From f3980cf03347bf18a300a96a8bf196e53ff3070a Mon Sep 17 00:00:00 2001 From: Joost Rijneveld Date: Wed, 24 Apr 2019 14:04:33 +0200 Subject: [PATCH] Fix input/output overwrite for MGF1 --- .../clean/thash_sha256_robust.c | 10 +++++----- .../clean/thash_sha256_robust.c | 10 +++++----- .../clean/thash_sha256_robust.c | 10 +++++----- .../clean/thash_sha256_robust.c | 10 +++++----- .../clean/thash_sha256_robust.c | 10 +++++----- .../clean/thash_sha256_robust.c | 10 +++++----- 6 files changed, 30 insertions(+), 30 deletions(-) diff --git a/crypto_sign/sphincs-sha256-128f-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-128f-robust/clean/thash_sha256_robust.c index bff4c52f..c2f6688c 100644 --- a/crypto_sign/sphincs-sha256-128f-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-128f-robust/clean/thash_sha256_robust.c @@ -17,7 +17,7 @@ static void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( const unsigned char *pub_seed, uint32_t addr[8]) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; - unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES; + unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; uint8_t sha2_state[40]; unsigned int i; @@ -44,7 +44,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 1 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); } @@ -53,7 +53,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 2 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); } @@ -62,7 +62,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); } @@ -71,7 +71,7 @@ void PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256128FROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); } diff --git a/crypto_sign/sphincs-sha256-128s-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-128s-robust/clean/thash_sha256_robust.c index 3a6bc0df..5c468dae 100644 --- a/crypto_sign/sphincs-sha256-128s-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-128s-robust/clean/thash_sha256_robust.c @@ -17,7 +17,7 @@ static void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( const unsigned char *pub_seed, uint32_t addr[8]) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; - unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES; + unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; uint8_t sha2_state[40]; unsigned int i; @@ -44,7 +44,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 1 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); } @@ -53,7 +53,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 2 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); } @@ -62,7 +62,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); } @@ -71,7 +71,7 @@ void PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256128SROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); } diff --git a/crypto_sign/sphincs-sha256-192f-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-192f-robust/clean/thash_sha256_robust.c index 60314ebb..32924361 100644 --- a/crypto_sign/sphincs-sha256-192f-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-192f-robust/clean/thash_sha256_robust.c @@ -17,7 +17,7 @@ static void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( const unsigned char *pub_seed, uint32_t addr[8]) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; - unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES; + unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; uint8_t sha2_state[40]; unsigned int i; @@ -44,7 +44,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 1 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); } @@ -53,7 +53,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 2 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); } @@ -62,7 +62,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); } @@ -71,7 +71,7 @@ void PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256192FROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); } diff --git a/crypto_sign/sphincs-sha256-192s-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-192s-robust/clean/thash_sha256_robust.c index b5246294..c2c09379 100644 --- a/crypto_sign/sphincs-sha256-192s-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-192s-robust/clean/thash_sha256_robust.c @@ -17,7 +17,7 @@ static void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( const unsigned char *pub_seed, uint32_t addr[8]) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; - unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES; + unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; uint8_t sha2_state[40]; unsigned int i; @@ -44,7 +44,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 1 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); } @@ -53,7 +53,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 2 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); } @@ -62,7 +62,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); } @@ -71,7 +71,7 @@ void PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256192SROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); } diff --git a/crypto_sign/sphincs-sha256-256f-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-256f-robust/clean/thash_sha256_robust.c index 0581d9e0..37f81ded 100644 --- a/crypto_sign/sphincs-sha256-256f-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-256f-robust/clean/thash_sha256_robust.c @@ -17,7 +17,7 @@ static void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( const unsigned char *pub_seed, uint32_t addr[8]) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; - unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES; + unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; uint8_t sha2_state[40]; unsigned int i; @@ -44,7 +44,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 1 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); } @@ -53,7 +53,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 2 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); } @@ -62,7 +62,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); } @@ -71,7 +71,7 @@ void PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256256FROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); } diff --git a/crypto_sign/sphincs-sha256-256s-robust/clean/thash_sha256_robust.c b/crypto_sign/sphincs-sha256-256s-robust/clean/thash_sha256_robust.c index db68f7af..d7498c60 100644 --- a/crypto_sign/sphincs-sha256-256s-robust/clean/thash_sha256_robust.c +++ b/crypto_sign/sphincs-sha256-256s-robust/clean/thash_sha256_robust.c @@ -17,7 +17,7 @@ static void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( const unsigned char *pub_seed, uint32_t addr[8]) { unsigned char outbuf[SPX_SHA256_OUTPUT_BYTES]; - unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES; + unsigned char *bitmask = buf + SPX_N + SPX_SHA256_ADDR_BYTES + 4; uint8_t sha2_state[40]; unsigned int i; @@ -44,7 +44,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_1( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 1 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 1 * SPX_N]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( out, buf, in, 1, pub_seed, addr); } @@ -53,7 +53,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_2( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 2 * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + 2 * SPX_N]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( out, buf, in, 2, pub_seed, addr); } @@ -62,7 +62,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_WOTS_LEN( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_WOTS_LEN * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_WOTS_LEN * SPX_N]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( out, buf, in, SPX_WOTS_LEN, pub_seed, addr); } @@ -71,7 +71,7 @@ void PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash_FORS_TREES( unsigned char *out, const unsigned char *in, const unsigned char *pub_seed, uint32_t addr[8]) { - unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + SPX_FORS_TREES * SPX_N + 4]; + unsigned char buf[SPX_N + SPX_SHA256_ADDR_BYTES + 4 + SPX_FORS_TREES * SPX_N]; PQCLEAN_SPHINCSSHA256256SROBUST_CLEAN_thash( out, buf, in, SPX_FORS_TREES, pub_seed, addr); }