Fix reduce.c's overflowing multiplication

пре 4 година · 39fa1ccfc7
--- a/crypto_kem/kyber1024-90s/clean/reduce.c
+++ b/crypto_kem/kyber1024-90s/clean/reduce.c
@@ -18,7 +18,7 @@ int16_t PQCLEAN_KYBER102490S_CLEAN_montgomery_reduce(int32_t a) {
    int32_t t;
    int16_t u;

    u = (int16_t)(a * QINV);
    u = (int16_t)(a * (int64_t)QINV);
    t = (int32_t)u * KYBER_Q;
    t = a - t;
    t >>= 16;
--- a/crypto_kem/kyber1024/clean/reduce.c
+++ b/crypto_kem/kyber1024/clean/reduce.c
@@ -18,7 +18,7 @@ int16_t PQCLEAN_KYBER1024_CLEAN_montgomery_reduce(int32_t a) {
    int32_t t;
    int16_t u;

    u = (int16_t)(a * QINV);
    u = (int16_t)(a * (int64_t)QINV);
    t = (int32_t)u * KYBER_Q;
    t = a - t;
    t >>= 16;
--- a/crypto_kem/kyber512-90s/clean/reduce.c
+++ b/crypto_kem/kyber512-90s/clean/reduce.c
@@ -18,7 +18,7 @@ int16_t PQCLEAN_KYBER51290S_CLEAN_montgomery_reduce(int32_t a) {
    int32_t t;
    int16_t u;

    u = (int16_t)(a * QINV);
    u = (int16_t)(a * (int64_t)QINV);
    t = (int32_t)u * KYBER_Q;
    t = a - t;
    t >>= 16;
--- a/crypto_kem/kyber512/clean/reduce.c
+++ b/crypto_kem/kyber512/clean/reduce.c
@@ -18,7 +18,7 @@ int16_t PQCLEAN_KYBER512_CLEAN_montgomery_reduce(int32_t a) {
    int32_t t;
    int16_t u;

    u = (int16_t)(a * QINV);
    u = (int16_t)(a * (int64_t)QINV);
    t = (int32_t)u * KYBER_Q;
    t = a - t;
    t >>= 16;
--- a/crypto_kem/kyber768-90s/clean/reduce.c
+++ b/crypto_kem/kyber768-90s/clean/reduce.c
@@ -18,7 +18,7 @@ int16_t PQCLEAN_KYBER76890S_CLEAN_montgomery_reduce(int32_t a) {
    int32_t t;
    int16_t u;

    u = (int16_t)(a * QINV);
    u = (int16_t)(a * (int64_t)QINV);
    t = (int32_t)u * KYBER_Q;
    t = a - t;
    t >>= 16;
--- a/crypto_kem/kyber768/clean/reduce.c
+++ b/crypto_kem/kyber768/clean/reduce.c
@@ -18,7 +18,7 @@ int16_t PQCLEAN_KYBER768_CLEAN_montgomery_reduce(int32_t a) {
    int32_t t;
    int16_t u;

    u = (int16_t)(a * QINV);
    u = (int16_t)(a * (int64_t)QINV);
    t = (int32_t)u * KYBER_Q;
    t = a - t;
    t >>= 16;