diff --git a/crypto_kem/ntrulpr653/avx2/crypto_sort_int32.c b/crypto_kem/ntrulpr653/avx2/crypto_sort_int32.c index efa749c2..9a3a3bf6 100644 --- a/crypto_kem/ntrulpr653/avx2/crypto_sort_int32.c +++ b/crypto_kem/ntrulpr653/avx2/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20200820/crypto_sort/int32/avx2 - #define int32 int32_t @@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) { *b ^= c; } -static void minmax_vector(int32 *x, int32 *y, size_t n) { - if ((long long) n < 8) { - while ((long long) n > 0) { +static void minmax_vector(int32 *x, int32 *y, long long n) { + if (n < 8) { + while (n > 0) { int32_MINMAX(x, y); ++x; ++y; @@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) { int32x8_MINMAX(x0, y0); int32x8_store(x + n - 8, x0); int32x8_store(y + n - 8, y0); - n &= ~(size_t) 7; + n &= ~7; } do { int32x8 x0 = int32x8_load(x); @@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) { } /* stages 64,32 of bitonic merging; n is multiple of 128 */ -static void int32_twostages_32(int32 *x, size_t n) { - size_t i; +static void int32_twostages_32(int32 *x, long long n) { + long long i; while (n > 0) { for (i = 0; i < 32; i += 8) { @@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) { } /* stages 4q,2q,q of bitonic merging */ -static size_t int32_threestages(int32 *x, size_t n, size_t q) { - size_t k, i; +static long long int32_threestages(int32 *x, long long n, long long q) { + long long k, i; for (k = 0; k + 8 * q <= n; k += 8 * q) { for (i = k; i < k + q; i += 8) { @@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) { /* n is a power of 2; n >= 8; if n == 8 then flagdown */ // NOLINTNEXTLINE(google-readability-function-size) -static void int32_sort_2power(int32 *x, size_t n, int flagdown) { - size_t p, q, i, j, k; +static void int32_sort_2power(int32 *x, long long n, int flagdown) { + long long p, q, i, j, k; int32x8 mask; if (n == 8) { @@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) { } } -void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(int32 *x, size_t n) { - size_t q, i, j; +static void int32_sort(int32 *x, long long n) { + long long q, i, j; if (n <= 8) { if (n == 8) { @@ -968,7 +966,7 @@ void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(int32 *x, size_t n) { } int32_sort_2power(x, q, 1); - PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(x + q, n - q); + int32_sort(x + q, n - q); while (q >= 64) { q >>= 2; @@ -1208,3 +1206,7 @@ continue8: int32_MINMAX(&x[j], &x[j + 1]); } } + +void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(void *array, long long n) { + int32_sort(array, n); +} diff --git a/crypto_kem/ntrulpr653/avx2/crypto_sort_int32.h b/crypto_kem/ntrulpr653/avx2/crypto_sort_int32.h index c20a0167..e68488b3 100644 --- a/crypto_kem/ntrulpr653/avx2/crypto_sort_int32.h +++ b/crypto_kem/ntrulpr653/avx2/crypto_sort_int32.h @@ -1,10 +1,8 @@ -#ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT -#define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT +#ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_INT32_H +#define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32_BYTES 4 - -void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(int32_t *x, size_t n); - +void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.c b/crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.c index 0580b89a..6532becd 100644 --- a/crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.c +++ b/crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.h b/crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.h index 9fcd720b..81a4adb7 100644 --- a/crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.h +++ b/crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr653/avx2/params.h b/crypto_kem/ntrulpr653/avx2/params.h index 653fccdb..b080a993 100644 --- a/crypto_kem/ntrulpr653/avx2/params.h +++ b/crypto_kem/ntrulpr653/avx2/params.h @@ -13,6 +13,8 @@ #include "crypto_encode_653x1541round.h" #include "crypto_encode_653x3.h" #include "crypto_encode_653xint16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1025.h" diff --git a/crypto_kem/ntrulpr653/clean/crypto_encode_653x3.c b/crypto_kem/ntrulpr653/clean/crypto_encode_653x3.c index 0b328e94..34f1f6c4 100644 --- a/crypto_kem/ntrulpr653/clean/crypto_encode_653x3.c +++ b/crypto_kem/ntrulpr653/clean/crypto_encode_653x3.c @@ -10,10 +10,10 @@ void PQCLEAN_NTRULPR653_CLEAN_crypto_encode_653x3(unsigned char *s, const void * int i; for (i = 0; i < p / 4; ++i) { - x = (uint8) (*f++ + 1); - x = (uint8) (x + ((*f++ + 1) << 2)); - x = (uint8) (x + ((*f++ + 1) << 4)); - x = (uint8) (x + ((*f++ + 1) << 6)); + x = *f++ + 1; + x += (*f++ + 1) << 2; + x += (*f++ + 1) << 4; + x += (*f++ + 1) << 6; *s++ = x; } x = *f++ + 1; diff --git a/crypto_kem/ntrulpr653/clean/crypto_sort_int32.c b/crypto_kem/ntrulpr653/clean/crypto_sort_int32.c index ec4496d9..3993bcbe 100644 --- a/crypto_kem/ntrulpr653/clean/crypto_sort_int32.c +++ b/crypto_kem/ntrulpr653/clean/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20190110/crypto_sort/int32/x86 - #define int32 int32_t @@ -17,10 +15,82 @@ } while(0) /* assume 2 <= n <= 0x40000000 */ -void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(int32 *array, size_t n) { - size_t top, p, q, r, i, j; +static void crypto_sort_smallindices(int32 *x, int32 n) { + int32 top, p, q, r, i, j; + + top = 1; + while (top < n - top) { + top += top; + } + + for (p = top; p >= 1; p >>= 1) { + i = 0; + while (i + 2 * p <= n) { + for (j = i; j < i + p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + i += 2 * p; + } + for (j = i; j < n - p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + + i = 0; + j = 0; + for (q = top; q > p; q >>= 1) { + if (j != i) for (;;) { + if (j == n - q) { + goto done; + } + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + if (j == i + p) { + i += 2 * p; + break; + } + } + while (i + p <= n - q) { + for (j = i; j < i + p; ++j) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + } + i += 2 * p; + } + /* now i + p > n - q */ + j = i; + while (j < n - q) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + } + +done: + ; + } + } +} + +void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(void *array, long long n) { + long long top, p, q, r, i, j; int32 *x = array; + if (n < 2) { + return; + } + if (n < 0x40000000) { + crypto_sort_smallindices(x, n); + return; + } top = 1; while (top < n - top) { top += top; diff --git a/crypto_kem/ntrulpr653/clean/crypto_sort_int32.h b/crypto_kem/ntrulpr653/clean/crypto_sort_int32.h index ebf8449f..23742139 100644 --- a/crypto_kem/ntrulpr653/clean/crypto_sort_int32.h +++ b/crypto_kem/ntrulpr653/clean/crypto_sort_int32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32_BYTES 4 - -void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(int32_t *array, size_t n); - +void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr653/clean/crypto_sort_uint32.c b/crypto_kem/ntrulpr653/clean/crypto_sort_uint32.c index 35b9c3ab..9fc01d21 100644 --- a/crypto_kem/ntrulpr653/clean/crypto_sort_uint32.c +++ b/crypto_kem/ntrulpr653/clean/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/ntrulpr653/clean/crypto_sort_uint32.h b/crypto_kem/ntrulpr653/clean/crypto_sort_uint32.h index f1a64f3f..dccba278 100644 --- a/crypto_kem/ntrulpr653/clean/crypto_sort_uint32.h +++ b/crypto_kem/ntrulpr653/clean/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr653/clean/params.h b/crypto_kem/ntrulpr653/clean/params.h index 087d6af7..da7b5099 100644 --- a/crypto_kem/ntrulpr653/clean/params.h +++ b/crypto_kem/ntrulpr653/clean/params.h @@ -13,14 +13,16 @@ #include "crypto_encode_653x1541round.h" #include "crypto_encode_653x3.h" #include "crypto_encode_653xint16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1025.h" #define p 653 -#define q 4621 -#define w 252 #define q27 29045 /* closest integer to 2^27/q */ #define q18 57 /* closest integer to 2^18/q */ +#define q 4621 +#define w 252 #define tau0 2175 #define tau1 113 #define tau2 2031 diff --git a/crypto_kem/ntrulpr761/avx2/crypto_sort_int32.c b/crypto_kem/ntrulpr761/avx2/crypto_sort_int32.c index 14a400a7..4b4e018c 100644 --- a/crypto_kem/ntrulpr761/avx2/crypto_sort_int32.c +++ b/crypto_kem/ntrulpr761/avx2/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20200820/crypto_sort/int32/avx2 - #define int32 int32_t @@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) { *b ^= c; } -static void minmax_vector(int32 *x, int32 *y, size_t n) { - if ((long long) n < 8) { - while ((long long) n > 0) { +static void minmax_vector(int32 *x, int32 *y, long long n) { + if (n < 8) { + while (n > 0) { int32_MINMAX(x, y); ++x; ++y; @@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) { int32x8_MINMAX(x0, y0); int32x8_store(x + n - 8, x0); int32x8_store(y + n - 8, y0); - n &= ~(size_t) 7; + n &= ~7; } do { int32x8 x0 = int32x8_load(x); @@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) { } /* stages 64,32 of bitonic merging; n is multiple of 128 */ -static void int32_twostages_32(int32 *x, size_t n) { - size_t i; +static void int32_twostages_32(int32 *x, long long n) { + long long i; while (n > 0) { for (i = 0; i < 32; i += 8) { @@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) { } /* stages 4q,2q,q of bitonic merging */ -static size_t int32_threestages(int32 *x, size_t n, size_t q) { - size_t k, i; +static long long int32_threestages(int32 *x, long long n, long long q) { + long long k, i; for (k = 0; k + 8 * q <= n; k += 8 * q) { for (i = k; i < k + q; i += 8) { @@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) { /* n is a power of 2; n >= 8; if n == 8 then flagdown */ // NOLINTNEXTLINE(google-readability-function-size) -static void int32_sort_2power(int32 *x, size_t n, int flagdown) { - size_t p, q, i, j, k; +static void int32_sort_2power(int32 *x, long long n, int flagdown) { + long long p, q, i, j, k; int32x8 mask; if (n == 8) { @@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) { } } -void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(int32 *x, size_t n) { - size_t q, i, j; +static void int32_sort(int32 *x, long long n) { + long long q, i, j; if (n <= 8) { if (n == 8) { @@ -968,7 +966,7 @@ void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(int32 *x, size_t n) { } int32_sort_2power(x, q, 1); - PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(x + q, n - q); + int32_sort(x + q, n - q); while (q >= 64) { q >>= 2; @@ -1208,3 +1206,7 @@ continue8: int32_MINMAX(&x[j], &x[j + 1]); } } + +void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(void *array, long long n) { + int32_sort(array, n); +} diff --git a/crypto_kem/ntrulpr761/avx2/crypto_sort_int32.h b/crypto_kem/ntrulpr761/avx2/crypto_sort_int32.h index 73931416..6bd305b1 100644 --- a/crypto_kem/ntrulpr761/avx2/crypto_sort_int32.h +++ b/crypto_kem/ntrulpr761/avx2/crypto_sort_int32.h @@ -1,10 +1,8 @@ -#ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT -#define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT +#ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_INT32_H +#define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32_BYTES 4 - -void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(int32_t *x, size_t n); - +void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.c b/crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.c index dbbd0d2c..a4ed948c 100644 --- a/crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.c +++ b/crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.h b/crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.h index 66f79cb1..da8370dd 100644 --- a/crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.h +++ b/crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr761/avx2/params.h b/crypto_kem/ntrulpr761/avx2/params.h index 7ca23546..5c631b2d 100644 --- a/crypto_kem/ntrulpr761/avx2/params.h +++ b/crypto_kem/ntrulpr761/avx2/params.h @@ -13,6 +13,8 @@ #include "crypto_encode_761x1531round.h" #include "crypto_encode_761x3.h" #include "crypto_encode_761xint16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1167.h" diff --git a/crypto_kem/ntrulpr761/clean/crypto_encode_761x3.c b/crypto_kem/ntrulpr761/clean/crypto_encode_761x3.c index 68be7bb0..53cf0e21 100644 --- a/crypto_kem/ntrulpr761/clean/crypto_encode_761x3.c +++ b/crypto_kem/ntrulpr761/clean/crypto_encode_761x3.c @@ -5,15 +5,15 @@ #define p 761 void PQCLEAN_NTRULPR761_CLEAN_crypto_encode_761x3(unsigned char *s, const void *v) { - const uint8 *f = (const uint8 *)v; + const uint8 *f = v; uint8 x; int i; for (i = 0; i < p / 4; ++i) { - x = (uint8) (*f++ + 1); - x = (uint8) (x + ((*f++ + 1) << 2)); - x = (uint8) (x + ((*f++ + 1) << 4)); - x = (uint8) (x + ((*f++ + 1) << 6)); + x = *f++ + 1; + x += (*f++ + 1) << 2; + x += (*f++ + 1) << 4; + x += (*f++ + 1) << 6; *s++ = x; } x = *f++ + 1; diff --git a/crypto_kem/ntrulpr761/clean/crypto_sort_int32.c b/crypto_kem/ntrulpr761/clean/crypto_sort_int32.c index 9799240a..08e2eb50 100644 --- a/crypto_kem/ntrulpr761/clean/crypto_sort_int32.c +++ b/crypto_kem/ntrulpr761/clean/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20190110/crypto_sort/int32/x86 - #define int32 int32_t @@ -17,10 +15,82 @@ } while(0) /* assume 2 <= n <= 0x40000000 */ -void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(int32 *array, size_t n) { - size_t top, p, q, r, i, j; +static void crypto_sort_smallindices(int32 *x, int32 n) { + int32 top, p, q, r, i, j; + + top = 1; + while (top < n - top) { + top += top; + } + + for (p = top; p >= 1; p >>= 1) { + i = 0; + while (i + 2 * p <= n) { + for (j = i; j < i + p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + i += 2 * p; + } + for (j = i; j < n - p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + + i = 0; + j = 0; + for (q = top; q > p; q >>= 1) { + if (j != i) for (;;) { + if (j == n - q) { + goto done; + } + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + if (j == i + p) { + i += 2 * p; + break; + } + } + while (i + p <= n - q) { + for (j = i; j < i + p; ++j) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + } + i += 2 * p; + } + /* now i + p > n - q */ + j = i; + while (j < n - q) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + } + +done: + ; + } + } +} + +void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(void *array, long long n) { + long long top, p, q, r, i, j; int32 *x = array; + if (n < 2) { + return; + } + if (n < 0x40000000) { + crypto_sort_smallindices(x, n); + return; + } top = 1; while (top < n - top) { top += top; diff --git a/crypto_kem/ntrulpr761/clean/crypto_sort_int32.h b/crypto_kem/ntrulpr761/clean/crypto_sort_int32.h index a927aabd..ace988bb 100644 --- a/crypto_kem/ntrulpr761/clean/crypto_sort_int32.h +++ b/crypto_kem/ntrulpr761/clean/crypto_sort_int32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32_BYTES 4 - -void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(int32_t *array, size_t n); - +void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr761/clean/crypto_sort_uint32.c b/crypto_kem/ntrulpr761/clean/crypto_sort_uint32.c index 19ced42a..000ea53b 100644 --- a/crypto_kem/ntrulpr761/clean/crypto_sort_uint32.c +++ b/crypto_kem/ntrulpr761/clean/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/ntrulpr761/clean/crypto_sort_uint32.h b/crypto_kem/ntrulpr761/clean/crypto_sort_uint32.h index 9333543f..3841befa 100644 --- a/crypto_kem/ntrulpr761/clean/crypto_sort_uint32.h +++ b/crypto_kem/ntrulpr761/clean/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr761/clean/params.h b/crypto_kem/ntrulpr761/clean/params.h index 23495582..ece26ee8 100644 --- a/crypto_kem/ntrulpr761/clean/params.h +++ b/crypto_kem/ntrulpr761/clean/params.h @@ -13,14 +13,16 @@ #include "crypto_encode_761x1531round.h" #include "crypto_encode_761x3.h" #include "crypto_encode_761xint16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1167.h" #define p 761 -#define q 4591 -#define w 250 #define q27 29235 /* closest integer to 2^27/q */ #define q18 57 /* closest integer to 2^18/q */ +#define q 4591 +#define w 250 #define tau0 2156 #define tau1 114 #define tau2 2007 diff --git a/crypto_kem/ntrulpr857/avx2/crypto_sort_int32.c b/crypto_kem/ntrulpr857/avx2/crypto_sort_int32.c index 878ef932..3f87a657 100644 --- a/crypto_kem/ntrulpr857/avx2/crypto_sort_int32.c +++ b/crypto_kem/ntrulpr857/avx2/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20200820/crypto_sort/int32/avx2 - #define int32 int32_t @@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) { *b ^= c; } -static void minmax_vector(int32 *x, int32 *y, size_t n) { - if ((long long) n < 8) { - while ((long long) n > 0) { +static void minmax_vector(int32 *x, int32 *y, long long n) { + if (n < 8) { + while (n > 0) { int32_MINMAX(x, y); ++x; ++y; @@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) { int32x8_MINMAX(x0, y0); int32x8_store(x + n - 8, x0); int32x8_store(y + n - 8, y0); - n &= ~(size_t) 7; + n &= ~7; } do { int32x8 x0 = int32x8_load(x); @@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) { } /* stages 64,32 of bitonic merging; n is multiple of 128 */ -static void int32_twostages_32(int32 *x, size_t n) { - size_t i; +static void int32_twostages_32(int32 *x, long long n) { + long long i; while (n > 0) { for (i = 0; i < 32; i += 8) { @@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) { } /* stages 4q,2q,q of bitonic merging */ -static size_t int32_threestages(int32 *x, size_t n, size_t q) { - size_t k, i; +static long long int32_threestages(int32 *x, long long n, long long q) { + long long k, i; for (k = 0; k + 8 * q <= n; k += 8 * q) { for (i = k; i < k + q; i += 8) { @@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) { /* n is a power of 2; n >= 8; if n == 8 then flagdown */ // NOLINTNEXTLINE(google-readability-function-size) -static void int32_sort_2power(int32 *x, size_t n, int flagdown) { - size_t p, q, i, j, k; +static void int32_sort_2power(int32 *x, long long n, int flagdown) { + long long p, q, i, j, k; int32x8 mask; if (n == 8) { @@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) { } } -void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(int32 *x, size_t n) { - size_t q, i, j; +static void int32_sort(int32 *x, long long n) { + long long q, i, j; if (n <= 8) { if (n == 8) { @@ -968,7 +966,7 @@ void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(int32 *x, size_t n) { } int32_sort_2power(x, q, 1); - PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(x + q, n - q); + int32_sort(x + q, n - q); while (q >= 64) { q >>= 2; @@ -1208,3 +1206,7 @@ continue8: int32_MINMAX(&x[j], &x[j + 1]); } } + +void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(void *array, long long n) { + int32_sort(array, n); +} diff --git a/crypto_kem/ntrulpr857/avx2/crypto_sort_int32.h b/crypto_kem/ntrulpr857/avx2/crypto_sort_int32.h index 84854cd5..f01c01f2 100644 --- a/crypto_kem/ntrulpr857/avx2/crypto_sort_int32.h +++ b/crypto_kem/ntrulpr857/avx2/crypto_sort_int32.h @@ -1,10 +1,8 @@ -#ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT -#define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT +#ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_INT32_H +#define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32_BYTES 4 - -void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(int32_t *x, size_t n); - +void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.c b/crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.c index 9c88b709..a7814419 100644 --- a/crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.c +++ b/crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.h b/crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.h index 5fa43ab6..7d04400a 100644 --- a/crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.h +++ b/crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr857/avx2/params.h b/crypto_kem/ntrulpr857/avx2/params.h index 94309645..18baf311 100644 --- a/crypto_kem/ntrulpr857/avx2/params.h +++ b/crypto_kem/ntrulpr857/avx2/params.h @@ -13,6 +13,8 @@ #include "crypto_encode_857x1723round.h" #include "crypto_encode_857x3.h" #include "crypto_encode_857xint16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1312.h" diff --git a/crypto_kem/ntrulpr857/clean/crypto_encode_857x3.c b/crypto_kem/ntrulpr857/clean/crypto_encode_857x3.c index e4660fa7..b19644b4 100644 --- a/crypto_kem/ntrulpr857/clean/crypto_encode_857x3.c +++ b/crypto_kem/ntrulpr857/clean/crypto_encode_857x3.c @@ -10,10 +10,10 @@ void PQCLEAN_NTRULPR857_CLEAN_crypto_encode_857x3(unsigned char *s, const void * int i; for (i = 0; i < p / 4; ++i) { - x = (uint8) (*f++ + 1); - x = (uint8) (x + ((*f++ + 1) << 2)); - x = (uint8) (x + ((*f++ + 1) << 4)); - x = (uint8) (x + ((*f++ + 1) << 6)); + x = *f++ + 1; + x += (*f++ + 1) << 2; + x += (*f++ + 1) << 4; + x += (*f++ + 1) << 6; *s++ = x; } x = *f++ + 1; diff --git a/crypto_kem/ntrulpr857/clean/crypto_sort_int32.c b/crypto_kem/ntrulpr857/clean/crypto_sort_int32.c index 8fb7ae3d..5a945a3a 100644 --- a/crypto_kem/ntrulpr857/clean/crypto_sort_int32.c +++ b/crypto_kem/ntrulpr857/clean/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20190110/crypto_sort/int32/x86 - #define int32 int32_t @@ -17,10 +15,82 @@ } while(0) /* assume 2 <= n <= 0x40000000 */ -void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(int32 *array, size_t n) { - size_t top, p, q, r, i, j; +static void crypto_sort_smallindices(int32 *x, int32 n) { + int32 top, p, q, r, i, j; + + top = 1; + while (top < n - top) { + top += top; + } + + for (p = top; p >= 1; p >>= 1) { + i = 0; + while (i + 2 * p <= n) { + for (j = i; j < i + p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + i += 2 * p; + } + for (j = i; j < n - p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + + i = 0; + j = 0; + for (q = top; q > p; q >>= 1) { + if (j != i) for (;;) { + if (j == n - q) { + goto done; + } + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + if (j == i + p) { + i += 2 * p; + break; + } + } + while (i + p <= n - q) { + for (j = i; j < i + p; ++j) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + } + i += 2 * p; + } + /* now i + p > n - q */ + j = i; + while (j < n - q) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + } + +done: + ; + } + } +} + +void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(void *array, long long n) { + long long top, p, q, r, i, j; int32 *x = array; + if (n < 2) { + return; + } + if (n < 0x40000000) { + crypto_sort_smallindices(x, n); + return; + } top = 1; while (top < n - top) { top += top; diff --git a/crypto_kem/ntrulpr857/clean/crypto_sort_int32.h b/crypto_kem/ntrulpr857/clean/crypto_sort_int32.h index 0c991081..54f82db7 100644 --- a/crypto_kem/ntrulpr857/clean/crypto_sort_int32.h +++ b/crypto_kem/ntrulpr857/clean/crypto_sort_int32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32_BYTES 4 - -void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(int32_t *array, size_t n); - +void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr857/clean/crypto_sort_uint32.c b/crypto_kem/ntrulpr857/clean/crypto_sort_uint32.c index 9da42e12..3b57e595 100644 --- a/crypto_kem/ntrulpr857/clean/crypto_sort_uint32.c +++ b/crypto_kem/ntrulpr857/clean/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/ntrulpr857/clean/crypto_sort_uint32.h b/crypto_kem/ntrulpr857/clean/crypto_sort_uint32.h index 8d5b3982..95e957c8 100644 --- a/crypto_kem/ntrulpr857/clean/crypto_sort_uint32.h +++ b/crypto_kem/ntrulpr857/clean/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/ntrulpr857/clean/params.h b/crypto_kem/ntrulpr857/clean/params.h index 6bb0c520..1244db89 100644 --- a/crypto_kem/ntrulpr857/clean/params.h +++ b/crypto_kem/ntrulpr857/clean/params.h @@ -13,14 +13,16 @@ #include "crypto_encode_857x1723round.h" #include "crypto_encode_857x3.h" #include "crypto_encode_857xint16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1312.h" #define p 857 -#define q 5167 -#define w 281 #define q27 25976 /* closest integer to 2^27/q */ #define q18 51 /* closest integer to 2^18/q */ +#define q 5167 +#define w 281 #define tau0 2433 #define tau1 101 #define tau2 2265 diff --git a/crypto_kem/sntrup653/avx2/crypto_sort_int32.c b/crypto_kem/sntrup653/avx2/crypto_sort_int32.c index 77d117c6..c0927747 100644 --- a/crypto_kem/sntrup653/avx2/crypto_sort_int32.c +++ b/crypto_kem/sntrup653/avx2/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20200820/crypto_sort/int32/avx2 - #define int32 int32_t @@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) { *b ^= c; } -static void minmax_vector(int32 *x, int32 *y, size_t n) { - if ((long long) n < 8) { - while ((long long) n > 0) { +static void minmax_vector(int32 *x, int32 *y, long long n) { + if (n < 8) { + while (n > 0) { int32_MINMAX(x, y); ++x; ++y; @@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) { int32x8_MINMAX(x0, y0); int32x8_store(x + n - 8, x0); int32x8_store(y + n - 8, y0); - n &= ~(size_t) 7; + n &= ~7; } do { int32x8 x0 = int32x8_load(x); @@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) { } /* stages 64,32 of bitonic merging; n is multiple of 128 */ -static void int32_twostages_32(int32 *x, size_t n) { - size_t i; +static void int32_twostages_32(int32 *x, long long n) { + long long i; while (n > 0) { for (i = 0; i < 32; i += 8) { @@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) { } /* stages 4q,2q,q of bitonic merging */ -static size_t int32_threestages(int32 *x, size_t n, size_t q) { - size_t k, i; +static long long int32_threestages(int32 *x, long long n, long long q) { + long long k, i; for (k = 0; k + 8 * q <= n; k += 8 * q) { for (i = k; i < k + q; i += 8) { @@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) { /* n is a power of 2; n >= 8; if n == 8 then flagdown */ // NOLINTNEXTLINE(google-readability-function-size) -static void int32_sort_2power(int32 *x, size_t n, int flagdown) { - size_t p, q, i, j, k; +static void int32_sort_2power(int32 *x, long long n, int flagdown) { + long long p, q, i, j, k; int32x8 mask; if (n == 8) { @@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) { } } -void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(int32 *x, size_t n) { - size_t q, i, j; +static void int32_sort(int32 *x, long long n) { + long long q, i, j; if (n <= 8) { if (n == 8) { @@ -968,7 +966,7 @@ void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(int32 *x, size_t n) { } int32_sort_2power(x, q, 1); - PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(x + q, n - q); + int32_sort(x + q, n - q); while (q >= 64) { q >>= 2; @@ -1208,3 +1206,7 @@ continue8: int32_MINMAX(&x[j], &x[j + 1]); } } + +void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(void *array, long long n) { + int32_sort(array, n); +} diff --git a/crypto_kem/sntrup653/avx2/crypto_sort_int32.h b/crypto_kem/sntrup653/avx2/crypto_sort_int32.h index a3772a41..29ec4e4d 100644 --- a/crypto_kem/sntrup653/avx2/crypto_sort_int32.h +++ b/crypto_kem/sntrup653/avx2/crypto_sort_int32.h @@ -1,10 +1,8 @@ -#ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT -#define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT +#ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_INT32_H +#define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32_BYTES 4 - -void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(int32_t *x, size_t n); - +void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup653/avx2/crypto_sort_uint32.c b/crypto_kem/sntrup653/avx2/crypto_sort_uint32.c index 289d07f6..de47a24e 100644 --- a/crypto_kem/sntrup653/avx2/crypto_sort_uint32.c +++ b/crypto_kem/sntrup653/avx2/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/sntrup653/avx2/crypto_sort_uint32.h b/crypto_kem/sntrup653/avx2/crypto_sort_uint32.h index cab8ea1f..b9208e7b 100644 --- a/crypto_kem/sntrup653/avx2/crypto_sort_uint32.h +++ b/crypto_kem/sntrup653/avx2/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup653/avx2/params.h b/crypto_kem/sntrup653/avx2/params.h index 08c585b0..646a4943 100644 --- a/crypto_kem/sntrup653/avx2/params.h +++ b/crypto_kem/sntrup653/avx2/params.h @@ -19,15 +19,17 @@ #include "crypto_encode_653xfreeze3.h" #include "crypto_encode_653xint16.h" #include "crypto_encode_int16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_897.h" -#define p 653 #define qinv (-29499) /* reciprocal of q mod 2^16 */ #define q27 29045 /* closest integer to 2^27/q */ #define q18 57 /* closest integer to 2^18/q */ #define ppad 657 #define crypto_core_weight PQCLEAN_SNTRUP653_AVX2_crypto_core_weightsntrup653 +#define p 653 #define q 4621 #define w 288 diff --git a/crypto_kem/sntrup653/clean/crypto_encode_653x3.c b/crypto_kem/sntrup653/clean/crypto_encode_653x3.c index 4fc93036..f6628a47 100644 --- a/crypto_kem/sntrup653/clean/crypto_encode_653x3.c +++ b/crypto_kem/sntrup653/clean/crypto_encode_653x3.c @@ -10,10 +10,10 @@ void PQCLEAN_SNTRUP653_CLEAN_crypto_encode_653x3(unsigned char *s, const void *v int i; for (i = 0; i < p / 4; ++i) { - x = (uint8) (*f++ + 1); - x = (uint8) (x + ((*f++ + 1) << 2)); - x = (uint8) (x + ((*f++ + 1) << 4)); - x = (uint8) (x + ((*f++ + 1) << 6)); + x = *f++ + 1; + x += (*f++ + 1) << 2; + x += (*f++ + 1) << 4; + x += (*f++ + 1) << 6; *s++ = x; } x = *f++ + 1; diff --git a/crypto_kem/sntrup653/clean/crypto_sort_int32.c b/crypto_kem/sntrup653/clean/crypto_sort_int32.c index 793b7580..6eaffe1a 100644 --- a/crypto_kem/sntrup653/clean/crypto_sort_int32.c +++ b/crypto_kem/sntrup653/clean/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20190110/crypto_sort/int32/x86 - #define int32 int32_t @@ -17,10 +15,82 @@ } while(0) /* assume 2 <= n <= 0x40000000 */ -void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(int32 *array, size_t n) { - size_t top, p, q, r, i, j; +static void crypto_sort_smallindices(int32 *x, int32 n) { + int32 top, p, q, r, i, j; + + top = 1; + while (top < n - top) { + top += top; + } + + for (p = top; p >= 1; p >>= 1) { + i = 0; + while (i + 2 * p <= n) { + for (j = i; j < i + p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + i += 2 * p; + } + for (j = i; j < n - p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + + i = 0; + j = 0; + for (q = top; q > p; q >>= 1) { + if (j != i) for (;;) { + if (j == n - q) { + goto done; + } + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + if (j == i + p) { + i += 2 * p; + break; + } + } + while (i + p <= n - q) { + for (j = i; j < i + p; ++j) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + } + i += 2 * p; + } + /* now i + p > n - q */ + j = i; + while (j < n - q) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + } + +done: + ; + } + } +} + +void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(void *array, long long n) { + long long top, p, q, r, i, j; int32 *x = array; + if (n < 2) { + return; + } + if (n < 0x40000000) { + crypto_sort_smallindices(x, n); + return; + } top = 1; while (top < n - top) { top += top; diff --git a/crypto_kem/sntrup653/clean/crypto_sort_int32.h b/crypto_kem/sntrup653/clean/crypto_sort_int32.h index 7b9ba26a..d91d5179 100644 --- a/crypto_kem/sntrup653/clean/crypto_sort_int32.h +++ b/crypto_kem/sntrup653/clean/crypto_sort_int32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32_BYTES 4 - -void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(int32_t *array, size_t n); - +void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup653/clean/crypto_sort_uint32.c b/crypto_kem/sntrup653/clean/crypto_sort_uint32.c index 1c7b815f..bc7bef6b 100644 --- a/crypto_kem/sntrup653/clean/crypto_sort_uint32.c +++ b/crypto_kem/sntrup653/clean/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/sntrup653/clean/crypto_sort_uint32.h b/crypto_kem/sntrup653/clean/crypto_sort_uint32.h index 09b336a3..0092808a 100644 --- a/crypto_kem/sntrup653/clean/crypto_sort_uint32.h +++ b/crypto_kem/sntrup653/clean/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup653/clean/params.h b/crypto_kem/sntrup653/clean/params.h index 68452f4e..b3c31f4e 100644 --- a/crypto_kem/sntrup653/clean/params.h +++ b/crypto_kem/sntrup653/clean/params.h @@ -19,12 +19,14 @@ #include "crypto_encode_653xfreeze3.h" #include "crypto_encode_653xint16.h" #include "crypto_encode_int16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_897.h" -#define p 653 #define q27 29045 /* closest integer to 2^27/q */ #define q18 57 /* closest integer to 2^18/q */ +#define p 653 #define q 4621 #define w 288 diff --git a/crypto_kem/sntrup761/avx2/crypto_sort_int32.c b/crypto_kem/sntrup761/avx2/crypto_sort_int32.c index 9de85b51..ffe126ea 100644 --- a/crypto_kem/sntrup761/avx2/crypto_sort_int32.c +++ b/crypto_kem/sntrup761/avx2/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20200820/crypto_sort/int32/avx2 - #define int32 int32_t @@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) { *b ^= c; } -static void minmax_vector(int32 *x, int32 *y, size_t n) { - if ((long long) n < 8) { - while ((long long) n > 0) { +static void minmax_vector(int32 *x, int32 *y, long long n) { + if (n < 8) { + while (n > 0) { int32_MINMAX(x, y); ++x; ++y; @@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) { int32x8_MINMAX(x0, y0); int32x8_store(x + n - 8, x0); int32x8_store(y + n - 8, y0); - n &= ~(size_t) 7; + n &= ~7; } do { int32x8 x0 = int32x8_load(x); @@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) { } /* stages 64,32 of bitonic merging; n is multiple of 128 */ -static void int32_twostages_32(int32 *x, size_t n) { - size_t i; +static void int32_twostages_32(int32 *x, long long n) { + long long i; while (n > 0) { for (i = 0; i < 32; i += 8) { @@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) { } /* stages 4q,2q,q of bitonic merging */ -static size_t int32_threestages(int32 *x, size_t n, size_t q) { - size_t k, i; +static long long int32_threestages(int32 *x, long long n, long long q) { + long long k, i; for (k = 0; k + 8 * q <= n; k += 8 * q) { for (i = k; i < k + q; i += 8) { @@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) { /* n is a power of 2; n >= 8; if n == 8 then flagdown */ // NOLINTNEXTLINE(google-readability-function-size) -static void int32_sort_2power(int32 *x, size_t n, int flagdown) { - size_t p, q, i, j, k; +static void int32_sort_2power(int32 *x, long long n, int flagdown) { + long long p, q, i, j, k; int32x8 mask; if (n == 8) { @@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) { } } -void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(int32 *x, size_t n) { - size_t q, i, j; +static void int32_sort(int32 *x, long long n) { + long long q, i, j; if (n <= 8) { if (n == 8) { @@ -968,7 +966,7 @@ void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(int32 *x, size_t n) { } int32_sort_2power(x, q, 1); - PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(x + q, n - q); + int32_sort(x + q, n - q); while (q >= 64) { q >>= 2; @@ -1208,3 +1206,7 @@ continue8: int32_MINMAX(&x[j], &x[j + 1]); } } + +void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(void *array, long long n) { + int32_sort(array, n); +} diff --git a/crypto_kem/sntrup761/avx2/crypto_sort_int32.h b/crypto_kem/sntrup761/avx2/crypto_sort_int32.h index b328ef1c..2f5329dd 100644 --- a/crypto_kem/sntrup761/avx2/crypto_sort_int32.h +++ b/crypto_kem/sntrup761/avx2/crypto_sort_int32.h @@ -1,10 +1,8 @@ -#ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT -#define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT +#ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_INT32_H +#define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32_BYTES 4 - -void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(int32_t *x, size_t n); - +void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup761/avx2/crypto_sort_uint32.c b/crypto_kem/sntrup761/avx2/crypto_sort_uint32.c index d7e172a0..e9ee179c 100644 --- a/crypto_kem/sntrup761/avx2/crypto_sort_uint32.c +++ b/crypto_kem/sntrup761/avx2/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/sntrup761/avx2/crypto_sort_uint32.h b/crypto_kem/sntrup761/avx2/crypto_sort_uint32.h index 91ecbcc9..7d22be84 100644 --- a/crypto_kem/sntrup761/avx2/crypto_sort_uint32.h +++ b/crypto_kem/sntrup761/avx2/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup761/avx2/params.h b/crypto_kem/sntrup761/avx2/params.h index cfc95319..6a72060a 100644 --- a/crypto_kem/sntrup761/avx2/params.h +++ b/crypto_kem/sntrup761/avx2/params.h @@ -19,15 +19,17 @@ #include "crypto_encode_761xfreeze3.h" #include "crypto_encode_761xint16.h" #include "crypto_encode_int16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1039.h" -#define p 761 #define qinv 15631 /* reciprocal of q mod 2^16 */ #define q27 29235 /* closest integer to 2^27/q */ #define q18 57 /* closest integer to 2^18/q */ #define ppad 769 #define crypto_core_weight PQCLEAN_SNTRUP761_AVX2_crypto_core_weightsntrup761 +#define p 761 #define q 4591 #define w 286 diff --git a/crypto_kem/sntrup761/clean/crypto_encode_761x3.c b/crypto_kem/sntrup761/clean/crypto_encode_761x3.c index 7bb35adb..54deace0 100644 --- a/crypto_kem/sntrup761/clean/crypto_encode_761x3.c +++ b/crypto_kem/sntrup761/clean/crypto_encode_761x3.c @@ -5,15 +5,15 @@ #define p 761 void PQCLEAN_SNTRUP761_CLEAN_crypto_encode_761x3(unsigned char *s, const void *v) { - const uint8 *f = (const uint8 *)v; + const uint8 *f = v; uint8 x; int i; for (i = 0; i < p / 4; ++i) { - x = (uint8) (*f++ + 1); - x = (uint8) (x + ((*f++ + 1) << 2)); - x = (uint8) (x + ((*f++ + 1) << 4)); - x = (uint8) (x + ((*f++ + 1) << 6)); + x = *f++ + 1; + x += (*f++ + 1) << 2; + x += (*f++ + 1) << 4; + x += (*f++ + 1) << 6; *s++ = x; } x = *f++ + 1; diff --git a/crypto_kem/sntrup761/clean/crypto_sort_int32.c b/crypto_kem/sntrup761/clean/crypto_sort_int32.c index 1d2ca492..68b5fb81 100644 --- a/crypto_kem/sntrup761/clean/crypto_sort_int32.c +++ b/crypto_kem/sntrup761/clean/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20190110/crypto_sort/int32/x86 - #define int32 int32_t @@ -17,10 +15,82 @@ } while(0) /* assume 2 <= n <= 0x40000000 */ -void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(int32 *array, size_t n) { - size_t top, p, q, r, i, j; +static void crypto_sort_smallindices(int32 *x, int32 n) { + int32 top, p, q, r, i, j; + + top = 1; + while (top < n - top) { + top += top; + } + + for (p = top; p >= 1; p >>= 1) { + i = 0; + while (i + 2 * p <= n) { + for (j = i; j < i + p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + i += 2 * p; + } + for (j = i; j < n - p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + + i = 0; + j = 0; + for (q = top; q > p; q >>= 1) { + if (j != i) for (;;) { + if (j == n - q) { + goto done; + } + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + if (j == i + p) { + i += 2 * p; + break; + } + } + while (i + p <= n - q) { + for (j = i; j < i + p; ++j) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + } + i += 2 * p; + } + /* now i + p > n - q */ + j = i; + while (j < n - q) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + } + +done: + ; + } + } +} + +void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(void *array, long long n) { + long long top, p, q, r, i, j; int32 *x = array; + if (n < 2) { + return; + } + if (n < 0x40000000) { + crypto_sort_smallindices(x, n); + return; + } top = 1; while (top < n - top) { top += top; diff --git a/crypto_kem/sntrup761/clean/crypto_sort_int32.h b/crypto_kem/sntrup761/clean/crypto_sort_int32.h index 33214f4f..c6e32e29 100644 --- a/crypto_kem/sntrup761/clean/crypto_sort_int32.h +++ b/crypto_kem/sntrup761/clean/crypto_sort_int32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32_BYTES 4 - -void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(int32_t *array, size_t n); - +void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup761/clean/crypto_sort_uint32.c b/crypto_kem/sntrup761/clean/crypto_sort_uint32.c index a2b8667d..8ce0184d 100644 --- a/crypto_kem/sntrup761/clean/crypto_sort_uint32.c +++ b/crypto_kem/sntrup761/clean/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/sntrup761/clean/crypto_sort_uint32.h b/crypto_kem/sntrup761/clean/crypto_sort_uint32.h index c24792fe..8d62e22d 100644 --- a/crypto_kem/sntrup761/clean/crypto_sort_uint32.h +++ b/crypto_kem/sntrup761/clean/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup761/clean/params.h b/crypto_kem/sntrup761/clean/params.h index af77a621..4e0ac26f 100644 --- a/crypto_kem/sntrup761/clean/params.h +++ b/crypto_kem/sntrup761/clean/params.h @@ -19,12 +19,14 @@ #include "crypto_encode_761xfreeze3.h" #include "crypto_encode_761xint16.h" #include "crypto_encode_int16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1039.h" -#define p 761 #define q27 29235 /* closest integer to 2^27/q */ #define q18 57 /* closest integer to 2^18/q */ +#define p 761 #define q 4591 #define w 286 diff --git a/crypto_kem/sntrup857/avx2/crypto_sort_int32.c b/crypto_kem/sntrup857/avx2/crypto_sort_int32.c index ecd7b3b8..a086fc93 100644 --- a/crypto_kem/sntrup857/avx2/crypto_sort_int32.c +++ b/crypto_kem/sntrup857/avx2/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20200820/crypto_sort/int32/avx2 - #define int32 int32_t @@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) { *b ^= c; } -static void minmax_vector(int32 *x, int32 *y, size_t n) { - if ((long long) n < 8) { - while ((long long) n > 0) { +static void minmax_vector(int32 *x, int32 *y, long long n) { + if (n < 8) { + while (n > 0) { int32_MINMAX(x, y); ++x; ++y; @@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) { int32x8_MINMAX(x0, y0); int32x8_store(x + n - 8, x0); int32x8_store(y + n - 8, y0); - n &= ~(size_t) 7; + n &= ~7; } do { int32x8 x0 = int32x8_load(x); @@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) { } /* stages 64,32 of bitonic merging; n is multiple of 128 */ -static void int32_twostages_32(int32 *x, size_t n) { - size_t i; +static void int32_twostages_32(int32 *x, long long n) { + long long i; while (n > 0) { for (i = 0; i < 32; i += 8) { @@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) { } /* stages 4q,2q,q of bitonic merging */ -static size_t int32_threestages(int32 *x, size_t n, size_t q) { - size_t k, i; +static long long int32_threestages(int32 *x, long long n, long long q) { + long long k, i; for (k = 0; k + 8 * q <= n; k += 8 * q) { for (i = k; i < k + q; i += 8) { @@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) { /* n is a power of 2; n >= 8; if n == 8 then flagdown */ // NOLINTNEXTLINE(google-readability-function-size) -static void int32_sort_2power(int32 *x, size_t n, int flagdown) { - size_t p, q, i, j, k; +static void int32_sort_2power(int32 *x, long long n, int flagdown) { + long long p, q, i, j, k; int32x8 mask; if (n == 8) { @@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) { } } -void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(int32 *x, size_t n) { - size_t q, i, j; +static void int32_sort(int32 *x, long long n) { + long long q, i, j; if (n <= 8) { if (n == 8) { @@ -968,7 +966,7 @@ void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(int32 *x, size_t n) { } int32_sort_2power(x, q, 1); - PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(x + q, n - q); + int32_sort(x + q, n - q); while (q >= 64) { q >>= 2; @@ -1208,3 +1206,7 @@ continue8: int32_MINMAX(&x[j], &x[j + 1]); } } + +void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(void *array, long long n) { + int32_sort(array, n); +} diff --git a/crypto_kem/sntrup857/avx2/crypto_sort_int32.h b/crypto_kem/sntrup857/avx2/crypto_sort_int32.h index 81d82aa0..feea501f 100644 --- a/crypto_kem/sntrup857/avx2/crypto_sort_int32.h +++ b/crypto_kem/sntrup857/avx2/crypto_sort_int32.h @@ -1,10 +1,8 @@ -#ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT -#define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT +#ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_INT32_H +#define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32_BYTES 4 - -void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(int32_t *x, size_t n); - +void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup857/avx2/crypto_sort_uint32.c b/crypto_kem/sntrup857/avx2/crypto_sort_uint32.c index eb138f6f..25968272 100644 --- a/crypto_kem/sntrup857/avx2/crypto_sort_uint32.c +++ b/crypto_kem/sntrup857/avx2/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/sntrup857/avx2/crypto_sort_uint32.h b/crypto_kem/sntrup857/avx2/crypto_sort_uint32.h index 5ccfe3ab..a30ecb99 100644 --- a/crypto_kem/sntrup857/avx2/crypto_sort_uint32.h +++ b/crypto_kem/sntrup857/avx2/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup857/avx2/params.h b/crypto_kem/sntrup857/avx2/params.h index 6de2001f..14bd9ccc 100644 --- a/crypto_kem/sntrup857/avx2/params.h +++ b/crypto_kem/sntrup857/avx2/params.h @@ -19,15 +19,17 @@ #include "crypto_encode_857xfreeze3.h" #include "crypto_encode_857xint16.h" #include "crypto_encode_int16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1184.h" -#define p 857 #define qinv (-19761) /* reciprocal of q mod 2^16 */ #define q27 25976 /* closest integer to 2^27/q */ #define q18 51 /* closest integer to 2^18/q */ #define ppad 865 #define crypto_core_weight PQCLEAN_SNTRUP857_AVX2_crypto_core_weightsntrup857 +#define p 857 #define q 5167 #define w 322 diff --git a/crypto_kem/sntrup857/clean/crypto_encode_857x3.c b/crypto_kem/sntrup857/clean/crypto_encode_857x3.c index 75002c0f..de61c551 100644 --- a/crypto_kem/sntrup857/clean/crypto_encode_857x3.c +++ b/crypto_kem/sntrup857/clean/crypto_encode_857x3.c @@ -10,10 +10,10 @@ void PQCLEAN_SNTRUP857_CLEAN_crypto_encode_857x3(unsigned char *s, const void *v int i; for (i = 0; i < p / 4; ++i) { - x = (uint8) (*f++ + 1); - x = (uint8) (x + ((*f++ + 1) << 2)); - x = (uint8) (x + ((*f++ + 1) << 4)); - x = (uint8) (x + ((*f++ + 1) << 6)); + x = *f++ + 1; + x += (*f++ + 1) << 2; + x += (*f++ + 1) << 4; + x += (*f++ + 1) << 6; *s++ = x; } x = *f++ + 1; diff --git a/crypto_kem/sntrup857/clean/crypto_sort_int32.c b/crypto_kem/sntrup857/clean/crypto_sort_int32.c index 0b1dd2f8..acda3aeb 100644 --- a/crypto_kem/sntrup857/clean/crypto_sort_int32.c +++ b/crypto_kem/sntrup857/clean/crypto_sort_int32.c @@ -1,7 +1,5 @@ #include "crypto_sort_int32.h" #include -// Based on supercop-20190110/crypto_sort/int32/x86 - #define int32 int32_t @@ -17,10 +15,82 @@ } while(0) /* assume 2 <= n <= 0x40000000 */ -void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(int32 *array, size_t n) { - size_t top, p, q, r, i, j; +static void crypto_sort_smallindices(int32 *x, int32 n) { + int32 top, p, q, r, i, j; + + top = 1; + while (top < n - top) { + top += top; + } + + for (p = top; p >= 1; p >>= 1) { + i = 0; + while (i + 2 * p <= n) { + for (j = i; j < i + p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + i += 2 * p; + } + for (j = i; j < n - p; ++j) { + int32_MINMAX(x[j], x[j + p]); + } + + i = 0; + j = 0; + for (q = top; q > p; q >>= 1) { + if (j != i) for (;;) { + if (j == n - q) { + goto done; + } + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + if (j == i + p) { + i += 2 * p; + break; + } + } + while (i + p <= n - q) { + for (j = i; j < i + p; ++j) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + } + i += 2 * p; + } + /* now i + p > n - q */ + j = i; + while (j < n - q) { + int32 a = x[j + p]; + for (r = q; r > p; r >>= 1) { + int32_MINMAX(a, x[j + r]); + } + x[j + p] = a; + ++j; + } + +done: + ; + } + } +} + +void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(void *array, long long n) { + long long top, p, q, r, i, j; int32 *x = array; + if (n < 2) { + return; + } + if (n < 0x40000000) { + crypto_sort_smallindices(x, n); + return; + } top = 1; while (top < n - top) { top += top; diff --git a/crypto_kem/sntrup857/clean/crypto_sort_int32.h b/crypto_kem/sntrup857/clean/crypto_sort_int32.h index 3006e3b2..5b348538 100644 --- a/crypto_kem/sntrup857/clean/crypto_sort_int32.h +++ b/crypto_kem/sntrup857/clean/crypto_sort_int32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_INT32_H -#include #include +#define PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32_BYTES 4 - -void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(int32_t *array, size_t n); - +void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup857/clean/crypto_sort_uint32.c b/crypto_kem/sntrup857/clean/crypto_sort_uint32.c index 4c32bae5..9356ee9b 100644 --- a/crypto_kem/sntrup857/clean/crypto_sort_uint32.c +++ b/crypto_kem/sntrup857/clean/crypto_sort_uint32.c @@ -1,15 +1,13 @@ #include "crypto_sort_int32.h" #include "crypto_sort_uint32.h" -#include -#define uint32 uint32_t /* can save time by vectorizing xor loops */ /* can save time by integrating xor loops with int32_sort */ -void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { - uint32 *x = array; - size_t j; +void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(void *array, long long n) { + uint32_t *x = array; + long long j; for (j = 0; j < n; ++j) { x[j] ^= 0x80000000; } diff --git a/crypto_kem/sntrup857/clean/crypto_sort_uint32.h b/crypto_kem/sntrup857/clean/crypto_sort_uint32.h index 2d19744b..a22ba882 100644 --- a/crypto_kem/sntrup857/clean/crypto_sort_uint32.h +++ b/crypto_kem/sntrup857/clean/crypto_sort_uint32.h @@ -1,10 +1,8 @@ #ifndef PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_UINT32_H -#include #include +#define PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32_BYTES 4 - -void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n); - +void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(void *array, long long n); #endif diff --git a/crypto_kem/sntrup857/clean/params.h b/crypto_kem/sntrup857/clean/params.h index 4b4903d3..bd8b542f 100644 --- a/crypto_kem/sntrup857/clean/params.h +++ b/crypto_kem/sntrup857/clean/params.h @@ -19,12 +19,14 @@ #include "crypto_encode_857xfreeze3.h" #include "crypto_encode_857xint16.h" #include "crypto_encode_int16.h" +#include "crypto_sort_int32.h" +#include "crypto_sort_uint32.h" #include "crypto_verify_1184.h" -#define p 857 #define q27 25976 /* closest integer to 2^27/q */ #define q18 51 /* closest integer to 2^18/q */ +#define p 857 #define q 5167 #define w 322 diff --git a/test/duplicate_consistency/ntrulpr653_avx2.yml b/test/duplicate_consistency/ntrulpr653_avx2.yml index 39486aa4..eb52271b 100644 --- a/test/duplicate_consistency/ntrulpr653_avx2.yml +++ b/test/duplicate_consistency/ntrulpr653_avx2.yml @@ -12,6 +12,7 @@ consistency_checks: - crypto_encode_653x1541round.h - crypto_encode_653x3.h - crypto_encode_653xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_653xint16.c @@ -53,6 +54,7 @@ consistency_checks: scheme: sntrup761 implementation: clean files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -71,6 +73,7 @@ consistency_checks: scheme: sntrup857 implementation: clean files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -103,6 +106,7 @@ consistency_checks: - crypto_encode_653x1541round.h - crypto_encode_653x3.h - crypto_encode_653xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1025.h @@ -122,6 +126,7 @@ consistency_checks: - crypto_decode_256x2.h - crypto_encode_256x16.h - crypto_encode_256x2.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_256x16.c @@ -156,6 +161,7 @@ consistency_checks: - crypto_decode_256x2.h - crypto_encode_256x16.h - crypto_encode_256x2.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_256x16.c diff --git a/test/duplicate_consistency/ntrulpr653_clean.yml b/test/duplicate_consistency/ntrulpr653_clean.yml index 462a3bb9..76939cd8 100644 --- a/test/duplicate_consistency/ntrulpr653_clean.yml +++ b/test/duplicate_consistency/ntrulpr653_clean.yml @@ -40,6 +40,7 @@ consistency_checks: - crypto_encode_653x1541round.h - crypto_encode_653x3.h - crypto_encode_653xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_653xint16.c @@ -61,6 +62,7 @@ consistency_checks: scheme: sntrup761 implementation: avx2 files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -79,6 +81,7 @@ consistency_checks: scheme: sntrup857 implementation: avx2 files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -101,6 +104,7 @@ consistency_checks: - crypto_encode_653x1541round.h - crypto_encode_653x3.h - crypto_encode_653xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1025.h @@ -139,6 +143,7 @@ consistency_checks: - crypto_decode_256x2.h - crypto_encode_256x16.h - crypto_encode_256x2.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_256x16.c @@ -173,6 +178,7 @@ consistency_checks: - crypto_decode_256x2.h - crypto_encode_256x16.h - crypto_encode_256x2.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_256x16.c diff --git a/test/duplicate_consistency/ntrulpr761_avx2.yml b/test/duplicate_consistency/ntrulpr761_avx2.yml index 551ad24d..ada9b345 100644 --- a/test/duplicate_consistency/ntrulpr761_avx2.yml +++ b/test/duplicate_consistency/ntrulpr761_avx2.yml @@ -3,6 +3,7 @@ consistency_checks: scheme: sntrup653 implementation: clean files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -30,6 +31,7 @@ consistency_checks: - crypto_encode_761x1531round.h - crypto_encode_761x3.h - crypto_encode_761xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_761xint16.c @@ -71,6 +73,7 @@ consistency_checks: scheme: sntrup857 implementation: clean files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -103,6 +106,7 @@ consistency_checks: - crypto_encode_761x1531round.h - crypto_encode_761x3.h - crypto_encode_761xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1167.h @@ -122,6 +126,7 @@ consistency_checks: - crypto_decode_256x2.h - crypto_encode_256x16.h - crypto_encode_256x2.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_256x16.c diff --git a/test/duplicate_consistency/ntrulpr761_clean.yml b/test/duplicate_consistency/ntrulpr761_clean.yml index 40c1e43e..a57d73b6 100644 --- a/test/duplicate_consistency/ntrulpr761_clean.yml +++ b/test/duplicate_consistency/ntrulpr761_clean.yml @@ -13,6 +13,7 @@ consistency_checks: scheme: sntrup653 implementation: avx2 files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -58,6 +59,7 @@ consistency_checks: - crypto_encode_761x1531round.h - crypto_encode_761x3.h - crypto_encode_761xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_761xint16.c @@ -79,6 +81,7 @@ consistency_checks: scheme: sntrup857 implementation: avx2 files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -101,6 +104,7 @@ consistency_checks: - crypto_encode_761x1531round.h - crypto_encode_761x3.h - crypto_encode_761xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1167.h @@ -139,6 +143,7 @@ consistency_checks: - crypto_decode_256x2.h - crypto_encode_256x16.h - crypto_encode_256x2.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_256x16.c diff --git a/test/duplicate_consistency/ntrulpr857_avx2.yml b/test/duplicate_consistency/ntrulpr857_avx2.yml index d538d871..a5944167 100644 --- a/test/duplicate_consistency/ntrulpr857_avx2.yml +++ b/test/duplicate_consistency/ntrulpr857_avx2.yml @@ -3,6 +3,7 @@ consistency_checks: scheme: sntrup653 implementation: clean files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -21,6 +22,7 @@ consistency_checks: scheme: sntrup761 implementation: clean files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -48,6 +50,7 @@ consistency_checks: - crypto_encode_857x1723round.h - crypto_encode_857x3.h - crypto_encode_857xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_857xint16.c @@ -103,6 +106,7 @@ consistency_checks: - crypto_encode_857x1723round.h - crypto_encode_857x3.h - crypto_encode_857xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1312.h diff --git a/test/duplicate_consistency/ntrulpr857_clean.yml b/test/duplicate_consistency/ntrulpr857_clean.yml index ca9508a0..25bf22cc 100644 --- a/test/duplicate_consistency/ntrulpr857_clean.yml +++ b/test/duplicate_consistency/ntrulpr857_clean.yml @@ -13,6 +13,7 @@ consistency_checks: scheme: sntrup653 implementation: avx2 files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -31,6 +32,7 @@ consistency_checks: scheme: sntrup761 implementation: avx2 files: + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_sort_uint32.c @@ -76,6 +78,7 @@ consistency_checks: - crypto_encode_857x1723round.h - crypto_encode_857x3.h - crypto_encode_857xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_decode_857xint16.c @@ -101,6 +104,7 @@ consistency_checks: - crypto_encode_857x1723round.h - crypto_encode_857x3.h - crypto_encode_857xint16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1312.h diff --git a/test/duplicate_consistency/sntrup653_avx2.yml b/test/duplicate_consistency/sntrup653_avx2.yml index 19793e9e..71805ef1 100644 --- a/test/duplicate_consistency/sntrup653_avx2.yml +++ b/test/duplicate_consistency/sntrup653_avx2.yml @@ -22,6 +22,7 @@ consistency_checks: - crypto_encode_653xfreeze3.h - crypto_encode_653xint16.h - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_897.h @@ -37,6 +38,7 @@ consistency_checks: implementation: clean files: - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_encode_int16.c @@ -63,6 +65,7 @@ consistency_checks: implementation: clean files: - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_encode_int16.c diff --git a/test/duplicate_consistency/sntrup653_clean.yml b/test/duplicate_consistency/sntrup653_clean.yml index 817346c3..3d7ad93c 100644 --- a/test/duplicate_consistency/sntrup653_clean.yml +++ b/test/duplicate_consistency/sntrup653_clean.yml @@ -22,6 +22,7 @@ consistency_checks: - crypto_encode_653xfreeze3.h - crypto_encode_653xint16.h - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_897.h @@ -50,6 +51,7 @@ consistency_checks: implementation: avx2 files: - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_encode_int16.c @@ -74,6 +76,7 @@ consistency_checks: implementation: avx2 files: - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_encode_int16.c diff --git a/test/duplicate_consistency/sntrup761_avx2.yml b/test/duplicate_consistency/sntrup761_avx2.yml index 286e13bb..b06a4201 100644 --- a/test/duplicate_consistency/sntrup761_avx2.yml +++ b/test/duplicate_consistency/sntrup761_avx2.yml @@ -22,6 +22,7 @@ consistency_checks: - crypto_encode_761xfreeze3.h - crypto_encode_761xint16.h - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1039.h @@ -37,6 +38,7 @@ consistency_checks: implementation: clean files: - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_encode_int16.c diff --git a/test/duplicate_consistency/sntrup761_clean.yml b/test/duplicate_consistency/sntrup761_clean.yml index 28b0f63f..50e5216f 100644 --- a/test/duplicate_consistency/sntrup761_clean.yml +++ b/test/duplicate_consistency/sntrup761_clean.yml @@ -22,6 +22,7 @@ consistency_checks: - crypto_encode_761xfreeze3.h - crypto_encode_761xint16.h - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1039.h @@ -50,6 +51,7 @@ consistency_checks: implementation: avx2 files: - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_encode_int16.c diff --git a/test/duplicate_consistency/sntrup857_avx2.yml b/test/duplicate_consistency/sntrup857_avx2.yml index 9dd896f3..9f4e258c 100644 --- a/test/duplicate_consistency/sntrup857_avx2.yml +++ b/test/duplicate_consistency/sntrup857_avx2.yml @@ -22,6 +22,7 @@ consistency_checks: - crypto_encode_857xfreeze3.h - crypto_encode_857xint16.h - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1184.h diff --git a/test/duplicate_consistency/sntrup857_clean.yml b/test/duplicate_consistency/sntrup857_clean.yml index 1c5a45e6..c552355f 100644 --- a/test/duplicate_consistency/sntrup857_clean.yml +++ b/test/duplicate_consistency/sntrup857_clean.yml @@ -22,6 +22,7 @@ consistency_checks: - crypto_encode_857xfreeze3.h - crypto_encode_857xint16.h - crypto_encode_int16.h + - crypto_sort_int32.h - crypto_sort_uint32.h - crypto_stream_aes256ctr.h - crypto_verify_1184.h