diff --git a/crypto_kem/ledakemlt12/clean/H_Q_matrices_generation.c b/crypto_kem/ledakemlt12/clean/H_Q_matrices_generation.c index 9b603c5a..3bc2159f 100644 --- a/crypto_kem/ledakemlt12/clean/H_Q_matrices_generation.c +++ b/crypto_kem/ledakemlt12/clean/H_Q_matrices_generation.c @@ -15,11 +15,11 @@ void PQCLEAN_LEDAKEMLT12_CLEAN_generateHPosOnes_HtrPosOnes( /* Obtain directly the sparse representation of the block of H */ for (int k = 0; k < DV; k++) { HPosOnes[i][k] = (P - HtrPosOnes[i][k]) % P; /* transposes indexes */ - }// end for k + } } } -void PQCLEAN_LEDAKEMLT12_CLEAN_generateQsparse( +void PQCLEAN_LEDAKEMLT12_CLEAN_generateQsparse( POSITION_T pos_ones[N0][M], AES_XOF_struct *keys_expander) { for (int i = 0; i < N0; i++) { @@ -29,6 +29,6 @@ void PQCLEAN_LEDAKEMLT12_CLEAN_generateQsparse( qBlockWeights[i][j], keys_expander); placed_ones += qBlockWeights[i][j]; - } // end for j - } // end for i + } + } } diff --git a/crypto_kem/ledakemlt12/clean/LICENSE b/crypto_kem/ledakemlt12/clean/LICENSE index f6004c1a..c1761078 100644 --- a/crypto_kem/ledakemlt12/clean/LICENSE +++ b/crypto_kem/ledakemlt12/clean/LICENSE @@ -4,8 +4,7 @@ * * @version 2.0 (March 2019) * - * Reference ISO-C11 Implementation of the LEDAcrypt KEM-LT cipher using GCC built-ins. - * Also contains public domain implementations of AES and Keccak + * Adapted code from reference ISO-C11 Implementation of the LEDAcrypt KEM-LT cipher. * * In alphabetical order: * diff --git a/crypto_kem/ledakemlt12/clean/gf2x_arith_mod_xPplusOne.c b/crypto_kem/ledakemlt12/clean/gf2x_arith_mod_xPplusOne.c index 5ca7aa83..80c2f72f 100644 --- a/crypto_kem/ledakemlt12/clean/gf2x_arith_mod_xPplusOne.c +++ b/crypto_kem/ledakemlt12/clean/gf2x_arith_mod_xPplusOne.c @@ -13,15 +13,6 @@ static void gf2x_mod(DIGIT out[], const DIGIT in[]) { memcpy(aux, in, 2 * NUM_DIGITS_GF2X_ELEMENT * DIGIT_SIZE_B); memset(out, 0x00, NUM_DIGITS_GF2X_ELEMENT * DIGIT_SIZE_B); - /* not true for parameter set - if (2 * NUM_DIGITS_GF2X_ELEMENT < NUM_DIGITS_GF2X_MODULUS) { - for (i = 0; i < 2 * NUM_DIGITS_GF2X_ELEMENT; i++) { - out[NUM_DIGITS_GF2X_ELEMENT - 1 - i] = in[2 * NUM_DIGITS_GF2X_ELEMENT - 1 - i]; - } - return; - } - */ - for (i = 0; i < (2 * NUM_DIGITS_GF2X_ELEMENT) - NUM_DIGITS_GF2X_MODULUS; i += 1) { for (j = DIGIT_SIZE_b - 1; j >= 0; j--) { mask = ((DIGIT)0x1) << j; diff --git a/crypto_kem/ledakemlt12/clean/niederreiter.c b/crypto_kem/ledakemlt12/clean/niederreiter.c index 89005c5f..58c4542f 100644 --- a/crypto_kem/ledakemlt12/clean/niederreiter.c +++ b/crypto_kem/ledakemlt12/clean/niederreiter.c @@ -164,7 +164,7 @@ int PQCLEAN_LEDAKEMLT12_CLEAN_niederreiter_decrypt(DIGIT *err, const privateKeyN PQCLEAN_LEDAKEMLT12_CLEAN_gf2x_mod_add_sparse(DV * M, Ln0trSparse, DV * M, Ln0trSparse, DV * M, auxSparse); - } // end for i + } PQCLEAN_LEDAKEMLT12_CLEAN_gf2x_transpose_in_place_sparse(DV * M, Ln0trSparse); @@ -190,7 +190,7 @@ int PQCLEAN_LEDAKEMLT12_CLEAN_niederreiter_decrypt(DIGIT *err, const privateKeyN } decryptOk = decryptOk && (err_weight == NUM_ERRORS_T); - if (!decryptOk) { // TODO: not constant time + if (!decryptOk) { // TODO: not constant time, replace with cmov? memcpy(err, mockup_error_vector, N0 * NUM_DIGITS_GF2X_ELEMENT * DIGIT_SIZE_B); }