From 5f02a4e80ceecda5f2d5d36eaf501027149a10c3 Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Mon, 9 Mar 2020 18:02:44 -0400 Subject: [PATCH] Fix overflowing mults in NTRUHRSS701 --- crypto_kem/ntruhrss701/clean/sample.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto_kem/ntruhrss701/clean/sample.c b/crypto_kem/ntruhrss701/clean/sample.c index f1030904..9c1c7d3b 100644 --- a/crypto_kem/ntruhrss701/clean/sample.c +++ b/crypto_kem/ntruhrss701/clean/sample.c @@ -37,14 +37,14 @@ void PQCLEAN_NTRUHRSS701_CLEAN_sample_iid_plus(poly *r, const unsigned char unif /* s = . (r[n-1] = 0) */ for (i = 0; i < NTRU_N - 1; i++) { - s += r->coeffs[i + 1] * r->coeffs[i]; + s += (uint16_t)((uint32_t)r->coeffs[i + 1] * (uint32_t)r->coeffs[i]); } /* Extract sign of s (sign(0) = 1) */ s = 1 | (-(s >> 15)); for (i = 0; i < NTRU_N; i += 2) { - r->coeffs[i] = s * r->coeffs[i]; + r->coeffs[i] = (uint16_t)((uint32_t)s * (uint32_t)r->coeffs[i]); } /* Map {0,1,2^16-1} -> {0, 1, 2} */