kris/pqc
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix SHAKE256 memory leak in Dilithium (#271)

Browse Source
This commit is contained in:
Thom Wiggers 2020-02-16 16:18:05 +01:00 committed by GitHub
parent 6de728361e
commit bbad7871d2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto_sign/dilithium2/avx2/sign.c
View File

@ -201,6 +201,7 @@ int PQCLEAN_DILITHIUM2_AVX2_crypto_sign_signature(
shake256_inc_absorb(&state, m, mlen); shake256_inc_absorb(&state, m, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
crh(rhoprime, key, SEEDBYTES + CRHBYTES); crh(rhoprime, key, SEEDBYTES + CRHBYTES);
@ -350,6 +351,7 @@ int PQCLEAN_DILITHIUM2_AVX2_crypto_sign_verify(
shake256_inc_absorb(&state, m, mlen); shake256_inc_absorb(&state, m, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
/* Matrix-vector multiplication; compute Az - c2^dt1 */ /* Matrix-vector multiplication; compute Az - c2^dt1 */
PQCLEAN_DILITHIUM2_AVX2_expand_mat(mat, rho); PQCLEAN_DILITHIUM2_AVX2_expand_mat(mat, rho);

2
crypto_sign/dilithium2/clean/sign.c
View File

@ -192,6 +192,7 @@ int PQCLEAN_DILITHIUM2_CLEAN_crypto_sign_signature(
shake256_inc_absorb(&state, msg, mlen); shake256_inc_absorb(&state, msg, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
crh(rhoprime, key, SEEDBYTES + CRHBYTES); crh(rhoprime, key, SEEDBYTES + CRHBYTES);
@ -341,6 +342,7 @@ int PQCLEAN_DILITHIUM2_CLEAN_crypto_sign_verify(
shake256_inc_absorb(&state, m, mlen); shake256_inc_absorb(&state, m, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
/* Matrix-vector multiplication; compute Az - c2^dt1 */ /* Matrix-vector multiplication; compute Az - c2^dt1 */
PQCLEAN_DILITHIUM2_CLEAN_expand_mat(mat, rho); PQCLEAN_DILITHIUM2_CLEAN_expand_mat(mat, rho);

2
crypto_sign/dilithium3/avx2/sign.c
View File

@ -214,6 +214,7 @@ int PQCLEAN_DILITHIUM3_AVX2_crypto_sign_signature(
shake256_inc_absorb(&state, m, mlen); shake256_inc_absorb(&state, m, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
crh(rhoprime, key, SEEDBYTES + CRHBYTES); crh(rhoprime, key, SEEDBYTES + CRHBYTES);
@ -363,6 +364,7 @@ int PQCLEAN_DILITHIUM3_AVX2_crypto_sign_verify(
shake256_inc_absorb(&state, m, mlen); shake256_inc_absorb(&state, m, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
/* Matrix-vector multiplication; compute Az - c2^dt1 */ /* Matrix-vector multiplication; compute Az - c2^dt1 */
PQCLEAN_DILITHIUM3_AVX2_expand_mat(mat, rho); PQCLEAN_DILITHIUM3_AVX2_expand_mat(mat, rho);

2
crypto_sign/dilithium3/clean/sign.c
View File

@ -192,6 +192,7 @@ int PQCLEAN_DILITHIUM3_CLEAN_crypto_sign_signature(
shake256_inc_absorb(&state, msg, mlen); shake256_inc_absorb(&state, msg, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
crh(rhoprime, key, SEEDBYTES + CRHBYTES); crh(rhoprime, key, SEEDBYTES + CRHBYTES);
@ -341,6 +342,7 @@ int PQCLEAN_DILITHIUM3_CLEAN_crypto_sign_verify(
shake256_inc_absorb(&state, m, mlen); shake256_inc_absorb(&state, m, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
/* Matrix-vector multiplication; compute Az - c2^dt1 */ /* Matrix-vector multiplication; compute Az - c2^dt1 */
PQCLEAN_DILITHIUM3_CLEAN_expand_mat(mat, rho); PQCLEAN_DILITHIUM3_CLEAN_expand_mat(mat, rho);

2
crypto_sign/dilithium4/avx2/sign.c
View File

@ -230,6 +230,7 @@ int PQCLEAN_DILITHIUM4_AVX2_crypto_sign_signature(
shake256_inc_absorb(&state, m, mlen); shake256_inc_absorb(&state, m, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
crh(rhoprime, key, SEEDBYTES + CRHBYTES); crh(rhoprime, key, SEEDBYTES + CRHBYTES);
@ -380,6 +381,7 @@ int PQCLEAN_DILITHIUM4_AVX2_crypto_sign_verify(
shake256_inc_absorb(&state, m, mlen); shake256_inc_absorb(&state, m, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
/* Matrix-vector multiplication; compute Az - c2^dt1 */ /* Matrix-vector multiplication; compute Az - c2^dt1 */
PQCLEAN_DILITHIUM4_AVX2_expand_mat(mat, rho); PQCLEAN_DILITHIUM4_AVX2_expand_mat(mat, rho);

2
crypto_sign/dilithium4/clean/sign.c
View File

@ -192,6 +192,7 @@ int PQCLEAN_DILITHIUM4_CLEAN_crypto_sign_signature(
shake256_inc_absorb(&state, msg, mlen); shake256_inc_absorb(&state, msg, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
crh(rhoprime, key, SEEDBYTES + CRHBYTES); crh(rhoprime, key, SEEDBYTES + CRHBYTES);
@ -341,6 +342,7 @@ int PQCLEAN_DILITHIUM4_CLEAN_crypto_sign_verify(
shake256_inc_absorb(&state, m, mlen); shake256_inc_absorb(&state, m, mlen);
shake256_inc_finalize(&state); shake256_inc_finalize(&state);
shake256_inc_squeeze(mu, CRHBYTES, &state); shake256_inc_squeeze(mu, CRHBYTES, &state);
shake256_inc_ctx_release(&state);
/* Matrix-vector multiplication; compute Az - c2^dt1 */ /* Matrix-vector multiplication; compute Az - c2^dt1 */
PQCLEAN_DILITHIUM4_CLEAN_expand_mat(mat, rho); PQCLEAN_DILITHIUM4_CLEAN_expand_mat(mat, rho);