From 5853cb8e502359c3a9cc00b84e316c663b46577b Mon Sep 17 00:00:00 2001 From: Joost Rijneveld Date: Tue, 9 Apr 2019 16:45:41 +0200 Subject: [PATCH 1/3] Test for preprocessor conditionals --- test/test_preprocessor.py | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 test/test_preprocessor.py diff --git a/test/test_preprocessor.py b/test/test_preprocessor.py new file mode 100644 index 00000000..64e0b1f4 --- /dev/null +++ b/test/test_preprocessor.py @@ -0,0 +1,37 @@ +import os +from glob import glob + +import pqclean +from helpers import run_subprocess, ensure_available + + +def test_preprocessor(): + for scheme in pqclean.Scheme.all_schemes(): + for implementation in scheme.implementations: + yield check_preprocessor, implementation + + +def check_preprocessor(implementation: pqclean.Implementation): + cfiles = implementation.cfiles() + hfiles = implementation.hfiles() + errors = [] + for file in hfiles + cfiles: + with open(file) as f: + for i, line in enumerate(f): + line = line.strip() + if file in hfiles and i == 0 and line.startswith('#ifndef'): + continue + if line.startswith('#if'): + errors.append("\n at {}:{}".format(file, i+1)) + if errors: + raise AssertionError( + "Prohibited use of preprocessor conditional" + "".join(errors) + ) + +if __name__ == "__main__": + try: + import nose2 + nose2.main() + except ImportError: + import nose + nose.runmodule() From dfe9508551410c086a71ccd17cf2ed2ad6e12971 Mon Sep 17 00:00:00 2001 From: Joost Rijneveld Date: Tue, 9 Apr 2019 16:49:55 +0200 Subject: [PATCH 2/3] Remove preprocessor ignored codepath for Kyber --- crypto_kem/kyber768/clean/cbd.c | 54 --------------------------------- 1 file changed, 54 deletions(-) diff --git a/crypto_kem/kyber768/clean/cbd.c b/crypto_kem/kyber768/clean/cbd.c index f62278e0..15b46021 100644 --- a/crypto_kem/kyber768/clean/cbd.c +++ b/crypto_kem/kyber768/clean/cbd.c @@ -32,32 +32,6 @@ static uint64_t load_littleendian(const unsigned char *x, int bytes) { * - const unsigned char *buf: pointer to input byte array **************************************************/ void PQCLEAN_KYBER768_CLEAN_cbd(poly *r, const unsigned char *buf) { - #if KYBER_ETA == 3 - uint32_t t, d, a[4], b[4]; - int i, j; - - for (i = 0; i < KYBER_N / 4; i++) { - t = (uint32_t)load_littleendian(buf + 3 * i, 3); - d = 0; - for (j = 0; j < 3; j++) { - d += (t >> j) & 0x249249; - } - - a[0] = d & 0x7; - b[0] = (d >> 3) & 0x7; - a[1] = (d >> 6) & 0x7; - b[1] = (d >> 9) & 0x7; - a[2] = (d >> 12) & 0x7; - b[2] = (d >> 15) & 0x7; - a[3] = (d >> 18) & 0x7; - b[3] = (d >> 21); - - r->coeffs[4 * i + 0] = (uint16_t)(a[0] + KYBER_Q - b[0]); - r->coeffs[4 * i + 1] = (uint16_t)(a[1] + KYBER_Q - b[1]); - r->coeffs[4 * i + 2] = (uint16_t)(a[2] + KYBER_Q - b[2]); - r->coeffs[4 * i + 3] = (uint16_t)(a[3] + KYBER_Q - b[3]); - } - #elif KYBER_ETA == 4 uint32_t t, d, a[4], b[4]; int i, j; @@ -82,32 +56,4 @@ void PQCLEAN_KYBER768_CLEAN_cbd(poly *r, const unsigned char *buf) { r->coeffs[4 * i + 2] = (uint16_t)(a[2] + KYBER_Q - b[2]); r->coeffs[4 * i + 3] = (uint16_t)(a[3] + KYBER_Q - b[3]); } - #elif KYBER_ETA == 5 - uint64_t t, d, a[4], b[4]; - int i, j; - - for (i = 0; i < KYBER_N / 4; i++) { - t = load_littleendian(buf + 5 * i, 5); - d = 0; - for (j = 0; j < 5; j++) { - d += (t >> j) & 0x0842108421UL; - } - - a[0] = d & 0x1f; - b[0] = (d >> 5) & 0x1f; - a[1] = (d >> 10) & 0x1f; - b[1] = (d >> 15) & 0x1f; - a[2] = (d >> 20) & 0x1f; - b[2] = (d >> 25) & 0x1f; - a[3] = (d >> 30) & 0x1f; - b[3] = (d >> 35); - - r->coeffs[4 * i + 0] = (uint16_t)(a[0] + KYBER_Q - b[0]); - r->coeffs[4 * i + 1] = (uint16_t)(a[1] + KYBER_Q - b[1]); - r->coeffs[4 * i + 2] = (uint16_t)(a[2] + KYBER_Q - b[2]); - r->coeffs[4 * i + 3] = (uint16_t)(a[3] + KYBER_Q - b[3]); - } - #else -#error "poly_getnoise in poly.c only supports eta in {3,4,5}" - #endif } From 56e8d17a7d339bef9f0fce3f15179bfb77e6e3d4 Mon Sep 17 00:00:00 2001 From: Joost Rijneveld Date: Tue, 9 Apr 2019 16:56:11 +0200 Subject: [PATCH 3/3] Move #if check from manual to automatic --- .github/pull_request_template.md | 1 - README.md | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 4ff5bcc3..da29dd70 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -6,7 +6,6 @@ #### Manually checked properties -* [ ] `#if`/`#ifdef`s only for header encapsulation * [ ] No stringification macros * [ ] Output-parameter pointers in functions are on the left * [ ] Negative return values on failure of API functions (within restrictions of FO transform). diff --git a/README.md b/README.md index f68dbdd8..b557aa75 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,7 @@ _The checking of items on this list is still being developed. Checked items shou * [x] API functions do not write outside provided buffers * [x] `api.h` cannot include external files * [x] Compiles with `-Wall -Wextra -Wpedantic -Werror` with `gcc` and `clang` +* [x] `#if`/`#ifdef`s only for header encapsulation * [x] Consistent test vectors across runs * [x] Consistent test vectors on big-endian and little-endian machines * [x] Consistent test vectors on 32-bit and 64-bit machines @@ -66,7 +67,6 @@ _The checking of items on this list is still being developed. Checked items shou ## Requirements on C implementations that are manually checked * Minimalist Makefiles -* `#if`/`#ifdef`s only for header encapsulation * No stringification macros * Output-parameter pointers in functions are on the left * `const` arguments are labeled as `const`