mirror of
https://github.com/henrydcase/pqc.git
synced 2024-11-26 09:21:28 +00:00
hopefully fix msvc complaints
This commit is contained in:
parent
537d2a1ac0
commit
46145a3183
@ -80,7 +80,7 @@ int PQCLEAN_LEDAKEMLT12_LEAKTIME_DFR_test(POSITION_T LSparse[N0][DV * M], uint8_
|
|||||||
allBlockMaxSumstMinusOne;
|
allBlockMaxSumstMinusOne;
|
||||||
}
|
}
|
||||||
if (DV * M > (allBlockMaxSumstMinusOne + allBlockMaxSumst)) {
|
if (DV * M > (allBlockMaxSumstMinusOne + allBlockMaxSumst)) {
|
||||||
*secondIterThreshold = allBlockMaxSumst + 1;
|
*secondIterThreshold = (uint8_t) (allBlockMaxSumst + 1);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -2,27 +2,26 @@
|
|||||||
|
|
||||||
#include <string.h> // memset(...)
|
#include <string.h> // memset(...)
|
||||||
|
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr) {
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n) {
|
||||||
for (int i = 0; i < nr; i++) {
|
for (size_t i = 0; i < n; i++) {
|
||||||
Res[i] = A[i] ^ B[i];
|
Res[i] = A[i] ^ B[i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* copies len digits from a to r if b == 1 */
|
/* copies len digits from a to r if b == 1 */
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c) {
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c) {
|
||||||
size_t i;
|
DIGIT mask = (DIGIT)(-c);
|
||||||
DIGIT mask = -(DIGIT)c;
|
for (size_t i = 0; i < len; i++) {
|
||||||
for (i = 0; i < len; i++) {
|
|
||||||
r[i] ^= mask & (a[i] ^ r[i]);
|
r[i] ^= mask & (a[i] ^ r[i]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount) {
|
||||||
if ( amount == 0 ) {
|
if ( amount == 0 ) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
unsigned int j;
|
size_t j;
|
||||||
DIGIT mask;
|
DIGIT mask;
|
||||||
mask = ((DIGIT)0x01 << amount) - 1;
|
mask = ((DIGIT)0x01 << amount) - 1;
|
||||||
for (j = length - 1; j > 0; j--) {
|
for (j = length - 1; j > 0; j--) {
|
||||||
@ -33,11 +32,11 @@ void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsi
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount) {
|
||||||
if ( amount == 0 ) {
|
if ( amount == 0 ) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
int j;
|
size_t j;
|
||||||
DIGIT mask;
|
DIGIT mask;
|
||||||
mask = ~(((DIGIT)0x01 << (DIGIT_SIZE_b - amount)) - 1);
|
mask = ~(((DIGIT)0x01 << (DIGIT_SIZE_b - amount)) - 1);
|
||||||
for (j = 0 ; j < length - 1; j++) {
|
for (j = 0 ; j < length - 1; j++) {
|
||||||
@ -91,7 +90,7 @@ static inline void gf2x_add_asymm(DIGIT *R,
|
|||||||
size_t nb, const DIGIT *B) {
|
size_t nb, const DIGIT *B) {
|
||||||
size_t delta = na - nb;
|
size_t delta = na - nb;
|
||||||
gf2x_cpy(R, A, delta);
|
gf2x_cpy(R, A, delta);
|
||||||
PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(R + delta, A + delta, B, nb);;
|
gf2x_add(R + delta, A + delta, B, nb);;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* aligns first array elements */
|
/* aligns first array elements */
|
||||||
@ -99,7 +98,7 @@ static inline void gf2x_add_asymm2(DIGIT *R,
|
|||||||
size_t na, const DIGIT *A,
|
size_t na, const DIGIT *A,
|
||||||
size_t nb, const DIGIT *B) {
|
size_t nb, const DIGIT *B) {
|
||||||
size_t delta = na - nb;
|
size_t delta = na - nb;
|
||||||
PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(R, A, B, nb);
|
gf2x_add(R, A, B, nb);
|
||||||
gf2x_cpy(R + nb, A + nb, delta);
|
gf2x_cpy(R + nb, A + nb, delta);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -54,10 +54,10 @@ typedef uint64_t DIGIT;
|
|||||||
#define STACK_KAR_ONLY 2433
|
#define STACK_KAR_ONLY 2433
|
||||||
#define STACK_WORDS 2892
|
#define STACK_WORDS 2892
|
||||||
|
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr);
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n);
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c);
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c);
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount);
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount);
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount);
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount);
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_mul(DIGIT *R, const DIGIT *A, const DIGIT *B, size_t n);
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_mul(DIGIT *R, const DIGIT *A, const DIGIT *B, size_t n);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -166,16 +166,16 @@ static void gf2x_cswap(DIGIT *a, DIGIT *b, int swap_mask) {
|
|||||||
/* returns -1 mask if x != 0, otherwise 0 */
|
/* returns -1 mask if x != 0, otherwise 0 */
|
||||||
static inline int nonzero(DIGIT x) {
|
static inline int nonzero(DIGIT x) {
|
||||||
DIGIT t = x;
|
DIGIT t = x;
|
||||||
t = -t;
|
t = (~t) + 1;
|
||||||
t >>= DIGIT_SIZE_b - 1;
|
t >>= DIGIT_SIZE_b - 1;
|
||||||
return -(int)t;
|
return -((int)t);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* returns -1 mask if x < 0 else 0 */
|
/* returns -1 mask if x < 0 else 0 */
|
||||||
static inline int negative(int x) {
|
static inline int negative(int x) {
|
||||||
uint32_t u = x;
|
uint32_t u = x;
|
||||||
u >>= 31;
|
u >>= 31;
|
||||||
return -(int)u;
|
return -((int)u);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* return f(0) as digit */
|
/* return f(0) as digit */
|
||||||
|
@ -20,7 +20,7 @@ void PQCLEAN_LEDAKEMLT12_LEAKTIME_niederreiter_keygen(publicKeyNiederreiter_t *p
|
|||||||
DIGIT Ln0dense[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
DIGIT Ln0dense[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
||||||
DIGIT Ln0Inv[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
DIGIT Ln0Inv[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
||||||
int is_L_full;
|
int is_L_full;
|
||||||
int isDFRok;
|
int isDFRok = 0;
|
||||||
|
|
||||||
memset(&keys_expander, 0x00, sizeof(AES_XOF_struct));
|
memset(&keys_expander, 0x00, sizeof(AES_XOF_struct));
|
||||||
randombytes(sk->prng_seed, TRNG_BYTE_LENGTH);
|
randombytes(sk->prng_seed, TRNG_BYTE_LENGTH);
|
||||||
|
@ -7,13 +7,14 @@ int PQCLEAN_LEDAKEMLT12_LEAKTIME_gf2x_verify(const DIGIT *a, const DIGIT *b, siz
|
|||||||
for (size_t i = 0; i < len; i++) {
|
for (size_t i = 0; i < len; i++) {
|
||||||
x |= a[i] ^ b[i];
|
x |= a[i] ^ b[i];
|
||||||
}
|
}
|
||||||
x = (-x) >> (DIGIT_SIZE_b - 1);
|
x = (~x) + 1;
|
||||||
|
x >>= (DIGIT_SIZE_b - 1);
|
||||||
return (int)x;
|
return (int)x;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* conditionally move a into r if cond */
|
/* conditionally move a into r if cond */
|
||||||
void PQCLEAN_LEDAKEMLT12_LEAKTIME_cmov(uint8_t *r, const uint8_t *a, size_t len, int cond) {
|
void PQCLEAN_LEDAKEMLT12_LEAKTIME_cmov(uint8_t *r, const uint8_t *a, size_t len, int cond) {
|
||||||
uint8_t mask = -cond;
|
uint8_t mask = (uint8_t)(-cond);
|
||||||
for (size_t i = 0; i < len; i++) {
|
for (size_t i = 0; i < len; i++) {
|
||||||
r[i] ^= mask & (r[i] ^ a[i]);
|
r[i] ^= mask & (r[i] ^ a[i]);
|
||||||
}
|
}
|
||||||
|
@ -80,7 +80,7 @@ int PQCLEAN_LEDAKEMLT32_LEAKTIME_DFR_test(POSITION_T LSparse[N0][DV * M], uint8_
|
|||||||
allBlockMaxSumstMinusOne;
|
allBlockMaxSumstMinusOne;
|
||||||
}
|
}
|
||||||
if (DV * M > (allBlockMaxSumstMinusOne + allBlockMaxSumst)) {
|
if (DV * M > (allBlockMaxSumstMinusOne + allBlockMaxSumst)) {
|
||||||
*secondIterThreshold = allBlockMaxSumst + 1;
|
*secondIterThreshold = (uint8_t) (allBlockMaxSumst + 1);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -2,27 +2,26 @@
|
|||||||
|
|
||||||
#include <string.h> // memset(...)
|
#include <string.h> // memset(...)
|
||||||
|
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr) {
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n) {
|
||||||
for (int i = 0; i < nr; i++) {
|
for (size_t i = 0; i < n; i++) {
|
||||||
Res[i] = A[i] ^ B[i];
|
Res[i] = A[i] ^ B[i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* copies len digits from a to r if b == 1 */
|
/* copies len digits from a to r if b == 1 */
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c) {
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c) {
|
||||||
size_t i;
|
DIGIT mask = (DIGIT)(-c);
|
||||||
DIGIT mask = -(DIGIT)c;
|
for (size_t i = 0; i < len; i++) {
|
||||||
for (i = 0; i < len; i++) {
|
|
||||||
r[i] ^= mask & (a[i] ^ r[i]);
|
r[i] ^= mask & (a[i] ^ r[i]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount) {
|
||||||
if ( amount == 0 ) {
|
if ( amount == 0 ) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
unsigned int j;
|
size_t j;
|
||||||
DIGIT mask;
|
DIGIT mask;
|
||||||
mask = ((DIGIT)0x01 << amount) - 1;
|
mask = ((DIGIT)0x01 << amount) - 1;
|
||||||
for (j = length - 1; j > 0; j--) {
|
for (j = length - 1; j > 0; j--) {
|
||||||
@ -33,11 +32,11 @@ void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsi
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount) {
|
||||||
if ( amount == 0 ) {
|
if ( amount == 0 ) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
int j;
|
size_t j;
|
||||||
DIGIT mask;
|
DIGIT mask;
|
||||||
mask = ~(((DIGIT)0x01 << (DIGIT_SIZE_b - amount)) - 1);
|
mask = ~(((DIGIT)0x01 << (DIGIT_SIZE_b - amount)) - 1);
|
||||||
for (j = 0 ; j < length - 1; j++) {
|
for (j = 0 ; j < length - 1; j++) {
|
||||||
@ -91,7 +90,7 @@ static inline void gf2x_add_asymm(DIGIT *R,
|
|||||||
size_t nb, const DIGIT *B) {
|
size_t nb, const DIGIT *B) {
|
||||||
size_t delta = na - nb;
|
size_t delta = na - nb;
|
||||||
gf2x_cpy(R, A, delta);
|
gf2x_cpy(R, A, delta);
|
||||||
PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(R + delta, A + delta, B, nb);;
|
gf2x_add(R + delta, A + delta, B, nb);;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* aligns first array elements */
|
/* aligns first array elements */
|
||||||
@ -99,7 +98,7 @@ static inline void gf2x_add_asymm2(DIGIT *R,
|
|||||||
size_t na, const DIGIT *A,
|
size_t na, const DIGIT *A,
|
||||||
size_t nb, const DIGIT *B) {
|
size_t nb, const DIGIT *B) {
|
||||||
size_t delta = na - nb;
|
size_t delta = na - nb;
|
||||||
PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(R, A, B, nb);
|
gf2x_add(R, A, B, nb);
|
||||||
gf2x_cpy(R + nb, A + nb, delta);
|
gf2x_cpy(R + nb, A + nb, delta);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -54,10 +54,10 @@ typedef uint64_t DIGIT;
|
|||||||
#define STACK_KAR_ONLY 4497
|
#define STACK_KAR_ONLY 4497
|
||||||
#define STACK_WORDS 5336
|
#define STACK_WORDS 5336
|
||||||
|
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr);
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n);
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c);
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c);
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount);
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount);
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount);
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount);
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_mul(DIGIT *R, const DIGIT *A, const DIGIT *B, size_t n);
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_mul(DIGIT *R, const DIGIT *A, const DIGIT *B, size_t n);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -164,16 +164,16 @@ static void gf2x_cswap(DIGIT *a, DIGIT *b, int swap_mask) {
|
|||||||
/* returns -1 mask if x != 0, otherwise 0 */
|
/* returns -1 mask if x != 0, otherwise 0 */
|
||||||
static inline int nonzero(DIGIT x) {
|
static inline int nonzero(DIGIT x) {
|
||||||
DIGIT t = x;
|
DIGIT t = x;
|
||||||
t = -t;
|
t = (~t) + 1;
|
||||||
t >>= DIGIT_SIZE_b - 1;
|
t >>= DIGIT_SIZE_b - 1;
|
||||||
return -(int)t;
|
return -((int)t);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* returns -1 mask if x < 0 else 0 */
|
/* returns -1 mask if x < 0 else 0 */
|
||||||
static inline int negative(int x) {
|
static inline int negative(int x) {
|
||||||
uint32_t u = x;
|
uint32_t u = x;
|
||||||
u >>= 31;
|
u >>= 31;
|
||||||
return -(int)u;
|
return -((int)u);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* return f(0) as digit */
|
/* return f(0) as digit */
|
||||||
|
@ -20,7 +20,7 @@ void PQCLEAN_LEDAKEMLT32_LEAKTIME_niederreiter_keygen(publicKeyNiederreiter_t *p
|
|||||||
DIGIT Ln0dense[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
DIGIT Ln0dense[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
||||||
DIGIT Ln0Inv[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
DIGIT Ln0Inv[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
||||||
int is_L_full;
|
int is_L_full;
|
||||||
int isDFRok;
|
int isDFRok = 0;
|
||||||
|
|
||||||
memset(&keys_expander, 0x00, sizeof(AES_XOF_struct));
|
memset(&keys_expander, 0x00, sizeof(AES_XOF_struct));
|
||||||
randombytes(sk->prng_seed, TRNG_BYTE_LENGTH);
|
randombytes(sk->prng_seed, TRNG_BYTE_LENGTH);
|
||||||
|
@ -7,13 +7,14 @@ int PQCLEAN_LEDAKEMLT32_LEAKTIME_gf2x_verify(const DIGIT *a, const DIGIT *b, siz
|
|||||||
for (size_t i = 0; i < len; i++) {
|
for (size_t i = 0; i < len; i++) {
|
||||||
x |= a[i] ^ b[i];
|
x |= a[i] ^ b[i];
|
||||||
}
|
}
|
||||||
x = (-x) >> (DIGIT_SIZE_b - 1);
|
x = (~x) + 1;
|
||||||
|
x >>= (DIGIT_SIZE_b - 1);
|
||||||
return (int)x;
|
return (int)x;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* conditionally move a into r if cond */
|
/* conditionally move a into r if cond */
|
||||||
void PQCLEAN_LEDAKEMLT32_LEAKTIME_cmov(uint8_t *r, const uint8_t *a, size_t len, int cond) {
|
void PQCLEAN_LEDAKEMLT32_LEAKTIME_cmov(uint8_t *r, const uint8_t *a, size_t len, int cond) {
|
||||||
uint8_t mask = -cond;
|
uint8_t mask = (uint8_t)(-cond);
|
||||||
for (size_t i = 0; i < len; i++) {
|
for (size_t i = 0; i < len; i++) {
|
||||||
r[i] ^= mask & (r[i] ^ a[i]);
|
r[i] ^= mask & (r[i] ^ a[i]);
|
||||||
}
|
}
|
||||||
|
@ -80,7 +80,7 @@ int PQCLEAN_LEDAKEMLT52_LEAKTIME_DFR_test(POSITION_T LSparse[N0][DV * M], uint8_
|
|||||||
allBlockMaxSumstMinusOne;
|
allBlockMaxSumstMinusOne;
|
||||||
}
|
}
|
||||||
if (DV * M > (allBlockMaxSumstMinusOne + allBlockMaxSumst)) {
|
if (DV * M > (allBlockMaxSumstMinusOne + allBlockMaxSumst)) {
|
||||||
*secondIterThreshold = allBlockMaxSumst + 1;
|
*secondIterThreshold = (uint8_t) (allBlockMaxSumst + 1);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -2,27 +2,26 @@
|
|||||||
|
|
||||||
#include <string.h> // memset(...)
|
#include <string.h> // memset(...)
|
||||||
|
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr) {
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n) {
|
||||||
for (int i = 0; i < nr; i++) {
|
for (size_t i = 0; i < n; i++) {
|
||||||
Res[i] = A[i] ^ B[i];
|
Res[i] = A[i] ^ B[i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* copies len digits from a to r if b == 1 */
|
/* copies len digits from a to r if b == 1 */
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c) {
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c) {
|
||||||
size_t i;
|
DIGIT mask = (DIGIT)(-c);
|
||||||
DIGIT mask = -(DIGIT)c;
|
for (size_t i = 0; i < len; i++) {
|
||||||
for (i = 0; i < len; i++) {
|
|
||||||
r[i] ^= mask & (a[i] ^ r[i]);
|
r[i] ^= mask & (a[i] ^ r[i]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount) {
|
||||||
if ( amount == 0 ) {
|
if ( amount == 0 ) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
unsigned int j;
|
size_t j;
|
||||||
DIGIT mask;
|
DIGIT mask;
|
||||||
mask = ((DIGIT)0x01 << amount) - 1;
|
mask = ((DIGIT)0x01 << amount) - 1;
|
||||||
for (j = length - 1; j > 0; j--) {
|
for (j = length - 1; j > 0; j--) {
|
||||||
@ -33,11 +32,11 @@ void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsi
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
/* PRE: MAX ALLOWED ROTATION AMOUNT : DIGIT_SIZE_b */
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount) {
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount) {
|
||||||
if ( amount == 0 ) {
|
if ( amount == 0 ) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
int j;
|
size_t j;
|
||||||
DIGIT mask;
|
DIGIT mask;
|
||||||
mask = ~(((DIGIT)0x01 << (DIGIT_SIZE_b - amount)) - 1);
|
mask = ~(((DIGIT)0x01 << (DIGIT_SIZE_b - amount)) - 1);
|
||||||
for (j = 0 ; j < length - 1; j++) {
|
for (j = 0 ; j < length - 1; j++) {
|
||||||
@ -91,7 +90,7 @@ static inline void gf2x_add_asymm(DIGIT *R,
|
|||||||
size_t nb, const DIGIT *B) {
|
size_t nb, const DIGIT *B) {
|
||||||
size_t delta = na - nb;
|
size_t delta = na - nb;
|
||||||
gf2x_cpy(R, A, delta);
|
gf2x_cpy(R, A, delta);
|
||||||
PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(R + delta, A + delta, B, nb);;
|
gf2x_add(R + delta, A + delta, B, nb);;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* aligns first array elements */
|
/* aligns first array elements */
|
||||||
@ -99,7 +98,7 @@ static inline void gf2x_add_asymm2(DIGIT *R,
|
|||||||
size_t na, const DIGIT *A,
|
size_t na, const DIGIT *A,
|
||||||
size_t nb, const DIGIT *B) {
|
size_t nb, const DIGIT *B) {
|
||||||
size_t delta = na - nb;
|
size_t delta = na - nb;
|
||||||
PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(R, A, B, nb);
|
gf2x_add(R, A, B, nb);
|
||||||
gf2x_cpy(R + nb, A + nb, delta);
|
gf2x_cpy(R + nb, A + nb, delta);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -54,10 +54,15 @@ typedef uint64_t DIGIT;
|
|||||||
#define STACK_KAR_ONLY 7137
|
#define STACK_KAR_ONLY 7137
|
||||||
#define STACK_WORDS 8401
|
#define STACK_WORDS 8401
|
||||||
|
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], int nr);
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_add(DIGIT Res[], const DIGIT A[], const DIGIT B[], size_t n);
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c);
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_cmov(DIGIT *r, const DIGIT *a, size_t len, int c);
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(int length, DIGIT in[], unsigned int amount);
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_right_bit_shift_n(size_t length, DIGIT in[], size_t amount);
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_left_bit_shift_n(int length, DIGIT in[], unsigned int amount);
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_left_bit_shift_n(size_t length, DIGIT in[], size_t amount);
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_mul(DIGIT *R, const DIGIT *A, const DIGIT *B, size_t n);
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_mul(DIGIT *R, const DIGIT *A, const DIGIT *B, size_t n);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -164,16 +164,16 @@ static void gf2x_cswap(DIGIT *a, DIGIT *b, int swap_mask) {
|
|||||||
/* returns -1 mask if x != 0, otherwise 0 */
|
/* returns -1 mask if x != 0, otherwise 0 */
|
||||||
static inline int nonzero(DIGIT x) {
|
static inline int nonzero(DIGIT x) {
|
||||||
DIGIT t = x;
|
DIGIT t = x;
|
||||||
t = -t;
|
t = (~t) + 1;
|
||||||
t >>= DIGIT_SIZE_b - 1;
|
t >>= DIGIT_SIZE_b - 1;
|
||||||
return -(int)t;
|
return -((int)t);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* returns -1 mask if x < 0 else 0 */
|
/* returns -1 mask if x < 0 else 0 */
|
||||||
static inline int negative(int x) {
|
static inline int negative(int x) {
|
||||||
uint32_t u = x;
|
uint32_t u = x;
|
||||||
u >>= 31;
|
u >>= 31;
|
||||||
return -(int)u;
|
return -((int)u);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* return f(0) as digit */
|
/* return f(0) as digit */
|
||||||
|
@ -20,7 +20,7 @@ void PQCLEAN_LEDAKEMLT52_LEAKTIME_niederreiter_keygen(publicKeyNiederreiter_t *p
|
|||||||
DIGIT Ln0dense[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
DIGIT Ln0dense[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
||||||
DIGIT Ln0Inv[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
DIGIT Ln0Inv[NUM_DIGITS_GF2X_ELEMENT] = {0};
|
||||||
int is_L_full;
|
int is_L_full;
|
||||||
int isDFRok;
|
int isDFRok = 0;
|
||||||
|
|
||||||
memset(&keys_expander, 0x00, sizeof(AES_XOF_struct));
|
memset(&keys_expander, 0x00, sizeof(AES_XOF_struct));
|
||||||
randombytes(sk->prng_seed, TRNG_BYTE_LENGTH);
|
randombytes(sk->prng_seed, TRNG_BYTE_LENGTH);
|
||||||
|
@ -7,13 +7,14 @@ int PQCLEAN_LEDAKEMLT52_LEAKTIME_gf2x_verify(const DIGIT *a, const DIGIT *b, siz
|
|||||||
for (size_t i = 0; i < len; i++) {
|
for (size_t i = 0; i < len; i++) {
|
||||||
x |= a[i] ^ b[i];
|
x |= a[i] ^ b[i];
|
||||||
}
|
}
|
||||||
x = (-x) >> (DIGIT_SIZE_b - 1);
|
x = (~x) + 1;
|
||||||
|
x >>= (DIGIT_SIZE_b - 1);
|
||||||
return (int)x;
|
return (int)x;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* conditionally move a into r if cond */
|
/* conditionally move a into r if cond */
|
||||||
void PQCLEAN_LEDAKEMLT52_LEAKTIME_cmov(uint8_t *r, const uint8_t *a, size_t len, int cond) {
|
void PQCLEAN_LEDAKEMLT52_LEAKTIME_cmov(uint8_t *r, const uint8_t *a, size_t len, int cond) {
|
||||||
uint8_t mask = -cond;
|
uint8_t mask = (uint8_t)(-cond);
|
||||||
for (size_t i = 0; i < len; i++) {
|
for (size_t i = 0; i < len; i++) {
|
||||||
r[i] ^= mask & (r[i] ^ a[i]);
|
r[i] ^= mask & (r[i] ^ a[i]);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user