1
1
mirror of https://github.com/henrydcase/pqc.git synced 2024-11-23 16:08:59 +00:00
pqcrypto/crypto_kem/kyber768-90s/clean/verify.c

48 lines
1.5 KiB
C
Raw Normal View History

2019-09-17 13:02:01 +01:00
#include "verify.h"
#include <stddef.h>
#include <stdint.h>
/*************************************************
* Name: PQCLEAN_KYBER76890S_CLEAN_verify
2019-09-17 13:02:01 +01:00
*
* Description: Compare two arrays for equality in constant time.
*
* Arguments: const uint8_t *a: pointer to first byte array
* const uint8_t *b: pointer to second byte array
* size_t len: length of the byte arrays
2019-09-17 13:02:01 +01:00
*
* Returns 0 if the byte arrays are equal, 1 otherwise
**************************************************/
int PQCLEAN_KYBER76890S_CLEAN_verify(const uint8_t *a, const uint8_t *b, size_t len) {
size_t i;
uint8_t r = 0;
2019-09-17 13:02:01 +01:00
for (i = 0; i < len; i++) {
r |= a[i] ^ b[i];
}
return (-(uint64_t)r) >> 63;
2019-09-17 13:02:01 +01:00
}
/*************************************************
* Name: PQCLEAN_KYBER76890S_CLEAN_cmov
2019-09-17 13:02:01 +01:00
*
* Description: Copy len bytes from x to r if b is 1;
* don't modify x if b is 0. Requires b to be in {0,1};
* assumes two's complement representation of negative integers.
* Runs in constant time.
*
* Arguments: uint8_t *r: pointer to output byte array
* const uint8_t *x: pointer to input byte array
* size_t len: Amount of bytes to be copied
2019-09-17 13:02:01 +01:00
* uint8_t b: Condition bit; has to be in {0,1}
**************************************************/
void PQCLEAN_KYBER76890S_CLEAN_cmov(uint8_t *r, const uint8_t *x, size_t len, uint8_t b) {
size_t i;
2019-09-17 13:02:01 +01:00
b = -b;
for (i = 0; i < len; i++) {
r[i] ^= b & (r[i] ^ x[i]);
2019-09-17 13:02:01 +01:00
}
}