Merge pull request #279 from PQClean/ds-aes-keyexp

Split aes*_keyexp up into ecb and ctr variants
这个提交包含在:
Thom Wiggers 2020-04-03 10:00:50 +02:00 提交者 GitHub
当前提交 db0d5800c5
找不到此签名对应的密钥
GPG 密钥 ID: 4AEE18F83AFDEB23
共有 70 个文件被更改,包括 157 次插入126 次删除

查看文件

@ -22,6 +22,7 @@ version: 2.1
command: |
docker run -e CI=true -e PQCLEAN_ONLY_TYPES -e PQCLEAN_ONLY_DIFF=1 -e PQCLEAN_SKIP_SCHEMES=sphincs-haraka-128f-robust,sphincs-haraka-192s-robust,sphincs-sha256-128f-robust,sphincs-sha256-192s-robust,sphincs-shake256-128f-robust,sphincs-shake256-192s-robust,sphincs-haraka-128f-simple,sphincs-haraka-192s-simple,sphincs-sha256-128f-simple,sphincs-sha256-192s-simple,sphincs-shake256-128f-simple,sphincs-shake256-192s-simple,sphincs-haraka-128s-robust,sphincs-haraka-256f-robust,sphincs-sha256-128s-robust,sphincs-sha256-256f-robust,sphincs-shake256-128s-robust,sphincs-shake256-256f-robust,sphincs-haraka-128s-simple,sphincs-haraka-256f-simple,sphincs-sha256-128s-simple,sphincs-sha256-256f-simple,sphincs-shake256-128s-simple,sphincs-shake256-256f-simple,sphincs-haraka-192f-robust,sphincs-haraka-256s-robust,sphincs-sha256-192f-robust,sphincs-sha256-256s-robust,sphincs-shake256-192f-robust,sphincs-shake256-256s-robust,sphincs-haraka-192f-simple,sphincs-haraka-256s-simple,sphincs-sha256-192f-simple,sphincs-sha256-256s-simple,sphincs-shake256-192f-simple,sphincs-shake256-256s-simple --rm -v `pwd`:`pwd` -w `pwd` -v ~/ccache:/ccache "pqclean/ci-container:$ARCH" /bin/bash -c "
uname -a &&
PQCLEAN_SKIP_TESTS=api_h,char,duplicate_consistency,metadata,preprocessor,no_symlinks,microsoft_nmakefile_present,makefile_present,format,license,clang_tidy
export CCACHE_NOSTATS=1 &&
export CCACHE_DIR=/ccache &&
export CCACHE_SLOPPINESS=include_file_mtime &&

查看文件

@ -58,7 +58,7 @@ See the section [API](#API) below.
```
4. You may run the tests in the `tests/` folder. See the `README` for how to run the test suite.
5. Migrate your use of AES, SHA-2, and SHA-3 to the API in the `common` directory.
Note that if you use the AES API, you must use the `aes128_keyexp` routine (or 192 or 256) to expand the key into a key schedule object,
Note that if you use the AES API, you must use the `aes128_ecb_keyexp` or aes128_ctr_keyexp` routines (or 192 or 256) to expand the key into a key schedule object,
then use `aes128_ctx_release` to release the key schedule object once you're finished with it.
For the SHAKE API, use the appropriate `_ctx_release` functions.
For fixed-output functions SHA-2 and SHA-3, the `_finalize` function will free the state.

查看文件

@ -574,7 +574,7 @@ static void aes_ctr(unsigned char *out, size_t outlen, const unsigned char *iv,
void aes128_keyexp(aes128ctx *r, const unsigned char *key) {
void aes128_ecb_keyexp(aes128ctx *r, const unsigned char *key) {
uint64_t skey[22];
r->sk_exp = malloc(sizeof(uint64_t) * PQC_AES128_STATESIZE);
@ -586,8 +586,12 @@ void aes128_keyexp(aes128ctx *r, const unsigned char *key) {
br_aes_ct64_skey_expand(r->sk_exp, skey, 10);
}
void aes128_ctr_keyexp(aes128ctx *r, const unsigned char *key) {
aes128_ecb_keyexp(r, key);
}
void aes192_keyexp(aes192ctx *r, const unsigned char *key) {
void aes192_ecb_keyexp(aes192ctx *r, const unsigned char *key) {
uint64_t skey[26];
r->sk_exp = malloc(sizeof(uint64_t) * PQC_AES192_STATESIZE);
if (r->sk_exp == NULL) {
@ -599,7 +603,12 @@ void aes192_keyexp(aes192ctx *r, const unsigned char *key) {
}
void aes256_keyexp(aes256ctx *r, const unsigned char *key) {
void aes192_ctr_keyexp(aes192ctx *r, const unsigned char *key) {
aes192_ecb_keyexp(r, key);
}
void aes256_ecb_keyexp(aes256ctx *r, const unsigned char *key) {
uint64_t skey[30];
r->sk_exp = malloc(sizeof(uint64_t) * PQC_AES256_STATESIZE);
if (r->sk_exp == NULL) {
@ -611,6 +620,11 @@ void aes256_keyexp(aes256ctx *r, const unsigned char *key) {
}
void aes256_ctr_keyexp(aes256ctx *r, const unsigned char *key) {
aes256_ecb_keyexp(r, key);
}
void aes128_ecb(unsigned char *out, const unsigned char *in, size_t nblocks, const aes128ctx *ctx) {
aes_ecb(out, in, nblocks, ctx->sk_exp, 10);
}

查看文件

@ -29,7 +29,9 @@ typedef struct {
/** Initializes the context **/
void aes128_keyexp(aes128ctx *r, const unsigned char *key);
void aes128_ecb_keyexp(aes128ctx *r, const unsigned char *key);
void aes128_ctr_keyexp(aes128ctx *r, const unsigned char *key);
void aes128_ecb(unsigned char *out, const unsigned char *in, size_t nblocks, const aes128ctx *ctx);
@ -40,7 +42,9 @@ void aes128_ctx_release(aes128ctx *r);
/** Initializes the context **/
void aes192_keyexp(aes192ctx *r, const unsigned char *key);
void aes192_ecb_keyexp(aes192ctx *r, const unsigned char *key);
void aes192_ctr_keyexp(aes192ctx *r, const unsigned char *key);
void aes192_ecb(unsigned char *out, const unsigned char *in, size_t nblocks, const aes192ctx *ctx);
@ -50,7 +54,9 @@ void aes192_ctx_release(aes192ctx *r);
/** Initializes the context **/
void aes256_keyexp(aes256ctx *r, const unsigned char *key);
void aes256_ecb_keyexp(aes256ctx *r, const unsigned char *key);
void aes256_ctr_keyexp(aes256ctx *r, const unsigned char *key);
void aes256_ecb(unsigned char *out, const unsigned char *in, size_t nblocks, const aes256ctx *ctx);

查看文件

@ -21,7 +21,7 @@ int PQCLEAN_FRODOKEM1344AES_CLEAN_mul_add_as_plus_e(uint16_t *out, const uint16_
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order
@ -62,7 +62,7 @@ int PQCLEAN_FRODOKEM1344AES_CLEAN_mul_add_sa_plus_e(uint16_t *out, const uint16_
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order

查看文件

@ -28,7 +28,7 @@ int PQCLEAN_FRODOKEM1344AES_OPT_mul_add_as_plus_e(uint16_t *out, const uint16_t
int16_t a_row_temp[4 * PARAMS_N] = {0}; // Take four lines of A at once
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
a_row_temp[j + 1 + 0 * PARAMS_N] = PQCLEAN_FRODOKEM1344AES_OPT_UINT16_TO_LE(j); // Loading values in the little-endian order
@ -86,7 +86,7 @@ int PQCLEAN_FRODOKEM1344AES_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_t
uint16_t a_cols_temp[PARAMS_N * PARAMS_STRIPE_STEP] = {0};
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0, j = 0; i < PARAMS_N; i++, j += PARAMS_STRIPE_STEP) {
a_cols_temp[j] = PQCLEAN_FRODOKEM1344AES_OPT_UINT16_TO_LE(i); // Loading values in the little-endian order

查看文件

@ -21,7 +21,7 @@ int PQCLEAN_FRODOKEM640AES_CLEAN_mul_add_as_plus_e(uint16_t *out, const uint16_t
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order
@ -62,7 +62,7 @@ int PQCLEAN_FRODOKEM640AES_CLEAN_mul_add_sa_plus_e(uint16_t *out, const uint16_t
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order

查看文件

@ -28,7 +28,7 @@ int PQCLEAN_FRODOKEM640AES_OPT_mul_add_as_plus_e(uint16_t *out, const uint16_t *
int16_t a_row_temp[4 * PARAMS_N] = {0}; // Take four lines of A at once
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
a_row_temp[j + 1 + 0 * PARAMS_N] = PQCLEAN_FRODOKEM640AES_OPT_UINT16_TO_LE(j); // Loading values in the little-endian order
@ -86,7 +86,7 @@ int PQCLEAN_FRODOKEM640AES_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_t *
uint16_t a_cols_temp[PARAMS_N * PARAMS_STRIPE_STEP] = {0};
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0, j = 0; i < PARAMS_N; i++, j += PARAMS_STRIPE_STEP) {
a_cols_temp[j] = PQCLEAN_FRODOKEM640AES_OPT_UINT16_TO_LE(i); // Loading values in the little-endian order

查看文件

@ -21,7 +21,7 @@ int PQCLEAN_FRODOKEM976AES_CLEAN_mul_add_as_plus_e(uint16_t *out, const uint16_t
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order
@ -62,7 +62,7 @@ int PQCLEAN_FRODOKEM976AES_CLEAN_mul_add_sa_plus_e(uint16_t *out, const uint16_t
int16_t A[PARAMS_N * PARAMS_N] = {0};
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0; i < PARAMS_N; i++) {
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
A[i * PARAMS_N + j] = (int16_t) i; // Loading values in the little-endian order

查看文件

@ -28,7 +28,7 @@ int PQCLEAN_FRODOKEM976AES_OPT_mul_add_as_plus_e(uint16_t *out, const uint16_t *
int16_t a_row_temp[4 * PARAMS_N] = {0}; // Take four lines of A at once
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (j = 0; j < PARAMS_N; j += PARAMS_STRIPE_STEP) {
a_row_temp[j + 1 + 0 * PARAMS_N] = PQCLEAN_FRODOKEM976AES_OPT_UINT16_TO_LE(j); // Loading values in the little-endian order
@ -86,7 +86,7 @@ int PQCLEAN_FRODOKEM976AES_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_t *
uint16_t a_cols_temp[PARAMS_N * PARAMS_STRIPE_STEP] = {0};
aes128ctx ctx128;
aes128_keyexp(&ctx128, seed_A);
aes128_ecb_keyexp(&ctx128, seed_A);
for (i = 0, j = 0; i < PARAMS_N; i++, j += PARAMS_STRIPE_STEP) {
a_cols_temp[j] = PQCLEAN_FRODOKEM976AES_OPT_UINT16_TO_LE(i); // Loading values in the little-endian order

查看文件

@ -52,7 +52,7 @@ void PQCLEAN_KYBER102490S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
iv[0] = nonce;
aes256ctx ctx;
aes256_keyexp(&ctx, key);
aes256_ctr_keyexp(&ctx, key);
aes256_ctr(output, outlen, iv, &ctx);
aes256_ctx_release(&ctx);
}
@ -70,7 +70,7 @@ void PQCLEAN_KYBER102490S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
* - uint8_t y: second additional byte to "absorb"
**************************************************/
void PQCLEAN_KYBER102490S_CLEAN_aes256xof_absorb(aes256xof_ctx *s, const uint8_t *key, uint8_t x, uint8_t y) {
aes256_keyexp(&s->sk_exp, key);
aes256_ecb_keyexp(&s->sk_exp, key);
for (int i = 2; i < 12; i++) {
s->iv[i] = 0;
}

查看文件

@ -52,7 +52,7 @@ void PQCLEAN_KYBER51290S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
iv[0] = nonce;
aes256ctx ctx;
aes256_keyexp(&ctx, key);
aes256_ctr_keyexp(&ctx, key);
aes256_ctr(output, outlen, iv, &ctx);
aes256_ctx_release(&ctx);
}
@ -70,7 +70,7 @@ void PQCLEAN_KYBER51290S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
* - uint8_t y: second additional byte to "absorb"
**************************************************/
void PQCLEAN_KYBER51290S_CLEAN_aes256xof_absorb(aes256xof_ctx *s, const uint8_t *key, uint8_t x, uint8_t y) {
aes256_keyexp(&s->sk_exp, key);
aes256_ecb_keyexp(&s->sk_exp, key);
for (int i = 2; i < 12; i++) {
s->iv[i] = 0;
}

查看文件

@ -52,7 +52,7 @@ void PQCLEAN_KYBER76890S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
iv[0] = nonce;
aes256ctx ctx;
aes256_keyexp(&ctx, key);
aes256_ctr_keyexp(&ctx, key);
aes256_ctr(output, outlen, iv, &ctx);
aes256_ctx_release(&ctx);
}
@ -70,7 +70,7 @@ void PQCLEAN_KYBER76890S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
* - uint8_t y: second additional byte to "absorb"
**************************************************/
void PQCLEAN_KYBER76890S_CLEAN_aes256xof_absorb(aes256xof_ctx *s, const uint8_t *key, uint8_t x, uint8_t y) {
aes256_keyexp(&s->sk_exp, key);
aes256_ecb_keyexp(&s->sk_exp, key);
for (int i = 2; i < 12; i++) {
s->iv[i] = 0;
}

查看文件

@ -72,7 +72,7 @@ int PQCLEAN_LEDAKEMLT12_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s
return RNG_BAD_REQ_LEN;
}
aes256_keyexp(&ctx256, ctx->key);
aes256_ecb_keyexp(&ctx256, ctx->key);
ctx->length_remaining -= xlen;
offset = 0;

查看文件

@ -72,7 +72,7 @@ int PQCLEAN_LEDAKEMLT32_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s
return RNG_BAD_REQ_LEN;
}
aes256_keyexp(&ctx256, ctx->key);
aes256_ecb_keyexp(&ctx256, ctx->key);
ctx->length_remaining -= xlen;
offset = 0;

查看文件

@ -72,7 +72,7 @@ int PQCLEAN_LEDAKEMLT52_LEAKTIME_seedexpander(AES_XOF_struct *ctx, uint8_t *x, s
return RNG_BAD_REQ_LEN;
}
aes256_keyexp(&ctx256, ctx->key);
aes256_ecb_keyexp(&ctx256, ctx->key);
ctx->length_remaining -= xlen;
offset = 0;

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE348864F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE460896F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6688128F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE6960119F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128F_AVX_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128F_CLEAN_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128F_SSE_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -7,7 +7,7 @@ void PQCLEAN_MCELIECE8192128F_VEC_aes256ctr(
const uint8_t key[AES256_KEYBYTES]) {
aes256ctx state;
aes256_keyexp(&state, key);
aes256_ctr_keyexp(&state, key);
aes256_ctr(out, outlen, nonce, &state);
aes256_ctx_release(&state);
}

查看文件

@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;
aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);
while (xlen > 0) {
//increment V

查看文件

@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;
aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);
while (xlen > 0) {
//increment V

查看文件

@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;
aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);
while (xlen > 0) {
//increment V

查看文件

@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;
aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);
while (xlen > 0) {
//increment V

查看文件

@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;
aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);
while (xlen > 0) {
//increment V

查看文件

@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;
aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);
while (xlen > 0) {
//increment V

查看文件

@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;
aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);
while (xlen > 0) {
//increment V

查看文件

@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;
aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);
while (xlen > 0) {
//increment V

查看文件

@ -14,7 +14,7 @@ static void prng_update(const unsigned char *provided_data,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_keyexp(&ctx, Key);
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
@ -51,7 +51,7 @@ static int randombytes_with_state(prng_t *state,
int i = 0;
aes256ctx ctx;
aes256_keyexp(&ctx, state->Key);
aes256_ecb_keyexp(&ctx, state->Key);
while (xlen > 0) {
//increment V

查看文件

@ -27,7 +27,7 @@ static void AES256_CTR_DRBG_Update(const uint8_t *provided_data, uint8_t *Key, u
// buffer - a 128-bit ciphertext value
static void AES256_ECB(uint8_t *key, uint8_t *ctr, uint8_t *buffer) {
aes256ctx ctx;
aes256_keyexp(&ctx, key);
aes256_ecb_keyexp(&ctx, key);
aes256_ecb(buffer, ctr, 1, &ctx);
aes256_ctx_release(&ctx);
}

查看文件

@ -39,8 +39,8 @@ def walk_tree(ast, parent=[]):
pqclean.Scheme.all_implementations(),
ids=str,
)
@helpers.filtered_test
@helpers.skip_windows()
@helpers.filtered_test
def test_char(implementation):
errors = []
for fname in os.listdir(implementation.path()):

查看文件

@ -51,54 +51,60 @@ int main(void)
{
unsigned char ct[67];
int r = 0;
aes128ctx ctx128;
aes192ctx ctx192;
aes256ctx ctx256;
aes128ctx ctx128_ecb, ctx128_ctr;
aes192ctx ctx192_ecb, ctx192_ctr;
aes256ctx ctx256_ecb, ctx256_ctr;
aes128_keyexp(&ctx128, key);
aes192_keyexp(&ctx192, key);
aes256_keyexp(&ctx256, key);
aes128_ecb_keyexp(&ctx128_ecb, key);
aes192_ecb_keyexp(&ctx192_ecb, key);
aes256_ecb_keyexp(&ctx256_ecb, key);
aes128_ctr_keyexp(&ctx128_ctr, key);
aes192_ctr_keyexp(&ctx192_ctr, key);
aes256_ctr_keyexp(&ctx256_ctr, key);
aes128_ctr(ct, 67, nonce, &ctx128);
aes128_ctr(ct, 67, nonce, &ctx128_ctr);
if(memcmp(ct, stream128, 67)) {
printf("ERROR AES128CTR output does not match test vector.\n");
r = 1;
}
aes192_ctr(ct, 67, nonce, &ctx192);
aes192_ctr(ct, 67, nonce, &ctx192_ctr);
if(memcmp(ct, stream192, 67)) {
printf("ERROR AES192CTR output does not match test vector.\n");
r = 1;
}
aes256_ctr(ct, 67, nonce, &ctx256);
aes256_ctr(ct, 67, nonce, &ctx256_ctr);
if(memcmp(ct, stream256, 67)) {
printf("ERROR AES256CTR output does not match test vector.\n");
r = 1;
}
aes128_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx128);
aes128_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx128_ecb);
if(memcmp(ct, ct128, 48)) {
printf("ERROR AES128ECB output does not match test vector.\n");
r = 1;
}
aes192_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx192);
aes192_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx192_ecb);
if(memcmp(ct, ct192, 48)) {
printf("ERROR AES192ECB output does not match test vector.\n");
r = 1;
}
aes256_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx256);
aes256_ecb(ct, msg, sizeof(msg) / AES_BLOCKBYTES, &ctx256_ecb);
if(memcmp(ct, ct256, 48)) {
printf("ERROR AES256ECB output does not match test vector.\n");
r = 1;
}
aes128_ctx_release(&ctx128);
aes192_ctx_release(&ctx192);
aes256_ctx_release(&ctx256);
aes128_ctx_release(&ctx128_ecb);
aes192_ctx_release(&ctx192_ecb);
aes256_ctx_release(&ctx256_ecb);
aes128_ctx_release(&ctx128_ctr);
aes192_ctx_release(&ctx192_ctr);
aes256_ctx_release(&ctx256_ctr);
return r;
}

查看文件

@ -17,28 +17,34 @@ sys.tracebacklimit = 0
def pytest_generate_tests(metafunc):
ids = []
argvalues = []
for scheme in pqclean.Scheme.all_schemes():
for implementation in scheme.implementations:
if os.path.isfile(
os.path.join(
if 'duplicate_consistency' not in os.environ.get('PQCLEAN_SKIP_TESTS', '').split(','):
for scheme in pqclean.Scheme.all_schemes():
for implementation in scheme.implementations:
if os.path.isfile(
os.path.join(
'duplicate_consistency',
'{}_{}.yml'.format(scheme.name, implementation.name))):
metafile = os.path.join(
'duplicate_consistency',
'{}_{}.yml'.format(scheme.name, implementation.name))):
metafile = os.path.join(
'duplicate_consistency',
'{}_{}.yml'.format(scheme.name, implementation.name))
with open(metafile, encoding='utf-8') as f:
metadata = yaml.safe_load(f.read())
for group in metadata['consistency_checks']:
source = pqclean.Implementation.by_name(
group['source']['scheme'],
group['source']['implementation'])
argvalues.append(
(implementation, source, group['files']))
ids.append(
"{metafile}: {scheme.name} {implementation.name}"
.format(scheme=scheme,
implementation=implementation,
metafile=metafile))
'{}_{}.yml'.format(scheme.name, implementation.name))
with open(metafile, encoding='utf-8') as f:
metadata = yaml.safe_load(f.read())
for group in metadata['consistency_checks']:
source = pqclean.Implementation.by_name(
group['source']['scheme'],
group['source']['implementation'])
argvalues.append(
(implementation, source, group['files']))
ids.append(
"{metafile}: {scheme.name} {implementation.name}"
.format(scheme=scheme,
implementation=implementation,
metafile=metafile))
else:
# Placeholders so we don't crash
ids = ['dummy']
argvalues = [('dummy', 'dummy', 'dummy')]
metafunc.parametrize(('implementation', 'source', 'files'),
argvalues,
ids=ids)

查看文件

@ -19,8 +19,6 @@ additional_flags = [] #['-fix-errors']
@helpers.skip_windows()
@helpers.filtered_test
def test_clang_tidy(implementation: pqclean.Implementation):
if platform.machine() in ['i386']:
raise unittest.SkipTest("Clang-tidy has false-positives on i386")
helpers.ensure_available('clang-tidy')
cfiles = implementation.cfiles()
common_files = glob(os.path.join('..', 'common', '*.c'))