From a5e906a306bbc58b669ee41f2f545038f04ee9fe Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Mon, 15 Apr 2019 16:04:50 +0200 Subject: [PATCH 01/15] Fix sanitizer test --- test/test_functest.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/test_functest.py b/test/test_functest.py index d4517947..0768afdd 100644 --- a/test/test_functest.py +++ b/test/test_functest.py @@ -14,14 +14,14 @@ import helpers def test_functest(): for scheme in pqclean.Scheme.all_schemes(): for implementation in scheme.implementations: - if helpers.permit_test('functest', implementation): + if helpers.permit_test('functest', implementation): yield check_functest, implementation def test_functest_sanitizers(): for scheme in pqclean.Scheme.all_schemes(): for implementation in scheme.implementations: - if helpers.permit_test('functest_sanitizers', implementation): + if helpers.permit_test('functest_sanitizers', implementation): yield check_functest_sanitizers, implementation @@ -41,7 +41,7 @@ def check_functest(implementation): ) -@helpers.skip_windows +@helpers.skip_windows() def check_functest_sanitizers(implementation): env = None if platform.machine() == 'ppc' and os.environ.get('CC', 'gcc') == 'clang': From 09a35993da8bf4e825d342936a92b83d104d8bef Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Mon, 15 Apr 2019 16:21:44 +0200 Subject: [PATCH 02/15] Skip Valgrind on OSX --- test/test_functest.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/test_functest.py b/test/test_functest.py index 0768afdd..f707e491 100644 --- a/test/test_functest.py +++ b/test/test_functest.py @@ -48,6 +48,8 @@ def check_functest_sanitizers(implementation): raise unittest.SkipTest("Clang does not support ASAN on ppc") elif platform.machine() in ['armv7l', 'aarch64']: env = {'ASAN_OPTIONS': 'detect_leaks=0'} + elif platform.system() == 'Darwin': + raise unittest.SkipTest('valgrind is not reliable on OSX') else: print("Supported platform: {}".format(platform.machine())) From 2a9d793152f2a2c08406932503480f4e1e918fdf Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 08:02:09 +0200 Subject: [PATCH 03/15] Update CONTRIBUTING.md --- CONTRIBUTING.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a9595c44..8bd87d1a 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -26,9 +26,8 @@ See the section [API](#API) below. type: claimed-nist-level: length-public-key: # KEM and signature - length-secret-key: # KEM and signature length-ciphertext: # KEM only - length-shared-secret: # KEM only + length-shared-secret: # KEM only length-signature: # Signature only testvectors-sha256: sha256sum of output of testvectors principal-submitter: Eve @@ -38,6 +37,7 @@ See the section [API](#API) below. - ... implementations: - name: clean + length-secret-key: # KEM and signature version: ``` From db7843c5eb5417d7a4488333542941ae52547336 Mon Sep 17 00:00:00 2001 From: Joost Rijneveld Date: Tue, 16 Apr 2019 10:35:08 +0200 Subject: [PATCH 04/15] SPHINCS: make integer promotion explicit --- crypto_sign/sphincs-shake256-128f-simple/clean/wots.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/wots.c b/crypto_sign/sphincs-shake256-128f-simple/clean/wots.c index 4431986d..ac8b54d1 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/wots.c +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/wots.c @@ -68,7 +68,7 @@ static void base_w(unsigned int *output, const size_t out_len, bits += 8; } bits -= SPX_WOTS_LOGW; - output[out] = (total >> bits) & (SPX_WOTS_W - 1); + output[out] = (unsigned int)((total >> bits) & (SPX_WOTS_W - 1)); out++; } } From fc7afd8f7670bdc98454c61cc58eedf6edb5bf17 Mon Sep 17 00:00:00 2001 From: Joost Rijneveld Date: Tue, 16 Apr 2019 10:35:48 +0200 Subject: [PATCH 05/15] Add distclean to clean entire ../bin folder --- test/Makefile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/test/Makefile b/test/Makefile index 9fcd68af..ff2a9416 100644 --- a/test/Makefile +++ b/test/Makefile @@ -64,3 +64,7 @@ clean: $(RM) $(DEST_DIR)/test_aes $(RM) $(DEST_DIR)/test_fips202 $(RM) $(DEST_DIR)/test_sha2 + +.PHONY: distclean +distclean: + $(RM) -r $(DEST_DIR) From 9c4aebd8e3e3662e082611ad29928eef31314eec Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 12:39:14 +0200 Subject: [PATCH 06/15] sanitizers don't need valgrind --- test/test_functest.py | 1 - 1 file changed, 1 deletion(-) diff --git a/test/test_functest.py b/test/test_functest.py index f707e491..be45404d 100644 --- a/test/test_functest.py +++ b/test/test_functest.py @@ -53,7 +53,6 @@ def check_functest_sanitizers(implementation): else: print("Supported platform: {}".format(platform.machine())) - helpers.ensure_available('valgrind') helpers.make('clean-scheme', 'functest', TYPE=implementation.scheme.type, SCHEME=implementation.scheme.name, From 327429b62578eebb59b40e6397b7ee5e61ef826c Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 12:58:43 +0200 Subject: [PATCH 07/15] Make sure -fsanitizer binaries are always cleaned up --- test/test_functest.py | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/test/test_functest.py b/test/test_functest.py index be45404d..4923d74a 100644 --- a/test/test_functest.py +++ b/test/test_functest.py @@ -60,21 +60,25 @@ def check_functest_sanitizers(implementation): EXTRAFLAGS='-fsanitize=address,undefined', working_dir=os.path.join('..', 'test'), env=env) - helpers.run_subprocess( - [os.path.join('..', 'bin', 'functest_{}_{}{}'.format( - implementation.scheme.name, - implementation.name, - '.exe' if os.name == 'nt' else '' - ))], - os.path.join('..', 'bin'), - env=env, - ) - # Remove files with ASAN library compiled in - helpers.make('clean-scheme', - TYPE=implementation.scheme.type, - SCHEME=implementation.scheme.name, - IMPLEMENTATION=implementation.name, - working_dir=os.path.join('..', 'test')) + try: + helpers.run_subprocess( + [os.path.join('..', 'bin', 'functest_{}_{}{}'.format( + implementation.scheme.name, + implementation.name, + '.exe' if os.name == 'nt' else '' + ))], + os.path.join('..', 'bin'), + env=env, + ) + except AssertionError as e: + raise e + finally: + # Remove files with ASAN library compiled in + helpers.make('clean-scheme', + TYPE=implementation.scheme.type, + SCHEME=implementation.scheme.name, + IMPLEMENTATION=implementation.name, + working_dir=os.path.join('..', 'test')) if __name__ == '__main__': From 546d9e41f22b2627654a03856e014801c0e5cb80 Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 13:24:23 +0200 Subject: [PATCH 08/15] Make output of sanitizer nicer --- test/test_functest.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test_functest.py b/test/test_functest.py index 4923d74a..d7696881 100644 --- a/test/test_functest.py +++ b/test/test_functest.py @@ -57,7 +57,7 @@ def check_functest_sanitizers(implementation): TYPE=implementation.scheme.type, SCHEME=implementation.scheme.name, IMPLEMENTATION=implementation.name, - EXTRAFLAGS='-fsanitize=address,undefined', + EXTRAFLAGS='-g -fsanitize=address,undefined', working_dir=os.path.join('..', 'test'), env=env) try: From 3431dd2e0a0541b56a4076a124ea294fb4ef1326 Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 12:54:05 +0200 Subject: [PATCH 09/15] No reason for C source files to be executable --- crypto_kem/ntruhps2048509/clean/api.h | 0 crypto_kem/ntruhps2048509/clean/crypto_sort.c | 0 crypto_kem/ntruhps2048509/clean/crypto_sort.h | 0 crypto_kem/ntruhps2048509/clean/kem.c | 0 crypto_kem/ntruhps2048509/clean/owcpa.c | 0 crypto_kem/ntruhps2048509/clean/owcpa.h | 0 crypto_kem/ntruhps2048509/clean/pack3.c | 0 crypto_kem/ntruhps2048509/clean/packq.c | 0 crypto_kem/ntruhps2048509/clean/params.h | 0 crypto_kem/ntruhps2048509/clean/poly.c | 0 crypto_kem/ntruhps2048509/clean/poly.h | 0 crypto_kem/ntruhps2048509/clean/sample.c | 0 crypto_kem/ntruhps2048509/clean/sample.h | 0 crypto_kem/ntruhps2048509/clean/verify.c | 0 crypto_kem/ntruhps2048509/clean/verify.h | 0 15 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/api.h mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/crypto_sort.c mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/crypto_sort.h mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/kem.c mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/owcpa.c mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/owcpa.h mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/pack3.c mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/packq.c mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/params.h mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/poly.c mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/poly.h mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/sample.c mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/sample.h mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/verify.c mode change 100755 => 100644 crypto_kem/ntruhps2048509/clean/verify.h diff --git a/crypto_kem/ntruhps2048509/clean/api.h b/crypto_kem/ntruhps2048509/clean/api.h old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/crypto_sort.c b/crypto_kem/ntruhps2048509/clean/crypto_sort.c old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/crypto_sort.h b/crypto_kem/ntruhps2048509/clean/crypto_sort.h old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/kem.c b/crypto_kem/ntruhps2048509/clean/kem.c old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/owcpa.c b/crypto_kem/ntruhps2048509/clean/owcpa.c old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/owcpa.h b/crypto_kem/ntruhps2048509/clean/owcpa.h old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/pack3.c b/crypto_kem/ntruhps2048509/clean/pack3.c old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/packq.c b/crypto_kem/ntruhps2048509/clean/packq.c old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/params.h b/crypto_kem/ntruhps2048509/clean/params.h old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/poly.c b/crypto_kem/ntruhps2048509/clean/poly.c old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/poly.h b/crypto_kem/ntruhps2048509/clean/poly.h old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/sample.c b/crypto_kem/ntruhps2048509/clean/sample.c old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/sample.h b/crypto_kem/ntruhps2048509/clean/sample.h old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/verify.c b/crypto_kem/ntruhps2048509/clean/verify.c old mode 100755 new mode 100644 diff --git a/crypto_kem/ntruhps2048509/clean/verify.h b/crypto_kem/ntruhps2048509/clean/verify.h old mode 100755 new mode 100644 From eb5f7f1e579e7cb2bbd0c8dabd6e8ec82f34a319 Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 12:45:34 +0200 Subject: [PATCH 10/15] Fix int/size_t comparison in frodo --- crypto_kem/frodokem1344aes/clean/noise.c | 3 ++- crypto_kem/frodokem1344shake/clean/noise.c | 3 ++- crypto_kem/frodokem640aes/clean/noise.c | 3 ++- crypto_kem/frodokem640shake/clean/noise.c | 3 ++- crypto_kem/frodokem976aes/clean/noise.c | 3 ++- crypto_kem/frodokem976shake/clean/noise.c | 3 ++- 6 files changed, 12 insertions(+), 6 deletions(-) diff --git a/crypto_kem/frodokem1344aes/clean/noise.c b/crypto_kem/frodokem1344aes/clean/noise.c index d83162bc..159506d8 100644 --- a/crypto_kem/frodokem1344aes/clean/noise.c +++ b/crypto_kem/frodokem1344aes/clean/noise.c @@ -16,7 +16,8 @@ void PQCLEAN_FRODOKEM1344AES_CLEAN_sample_n(uint16_t *s, size_t n) { // Fills vector s with n samples from the noise distribution which requires 16 bits to sample. // The distribution is specified by its CDF. // Input: pseudo-random values (2*n bytes) passed in s. The input is overwritten by the output. - unsigned int i, j; + size_t i; + unsigned int j; for (i = 0; i < n; ++i) { uint8_t sample = 0; diff --git a/crypto_kem/frodokem1344shake/clean/noise.c b/crypto_kem/frodokem1344shake/clean/noise.c index decce08a..a49dfc17 100644 --- a/crypto_kem/frodokem1344shake/clean/noise.c +++ b/crypto_kem/frodokem1344shake/clean/noise.c @@ -16,7 +16,8 @@ void PQCLEAN_FRODOKEM1344SHAKE_CLEAN_sample_n(uint16_t *s, size_t n) { // Fills vector s with n samples from the noise distribution which requires 16 bits to sample. // The distribution is specified by its CDF. // Input: pseudo-random values (2*n bytes) passed in s. The input is overwritten by the output. - unsigned int i, j; + size_t i; + unsigned int j; for (i = 0; i < n; ++i) { uint8_t sample = 0; diff --git a/crypto_kem/frodokem640aes/clean/noise.c b/crypto_kem/frodokem640aes/clean/noise.c index 2221219e..21ffcad8 100644 --- a/crypto_kem/frodokem640aes/clean/noise.c +++ b/crypto_kem/frodokem640aes/clean/noise.c @@ -16,7 +16,8 @@ void PQCLEAN_FRODOKEM640AES_CLEAN_sample_n(uint16_t *s, size_t n) { // Fills vector s with n samples from the noise distribution which requires 16 bits to sample. // The distribution is specified by its CDF. // Input: pseudo-random values (2*n bytes) passed in s. The input is overwritten by the output. - unsigned int i, j; + size_t i; + unsigned int j; for (i = 0; i < n; ++i) { uint8_t sample = 0; diff --git a/crypto_kem/frodokem640shake/clean/noise.c b/crypto_kem/frodokem640shake/clean/noise.c index 08c975d5..9926a787 100644 --- a/crypto_kem/frodokem640shake/clean/noise.c +++ b/crypto_kem/frodokem640shake/clean/noise.c @@ -16,7 +16,8 @@ void PQCLEAN_FRODOKEM640SHAKE_CLEAN_sample_n(uint16_t *s, size_t n) { // Fills vector s with n samples from the noise distribution which requires 16 bits to sample. // The distribution is specified by its CDF. // Input: pseudo-random values (2*n bytes) passed in s. The input is overwritten by the output. - unsigned int i, j; + size_t i; + unsigned int j; for (i = 0; i < n; ++i) { uint8_t sample = 0; diff --git a/crypto_kem/frodokem976aes/clean/noise.c b/crypto_kem/frodokem976aes/clean/noise.c index 45d868ed..6fdc30f6 100644 --- a/crypto_kem/frodokem976aes/clean/noise.c +++ b/crypto_kem/frodokem976aes/clean/noise.c @@ -16,7 +16,8 @@ void PQCLEAN_FRODOKEM976AES_CLEAN_sample_n(uint16_t *s, size_t n) { // Fills vector s with n samples from the noise distribution which requires 16 bits to sample. // The distribution is specified by its CDF. // Input: pseudo-random values (2*n bytes) passed in s. The input is overwritten by the output. - unsigned int i, j; + size_t i; + unsigned int j; for (i = 0; i < n; ++i) { uint8_t sample = 0; diff --git a/crypto_kem/frodokem976shake/clean/noise.c b/crypto_kem/frodokem976shake/clean/noise.c index b2b4f2dc..c13b4cad 100644 --- a/crypto_kem/frodokem976shake/clean/noise.c +++ b/crypto_kem/frodokem976shake/clean/noise.c @@ -16,7 +16,8 @@ void PQCLEAN_FRODOKEM976SHAKE_CLEAN_sample_n(uint16_t *s, size_t n) { // Fills vector s with n samples from the noise distribution which requires 16 bits to sample. // The distribution is specified by its CDF. // Input: pseudo-random values (2*n bytes) passed in s. The input is overwritten by the output. - unsigned int i, j; + size_t i; + unsigned int j; for (i = 0; i < n; ++i) { uint8_t sample = 0; From 873216c702f625310e664a209854d856b457bb7e Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 13:16:26 +0200 Subject: [PATCH 11/15] Fix integer overflow problems in NTRU --- crypto_kem/ntruhps2048509/clean/crypto_sort.c | 2 +- crypto_kem/ntruhps2048509/clean/sample.c | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crypto_kem/ntruhps2048509/clean/crypto_sort.c b/crypto_kem/ntruhps2048509/clean/crypto_sort.c index 6a9fc5cd..6b12bba3 100644 --- a/crypto_kem/ntruhps2048509/clean/crypto_sort.c +++ b/crypto_kem/ntruhps2048509/clean/crypto_sort.c @@ -8,7 +8,7 @@ #define int32_MINMAX(a,b) \ do { \ int32_t ab = (b) ^ (a); \ - int32_t c = (b) - (a); \ + int32_t c = (int32_t)((int64_t)(b) - (int64_t)(a)); \ c ^= ab & (c ^ (b)); \ c >>= 31; \ c &= ab; \ diff --git a/crypto_kem/ntruhps2048509/clean/sample.c b/crypto_kem/ntruhps2048509/clean/sample.c index 34e5b139..461e15f4 100644 --- a/crypto_kem/ntruhps2048509/clean/sample.c +++ b/crypto_kem/ntruhps2048509/clean/sample.c @@ -25,15 +25,15 @@ void PQCLEAN_NTRUHPS2048509_CLEAN_sample_iid(poly *r, const unsigned char unifor void PQCLEAN_NTRUHPS2048509_CLEAN_sample_fixed_type(poly *r, const unsigned char u[NTRU_SAMPLE_FT_BYTES]) { // Assumes NTRU_SAMPLE_FT_BYTES = ceil(30*(n-1)/8) - int32_t s[NTRU_N - 1]; + uint32_t s[NTRU_N - 1]; int i; // Use 30 bits of u per word for (i = 0; i < (NTRU_N - 1) / 4; i++) { - s[4 * i + 0] = (u[15 * i + 0] << 2) + (u[15 * i + 1] << 10) + (u[15 * i + 2] << 18) + (u[15 * i + 3] << 26); - s[4 * i + 1] = ((u[15 * i + 3] & 0xc0) >> 4) + (u[15 * i + 4] << 4) + (u[15 * i + 5] << 12) + (u[15 * i + 6] << 20) + (u[15 * i + 7] << 28); - s[4 * i + 2] = ((u[15 * i + 7] & 0xf0) >> 2) + (u[15 * i + 8] << 6) + (u[15 * i + 9] << 14) + (u[15 * i + 10] << 22) + (u[15 * i + 11] << 30); - s[4 * i + 3] = (u[15 * i + 11] & 0xfc) + (u[15 * i + 12] << 8) + (u[15 * i + 13] << 15) + (u[15 * i + 14] << 24); + s[4 * i + 0] = (u[15 * i + 0] << 2) + (u[15 * i + 1] << 10) + (u[15 * i + 2] << 18) + ((uint32_t)u[15 * i + 3] << 26); + s[4 * i + 1] = ((u[15 * i + 3] & 0xc0) >> 4) + (u[15 * i + 4] << 4) + (u[15 * i + 5] << 12) + (u[15 * i + 6] << 20) + ((uint32_t)u[15 * i + 7] << 28); + s[4 * i + 2] = ((u[15 * i + 7] & 0xf0) >> 2) + (u[15 * i + 8] << 6) + (u[15 * i + 9] << 14) + (u[15 * i + 10] << 22) + ((uint32_t)u[15 * i + 11] << 30); + s[4 * i + 3] = (u[15 * i + 11] & 0xfc) + (u[15 * i + 12] << 8) + (u[15 * i + 13] << 15) + ((uint32_t)u[15 * i + 14] << 24); } for (i = 0; i < NTRU_WEIGHT / 2; i++) { From e711d6e3b9e67875747e90dd4f40f8a38f0a58fd Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 13:24:34 +0200 Subject: [PATCH 12/15] Fix hash length in NTRU --- crypto_kem/ntruhps2048509/clean/kem.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto_kem/ntruhps2048509/clean/kem.c b/crypto_kem/ntruhps2048509/clean/kem.c index 52ae34ae..09757cb2 100644 --- a/crypto_kem/ntruhps2048509/clean/kem.c +++ b/crypto_kem/ntruhps2048509/clean/kem.c @@ -52,7 +52,7 @@ int PQCLEAN_NTRUHPS2048509_CLEAN_crypto_kem_dec(uint8_t *k, const uint8_t *c, co for (i = 0; i < NTRU_CIPHERTEXTBYTES; i++) { cmp[i] = c[i]; } - sha3_256(rm, cmp, NTRU_PRFKEYBYTES + NTRU_CIPHERTEXTBYTES); + sha3_256(rm, cmp, NTRU_CIPHERTEXTBYTES); PQCLEAN_NTRUHPS2048509_CLEAN_cmov(k, rm, NTRU_SHAREDKEYBYTES, (unsigned char) fail); From 78257d4299c85f5a21f2070063eceaa1bd97e4d9 Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 13:39:26 +0200 Subject: [PATCH 13/15] Add small note to PR template [ci skip] --- .github/pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index da29dd70..ce2bb1d8 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -2,7 +2,7 @@ - + #### Manually checked properties From 48bae57f247f58e4242dd28bcb0a76cb7d5b0756 Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Tue, 16 Apr 2019 15:25:18 +0200 Subject: [PATCH 14/15] Fix NTRU implementation according to https://github.com/jschanck/ntru/commit/c7fa0b98bcf446077ca3c83c2f9fa81d6bd6f212 --- crypto_kem/ntruhps2048509/clean/kem.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/crypto_kem/ntruhps2048509/clean/kem.c b/crypto_kem/ntruhps2048509/clean/kem.c index 09757cb2..97351508 100644 --- a/crypto_kem/ntruhps2048509/clean/kem.c +++ b/crypto_kem/ntruhps2048509/clean/kem.c @@ -37,7 +37,6 @@ int PQCLEAN_NTRUHPS2048509_CLEAN_crypto_kem_dec(uint8_t *k, const uint8_t *c, co int i, fail; uint8_t rm[NTRU_OWCPA_MSGBYTES]; uint8_t buf[NTRU_PRFKEYBYTES + NTRU_CIPHERTEXTBYTES]; - uint8_t *cmp = buf + NTRU_PRFKEYBYTES; fail = PQCLEAN_NTRUHPS2048509_CLEAN_owcpa_dec(rm, c, sk); /* If fail = 0 then c = Enc(h, rm), there is no need to re-encapsulate. */ @@ -50,9 +49,9 @@ int PQCLEAN_NTRUHPS2048509_CLEAN_crypto_kem_dec(uint8_t *k, const uint8_t *c, co buf[i] = sk[i + NTRU_OWCPA_SECRETKEYBYTES]; } for (i = 0; i < NTRU_CIPHERTEXTBYTES; i++) { - cmp[i] = c[i]; + buf[NTRU_PRFKEYBYTES + i] = c[i]; } - sha3_256(rm, cmp, NTRU_CIPHERTEXTBYTES); + sha3_256(rm, buf, NTRU_PRFKEYBYTES + NTRU_CIPHERTEXTBYTES); PQCLEAN_NTRUHPS2048509_CLEAN_cmov(k, rm, NTRU_SHAREDKEYBYTES, (unsigned char) fail); From 09632377f9fd79cf9c93dcc29f1e4b3a6765502b Mon Sep 17 00:00:00 2001 From: Douglas Stebila Date: Tue, 16 Apr 2019 20:59:37 -0400 Subject: [PATCH 15/15] Skip clang-tidy on Windows --- test/test_linter.py | 1 + 1 file changed, 1 insertion(+) diff --git a/test/test_linter.py b/test/test_linter.py index e73492d5..64d408cc 100644 --- a/test/test_linter.py +++ b/test/test_linter.py @@ -16,6 +16,7 @@ def test_clang_tidy(): yield check_tidy, implementation +@helpers.skip_windows() def check_tidy(implementation: pqclean.Implementation): helpers.ensure_available('clang-tidy') cfiles = implementation.cfiles()