Преглед изворни кода

Merge pull request #279 from PQClean/ds-aes-keyexp

Split aes*_keyexp up into ecb and ctr variants
master
Thom Wiggers пре 4 година
committed by GitHub
родитељ
комит
db0d5800c5
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
70 измењених фајлова са 159 додато и 128 уклоњено
  1. +1
    -0
      .circleci/config.yml
  2. +1
    -1
      CONTRIBUTING.md
  3. +17
    -3
      common/aes.c
  4. +9
    -3
      common/aes.h
  5. +2
    -2
      crypto_kem/frodokem1344aes/clean/matrix_aes.c
  6. +2
    -2
      crypto_kem/frodokem1344aes/opt/matrix_aes.c
  7. +2
    -2
      crypto_kem/frodokem640aes/clean/matrix_aes.c
  8. +2
    -2
      crypto_kem/frodokem640aes/opt/matrix_aes.c
  9. +2
    -2
      crypto_kem/frodokem976aes/clean/matrix_aes.c
  10. +2
    -2
      crypto_kem/frodokem976aes/opt/matrix_aes.c
  11. +2
    -2
      crypto_kem/kyber1024-90s/clean/aes256ctr.c
  12. +2
    -2
      crypto_kem/kyber512-90s/clean/aes256ctr.c
  13. +2
    -2
      crypto_kem/kyber768-90s/clean/aes256ctr.c
  14. +1
    -1
      crypto_kem/ledakemlt12/leaktime/rng.c
  15. +1
    -1
      crypto_kem/ledakemlt32/leaktime/rng.c
  16. +1
    -1
      crypto_kem/ledakemlt52/leaktime/rng.c
  17. +1
    -1
      crypto_kem/mceliece348864/avx/aes256ctr.c
  18. +1
    -1
      crypto_kem/mceliece348864/clean/aes256ctr.c
  19. +1
    -1
      crypto_kem/mceliece348864/sse/aes256ctr.c
  20. +1
    -1
      crypto_kem/mceliece348864/vec/aes256ctr.c
  21. +1
    -1
      crypto_kem/mceliece348864f/avx/aes256ctr.c
  22. +1
    -1
      crypto_kem/mceliece348864f/clean/aes256ctr.c
  23. +1
    -1
      crypto_kem/mceliece348864f/sse/aes256ctr.c
  24. +1
    -1
      crypto_kem/mceliece348864f/vec/aes256ctr.c
  25. +1
    -1
      crypto_kem/mceliece460896/avx/aes256ctr.c
  26. +1
    -1
      crypto_kem/mceliece460896/clean/aes256ctr.c
  27. +1
    -1
      crypto_kem/mceliece460896/sse/aes256ctr.c
  28. +1
    -1
      crypto_kem/mceliece460896/vec/aes256ctr.c
  29. +1
    -1
      crypto_kem/mceliece460896f/avx/aes256ctr.c
  30. +1
    -1
      crypto_kem/mceliece460896f/clean/aes256ctr.c
  31. +1
    -1
      crypto_kem/mceliece460896f/sse/aes256ctr.c
  32. +1
    -1
      crypto_kem/mceliece460896f/vec/aes256ctr.c
  33. +1
    -1
      crypto_kem/mceliece6688128/avx/aes256ctr.c
  34. +1
    -1
      crypto_kem/mceliece6688128/clean/aes256ctr.c
  35. +1
    -1
      crypto_kem/mceliece6688128/sse/aes256ctr.c
  36. +1
    -1
      crypto_kem/mceliece6688128/vec/aes256ctr.c
  37. +1
    -1
      crypto_kem/mceliece6688128f/avx/aes256ctr.c
  38. +1
    -1
      crypto_kem/mceliece6688128f/clean/aes256ctr.c
  39. +1
    -1
      crypto_kem/mceliece6688128f/sse/aes256ctr.c
  40. +1
    -1
      crypto_kem/mceliece6688128f/vec/aes256ctr.c
  41. +1
    -1
      crypto_kem/mceliece6960119/avx/aes256ctr.c
  42. +1
    -1
      crypto_kem/mceliece6960119/clean/aes256ctr.c
  43. +1
    -1
      crypto_kem/mceliece6960119/sse/aes256ctr.c
  44. +1
    -1
      crypto_kem/mceliece6960119/vec/aes256ctr.c
  45. +1
    -1
      crypto_kem/mceliece6960119f/avx/aes256ctr.c
  46. +1
    -1
      crypto_kem/mceliece6960119f/clean/aes256ctr.c
  47. +1
    -1
      crypto_kem/mceliece6960119f/sse/aes256ctr.c
  48. +1
    -1
      crypto_kem/mceliece6960119f/vec/aes256ctr.c
  49. +1
    -1
      crypto_kem/mceliece8192128/avx/aes256ctr.c
  50. +1
    -1
      crypto_kem/mceliece8192128/clean/aes256ctr.c
  51. +1
    -1
      crypto_kem/mceliece8192128/sse/aes256ctr.c
  52. +1
    -1
      crypto_kem/mceliece8192128/vec/aes256ctr.c
  53. +1
    -1
      crypto_kem/mceliece8192128f/avx/aes256ctr.c
  54. +1
    -1
      crypto_kem/mceliece8192128f/clean/aes256ctr.c
  55. +1
    -1
      crypto_kem/mceliece8192128f/sse/aes256ctr.c
  56. +1
    -1
      crypto_kem/mceliece8192128f/vec/aes256ctr.c
  57. +2
    -2
      crypto_sign/rainbowIIIc-classic/clean/utils_prng.c
  58. +2
    -2
      crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.c
  59. +2
    -2
      crypto_sign/rainbowIIIc-cyclic/clean/utils_prng.c
  60. +2
    -2
      crypto_sign/rainbowIa-classic/clean/utils_prng.c
  61. +2
    -2
      crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.c
  62. +2
    -2
      crypto_sign/rainbowIa-cyclic/clean/utils_prng.c
  63. +2
    -2
      crypto_sign/rainbowVc-classic/clean/utils_prng.c
  64. +2
    -2
      crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.c
  65. +2
    -2
      crypto_sign/rainbowVc-cyclic/clean/utils_prng.c
  66. +1
    -1
      test/common/nistkatrng.c
  67. +1
    -1
      test/test_char.py
  68. +23
    -17
      test/test_common/aes.c
  69. +27
    -21
      test/test_duplicate_consistency.py
  70. +0
    -2
      test/test_linter.py

+ 1
- 0
.circleci/config.yml Прегледај датотеку

@@ -22,6 +22,7 @@ version: 2.1
command: |
docker run -e CI=true -e PQCLEAN_ONLY_TYPES -e PQCLEAN_ONLY_DIFF=1 -e PQCLEAN_SKIP_SCHEMES=sphincs-haraka-128f-robust,sphincs-haraka-192s-robust,sphincs-sha256-128f-robust,sphincs-sha256-192s-robust,sphincs-shake256-128f-robust,sphincs-shake256-192s-robust,sphincs-haraka-128f-simple,sphincs-haraka-192s-simple,sphincs-sha256-128f-simple,sphincs-sha256-192s-simple,sphincs-shake256-128f-simple,sphincs-shake256-192s-simple,sphincs-haraka-128s-robust,sphincs-haraka-256f-robust,sphincs-sha256-128s-robust,sphincs-sha256-256f-robust,sphincs-shake256-128s-robust,sphincs-shake256-256f-robust,sphincs-haraka-128s-simple,sphincs-haraka-256f-simple,sphincs-sha256-128s-simple,sphincs-sha256-256f-simple,sphincs-shake256-128s-simple,sphincs-shake256-256f-simple,sphincs-haraka-192f-robust,sphincs-haraka-256s-robust,sphincs-sha256-192f-robust,sphincs-sha256-256s-robust,sphincs-shake256-192f-robust,sphincs-shake256-256s-robust,sphincs-haraka-192f-simple,sphincs-haraka-256s-simple,sphincs-sha256-192f-simple,sphincs-sha256-256s-simple,sphincs-shake256-192f-simple,sphincs-shake256-256s-simple --rm -v `pwd`:`pwd` -w `pwd` -v ~/ccache:/ccache "pqclean/ci-container:$ARCH" /bin/bash -c "
uname -a &&
PQCLEAN_SKIP_TESTS=api_h,char,duplicate_consistency,metadata,preprocessor,no_symlinks,microsoft_nmakefile_present,makefile_present,format,license,clang_tidy
export CCACHE_NOSTATS=1 &&
export CCACHE_DIR=/ccache &&
export CCACHE_SLOPPINESS=include_file_mtime &&


+ 1
- 1
CONTRIBUTING.md Прегледај датотеку

@@ -58,7 +58,7 @@ See the section [API](#API) below.
```
4. You may run the tests in the `tests/` folder. See the `README` for how to run the test suite.
5. Migrate your use of AES, SHA-2, and SHA-3 to the API in the `common` directory.
Note that if you use the AES API, you must use the `aes128_keyexp` routine (or 192 or 256) to expand the key into a key schedule object,
Note that if you use the AES API, you must use the `aes128_ecb_keyexp` or aes128_ctr_keyexp` routines (or 192 or 256) to expand the key into a key schedule object,
then use `aes128_ctx_release` to release the key schedule object once you're finished with it.
For the SHAKE API, use the appropriate `_ctx_release` functions.
For fixed-output functions SHA-2 and SHA-3, the `_finalize` function will free the state.


+ 17
- 3
common/aes.c Прегледај датотеку

@@ -574,7 +574,7 @@ static void aes_ctr(unsigned char *out, size_t outlen, const unsigned char *iv,



void aes128_keyexp(aes128ctx *r, const unsigned char *key) {
void aes128_ecb_keyexp(aes128ctx *r, const unsigned char *key) {
uint64_t skey[22];

r->sk_exp = malloc(sizeof(uint64_t) * PQC_AES128_STATESIZE);
@@ -586,8 +586,12 @@ void aes128_keyexp(aes128ctx *r, const unsigned char *key) {
br_aes_ct64_skey_expand(r->sk_exp, skey, 10);
}

void aes128_ctr_keyexp(aes128ctx *r, const unsigned char *key) {
aes128_ecb_keyexp(r, key);
}


void aes192_keyexp(aes192ctx *r, const unsigned char *key) {
void aes192_ecb_keyexp(aes192ctx *r, const unsigned char *key) {
uint64_t skey[26];
r->sk_exp = malloc(sizeof(uint64_t) * PQC_AES192_STATESIZE);
if (r->sk_exp == NULL) {
@@ -599,7 +603,12 @@ void aes192_keyexp(aes192ctx *r, const unsigned char *key) {
}


void aes256_keyexp(aes256ctx *r, const unsigned char *key) {
void aes192_ctr_keyexp(aes192ctx *r, const unsigned char *key) {
aes192_ecb_keyexp(r, key);
}


void aes256_ecb_keyexp(aes256ctx *r, const unsigned char *key) {
uint64_t skey[30];
r->sk_exp = malloc(sizeof(uint64_t) * PQC_AES256_STATESIZE);
if (r->sk_exp == NULL) {
@@ -611,6 +620,11 @@ void aes256_keyexp(aes256ctx *r, const unsigned char *key) {
}


void aes256_ctr_keyexp(aes256ctx *r, const unsigned char *key) {
aes256_ecb_keyexp(r, key);
}


void aes128_ecb(unsigned char *out, const unsigned char *in, size_t nblocks, const aes128ctx *ctx) {
aes_ecb(out, in, nblocks, ctx->sk_exp, 10);
}


+ 9
- 3
common/aes.h Прегледај датотеку

@@ -29,7 +29,9 @@ typedef struct {


/** Initializes the context **/
void aes128_keyexp(aes128ctx *r, const unsigned char *key);
void aes128_ecb_keyexp(aes128ctx *r, const unsigned char *key);

void aes128_ctr_keyexp(aes128ctx *r, const unsigned char *key);

void aes128_ecb(unsigned char *out, const unsigned char *in, size_t nblocks, const aes128ctx *ctx);

@@ -40,7 +42,9 @@ void aes128_ctx_release(aes128ctx *r);


/** Initializes the context **/
void aes192_keyexp(aes192ctx *r, const unsigned char *key);
void aes192_ecb_keyexp(aes192ctx *r, const unsigned char *key);

void aes192_ctr_keyexp(aes192ctx *r, const unsigned char *key);

void aes192_ecb(unsigned char *out, const unsigned char *in, size_t nblocks, const aes192ctx *ctx);

@@ -50,7 +54,9 @@ void aes192_ctx_release(aes192ctx *r);


/** Initializes the context **/
void aes256_keyexp(aes256ctx *r, const unsigned char *key);
void aes256_ecb_keyexp(aes256ctx *r, const unsigned char *key);

void aes256_ctr_keyexp(aes256ctx *r, const unsigned char *key);

void aes256_ecb(unsigned char *out, const unsigned char *in, size_t nblocks, const aes256ctx *ctx);



+ 2
- 2
crypto_kem/frodokem1344aes/clean/matrix_aes.c Прегледај датотеку

@@ -21,7 +21,7 @@ int PQCLEAN_FRODOKEM1344AES_CLEAN_mul_add_as_plus_e(uint16_t *out, const uint16_
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order
@@ -62,7 +62,7 @@ int PQCLEAN_FRODOKEM1344AES_CLEAN_mul_add_sa_plus_e(uint16_t *out, const uint16_
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order


+ 2
- 2
crypto_kem/frodokem1344aes/opt/matrix_aes.c Прегледај датотеку

@@ -28,7 +28,7 @@ int PQCLEAN_FRODOKEM1344AES_OPT_mul_add_as_plus_e(uint16_t *out, const uint16_t
int16_t a_row_temp[4 * PARAMS_N] = {0}; // Take four lines of A at once
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);

for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
a_row_temp[j + 1 + 0 * PARAMS_N] = PQCLEAN_FRODOKEM1344AES_OPT_UINT16_TO_LE(j); // Loading values in the little-endian order
@@ -86,7 +86,7 @@ int PQCLEAN_FRODOKEM1344AES_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_t
uint16_t a_cols_temp[PARAMS_N * PARAMS_STRIPE_STEP] = {0};
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);

for (i = 0, j = 0; i < PARAMS_N; i++, j += PARAMS_STRIPE_STEP) {
a_cols_temp[j] = PQCLEAN_FRODOKEM1344AES_OPT_UINT16_TO_LE(i); // Loading values in the little-endian order


+ 2
- 2
crypto_kem/frodokem640aes/clean/matrix_aes.c Прегледај датотеку

@@ -21,7 +21,7 @@ int PQCLEAN_FRODOKEM640AES_CLEAN_mul_add_as_plus_e(uint16_t *out, const uint16_t
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order
@@ -62,7 +62,7 @@ int PQCLEAN_FRODOKEM640AES_CLEAN_mul_add_sa_plus_e(uint16_t *out, const uint16_t
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order


+ 2
- 2
crypto_kem/frodokem640aes/opt/matrix_aes.c Прегледај датотеку

@@ -28,7 +28,7 @@ int PQCLEAN_FRODOKEM640AES_OPT_mul_add_as_plus_e(uint16_t *out, const uint16_t *
int16_t a_row_temp[4 * PARAMS_N] = {0}; // Take four lines of A at once
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);

for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
a_row_temp[j + 1 + 0 * PARAMS_N] = PQCLEAN_FRODOKEM640AES_OPT_UINT16_TO_LE(j); // Loading values in the little-endian order
@@ -86,7 +86,7 @@ int PQCLEAN_FRODOKEM640AES_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_t *
uint16_t a_cols_temp[PARAMS_N * PARAMS_STRIPE_STEP] = {0};
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);

for (i = 0, j = 0; i < PARAMS_N; i++, j += PARAMS_STRIPE_STEP) {
a_cols_temp[j] = PQCLEAN_FRODOKEM640AES_OPT_UINT16_TO_LE(i); // Loading values in the little-endian order


+ 2
- 2
crypto_kem/frodokem976aes/clean/matrix_aes.c Прегледај датотеку

@@ -21,7 +21,7 @@ int PQCLEAN_FRODOKEM976AES_CLEAN_mul_add_as_plus_e(uint16_t *out, const uint16_t
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order
@@ -62,7 +62,7 @@ int PQCLEAN_FRODOKEM976AES_CLEAN_mul_add_sa_plus_e(uint16_t *out, const uint16_t
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order


+ 2
- 2
crypto_kem/frodokem976aes/opt/matrix_aes.c Прегледај датотеку

@@ -28,7 +28,7 @@ int PQCLEAN_FRODOKEM976AES_OPT_mul_add_as_plus_e(uint16_t *out, const uint16_t *
int16_t a_row_temp[4 * PARAMS_N] = {0}; // Take four lines of A at once
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);

for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
a_row_temp[j + 1 + 0 * PARAMS_N] = PQCLEAN_FRODOKEM976AES_OPT_UINT16_TO_LE(j); // Loading values in the little-endian order
@@ -86,7 +86,7 @@ int PQCLEAN_FRODOKEM976AES_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_t *
uint16_t a_cols_temp[PARAMS_N * PARAMS_STRIPE_STEP] = {0};
aes128ctx ctx128;

aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);

for (i = 0, j = 0; i < PARAMS_N; i++, j += PARAMS_STRIPE_STEP) {
a_cols_temp[j] = PQCLEAN_FRODOKEM976AES_OPT_UINT16_TO_LE(i); // Loading values in the little-endian order


+ 2
- 2
crypto_kem/kyber1024-90s/clean/aes256ctr.c Прегледај датотеку

@@ -52,7 +52,7 @@ void PQCLEAN_KYBER102490S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
iv[0] = nonce;

aes256ctx ctx;
aes256_keyexp(&ctx, key);
aes256_ctr_keyexp(&ctx, key);
aes256_ctr(output, outlen, iv, &ctx);
aes256_ctx_release(&ctx);
}
@@ -70,7 +70,7 @@ void PQCLEAN_KYBER102490S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
* - uint8_t y: second additional byte to "absorb"
**************************************************/
void PQCLEAN_KYBER102490S_CLEAN_aes256xof_absorb(aes256xof_ctx *s, const uint8_t *key, uint8_t x, uint8_t y) {
aes256_keyexp(&s->sk_exp, key);
aes256_ecb_keyexp(&s->sk_exp, key);
for (int i = 2; i < 12; i++) {
s->iv[i] = 0;
}


+ 2
- 2
crypto_kem/kyber512-90s/clean/aes256ctr.c Прегледај датотеку

@@ -52,7 +52,7 @@ void PQCLEAN_KYBER51290S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
iv[0] = nonce;

aes256ctx ctx;
aes256_keyexp(&ctx, key);
aes256_ctr_keyexp(&ctx, key);
aes256_ctr(output, outlen, iv, &ctx);
aes256_ctx_release(&ctx);
}
@@ -70,7 +70,7 @@ void PQCLEAN_KYBER51290S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
* - uint8_t y: second additional byte to "absorb"
**************************************************/
void PQCLEAN_KYBER51290S_CLEAN_aes256xof_absorb(aes256xof_ctx *s, const uint8_t *key, uint8_t x, uint8_t y) {
aes256_keyexp(&s->sk_exp, key);
aes256_ecb_keyexp(&s->sk_exp, key);
for (int i = 2; i < 12; i++) {
s->iv[i] = 0;
}


+ 2
- 2
crypto_kem/kyber768-90s/clean/aes256ctr.c Прегледај датотеку

@@ -52,7 +52,7 @@ void PQCLEAN_KYBER76890S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
iv[0] = nonce;

aes256ctx ctx;
aes256_keyexp(&ctx, key);
aes256_ctr_keyexp(&ctx, key);
aes256_ctr(output, outlen, iv, &ctx);
aes256_ctx_release(&ctx);
}
@@ -70,7 +70,7 @@ void PQCLEAN_KYBER76890S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
* - uint8_t y: second additional byte to "absorb"
**************************************************/
void PQCLEAN_KYBER76890S_CLEAN_aes256xof_absorb(aes256xof_ctx *s, const uint8_t *key, uint8_t x, uint8_t y) {
aes256_keyexp(&s->sk_exp, key);
aes256_ecb_keyexp(&s->sk_exp, key);
for (int i = 2; i < 12; i++) {
s->iv[i] = 0;
}


+ 1
- 1
crypto_kem/ledakemlt12/leaktime/rng.c Прегледај датотеку

@@ -72,7 +72,7 @@ int PQCLEAN_LEDAKEMLT12_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s
return RNG_BAD_REQ_LEN;
}

aes256_keyexp(&ctx256, ctx->key);
aes256_ecb_keyexp(&ctx256, ctx->key);
ctx->length_remaining -= xlen;

offset = 0;


+ 1
- 1
crypto_kem/ledakemlt32/leaktime/rng.c Прегледај датотеку

@@ -72,7 +72,7 @@ int PQCLEAN_LEDAKEMLT32_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s
return RNG_BAD_REQ_LEN;
}

aes256_keyexp(&ctx256, ctx->key);
aes256_ecb_keyexp(&ctx256, ctx->key);
ctx->length_remaining -= xlen;

offset = 0;


+ 1
- 1
crypto_kem/ledakemlt52/leaktime/rng.c Прегледај датотеку

@@ -72,7 +72,7 @@ int PQCLEAN_LEDAKEMLT52_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s
return RNG_BAD_REQ_LEN;
}

aes256_keyexp(&ctx256, ctx->key);
aes256_ecb_keyexp(&ctx256, ctx->key);
ctx->length_remaining -= xlen;

offset = 0;


+ 1
- 1
crypto_kem/mceliece348864/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece348864/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece348864/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece348864/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece348864f/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece348864f/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece348864f/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece348864f/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece460896/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece460896/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece460896/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece460896/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece460896f/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece460896f/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece460896f/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece460896f/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6688128/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6688128/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6688128/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6688128/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6688128f/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6688128f/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6688128f/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6688128f/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6960119/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6960119/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6960119/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6960119/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6960119f/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6960119f/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6960119f/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece6960119f/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece8192128/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece8192128/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece8192128/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece8192128/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece8192128f/avx/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece8192128f/clean/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece8192128f/sse/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 1
- 1
crypto_kem/mceliece8192128f/vec/aes256ctr.c Прегледај датотеку

@@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {

aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

+ 2
- 2
crypto_sign/rainbowIIIc-classic/clean/utils_prng.c Прегледај датотеку

@@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;

aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V


+ 2
- 2
crypto_sign/rainbowIIIc-cyclic-compressed/clean/utils_prng.c Прегледај датотеку

@@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;

aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V


+ 2
- 2
crypto_sign/rainbowIIIc-cyclic/clean/utils_prng.c Прегледај датотеку

@@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;

aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V


+ 2
- 2
crypto_sign/rainbowIa-classic/clean/utils_prng.c Прегледај датотеку

@@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;

aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V


+ 2
- 2
crypto_sign/rainbowIa-cyclic-compressed/clean/utils_prng.c Прегледај датотеку

@@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;

aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V


+ 2
- 2
crypto_sign/rainbowIa-cyclic/clean/utils_prng.c Прегледај датотеку

@@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;

aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V


+ 2
- 2
crypto_sign/rainbowVc-classic/clean/utils_prng.c Прегледај датотеку

@@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;

aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V


+ 2
- 2
crypto_sign/rainbowVc-cyclic-compressed/clean/utils_prng.c Прегледај датотеку

@@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;

aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V


+ 2
- 2
crypto_sign/rainbowVc-cyclic/clean/utils_prng.c Прегледај датотеку

@@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;

aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V


+ 1
- 1
test/common/nistkatrng.c Прегледај датотеку

@@ -27,7 +27,7 @@ static void AES256_CTR_DRBG_Update(const uint8_t *provided_data, uint8_t *Key, u
// buffer - a 128-bit ciphertext value
static void AES256_ECB(uint8_t *key, uint8_t *ctr, uint8_t *buffer) {
aes256ctx ctx;
aes256_keyexp(&ctx, key);
aes256_ecb_keyexp(&ctx, key);
aes256_ecb(buffer, ctr, 1, &ctx);
aes256_ctx_release(&ctx);
}


+ 1
- 1
test/test_char.py Прегледај датотеку

@@ -39,8 +39,8 @@ def walk_tree(ast, parent=[]):
pqclean.Scheme.all_implementations(),
ids=str,
)
@helpers.filtered_test
@helpers.skip_windows()
@helpers.filtered_test
def test_char(implementation):
errors = []
for fname in os.listdir(implementation.path()):


+ 23
- 17
test/test_common/aes.c Прегледај датотеку

@@ -51,54 +51,60 @@ int main(void)
{
unsigned char ct[67];
int r = 0;
aes128ctx ctx128;
aes192ctx ctx192;
aes256ctx ctx256;

aes128_keyexp(&ctx128, key);
aes192_keyexp(&ctx192, key);
aes256_keyexp(&ctx256, key);

aes128_ctr(ct, 67, nonce, &ctx128);
aes128ctx ctx128_ecb, ctx128_ctr;
aes192ctx ctx192_ecb, ctx192_ctr;
aes256ctx ctx256_ecb, ctx256_ctr;

aes128_ecb_keyexp(&ctx128_ecb, key);
aes192_ecb_keyexp(&ctx192_ecb, key);
aes256_ecb_keyexp(&ctx256_ecb, key);
aes128_ctr_keyexp(&ctx128_ctr, key);
aes192_ctr_keyexp(&ctx192_ctr, key);
aes256_ctr_keyexp(&ctx256_ctr, key);

aes128_ctr(ct, 67, nonce, &ctx128_ctr);
if(memcmp(ct, stream128, 67)) {
printf("ERROR AES128CTR output does not match test vector.\n");
r = 1;
}

aes192_ctr(ct, 67, nonce, &ctx192);
aes192_ctr(ct, 67, nonce, &ctx192_ctr);
if(memcmp(ct, stream192, 67)) {
printf("ERROR AES192CTR output does not match test vector.\n");
r = 1;
}

aes256_ctr(ct, 67, nonce, &ctx256);
aes256_ctr(ct, 67, nonce, &ctx256_ctr);
if(memcmp(ct, stream256, 67)) {
printf("ERROR AES256CTR output does not match test vector.\n");
r = 1;
}


aes128_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx128);
aes128_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx128_ecb);
if(memcmp(ct, ct128, 48)) {
printf("ERROR AES128ECB output does not match test vector.\n");
r = 1;
}

aes192_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx192);
aes192_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx192_ecb);
if(memcmp(ct, ct192, 48)) {
printf("ERROR AES192ECB output does not match test vector.\n");
r = 1;
}

aes256_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx256);
aes256_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx256_ecb);
if(memcmp(ct, ct256, 48)) {
printf("ERROR AES256ECB output does not match test vector.\n");
r = 1;
}

aes128_ctx_release(&ctx128);
aes192_ctx_release(&ctx192);
aes256_ctx_release(&ctx256);
aes128_ctx_release(&ctx128_ecb);
aes192_ctx_release(&ctx192_ecb);
aes256_ctx_release(&ctx256_ecb);
aes128_ctx_release(&ctx128_ctr);
aes192_ctx_release(&ctx192_ctr);
aes256_ctx_release(&ctx256_ctr);

return r;
}

+ 27
- 21
test/test_duplicate_consistency.py Прегледај датотеку

@@ -17,28 +17,34 @@ sys.tracebacklimit = 0
def pytest_generate_tests(metafunc):
ids = []
argvalues = []
for scheme in pqclean.Scheme.all_schemes():
for implementation in scheme.implementations:
if os.path.isfile(
os.path.join(
if 'duplicate_consistency' not in os.environ.get('PQCLEAN_SKIP_TESTS', '').split(','):
for scheme in pqclean.Scheme.all_schemes():
for implementation in scheme.implementations:
if os.path.isfile(
os.path.join(
'duplicate_consistency',
'{}_{}.yml'.format(scheme.name, implementation.name))):
metafile = os.path.join(
'duplicate_consistency',
'{}_{}.yml'.format(scheme.name, implementation.name))):
metafile = os.path.join(
'duplicate_consistency',
'{}_{}.yml'.format(scheme.name, implementation.name))
with open(metafile, encoding='utf-8') as f:
metadata = yaml.safe_load(f.read())
for group in metadata['consistency_checks']:
source = pqclean.Implementation.by_name(
group['source']['scheme'],
group['source']['implementation'])
argvalues.append(
(implementation, source, group['files']))
ids.append(
"{metafile}: {scheme.name} {implementation.name}"
.format(scheme=scheme,
implementation=implementation,
metafile=metafile))
'{}_{}.yml'.format(scheme.name, implementation.name))
with open(metafile, encoding='utf-8') as f:
metadata = yaml.safe_load(f.read())
for group in metadata['consistency_checks']:
source = pqclean.Implementation.by_name(
group['source']['scheme'],
group['source']['implementation'])
argvalues.append(
(implementation, source, group['files']))
ids.append(
"{metafile}: {scheme.name} {implementation.name}"
.format(scheme=scheme,
implementation=implementation,
metafile=metafile))
else:
# Placeholders so we don't crash
ids = ['dummy']
argvalues = [('dummy', 'dummy', 'dummy')]

metafunc.parametrize(('implementation', 'source', 'files'),
argvalues,
ids=ids)


+ 0
- 2
test/test_linter.py Прегледај датотеку

@@ -19,8 +19,6 @@ additional_flags = [] #['-fix-errors']
@helpers.skip_windows()
@helpers.filtered_test
def test_clang_tidy(implementation: pqclean.Implementation):
if platform.machine() in ['i386']:
raise unittest.SkipTest("Clang-tidy has false-positives on i386")
helpers.ensure_available('clang-tidy')
cfiles = implementation.cfiles()
common_files = glob(os.path.join('..', 'common', '*.c'))


Loading…
Откажи
Сачувај