From 721610cca77e3312426f667e8627ea7123e06e25 Mon Sep 17 00:00:00 2001 From: "John M. Schanck" Date: Mon, 14 Sep 2020 12:53:28 -0400 Subject: [PATCH] simplify clean/repetition.c and satisfy test_boolean --- crypto_kem/hqc-128/clean/repetition.c | 30 +++++++------------ crypto_kem/hqc-192/clean/repetition.c | 30 +++++++------------ crypto_kem/hqc-256/clean/repetition.c | 42 +++++++++------------------ 3 files changed, 36 insertions(+), 66 deletions(-) diff --git a/crypto_kem/hqc-128/clean/repetition.c b/crypto_kem/hqc-128/clean/repetition.c index cc12d895..72b81030 100644 --- a/crypto_kem/hqc-128/clean/repetition.c +++ b/crypto_kem/hqc-128/clean/repetition.c @@ -20,26 +20,18 @@ static inline int32_t popcount(uint64_t n); * @param[in] m Pointer to an array that is the message */ void PQCLEAN_HQC128_CLEAN_repetition_code_encode(uint64_t *em, const uint64_t *m) { - uint16_t i, j, bit, idx_r; - uint32_t pos_r; - uint64_t *p64 = em; - const uint64_t mask[2][2] = {{0x0UL, 0x0UL}, {0x7FFFFFFFUL, 0x3FFFFFFFUL}}; - for (i = 0; i < (uint16_t) (VEC_N1_SIZE_64 - 1); i++) { - for (j = 0; j < 64; j++) { - bit = (m[i] >> j) & 0x1; - pos_r = PARAM_N2 * ((i << 6) + j); - idx_r = (pos_r & 0x3f); - p64[pos_r >> 6] ^= mask[bit][0] << idx_r; - p64[(pos_r >> 6) + 1] ^= mask[bit][1] >> ((63 - idx_r)); - } - } + uint64_t bit, idx_r; + size_t pos_r; - for (j = 0; j < (PARAM_N1 & 0x3f); j++) { - bit = (m[VEC_N1_SIZE_64 - 1] >> j) & 0x1; - pos_r = PARAM_N2 * (((VEC_N1_SIZE_64 - 1) << 6) + j); - idx_r = (pos_r & 0x3f); - p64[pos_r >> 6] ^= mask[bit][0] << idx_r; - p64[(pos_r >> 6) + 1] ^= mask[bit][1] >> ((63 - idx_r)); + pos_r = 0; + for (size_t i = 0; i < VEC_N1_SIZE_64; i++) { + for (size_t j = 0; j < 64 && pos_r < PARAM_N1N2; j++) { + bit = -((m[i] >> j) & 1); + idx_r = (pos_r & 0x3f); + em[(pos_r >> 6) + 0] ^= (bit & 0x7FFFFFFFUL) << idx_r; + em[(pos_r >> 6) + 1] ^= (bit & 0x3FFFFFFFUL) >> ((63 - idx_r)); + pos_r += PARAM_N2; + } } } diff --git a/crypto_kem/hqc-192/clean/repetition.c b/crypto_kem/hqc-192/clean/repetition.c index b8897a9e..8caadd6d 100644 --- a/crypto_kem/hqc-192/clean/repetition.c +++ b/crypto_kem/hqc-192/clean/repetition.c @@ -20,26 +20,18 @@ static inline int32_t popcount(uint64_t n); * @param[in] m Pointer to an array that is the message */ void PQCLEAN_HQC192_CLEAN_repetition_code_encode(uint64_t *em, const uint64_t *m) { - uint16_t i, j, bit, idx_r; - uint32_t pos_r; - uint64_t *p64 = em; - const uint64_t mask[2][2] = {{0x0UL, 0x0UL}, {0x7FFFFFFFFFFFFFFUL, 0x3FFFFFFFFFFFFFFUL}}; - for (i = 0; i < (uint16_t) (VEC_N1_SIZE_64 - 1); i++) { - for (j = 0; j < 64; j++) { - bit = (m[i] >> j) & 0x1; - pos_r = PARAM_N2 * ((i << 6) + j); - idx_r = (pos_r & 0x3f); - p64[pos_r >> 6] ^= mask[bit][0] << idx_r; - p64[(pos_r >> 6) + 1] ^= mask[bit][1] >> ((63 - idx_r)); - } - } + uint64_t bit, idx_r; + size_t pos_r; - for (j = 0; j < (PARAM_N1 & 0x3f); j++) { - bit = (m[VEC_N1_SIZE_64 - 1] >> j) & 0x1; - pos_r = PARAM_N2 * (((VEC_N1_SIZE_64 - 1) << 6) + j); - idx_r = (pos_r & 0x3f); - p64[pos_r >> 6] ^= mask[bit][0] << idx_r; - p64[(pos_r >> 6) + 1] ^= mask[bit][1] >> ((63 - idx_r)); + pos_r = 0; + for (size_t i = 0; i < VEC_N1_SIZE_64; i++) { + for (size_t j = 0; j < 64 && pos_r < PARAM_N1N2; j++) { + bit = -((m[i] >> j) & 1); + idx_r = (pos_r & 0x3f); + em[(pos_r >> 6) + 0] ^= (bit & 0x7FFFFFFFFFFFFFFUL) << idx_r; + em[(pos_r >> 6) + 1] ^= (bit & 0x3FFFFFFFFFFFFFFUL) >> ((63 - idx_r)); + pos_r += PARAM_N2; + } } } diff --git a/crypto_kem/hqc-256/clean/repetition.c b/crypto_kem/hqc-256/clean/repetition.c index f393e9f8..b251f034 100644 --- a/crypto_kem/hqc-256/clean/repetition.c +++ b/crypto_kem/hqc-256/clean/repetition.c @@ -18,35 +18,21 @@ static inline int32_t popcount(uint64_t n); * @param[in] m Pointer to an array that is the message */ void PQCLEAN_HQC256_CLEAN_repetition_code_encode(uint64_t *em, const uint64_t *m) { - static const uint64_t mask[2][3] = {{0x0UL, 0x0UL, 0x0UL}, {0xFFFFFFFFFFFFFFFFUL, 0xFFFFFFFFFFFFFFFFUL, 0x3FFFFFUL}}; - for (size_t i = 0; i < VEC_N1_SIZE_64 - 1; i++) { - for (size_t j = 0; j < 64; j++) { - uint8_t bit = (m[i] >> j) & 0x1; - uint32_t pos_r = PARAM_N2 * ((i << 6) + j); - uint16_t idx_r = (pos_r & 0x3f); - uint64_t *p64 = em; - p64 += pos_r >> 6; - *p64 ^= mask[bit][0] << idx_r; - int64_t aux = (41 - idx_r); - uint64_t aux2 = (aux > 0); - uint64_t idx2 = aux * aux2; - *(p64 + 1) ^= mask[bit][1] >> idx2; - *(p64 + 2) ^= mask[bit][2] >> ((63 - idx_r)); - } - } + uint64_t bit, idx_r, idx2; + size_t pos_r; - for (size_t j = 0; j < (PARAM_N1 & 0x3f); j++) { - uint8_t bit = (m[VEC_N1_SIZE_64 - 1] >> j) & 0x1; - uint32_t pos_r = PARAM_N2 * (((VEC_N1_SIZE_64 - 1) << 6) + j); - uint16_t idx_r = (pos_r & 0x3f); - uint64_t *p64 = em; - p64 += pos_r >> 6; - *p64 ^= mask[bit][0] << idx_r; - int64_t aux = (41 - idx_r); - uint64_t aux2 = (aux > 0); - uint64_t idx2 = aux * aux2; - *(p64 + 1) ^= mask[bit][1] >> idx2; - *(p64 + 2) ^= mask[bit][2] >> ((63 - idx_r)); + pos_r = 0; + for (size_t i = 0; i < VEC_N1_SIZE_64; i++) { + for (size_t j = 0; j < 64 && pos_r < PARAM_N1N2; j++) { + bit = -((m[i] >> j) & 1); + idx_r = (pos_r & 0x3f); + idx2 = 41 - idx_r; + idx2 &= (uint64_t) (-((int64_t)idx2) >> 63); + em[(pos_r >> 6) + 0] ^= (bit & 0xFFFFFFFFFFFFFFFFUL) << idx_r; + em[(pos_r >> 6) + 1] ^= (bit & 0xFFFFFFFFFFFFFFFFUL) >> idx2; + em[(pos_r >> 6) + 2] ^= (bit & 0x3FFFFFUL) >> ((63 - idx_r)); + pos_r += PARAM_N2; + } } }