kris/pqc
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix NTRU implementation according to c7fa0b98bc

Browse Source
This commit is contained in:
Thom Wiggers 2019-04-16 15:25:18 +02:00
parent e711d6e3b9
commit 48bae57f24
No known key found for this signature in database
GPG Key ID: 001BB0A7CE26E363
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto_kem/ntruhps2048509/clean/kem.c
View File

@ -37,7 +37,6 @@ int PQCLEAN_NTRUHPS2048509_CLEAN_crypto_kem_dec(uint8_t *k, const uint8_t *c, co
int i, fail; int i, fail;
uint8_t rm[NTRU_OWCPA_MSGBYTES]; uint8_t rm[NTRU_OWCPA_MSGBYTES];
uint8_t buf[NTRU_PRFKEYBYTES + NTRU_CIPHERTEXTBYTES]; uint8_t buf[NTRU_PRFKEYBYTES + NTRU_CIPHERTEXTBYTES];
uint8_t *cmp = buf + NTRU_PRFKEYBYTES;
fail = PQCLEAN_NTRUHPS2048509_CLEAN_owcpa_dec(rm, c, sk); fail = PQCLEAN_NTRUHPS2048509_CLEAN_owcpa_dec(rm, c, sk);
/* If fail = 0 then c = Enc(h, rm), there is no need to re-encapsulate. */ /* If fail = 0 then c = Enc(h, rm), there is no need to re-encapsulate. */
@ -50,9 +49,9 @@ int PQCLEAN_NTRUHPS2048509_CLEAN_crypto_kem_dec(uint8_t *k, const uint8_t *c, co
buf[i] = sk[i + NTRU_OWCPA_SECRETKEYBYTES]; buf[i] = sk[i + NTRU_OWCPA_SECRETKEYBYTES];
} }
for (i = 0; i < NTRU_CIPHERTEXTBYTES; i++) { for (i = 0; i < NTRU_CIPHERTEXTBYTES; i++) {
cmp[i] = c[i]; buf[NTRU_PRFKEYBYTES + i] = c[i];
} }
sha3_256(rm, cmp, NTRU_CIPHERTEXTBYTES); sha3_256(rm, buf, NTRU_PRFKEYBYTES + NTRU_CIPHERTEXTBYTES);
PQCLEAN_NTRUHPS2048509_CLEAN_cmov(k, rm, NTRU_SHAREDKEYBYTES, (unsigned char) fail); PQCLEAN_NTRUHPS2048509_CLEAN_cmov(k, rm, NTRU_SHAREDKEYBYTES, (unsigned char) fail);