diff --git a/src/rustapi/pqc-sys/src/bindings.rs b/src/rustapi/pqc-sys/src/bindings.rs index de93cfad..11929a8b 100644 --- a/src/rustapi/pqc-sys/src/bindings.rs +++ b/src/rustapi/pqc-sys/src/bindings.rs @@ -235,7 +235,8 @@ pub const SPHINCSSHA256256SROBUST: ::std::os::raw::c_uint = 28; pub const SPHINCSSHA256128SROBUST: ::std::os::raw::c_uint = 29; pub const SPHINCSSHA256128FSIMPLE: ::std::os::raw::c_uint = 30; pub const SPHINCSSHA256192FROBUST: ::std::os::raw::c_uint = 31; -pub const PQC_ALG_SIG_MAX: ::std::os::raw::c_uint = 32; +pub const PICNIC3L1: ::std::os::raw::c_uint = 32; +pub const PQC_ALG_SIG_MAX: ::std::os::raw::c_uint = 33; pub type _bindgen_ty_1 = ::std::os::raw::c_uint; pub const FRODOKEM976SHAKE: ::std::os::raw::c_uint = 0; pub const FRODOKEM1344SHAKE: ::std::os::raw::c_uint = 1; diff --git a/src/rustapi/pqc-sys/src/build.rs b/src/rustapi/pqc-sys/src/build.rs index 761dd312..35205437 100644 --- a/src/rustapi/pqc-sys/src/build.rs +++ b/src/rustapi/pqc-sys/src/build.rs @@ -4,7 +4,7 @@ extern crate bindgen; fn main() { let dst = Config::new("../../../") - .profile("Release") + .profile("Debug") .very_verbose(true) .build(); diff --git a/src/sign/picnic/picnic3l1/avx2/randomness.c b/src/sign/picnic/picnic3l1/avx2/randomness.c index d4402156..ae7dca72 100644 --- a/src/sign/picnic/picnic3l1/avx2/randomness.c +++ b/src/sign/picnic/picnic3l1/avx2/randomness.c @@ -11,7 +11,6 @@ #include "randomness.h" #include "macros.h" -#if defined(HAVE_RANDOMBYTES) || defined(SUPERCOP) // randombytes from the NIST framework / SUPERCOP extern void randombytes(unsigned char* x, unsigned long long xlen); @@ -19,110 +18,6 @@ int rand_bytes(uint8_t* dst, size_t len) { randombytes(dst, len); return 0; } -#else - -#if (defined(HAVE_SYS_RANDOM_H) && defined(HAVE_GETRANDOM)) || \ - (defined(__linux__) && GLIBC_CHECK(2, 25)) -#include - -int rand_bytes(uint8_t* dst, size_t len) { - const ssize_t ret = getrandom(dst, len, GRND_NONBLOCK); - if (ret < 0 || (size_t)ret != len) { - return -1; - } - return 0; -} -#elif defined(HAVE_ARC4RANDOM_BUF) -#include - -int rand_bytes(uint8_t* dst, size_t len) { - arc4random_buf(dst, len); - return 0; -} -#elif defined(__APPLE__) && defined(HAVE_APPLE_FRAMEWORK) -#include - -int rand_bytes(uint8_t* dst, size_t len) { - if (SecRandomCopyBytes(kSecRandomDefault, len, dst) == errSecSuccess) { - return 0; - } - return -1; -} -#elif defined(__linux__) || defined(__APPLE__) || defined(__FreeBSD__) || defined(__NETBSD__) || \ - defined(__NetBSD__) -#include -#include -#include -#include -#include - -#if defined(__linux__) -#include -#include -#endif - -#if !defined(O_NOFOLLOW) -#define O_NOFOLLOW 0 -#endif -#if !defined(O_CLOEXEC) -#define O_CLOEXEC 0 -#endif - -int rand_bytes(uint8_t* dst, size_t len) { - int fd; - while ((fd = open("/dev/urandom", O_RDONLY | O_NOFOLLOW | O_CLOEXEC, 0)) == -1) { - // check if we should restart - if (errno != EINTR) { - return -1; - } - } -#if O_CLOEXEC == 0 - fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC); -#endif - -#if defined(__linux__) - int cnt = 0; - if (ioctl(fd, RNDGETENTCNT, &cnt) == -1) { - // not ready - close(fd); - return -1; - } -#endif - - while (len) { - const ssize_t ret = read(fd, dst, len); - if (ret == -1) { - if (errno == EAGAIN || errno == EINTR) { - // retry - continue; - } - close(fd); - return -1; - } - - dst += ret; - len -= ret; - } - - close(fd); - return 0; -} -#elif defined(_WIN16) || defined(_WIN32) || defined(_WIN64) -#include - -int rand_bytes(uint8_t* dst, size_t len) { - if (len > ULONG_MAX) { - return -1; - } - if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, dst, (ULONG)len, BCRYPT_USE_SYSTEM_PREFERRED_RNG))) { - return -1; - } - return 0; -} -#else -#error "Unsupported OS! Please implement rand_bytes." -#endif -#endif int rand_bits(uint8_t* dst, size_t num_bits) { const size_t num_bytes = (num_bits + 7) / 8; diff --git a/src/sign/picnic/picnic3l1/clean/api.c b/src/sign/picnic/picnic3l1/clean/api.c index 8095dc68..c6d9fb74 100644 --- a/src/sign/picnic/picnic3l1/clean/api.c +++ b/src/sign/picnic/picnic3l1/clean/api.c @@ -14,40 +14,7 @@ #include "api.h" #include - -//#ifndef htole32 -static uint32_t bswap32(uint32_t x) -{ - return ((x & 0xff000000) >> 24) | ((x & 0x00ff0000) >> 8) | ((x & 0x0000ff00) << 8) | - ((x & 0x000000ff) << 24); -} - -static int isBigEndianSystem() -{ - uint32_t x = 1; - uint8_t* xp = (uint8_t*) &x; - if(xp[3] == 1) { - return 1; - } - return 0; -} - -static uint32_t htole32_portable(uint32_t x) -{ - if(isBigEndianSystem()) { - return bswap32(x); - } - return x; -} -static uint32_t le32toh_portable(uint32_t x) -{ - if(isBigEndianSystem()) { - return bswap32(x); - } - return x; -} - -//#endif +#include picnic_params_t PQCLEAN_PICNIC3L1_CLEAN_params = Picnic3_L1; @@ -55,11 +22,10 @@ int PQCLEAN_PICNIC3L1_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char { picnic_publickey_t pubkey; picnic_privatekey_t secret; - int ret = picnic_keygen(PQCLEAN_PICNIC3L1_CLEAN_params, &pubkey, &secret); - if (ret != 0) { - return ret; + if (ret) { + return -2; } ret = picnic_write_public_key(&pubkey, pk, PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_PUBLICKEYBYTES); diff --git a/src/sign/picnic/picnic3l1/clean/api.h b/src/sign/picnic/picnic3l1/clean/api.h index ee3d2100..a23bbea1 100644 --- a/src/sign/picnic/picnic3l1/clean/api.h +++ b/src/sign/picnic/picnic3l1/clean/api.h @@ -22,7 +22,7 @@ // Set these three values apropriately for your algorithm #define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_SECRETKEYBYTES 52 #define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_PUBLICKEYBYTES 35 -#define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_BYTES 14612 +#define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_BYTES 14608 // Change the algorithm name #define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_ALGNAME "picnic3l1" diff --git a/src/sign/picnic/picnic3l1/clean/picnic.c b/src/sign/picnic/picnic3l1/clean/picnic.c index f057524c..6b32a4f6 100644 --- a/src/sign/picnic/picnic3l1/clean/picnic.c +++ b/src/sign/picnic/picnic3l1/clean/picnic.c @@ -178,14 +178,14 @@ int get_param_set(picnic_params_t picnicParams, paramset_t* paramset) paramset->numRounds = 4; paramset->digestSizeBytes = 64; break; - + default: PRINT_DEBUG(("Unsupported Picnic parameter set (%d). \n",picnicParams)); return -1; } paramset->andSizeBytes = numBytes(paramset->numSboxes * 3 * paramset->numRounds); - paramset->stateSizeBytes = numBytes(paramset->stateSizeBits); + paramset->stateSizeBytes = numBytes(paramset->stateSizeBits); paramset->seedSizeBytes = numBytes(2 * pqSecurityLevel); paramset->stateSizeWords = (paramset->stateSizeBits + WORD_SIZE_BITS - 1)/ WORD_SIZE_BITS; paramset->transform = get_transform(picnicParams); @@ -258,7 +258,7 @@ int is_picnic3(picnic_params_t params) { if (params == Picnic3_L1 || params == Picnic3_L3 || - params == Picnic3_L5 ) { + params == Picnic3_L5 ) { return 1; } return 0; @@ -347,7 +347,7 @@ size_t picnic_signature_size(picnic_params_t parameters) /* Picnic3 parameter sets */ if (parameters == Picnic3_L1 || parameters == Picnic3_L3 || - parameters == Picnic3_L5 ) { + parameters == Picnic3_L5 ) { size_t u = paramset.numOpenedRounds; size_t T = paramset.numMPCRounds; @@ -782,4 +782,7 @@ void print_signature(const uint8_t* sigBytes, size_t sigBytesLen, picnic_params_ return; } +int picnic_random_bytes(unsigned char *x, unsigned long long xlen) { + return !randombytes(x,xlen); +} diff --git a/src/sign/picnic/picnic3l1/clean/picnic.h b/src/sign/picnic/picnic3l1/clean/picnic.h index e30e72ad..f5e753aa 100644 --- a/src/sign/picnic/picnic3l1/clean/picnic.h +++ b/src/sign/picnic/picnic3l1/clean/picnic.h @@ -225,7 +225,7 @@ int picnic_validate_keypair(const picnic_privatekey_t* privatekey, const picnic_ * random_bytes_default, and change the definition of * picnic_random_bytes. */ -#define picnic_random_bytes randombytes +int picnic_random_bytes(unsigned char *x, unsigned long long xlen); /** Parse the signature and print the individual parts. Used when creating test vectors */ void print_signature(const uint8_t* sigBytes, size_t sigBytesLen, picnic_params_t picnic_params); diff --git a/src/sign/picnic/picnic3l1/clean/sha3/KeccakP-1600-reference.c b/src/sign/picnic/picnic3l1/clean/sha3/KeccakP-1600-reference.c index 0941b3ce..86c951af 100644 --- a/src/sign/picnic/picnic3l1/clean/sha3/KeccakP-1600-reference.c +++ b/src/sign/picnic/picnic3l1/clean/sha3/KeccakP-1600-reference.c @@ -176,8 +176,8 @@ void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount) /* ---------------------------------------------------------------- */ -static void fromBytesToWords(tKeccakLane *stateAsWords, const unsigned char *state); -static void fromWordsToBytes(unsigned char *state, const tKeccakLane *stateAsWords); +//static void fromBytesToWords(tKeccakLane *stateAsWords, const unsigned char *state); +//static void fromWordsToBytes(unsigned char *state, const tKeccakLane *stateAsWords); void KeccakP1600OnWords(tKeccakLane *state, unsigned int nrRounds); void KeccakP1600Round(tKeccakLane *state, unsigned int indexRound); static void theta(tKeccakLane *A); @@ -249,6 +249,7 @@ void KeccakP1600_Permute_24rounds(void *state) #endif } +/* static void fromBytesToWords(tKeccakLane *stateAsWords, const unsigned char *state) { unsigned int i, j; @@ -268,7 +269,7 @@ static void fromWordsToBytes(unsigned char *state, const tKeccakLane *stateAsWor for(j=0; j<(64/8); j++) state[i*(64/8)+j] = (unsigned char)((stateAsWords[i] >> (8*j)) & 0xFF); } - +*/ void KeccakP1600OnWords(tKeccakLane *state, unsigned int nrRounds) { unsigned int i; diff --git a/test/katrunner/src/main.rs b/test/katrunner/src/main.rs index 0da5c3e5..10d18980 100644 --- a/test/katrunner/src/main.rs +++ b/test/katrunner/src/main.rs @@ -160,6 +160,8 @@ fn test_kem_vector(el: &TestVector) { // KAT test register const KATS: &'static[Register] = &[ + REG_SIGN!(PICNIC3L1,"round3/picnic/picnic3l1/PQCsignKAT_L1.rsp"), + REG_SIGN!(DILITHIUM2, "round3/dilithium/dilithium2/PQCsignKAT_2544.rsp"), REG_SIGN!(DILITHIUM3, "round3/dilithium/dilithium3/PQCsignKAT_4016.rsp"), REG_SIGN!(DILITHIUM5, "round3/dilithium/dilithium5/PQCsignKAT_4880.rsp"),