cyclic/clean/api.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef PQCLEAN_RAINBOWVCCYCLIC_CLEAN_API_H -#define PQCLEAN_RAINBOWVCCYCLIC_CLEAN_API_H - -#include -#include - -#define PQCLEAN_RAINBOWVCCYCLIC_CLEAN_CRYPTO_SECRETKEYBYTES 1227104 -#define PQCLEAN_RAINBOWVCCYCLIC_CLEAN_CRYPTO_PUBLICKEYBYTES 491936 -#define PQCLEAN_RAINBOWVCCYCLIC_CLEAN_CRYPTO_BYTES 204 -#define PQCLEAN_RAINBOWVCCYCLIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,92,48,48) - cyclic" - -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk); - - -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_signature( - uint8_t *sig, size_t *siglen, - const uint8_t *m, size_t mlen, const uint8_t *sk); - -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_verify( - const uint8_t *sig, size_t siglen, - const uint8_t *m, size_t mlen, const uint8_t *pk); - -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen, - const uint8_t *m, size_t mlen, - const uint8_t *sk); - -int PQCLEAN_RAINBOWVCCYCLIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen, - const uint8_t *sm, size_t smlen, - const uint8_t *pk); - - -#endif diff --git a/crypto_sign/rainbowVc-cyclic/clean/gf.h b/crypto_sign/rainbowVc-cyclic/clean/gf.h deleted file mode 100644 index 1bde8af6..00000000 --- a/crypto_sign/rainbowVc-cyclic/clean/gf.h +++ /dev/null @@ -1,19 +0,0 @@ -#ifndef _GF16_H_ -#define _GF16_H_ - -#include "rainbow_config.h" -#include - -/// @file gf16.h -/// @brief Library for arithmetics in GF(16) and GF(256) -/// - -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf16_mul(uint8_t a, uint8_t b); - - -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_is_nonzero(uint8_t a); -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_inv(uint8_t a); -uint8_t PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256_mul(uint8_t a, uint8_t b); - - -#endif // _GF16_H_ diff --git a/crypto_sign/rainbowVc-cyclic/clean/rainbow_blas.h b/crypto_sign/rainbowVc-cyclic/clean/rainbow_blas.h deleted file mode 100644 index 8cf3e691..00000000 --- a/crypto_sign/rainbowVc-cyclic/clean/rainbow_blas.h +++ /dev/null @@ -1,32 +0,0 @@ -#ifndef _RAINBOW_BLAS_H_ -#define _RAINBOW_BLAS_H_ -/// @file rainbow_blas.h -/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h -/// -/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h - -#include "blas.h" -#include "blas_comm.h" -#include "parallel_matrix_op.h" -#include "rainbow_config.h" - - -#define gfv_get_ele PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_get_ele -#define gfv_mul_scalar PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_mul_scalar -#define gfv_madd PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256v_madd - -#define gfmat_prod PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_prod -#define gfmat_inv PQCLEAN_RAINBOWVCCYCLIC_CLEAN_gf256mat_inv - -#define batch_trimat_madd PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimat_madd_gf256 -#define batch_trimatTr_madd PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_trimatTr_madd_gf256 -#define batch_2trimat_madd PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_2trimat_madd_gf256 -#define batch_matTr_madd PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_matTr_madd_gf256 -#define batch_bmatTr_madd PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_bmatTr_madd_gf256 -#define batch_mat_madd PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_mat_madd_gf256 - -#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_trimat_eval_gf256 -#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCCYCLIC_CLEAN_batch_quad_recmat_eval_gf256 - - -#endif // _RAINBOW_BLAS_H_ diff --git a/test/duplicate_consistency/rainbowIa-cyclic-compressed_clean.yml b/test/duplicate_consistency/rainbowI-circumzenithal_clean.yml similarity index 83% rename from test/duplicate_consistency/rainbowIa-cyclic-compressed_clean.yml rename to test/duplicate_consistency/rainbowI-circumzenithal_clean.yml index b4a89d49..21f8dcc6 100644 --- a/test/duplicate_consistency/rainbowIa-cyclic-compressed_clean.yml +++ b/test/duplicate_consistency/rainbowI-circumzenithal_clean.yml @@ -1,6 +1,6 @@ consistency_checks: - source: - scheme: rainbowIIIc-cyclic-compressed + scheme: rainbowIII-circumzenithal implementation: clean files: - rainbow.c @@ -10,7 +10,7 @@ consistency_checks: - rainbow_keypair_computation.h - rainbow_keypair.h - source: - scheme: rainbowVc-cyclic-compressed + scheme: rainbowV-circumzenithal implementation: clean files: - rainbow.c diff --git a/test/duplicate_consistency/rainbowIa-classic_clean.yml b/test/duplicate_consistency/rainbowI-classic_clean.yml similarity index 86% rename from test/duplicate_consistency/rainbowIa-classic_clean.yml rename to test/duplicate_consistency/rainbowI-classic_clean.yml index cc941923..35eedac2 100644 --- a/test/duplicate_consistency/rainbowIa-classic_clean.yml +++ b/test/duplicate_consistency/rainbowI-classic_clean.yml @@ -1,6 +1,6 @@ consistency_checks: - source: - scheme: rainbowIa-cyclic + scheme: rainbowI-circumzenithal implementation: clean files: - blas_comm.c @@ -18,7 +18,7 @@ consistency_checks: - utils_prng.c - utils_prng.h - source: - scheme: rainbowIa-cyclic-compressed + scheme: rainbowI-compressed implementation: clean files: - blas_comm.c @@ -36,7 +36,7 @@ consistency_checks: - utils_prng.c - utils_prng.h - source: - scheme: rainbowIIIc-classic + scheme: rainbowIII-classic implementation: clean files: - parallel_matrix_op.h @@ -51,7 +51,7 @@ consistency_checks: - utils_prng.c - utils_prng.h - source: - scheme: rainbowIIIc-cyclic + scheme: rainbowIII-circumzenithal implementation: clean files: - parallel_matrix_op.h @@ -59,7 +59,7 @@ consistency_checks: - utils_prng.c - utils_prng.h - source: - scheme: rainbowIIIc-cyclic-compressed + scheme: rainbowIII-compressed implementation: clean files: - parallel_matrix_op.h @@ -67,7 +67,7 @@ consistency_checks: - utils_prng.c - utils_prng.h - source: - scheme: rainbowVc-classic + scheme: rainbowV-classic implementation: clean files: - parallel_matrix_op.h @@ -82,7 +82,7 @@ consistency_checks: - utils_prng.c - utils_prng.h - source: - scheme: rainbowVc-cyclic + scheme: rainbowV-circumzenithal implementation: clean files: - parallel_matrix_op.h @@ -90,7 +90,7 @@ consistency_checks: - utils_prng.c - utils_prng.h - source: - scheme: rainbowVc-cyclic-compressed + scheme: rainbowV-compressed implementation: clean files: - parallel_matrix_op.h diff --git a/test/duplicate_consistency/rainbowIa-cyclic_clean.yml b/test/duplicate_consistency/rainbowI-compressed_clean.yml similarity index 86% rename from test/duplicate_consistency/rainbowIa-cyclic_clean.yml rename to test/duplicate_consistency/rainbowI-compressed_clean.yml index 662b32dd..c58d7df6 100644 --- a/test/duplicate_consistency/rainbowIa-cyclic_clean.yml +++ b/test/duplicate_consistency/rainbowI-compressed_clean.yml @@ -1,6 +1,6 @@ consistency_checks: - source: - scheme: rainbowIIIc-cyclic + scheme: rainbowIII-compressed implementation: clean files: - rainbow.c @@ -10,7 +10,7 @@ consistency_checks: - rainbow_keypair_computation.h - rainbow_keypair.h - source: - scheme: rainbowVc-cyclic + scheme: rainbowV-compressed implementation: clean files: - rainbow.c diff --git a/test/duplicate_consistency/rainbowIIIc-classic_clean.yml b/test/duplicate_consistency/rainbowIII-classic_clean.yml similarity index 86% rename from test/duplicate_consistency/rainbowIIIc-classic_clean.yml rename to test/duplicate_consistency/rainbowIII-classic_clean.yml index efa19c8a..7385b9dd 100644 --- a/test/duplicate_consistency/rainbowIIIc-classic_clean.yml +++ b/test/duplicate_consistency/rainbowIII-classic_clean.yml @@ -1,6 +1,6 @@ consistency_checks: - source: - scheme: rainbowIIIc-cyclic + scheme: rainbowIII-circumzenithal implementation: clean files: - blas_comm.c @@ -14,7 +14,7 @@ consistency_checks: - rainbow_blas.h - utils_hash.c - source: - scheme: rainbowIIIc-cyclic-compressed + scheme: rainbowIII-compressed implementation: clean files: - blas_comm.c @@ -28,7 +28,7 @@ consistency_checks: - rainbow_blas.h - utils_hash.c - source: - scheme: rainbowVc-classic + scheme: rainbowV-classic implementation: clean files: - blas_comm.c @@ -41,7 +41,7 @@ consistency_checks: - parallel_matrix_op.h - rainbow_blas.h - source: - scheme: rainbowVc-cyclic + scheme: rainbowV-circumzenithal implementation: clean files: - blas_comm.c @@ -54,7 +54,7 @@ consistency_checks: - parallel_matrix_op.h - rainbow_blas.h - source: - scheme: rainbowVc-cyclic-compressed + scheme: rainbowV-compressed implementation: clean files: - blas_comm.c diff --git a/test/duplicate_consistency/rainbowVc-classic_clean.yml b/test/duplicate_consistency/rainbowV-classic_clean.yml similarity index 68% rename from test/duplicate_consistency/rainbowVc-classic_clean.yml rename to test/duplicate_consistency/rainbowV-classic_clean.yml index bec4bc2a..7ff3a6a6 100644 --- a/test/duplicate_consistency/rainbowVc-classic_clean.yml +++ b/test/duplicate_consistency/rainbowV-classic_clean.yml @@ -1,11 +1,11 @@ consistency_checks: - source: - scheme: rainbowVc-cyclic + scheme: rainbowV-circumzenithal implementation: clean files: - utils_hash.c - source: - scheme: rainbowVc-cyclic-compressed + scheme: rainbowV-compressed implementation: clean files: - utils_hash.c