From 46145a318375522063b739568021078b866ab372 Mon Sep 17 00:00:00 2001 From: Leon Botros Date: Fri, 23 Aug 2019 12:41:58 +0200 Subject: [PATCH] hopefully fix msvc complaints --- crypto_kem/ledakemlt12/leaktime/dfr_test.c | 2 +- crypto_kem/ledakemlt12/leaktime/gf2x_arith.c | 21 +++++++++---------- crypto_kem/ledakemlt12/leaktime/gf2x_arith.h | 6 +++--- .../leaktime/gf2x_arith_mod_xPplusOne.c | 6 +++--- .../ledakemlt12/leaktime/niederreiter.c | 2 +- crypto_kem/ledakemlt12/leaktime/utils.c | 5 +++-- crypto_kem/ledakemlt32/leaktime/dfr_test.c | 2 +- crypto_kem/ledakemlt32/leaktime/gf2x_arith.c | 21 +++++++++---------- crypto_kem/ledakemlt32/leaktime/gf2x_arith.h | 6 +++--- .../leaktime/gf2x_arith_mod_xPplusOne.c | 6 +++--- .../ledakemlt32/leaktime/niederreiter.c | 2 +- crypto_kem/ledakemlt32/leaktime/utils.c | 5 +++-- crypto_kem/ledakemlt52/leaktime/dfr_test.c | 2 +- crypto_kem/ledakemlt52/leaktime/gf2x_arith.c | 21 +++++++++---------- crypto_kem/ledakemlt52/leaktime/gf2x_arith.h | 11 +++++++--- .../leaktime/gf2x_arith_mod_xPplusOne.c | 6 +++--- .../ledakemlt52/leaktime/niederreiter.c | 2 +- crypto_kem/ledakemlt52/leaktime/utils.c | 5 +++-- 18 files changed, 68 insertions(+), 63 deletions(-) diff --git a/crypto_kem/ledakemlt12/leaktime/dfr_test.c b/crypto_kem/ledakemlt12/leaktime/dfr_test.c index ff704be9..ab5e2928 100644 --- a/crypto_kem/ledakemlt12/leaktime/dfr_test.c +++ b/crypto_kem/ledakemlt12/leaktime/dfr_test.c @@ -80,7 +80,7 @@ int PQCLEAN_LEDAKEMLT12_LEAKTIME_DFR_test(POSITION_T LSparse[N0][DV * M], uint8_ allBlockMaxSumstMinusOne; } if (DV * M > (allBlockMaxSumstMinusOne + allBlockMaxSumst)) { - *secondIterThreshold = allBlockMaxSumst + 1; + *secondIterThreshold = (uint8_t) (allBlockMaxSumst + 1); return 1; } return 0; diff --git a/crypto_kem/ledakemlt12/leaktime/gf2x_arith.c b/crypto_kem/ledakemlt12/leaktime/gf2x_arith.c index bf681303..bdf8f42c 100644 --- a/crypto_kem/ledakemlt12/leaktime/gf2x_arith.c +++ b/crypto_kem/ledakemlt12/leaktime/gf2x_arith.c @@ -2,27 +2,26 @@ #include // memset(...) -void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr) { - for (int i = 0; i < nr; i++) { +void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n) { + for (size_t i = 0; i < n; i++) { Res[i] = A[i] ^ B[i]; } } /* copies len digits from a to r if b == 1 */ void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c) { - size_t i; - DIGIT mask = -(DIGIT)c; - for (i = 0; i < len; i++) { + DIGIT mask = (DIGIT)(-c); + for (size_t i = 0; i < len; i++) { r[i] ^= mask & (a[i] ^ r[i]); } } /* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */ -void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount) { +void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount) { if ( amount == 0 ) { return; } - unsigned int j; + size_t j; DIGIT mask; mask = ((DIGIT)0x01 << amount) - 1; for (j = length - 1; j > 0; j--) { @@ -33,11 +32,11 @@ void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsi } /* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */ -void PQCLEAN_LEDAKEMLT12_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount) { +void PQCLEAN_LEDAKEMLT12_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount) { if ( amount == 0 ) { return; } - int j; + size_t j; DIGIT mask; mask = ~(((DIGIT)0x01 << (DIGIT_SIZE_b - amount)) - 1); for (j = 0 ; j < length - 1; j++) { @@ -91,7 +90,7 @@ static inline void gf2x_add_asymm(DIGIT *R, size_t nb, const DIGIT *B) { size_t delta = na - nb; gf2x_cpy(R, A, delta); - PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(R + delta, A + delta, B, nb);; + gf2x_add(R + delta, A + delta, B, nb);; } /* aligns first array elements */ @@ -99,7 +98,7 @@ static inline void gf2x_add_asymm2(DIGIT *R, size_t na, const DIGIT *A, size_t nb, const DIGIT *B) { size_t delta = na - nb; - PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(R, A, B, nb); + gf2x_add(R, A, B, nb); gf2x_cpy(R + nb, A + nb, delta); } diff --git a/crypto_kem/ledakemlt12/leaktime/gf2x_arith.h b/crypto_kem/ledakemlt12/leaktime/gf2x_arith.h index 4d3181f2..bce971aa 100644 --- a/crypto_kem/ledakemlt12/leaktime/gf2x_arith.h +++ b/crypto_kem/ledakemlt12/leaktime/gf2x_arith.h @@ -54,10 +54,10 @@ typedef uint64_t DIGIT; #define STACK_KAR_ONLY 2433 #define STACK_WORDS 2892 -void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr); +void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n); void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c); -void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount); -void PQCLEAN_LEDAKEMLT12_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount); +void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount); +void PQCLEAN_LEDAKEMLT12_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount); void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_mul(DIGIT *R, const DIGIT *A, const DIGIT *B, size_t n); #endif diff --git a/crypto_kem/ledakemlt12/leaktime/gf2x_arith_mod_xPplusOne.c b/crypto_kem/ledakemlt12/leaktime/gf2x_arith_mod_xPplusOne.c index c88a6236..65f458dc 100644 --- a/crypto_kem/ledakemlt12/leaktime/gf2x_arith_mod_xPplusOne.c +++ b/crypto_kem/ledakemlt12/leaktime/gf2x_arith_mod_xPplusOne.c @@ -166,16 +166,16 @@ static void gf2x_cswap(DIGIT *a, DIGIT *b, int swap_mask) { /* returns -1 mask if x != 0, otherwise 0 */ static inline int nonzero(DIGIT x) { DIGIT t = x; - t = -t; + t = (~t) + 1; t >>= DIGIT_SIZE_b - 1; - return -(int)t; + return -((int)t); } /* returns -1 mask if x < 0 else 0 */ static inline int negative(int x) { uint32_t u = x; u >>= 31; - return -(int)u; + return -((int)u); } /* return f(0) as digit */ diff --git a/crypto_kem/ledakemlt12/leaktime/niederreiter.c b/crypto_kem/ledakemlt12/leaktime/niederreiter.c index 0e7173f6..3004b39d 100644 --- a/crypto_kem/ledakemlt12/leaktime/niederreiter.c +++ b/crypto_kem/ledakemlt12/leaktime/niederreiter.c @@ -20,7 +20,7 @@ void PQCLEAN_LEDAKEMLT12_LEAKTIME_niederreiter_keygen(publicKeyNiederreiter_t *p DIGIT Ln0dense[NUM_DIGITS_GF2X_ELEMENT] = {0}; DIGIT Ln0Inv[NUM_DIGITS_GF2X_ELEMENT] = {0}; int is_L_full; - int isDFRok; + int isDFRok = 0; memset(&keys_expander, 0x00, sizeof(AES_XOF_struct)); randombytes(sk->prng_seed, TRNG_BYTE_LENGTH); diff --git a/crypto_kem/ledakemlt12/leaktime/utils.c b/crypto_kem/ledakemlt12/leaktime/utils.c index bd657b5c..1f99d88d 100644 --- a/crypto_kem/ledakemlt12/leaktime/utils.c +++ b/crypto_kem/ledakemlt12/leaktime/utils.c @@ -7,13 +7,14 @@ int PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_verify(const DIGIT *a, const DIGIT *b, siz for (size_t i = 0; i < len; i++) { x |= a[i] ^ b[i]; } - x = (-x) >> (DIGIT_SIZE_b - 1); + x = (~x) + 1; + x >>= (DIGIT_SIZE_b - 1); return (int)x; } /* conditionally move a into r if cond */ void PQCLEAN_LEDAKEMLT12_LEAKTIME_cmov(uint8_t *r, const uint8_t *a, size_t len, int cond) { - uint8_t mask = -cond; + uint8_t mask = (uint8_t)(-cond); for (size_t i = 0; i < len; i++) { r[i] ^= mask & (r[i] ^ a[i]); } diff --git a/crypto_kem/ledakemlt32/leaktime/dfr_test.c b/crypto_kem/ledakemlt32/leaktime/dfr_test.c index e4403260..169a6b73 100644 --- a/crypto_kem/ledakemlt32/leaktime/dfr_test.c +++ b/crypto_kem/ledakemlt32/leaktime/dfr_test.c @@ -80,7 +80,7 @@ int PQCLEAN_LEDAKEMLT32_LEAKTIME_DFR_test(POSITION_T LSparse[N0][DV * M], uint8_ allBlockMaxSumstMinusOne; } if (DV * M > (allBlockMaxSumstMinusOne + allBlockMaxSumst)) { - *secondIterThreshold = allBlockMaxSumst + 1; + *secondIterThreshold = (uint8_t) (allBlockMaxSumst + 1); return 1; } return 0; diff --git a/crypto_kem/ledakemlt32/leaktime/gf2x_arith.c b/crypto_kem/ledakemlt32/leaktime/gf2x_arith.c index dc82f164..1c961f81 100644 --- a/crypto_kem/ledakemlt32/leaktime/gf2x_arith.c +++ b/crypto_kem/ledakemlt32/leaktime/gf2x_arith.c @@ -2,27 +2,26 @@ #include // memset(...) -void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr) { - for (int i = 0; i < nr; i++) { +void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n) { + for (size_t i = 0; i < n; i++) { Res[i] = A[i] ^ B[i]; } } /* copies len digits from a to r if b == 1 */ void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c) { - size_t i; - DIGIT mask = -(DIGIT)c; - for (i = 0; i < len; i++) { + DIGIT mask = (DIGIT)(-c); + for (size_t i = 0; i < len; i++) { r[i] ^= mask & (a[i] ^ r[i]); } } /* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */ -void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount) { +void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount) { if ( amount == 0 ) { return; } - unsigned int j; + size_t j; DIGIT mask; mask = ((DIGIT)0x01 << amount) - 1; for (j = length - 1; j > 0; j--) { @@ -33,11 +32,11 @@ void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsi } /* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */ -void PQCLEAN_LEDAKEMLT32_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount) { +void PQCLEAN_LEDAKEMLT32_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount) { if ( amount == 0 ) { return; } - int j; + size_t j; DIGIT mask; mask = ~(((DIGIT)0x01 << (DIGIT_SIZE_b - amount)) - 1); for (j = 0 ; j < length - 1; j++) { @@ -91,7 +90,7 @@ static inline void gf2x_add_asymm(DIGIT *R, size_t nb, const DIGIT *B) { size_t delta = na - nb; gf2x_cpy(R, A, delta); - PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(R + delta, A + delta, B, nb);; + gf2x_add(R + delta, A + delta, B, nb);; } /* aligns first array elements */ @@ -99,7 +98,7 @@ static inline void gf2x_add_asymm2(DIGIT *R, size_t na, const DIGIT *A, size_t nb, const DIGIT *B) { size_t delta = na - nb; - PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(R, A, B, nb); + gf2x_add(R, A, B, nb); gf2x_cpy(R + nb, A + nb, delta); } diff --git a/crypto_kem/ledakemlt32/leaktime/gf2x_arith.h b/crypto_kem/ledakemlt32/leaktime/gf2x_arith.h index 0458468b..b0e30ddb 100644 --- a/crypto_kem/ledakemlt32/leaktime/gf2x_arith.h +++ b/crypto_kem/ledakemlt32/leaktime/gf2x_arith.h @@ -54,10 +54,10 @@ typedef uint64_t DIGIT; #define STACK_KAR_ONLY 4497 #define STACK_WORDS 5336 -void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr); +void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n); void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c); -void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount); -void PQCLEAN_LEDAKEMLT32_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount); +void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount); +void PQCLEAN_LEDAKEMLT32_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount); void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_mul(DIGIT *R, const DIGIT *A, const DIGIT *B, size_t n); #endif diff --git a/crypto_kem/ledakemlt32/leaktime/gf2x_arith_mod_xPplusOne.c b/crypto_kem/ledakemlt32/leaktime/gf2x_arith_mod_xPplusOne.c index 2502cb0d..a525d535 100644 --- a/crypto_kem/ledakemlt32/leaktime/gf2x_arith_mod_xPplusOne.c +++ b/crypto_kem/ledakemlt32/leaktime/gf2x_arith_mod_xPplusOne.c @@ -164,16 +164,16 @@ static void gf2x_cswap(DIGIT *a, DIGIT *b, int swap_mask) { /* returns -1 mask if x != 0, otherwise 0 */ static inline int nonzero(DIGIT x) { DIGIT t = x; - t = -t; + t = (~t) + 1; t >>= DIGIT_SIZE_b - 1; - return -(int)t; + return -((int)t); } /* returns -1 mask if x < 0 else 0 */ static inline int negative(int x) { uint32_t u = x; u >>= 31; - return -(int)u; + return -((int)u); } /* return f(0) as digit */ diff --git a/crypto_kem/ledakemlt32/leaktime/niederreiter.c b/crypto_kem/ledakemlt32/leaktime/niederreiter.c index c7181d7f..3c77436e 100644 --- a/crypto_kem/ledakemlt32/leaktime/niederreiter.c +++ b/crypto_kem/ledakemlt32/leaktime/niederreiter.c @@ -20,7 +20,7 @@ void PQCLEAN_LEDAKEMLT32_LEAKTIME_niederreiter_keygen(publicKeyNiederreiter_t *p DIGIT Ln0dense[NUM_DIGITS_GF2X_ELEMENT] = {0}; DIGIT Ln0Inv[NUM_DIGITS_GF2X_ELEMENT] = {0}; int is_L_full; - int isDFRok; + int isDFRok = 0; memset(&keys_expander, 0x00, sizeof(AES_XOF_struct)); randombytes(sk->prng_seed, TRNG_BYTE_LENGTH); diff --git a/crypto_kem/ledakemlt32/leaktime/utils.c b/crypto_kem/ledakemlt32/leaktime/utils.c index 86d9353c..5bbbdaff 100644 --- a/crypto_kem/ledakemlt32/leaktime/utils.c +++ b/crypto_kem/ledakemlt32/leaktime/utils.c @@ -7,13 +7,14 @@ int PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_verify(const DIGIT *a, const DIGIT *b, siz for (size_t i = 0; i < len; i++) { x |= a[i] ^ b[i]; } - x = (-x) >> (DIGIT_SIZE_b - 1); + x = (~x) + 1; + x >>= (DIGIT_SIZE_b - 1); return (int)x; } /* conditionally move a into r if cond */ void PQCLEAN_LEDAKEMLT32_LEAKTIME_cmov(uint8_t *r, const uint8_t *a, size_t len, int cond) { - uint8_t mask = -cond; + uint8_t mask = (uint8_t)(-cond); for (size_t i = 0; i < len; i++) { r[i] ^= mask & (r[i] ^ a[i]); } diff --git a/crypto_kem/ledakemlt52/leaktime/dfr_test.c b/crypto_kem/ledakemlt52/leaktime/dfr_test.c index ce4a252b..3199d403 100644 --- a/crypto_kem/ledakemlt52/leaktime/dfr_test.c +++ b/crypto_kem/ledakemlt52/leaktime/dfr_test.c @@ -80,7 +80,7 @@ int PQCLEAN_LEDAKEMLT52_LEAKTIME_DFR_test(POSITION_T LSparse[N0][DV * M], uint8_ allBlockMaxSumstMinusOne; } if (DV * M > (allBlockMaxSumstMinusOne + allBlockMaxSumst)) { - *secondIterThreshold = allBlockMaxSumst + 1; + *secondIterThreshold = (uint8_t) (allBlockMaxSumst + 1); return 1; } return 0; diff --git a/crypto_kem/ledakemlt52/leaktime/gf2x_arith.c b/crypto_kem/ledakemlt52/leaktime/gf2x_arith.c index 60130747..86465754 100644 --- a/crypto_kem/ledakemlt52/leaktime/gf2x_arith.c +++ b/crypto_kem/ledakemlt52/leaktime/gf2x_arith.c @@ -2,27 +2,26 @@ #include // memset(...) -void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr) { - for (int i = 0; i < nr; i++) { +void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n) { + for (size_t i = 0; i < n; i++) { Res[i] = A[i] ^ B[i]; } } /* copies len digits from a to r if b == 1 */ void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c) { - size_t i; - DIGIT mask = -(DIGIT)c; - for (i = 0; i < len; i++) { + DIGIT mask = (DIGIT)(-c); + for (size_t i = 0; i < len; i++) { r[i] ^= mask & (a[i] ^ r[i]); } } /* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */ -void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount) { +void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount) { if ( amount == 0 ) { return; } - unsigned int j; + size_t j; DIGIT mask; mask = ((DIGIT)0x01 << amount) - 1; for (j = length - 1; j > 0; j--) { @@ -33,11 +32,11 @@ void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsi } /* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */ -void PQCLEAN_LEDAKEMLT52_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount) { +void PQCLEAN_LEDAKEMLT52_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount) { if ( amount == 0 ) { return; } - int j; + size_t j; DIGIT mask; mask = ~(((DIGIT)0x01 << (DIGIT_SIZE_b - amount)) - 1); for (j = 0 ; j < length - 1; j++) { @@ -91,7 +90,7 @@ static inline void gf2x_add_asymm(DIGIT *R, size_t nb, const DIGIT *B) { size_t delta = na - nb; gf2x_cpy(R, A, delta); - PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(R + delta, A + delta, B, nb);; + gf2x_add(R + delta, A + delta, B, nb);; } /* aligns first array elements */ @@ -99,7 +98,7 @@ static inline void gf2x_add_asymm2(DIGIT *R, size_t na, const DIGIT *A, size_t nb, const DIGIT *B) { size_t delta = na - nb; - PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(R, A, B, nb); + gf2x_add(R, A, B, nb); gf2x_cpy(R + nb, A + nb, delta); } diff --git a/crypto_kem/ledakemlt52/leaktime/gf2x_arith.h b/crypto_kem/ledakemlt52/leaktime/gf2x_arith.h index f2961ba7..b38e1616 100644 --- a/crypto_kem/ledakemlt52/leaktime/gf2x_arith.h +++ b/crypto_kem/ledakemlt52/leaktime/gf2x_arith.h @@ -54,10 +54,15 @@ typedef uint64_t DIGIT; #define STACK_KAR_ONLY 7137 #define STACK_WORDS 8401 -void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr); +void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n); void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c); -void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount); -void PQCLEAN_LEDAKEMLT52_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount); +void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount); +void PQCLEAN_LEDAKEMLT52_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount); void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_mul(DIGIT *R, const DIGIT *A, const DIGIT *B, size_t n); + + + + + #endif diff --git a/crypto_kem/ledakemlt52/leaktime/gf2x_arith_mod_xPplusOne.c b/crypto_kem/ledakemlt52/leaktime/gf2x_arith_mod_xPplusOne.c index 21ab22e8..e17e5cbb 100644 --- a/crypto_kem/ledakemlt52/leaktime/gf2x_arith_mod_xPplusOne.c +++ b/crypto_kem/ledakemlt52/leaktime/gf2x_arith_mod_xPplusOne.c @@ -164,16 +164,16 @@ static void gf2x_cswap(DIGIT *a, DIGIT *b, int swap_mask) { /* returns -1 mask if x != 0, otherwise 0 */ static inline int nonzero(DIGIT x) { DIGIT t = x; - t = -t; + t = (~t) + 1; t >>= DIGIT_SIZE_b - 1; - return -(int)t; + return -((int)t); } /* returns -1 mask if x < 0 else 0 */ static inline int negative(int x) { uint32_t u = x; u >>= 31; - return -(int)u; + return -((int)u); } /* return f(0) as digit */ diff --git a/crypto_kem/ledakemlt52/leaktime/niederreiter.c b/crypto_kem/ledakemlt52/leaktime/niederreiter.c index e5d2f602..4d6ab84a 100644 --- a/crypto_kem/ledakemlt52/leaktime/niederreiter.c +++ b/crypto_kem/ledakemlt52/leaktime/niederreiter.c @@ -20,7 +20,7 @@ void PQCLEAN_LEDAKEMLT52_LEAKTIME_niederreiter_keygen(publicKeyNiederreiter_t *p DIGIT Ln0dense[NUM_DIGITS_GF2X_ELEMENT] = {0}; DIGIT Ln0Inv[NUM_DIGITS_GF2X_ELEMENT] = {0}; int is_L_full; - int isDFRok; + int isDFRok = 0; memset(&keys_expander, 0x00, sizeof(AES_XOF_struct)); randombytes(sk->prng_seed, TRNG_BYTE_LENGTH); diff --git a/crypto_kem/ledakemlt52/leaktime/utils.c b/crypto_kem/ledakemlt52/leaktime/utils.c index f50734dc..74fb8414 100644 --- a/crypto_kem/ledakemlt52/leaktime/utils.c +++ b/crypto_kem/ledakemlt52/leaktime/utils.c @@ -7,13 +7,14 @@ int PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_verify(const DIGIT *a, const DIGIT *b, siz for (size_t i = 0; i < len; i++) { x |= a[i] ^ b[i]; } - x = (-x) >> (DIGIT_SIZE_b - 1); + x = (~x) + 1; + x >>= (DIGIT_SIZE_b - 1); return (int)x; } /* conditionally move a into r if cond */ void PQCLEAN_LEDAKEMLT52_LEAKTIME_cmov(uint8_t *r, const uint8_t *a, size_t len, int cond) { - uint8_t mask = -cond; + uint8_t mask = (uint8_t)(-cond); for (size_t i = 0; i < len; i++) { r[i] ^= mask & (r[i] ^ a[i]); }