wip

src/rustapi/pqc-sys/src/bindings.rs

@@ -235,7 +235,8 @@ pub const SPHINCSSHA256256SROBUST: ::std::os::raw::c_uint = 28;
 pub const SPHINCSSHA256128SROBUST: ::std::os::raw::c_uint = 29;
 pub const SPHINCSSHA256128FSIMPLE: ::std::os::raw::c_uint = 30;
 pub const SPHINCSSHA256192FROBUST: ::std::os::raw::c_uint = 31;
-pub const PQC_ALG_SIG_MAX: ::std::os::raw::c_uint = 32;
+pub const PICNIC3L1: ::std::os::raw::c_uint = 32;
+pub const PQC_ALG_SIG_MAX: ::std::os::raw::c_uint = 33;
 pub type _bindgen_ty_1 = ::std::os::raw::c_uint;
 pub const FRODOKEM976SHAKE: ::std::os::raw::c_uint = 0;
 pub const FRODOKEM1344SHAKE: ::std::os::raw::c_uint = 1;

src/rustapi/pqc-sys/src/build.rs

@@ -4,7 +4,7 @@ extern crate bindgen;
 
 fn main() {
 	let dst = Config::new("../../../")
-		.profile("Release")
+		.profile("Debug")
 		.very_verbose(true)
         .build();
 

src/sign/picnic/picnic3l1/avx2/randomness.c

@@ -11,7 +11,6 @@
 #include "randomness.h"
 #include "macros.h"
 
-#if defined(HAVE_RANDOMBYTES) || defined(SUPERCOP)
 // randombytes from the NIST framework / SUPERCOP
 extern void randombytes(unsigned char* x, unsigned long long xlen);
 
@@ -19,110 +18,6 @@ int rand_bytes(uint8_t* dst, size_t len) {
   randombytes(dst, len);
   return 0;
 }
-#else
-
-#if (defined(HAVE_SYS_RANDOM_H) && defined(HAVE_GETRANDOM)) ||                                     \
-    (defined(__linux__) && GLIBC_CHECK(2, 25))
-#include <sys/random.h>
-
-int rand_bytes(uint8_t* dst, size_t len) {
-  const ssize_t ret = getrandom(dst, len, GRND_NONBLOCK);
-  if (ret < 0 || (size_t)ret != len) {
-    return -1;
-  }
-  return 0;
-}
-#elif defined(HAVE_ARC4RANDOM_BUF)
-#include <stdlib.h>
-
-int rand_bytes(uint8_t* dst, size_t len) {
-  arc4random_buf(dst, len);
-  return 0;
-}
-#elif defined(__APPLE__) && defined(HAVE_APPLE_FRAMEWORK)
-#include <Security/Security.h>
-
-int rand_bytes(uint8_t* dst, size_t len) {
-  if (SecRandomCopyBytes(kSecRandomDefault, len, dst) == errSecSuccess) {
-    return 0;
-  }
-  return -1;
-}
-#elif defined(__linux__) || defined(__APPLE__) || defined(__FreeBSD__) || defined(__NETBSD__) ||   \
-    defined(__NetBSD__)
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
-
-#if defined(__linux__)
-#include <linux/random.h>
-#include <sys/ioctl.h>
-#endif
-
-#if !defined(O_NOFOLLOW)
-#define O_NOFOLLOW 0
-#endif
-#if !defined(O_CLOEXEC)
-#define O_CLOEXEC 0
-#endif
-
-int rand_bytes(uint8_t* dst, size_t len) {
-  int fd;
-  while ((fd = open("/dev/urandom", O_RDONLY | O_NOFOLLOW | O_CLOEXEC, 0)) == -1) {
-    // check if we should restart
-    if (errno != EINTR) {
-      return -1;
-    }
-  }
-#if O_CLOEXEC == 0
-  fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC);
-#endif
-
-#if defined(__linux__)
-  int cnt = 0;
-  if (ioctl(fd, RNDGETENTCNT, &cnt) == -1) {
-    // not ready
-    close(fd);
-    return -1;
-  }
-#endif
-
-  while (len) {
-    const ssize_t ret = read(fd, dst, len);
-    if (ret == -1) {
-      if (errno == EAGAIN || errno == EINTR) {
-        // retry
-        continue;
-      }
-      close(fd);
-      return -1;
-    }
-
-    dst += ret;
-    len -= ret;
-  }
-
-  close(fd);
-  return 0;
-}
-#elif defined(_WIN16) || defined(_WIN32) || defined(_WIN64)
-#include <windows.h>
-
-int rand_bytes(uint8_t* dst, size_t len) {
-  if (len > ULONG_MAX) {
-    return -1;
-  }
-  if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, dst, (ULONG)len, BCRYPT_USE_SYSTEM_PREFERRED_RNG))) {
-    return -1;
-  }
-  return 0;
-}
-#else
-#error "Unsupported OS! Please implement rand_bytes."
-#endif
-#endif
 
 int rand_bits(uint8_t* dst, size_t num_bits) {
   const size_t num_bytes = (num_bits + 7) / 8;

src/sign/picnic/picnic3l1/clean/api.c

@@ -14,40 +14,7 @@
 #include "api.h"
 
 #include <string.h>
-
-//#ifndef htole32
-static uint32_t bswap32(uint32_t x)
-{
-      return ((x & 0xff000000) >> 24) | ((x & 0x00ff0000) >> 8) | ((x & 0x0000ff00) << 8) |
-                   ((x & 0x000000ff) << 24);
-}
-
-static int isBigEndianSystem()
-{
-    uint32_t x = 1;
-    uint8_t* xp = (uint8_t*) &x;
-    if(xp[3] == 1) {
-        return 1;
-    }
-    return 0;
-}
-
-static uint32_t htole32_portable(uint32_t x)
-{
-    if(isBigEndianSystem()) {
-        return bswap32(x);
-    }
-    return x;
-}
-static uint32_t le32toh_portable(uint32_t x)
-{
-    if(isBigEndianSystem()) {
-        return bswap32(x);
-    }
-    return x;
-}
-
-//#endif
+#include <stdio.h>
 
 picnic_params_t PQCLEAN_PICNIC3L1_CLEAN_params = Picnic3_L1;
 
@@ -55,11 +22,10 @@ int PQCLEAN_PICNIC3L1_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char
 {
     picnic_publickey_t pubkey;
     picnic_privatekey_t secret;
-
     int ret = picnic_keygen(PQCLEAN_PICNIC3L1_CLEAN_params, &pubkey, &secret);
 
-    if (ret != 0) {
-        return ret;
+    if (ret) {
+        return -2;
     }
 
     ret = picnic_write_public_key(&pubkey, pk, PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_PUBLICKEYBYTES);

src/sign/picnic/picnic3l1/clean/api.h

@@ -22,7 +22,7 @@
 //  Set these three values apropriately for your algorithm
 #define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_SECRETKEYBYTES 52
 #define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_PUBLICKEYBYTES 35
-#define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_BYTES 14612
+#define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_BYTES 14608
 
 // Change the algorithm name
 #define PQCLEAN_PICNIC3L1_CLEAN_CRYPTO_ALGNAME "picnic3l1"

src/sign/picnic/picnic3l1/clean/picnic.c

@@ -178,14 +178,14 @@ int get_param_set(picnic_params_t picnicParams, paramset_t* paramset)
         paramset->numRounds = 4;
         paramset->digestSizeBytes = 64;
         break;
-       
+
     default:
         PRINT_DEBUG(("Unsupported Picnic parameter set (%d). \n",picnicParams));
         return -1;
     }
 
     paramset->andSizeBytes = numBytes(paramset->numSboxes * 3 * paramset->numRounds);
-    paramset->stateSizeBytes = numBytes(paramset->stateSizeBits); 
+    paramset->stateSizeBytes = numBytes(paramset->stateSizeBits);
     paramset->seedSizeBytes = numBytes(2 * pqSecurityLevel);
     paramset->stateSizeWords = (paramset->stateSizeBits + WORD_SIZE_BITS - 1)/ WORD_SIZE_BITS;
     paramset->transform = get_transform(picnicParams);
@@ -258,7 +258,7 @@ int is_picnic3(picnic_params_t params)
 {
     if (params == Picnic3_L1 ||
         params == Picnic3_L3 ||
-        params == Picnic3_L5 ) {  
+        params == Picnic3_L5 ) {
         return 1;
     }
     return 0;
@@ -347,7 +347,7 @@ size_t picnic_signature_size(picnic_params_t parameters)
     /* Picnic3 parameter sets */
     if (parameters == Picnic3_L1 ||
         parameters == Picnic3_L3 ||
-        parameters == Picnic3_L5 ) { 
+        parameters == Picnic3_L5 ) {
 
         size_t u = paramset.numOpenedRounds;
         size_t T = paramset.numMPCRounds;
@@ -782,4 +782,7 @@ void print_signature(const uint8_t* sigBytes, size_t sigBytesLen, picnic_params_
     return;
 }
 
+int picnic_random_bytes(unsigned char *x, unsigned long long xlen) {
+    return !randombytes(x,xlen);
+}
 

src/sign/picnic/picnic3l1/clean/picnic.h

@@ -225,7 +225,7 @@ int picnic_validate_keypair(const picnic_privatekey_t* privatekey, const picnic_
  * random_bytes_default, and change the definition of
  * picnic_random_bytes.
  */
-#define picnic_random_bytes randombytes
+int picnic_random_bytes(unsigned char *x, unsigned long long xlen);
 
 /** Parse the signature and print the individual parts. Used when creating test vectors */
 void print_signature(const uint8_t* sigBytes, size_t sigBytesLen, picnic_params_t picnic_params);

src/sign/picnic/picnic3l1/clean/sha3/KeccakP-1600-reference.c

@@ -176,8 +176,8 @@ void KeccakP1600_OverwriteWithZeroes(void *state, unsigned int byteCount)
 
 /* ---------------------------------------------------------------- */
 
-static void fromBytesToWords(tKeccakLane *stateAsWords, const unsigned char *state);
-static void fromWordsToBytes(unsigned char *state, const tKeccakLane *stateAsWords);
+//static void fromBytesToWords(tKeccakLane *stateAsWords, const unsigned char *state);
+//static void fromWordsToBytes(unsigned char *state, const tKeccakLane *stateAsWords);
 void KeccakP1600OnWords(tKeccakLane *state, unsigned int nrRounds);
 void KeccakP1600Round(tKeccakLane *state, unsigned int indexRound);
 static void theta(tKeccakLane *A);
@@ -249,6 +249,7 @@ void KeccakP1600_Permute_24rounds(void *state)
 #endif
 }
 
+/*
 static void fromBytesToWords(tKeccakLane *stateAsWords, const unsigned char *state)
 {
     unsigned int i, j;
@@ -268,7 +269,7 @@ static void fromWordsToBytes(unsigned char *state, const tKeccakLane *stateAsWor
         for(j=0; j<(64/8); j++)
             state[i*(64/8)+j] = (unsigned char)((stateAsWords[i] >> (8*j)) & 0xFF);
 }
-
+*/
 void KeccakP1600OnWords(tKeccakLane *state, unsigned int nrRounds)
 {
     unsigned int i;

test/katrunner/src/main.rs

@@ -160,6 +160,8 @@ fn test_kem_vector(el: &TestVector) {
 
 // KAT test register
 const KATS: &'static[Register] = &[
+    REG_SIGN!(PICNIC3L1,"round3/picnic/picnic3l1/PQCsignKAT_L1.rsp"),
+
     REG_SIGN!(DILITHIUM2, "round3/dilithium/dilithium2/PQCsignKAT_2544.rsp"),
     REG_SIGN!(DILITHIUM3, "round3/dilithium/dilithium3/PQCsignKAT_4016.rsp"),
     REG_SIGN!(DILITHIUM5, "round3/dilithium/dilithium5/PQCsignKAT_4880.rsp"),