fixup! Fix uint8_t to uint16_t upcast in Frodo

4 years ago · 5b5956c2ef
--- a/crypto_kem/frodokem1344aes/clean/kem.c
+++ b/crypto_kem/frodokem1344aes/clean/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM1344AES_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct,
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem1344aes/opt/kem.c
+++ b/crypto_kem/frodokem1344aes/opt/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM1344AES_OPT_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, c
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem1344shake/clean/kem.c
+++ b/crypto_kem/frodokem1344shake/clean/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM1344SHAKE_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *c
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem1344shake/opt/kem.c
+++ b/crypto_kem/frodokem1344shake/opt/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM1344SHAKE_OPT_crypto_kem_dec(uint8_t *ss, const uint8_t *ct,
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem640aes/clean/kem.c
+++ b/crypto_kem/frodokem640aes/clean/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM640AES_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct,
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem640aes/opt/kem.c
+++ b/crypto_kem/frodokem640aes/opt/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM640AES_OPT_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, co
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem640shake/clean/kem.c
+++ b/crypto_kem/frodokem640shake/clean/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM640SHAKE_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem640shake/opt/kem.c
+++ b/crypto_kem/frodokem640shake/opt/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM640SHAKE_OPT_crypto_kem_dec(uint8_t *ss, const uint8_t *ct,
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem976aes/clean/kem.c
+++ b/crypto_kem/frodokem976aes/clean/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM976AES_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct,
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem976aes/opt/kem.c
+++ b/crypto_kem/frodokem976aes/opt/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM976AES_OPT_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, co
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem976shake/clean/kem.c
+++ b/crypto_kem/frodokem976shake/clean/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM976SHAKE_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu
--- a/crypto_kem/frodokem976shake/opt/kem.c
+++ b/crypto_kem/frodokem976shake/opt/kem.c
@@ -172,7 +172,7 @@ int PQCLEAN_FRODOKEM976SHAKE_OPT_crypto_kem_dec(uint8_t *ss, const uint8_t *ct,
    uint8_t shake_input_seedSEprime[1 + CRYPTO_BYTES];       // contains secret data

    for (size_t i = 0; i < PARAMS_N * PARAMS_NBAR; i++) {
        S[i] = sk_S[2*i] | (sk_S[2*i+1] << 8);
        S[i] = sk_S[2 * i] | (sk_S[2 * i + 1] << 8);
    }

    // Compute W = C - Bp*S (mod q), and decode the randomness mu