kris/pqcrypto
1
1
Fork 0
mirror of https://github.com/henrydcase/pqc.git synced 2024-11-22 15:39:07 +00:00
Code Issues 1 Releases Wiki Activity

Some cosmetic changes to appease clang-tidy.

Browse Source
This commit is contained in:
Thomas Pornin 2019-07-20 20:35:30 -04:00
parent 192e72144b
commit 87bc13c761
14 changed files with 104 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
crypto_sign/falcon-1024/clean/codec.c
View File

@ -75,7 +75,7 @@ PQCLEAN_FALCON1024_CLEAN_modq_encode(
size_t
PQCLEAN_FALCON1024_CLEAN_modq_decode(
uint16_t *x, unsigned logn,
const void *in, size_t in_max_len) {
const void *in, size_t max_in_len) {
size_t n, in_len, u;
const uint8_t *buf;
uint32_t acc;
@ -83,7 +83,7 @@ PQCLEAN_FALCON1024_CLEAN_modq_decode(
n = (size_t)1 << logn;
in_len = ((n * 14) + 7) >> 3;
if (in_len > in_max_len) {
if (in_len > max_in_len) {
return 0;
}
buf = in;
@ -132,7 +132,8 @@ PQCLEAN_FALCON1024_CLEAN_trim_i16_encode(
out_len = ((n * bits) + 7) >> 3;
if (out == NULL) {
return out_len;
} else if (out_len > max_out_len) {
}
if (out_len > max_out_len) {
return 0;
}
buf = out;
@ -157,7 +158,7 @@ PQCLEAN_FALCON1024_CLEAN_trim_i16_encode(
size_t
PQCLEAN_FALCON1024_CLEAN_trim_i16_decode(
int16_t *x, unsigned logn, unsigned bits,
const void *in, size_t in_max_len) {
const void *in, size_t max_in_len) {
size_t n, in_len;
const uint8_t *buf;
size_t u;
@ -166,7 +167,7 @@ PQCLEAN_FALCON1024_CLEAN_trim_i16_decode(
n = (size_t)1 << logn;
in_len = ((n * bits) + 7) >> 3;
if (in_len > in_max_len) {
if (in_len > max_in_len) {
return 0;
}
buf = in;
@ -225,7 +226,8 @@ PQCLEAN_FALCON1024_CLEAN_trim_i8_encode(
out_len = ((n * bits) + 7) >> 3;
if (out == NULL) {
return out_len;
} else if (out_len > max_out_len) {
}
if (out_len > max_out_len) {
return 0;
}
buf = out;
@ -250,7 +252,7 @@ PQCLEAN_FALCON1024_CLEAN_trim_i8_encode(
size_t
PQCLEAN_FALCON1024_CLEAN_trim_i8_decode(
int8_t *x, unsigned logn, unsigned bits,
const void *in, size_t in_max_len) {
const void *in, size_t max_in_len) {
size_t n, in_len;
const uint8_t *buf;
size_t u;
@ -259,7 +261,7 @@ PQCLEAN_FALCON1024_CLEAN_trim_i8_decode(
n = (size_t)1 << logn;
in_len = ((n * bits) + 7) >> 3;
if (in_len > in_max_len) {
if (in_len > max_in_len) {
return 0;
}
buf = in;
@ -395,7 +397,7 @@ PQCLEAN_FALCON1024_CLEAN_comp_encode(
size_t
PQCLEAN_FALCON1024_CLEAN_comp_decode(
int16_t *x, unsigned logn,
const void *in, size_t in_max_len) {
const void *in, size_t max_in_len) {
const uint8_t *buf;
size_t n, u, v;
uint32_t acc;
@ -413,7 +415,7 @@ PQCLEAN_FALCON1024_CLEAN_comp_decode(
* Get next eight bits: sign and low seven bits of the
* absolute value.
*/
if (v >= in_max_len) {
if (v >= max_in_len) {
return 0;
}
acc = (acc << 8) | (uint32_t)buf[v ++];
@ -426,7 +428,7 @@ PQCLEAN_FALCON1024_CLEAN_comp_decode(
*/
for (;;) {
if (acc_len == 0) {
if (v >= in_max_len) {
if (v >= max_in_len) {
return 0;
}
acc = (acc << 8) | (uint32_t)buf[v ++];

4
crypto_sign/falcon-1024/clean/common.c
View File

@ -237,7 +237,7 @@ PQCLEAN_FALCON1024_CLEAN_is_short(
/* see inner.h */
int
PQCLEAN_FALCON1024_CLEAN_is_short_half(
uint32_t sqn, const int16_t *a, unsigned logn) {
uint32_t sqn, const int16_t *s2, unsigned logn) {
size_t n, u;
uint32_t ng;
@ -246,7 +246,7 @@ PQCLEAN_FALCON1024_CLEAN_is_short_half(
for (u = 0; u < n; u ++) {
int32_t z;
z = a[u];
z = s2[u];
sqn += (uint32_t)(z * z);
ng |= sqn;
}

5
crypto_sign/falcon-1024/clean/fpr.h
View File

@ -243,8 +243,7 @@ static inline int64_t
fpr_rint(fpr x) {
uint64_t m, d;
int e;
uint32_t s, dd;
unsigned f;
uint32_t s, dd, f;
/*
* We assume that the value fits in -(2^63-1)..+(2^63-1). We can
@ -278,7 +277,7 @@ fpr_rint(fpr x) {
*/
d = fpr_ulsh(m, 63 - e);
dd = (uint32_t)d | ((uint32_t)(d >> 32) & 0x1FFFFFFF);
f = (unsigned)(d >> 61) | (unsigned)((dd | -dd) >> 31);
f = (uint32_t)(d >> 61) | ((dd | -dd) >> 31);
m = fpr_ursh(m, e) + (uint64_t)((0xC8U >> f) & 1U);
/*

6
crypto_sign/falcon-1024/clean/inner.h
View File

@ -343,12 +343,12 @@ int PQCLEAN_FALCON1024_CLEAN_get_seed(void *seed, size_t seed_len);
*/
typedef struct {
union {
unsigned char d[512]; /* MUST be 512, exactly */
uint8_t d[512]; /* MUST be 512, exactly */
uint64_t dummy_u64;
} buf;
size_t ptr;
union {
unsigned char d[256];
uint8_t d[256];
uint64_t dummy_u64;
} state;
int type;
@ -567,7 +567,7 @@ void PQCLEAN_FALCON1024_CLEAN_poly_LDLmv_fft(fpr *restrict d11, fpr *restrict l1
* f = f0(x^2) + x*f1(x^2), for half-size polynomials f0 and f1
* (polynomials modulo X^(N/2)+1). f0, f1 and f MUST NOT overlap.
*/
void PQCLEAN_FALCON1024_CLEAN_poly_split_fft(fpr *restrict t0, fpr *restrict t1,
void PQCLEAN_FALCON1024_CLEAN_poly_split_fft(fpr *restrict f0, fpr *restrict f1,
const fpr *restrict f, unsigned logn);
/*

6
crypto_sign/falcon-1024/clean/keygen.c
View File

@ -2183,7 +2183,7 @@ get_rng_u64(shake256_context *rng) {
* We enforce little-endian representation.
*/
unsigned char tmp[8];
uint8_t tmp[8];
shake256_extract(rng, tmp, sizeof tmp);
return (uint64_t)tmp[0]
@ -2414,7 +2414,7 @@ poly_small_sqnorm(const int8_t *f, unsigned logn) {
*/
static fpr *
align_fpr(void *base, void *data) {
unsigned char *cb, *cd;
uint8_t *cb, *cd;
size_t k, km;
cb = base;
@ -2433,7 +2433,7 @@ align_fpr(void *base, void *data) {
*/
static uint32_t *
align_u32(void *base, void *data) {
unsigned char *cb, *cd;
uint8_t *cb, *cd;
size_t k, km;
cb = base;

12
crypto_sign/falcon-1024/clean/rng.c
View File

@ -42,7 +42,7 @@ PQCLEAN_FALCON1024_CLEAN_prng_init(prng *p, shake256_context *src) {
* must enforce little-endian interpretation of
* the state words.
*/
unsigned char tmp[56];
uint8_t tmp[56];
uint64_t th, tl;
int i;
@ -148,13 +148,13 @@ PQCLEAN_FALCON1024_CLEAN_prng_refill(prng *p) {
*/
for (v = 0; v < 16; v ++) {
p->buf.d[(u << 2) + (v << 5) + 0] =
(unsigned char)state[v];
(uint8_t)state[v];
p->buf.d[(u << 2) + (v << 5) + 1] =
(unsigned char)(state[v] >> 8);
(uint8_t)(state[v] >> 8);
p->buf.d[(u << 2) + (v << 5) + 2] =
(unsigned char)(state[v] >> 16);
(uint8_t)(state[v] >> 16);
p->buf.d[(u << 2) + (v << 5) + 3] =
(unsigned char)(state[v] >> 24);
(uint8_t)(state[v] >> 24);
}
}
*(uint64_t *)(p->state.d + 48) = cc;
@ -166,7 +166,7 @@ PQCLEAN_FALCON1024_CLEAN_prng_refill(prng *p) {
/* see inner.h */
void
PQCLEAN_FALCON1024_CLEAN_prng_get_bytes(prng *p, void *dst, size_t len) {
unsigned char *buf;
uint8_t *buf;
buf = dst;
while (len > 0) {

46
crypto_sign/falcon-1024/clean/sign.c
View File

@ -224,46 +224,46 @@ skoff_tree(unsigned logn) {
/* see inner.h */
void
PQCLEAN_FALCON1024_CLEAN_expand_privkey(fpr *restrict sk,
const int8_t *f_src, const int8_t *g_src,
const int8_t *F_src, const int8_t *G_src,
PQCLEAN_FALCON1024_CLEAN_expand_privkey(fpr *restrict expanded_key,
const int8_t *f, const int8_t *g,
const int8_t *F, const int8_t *G,
unsigned logn, uint8_t *restrict tmp) {
size_t n;
fpr *f, *g, *F, *G;
fpr *rf, *rg, *rF, *rG;
fpr *b00, *b01, *b10, *b11;
fpr *g00, *g01, *g11, *gxx;
fpr *tree;
n = MKN(logn);
b00 = sk + skoff_b00(logn);
b01 = sk + skoff_b01(logn);
b10 = sk + skoff_b10(logn);
b11 = sk + skoff_b11(logn);
tree = sk + skoff_tree(logn);
b00 = expanded_key + skoff_b00(logn);
b01 = expanded_key + skoff_b01(logn);
b10 = expanded_key + skoff_b10(logn);
b11 = expanded_key + skoff_b11(logn);
tree = expanded_key + skoff_tree(logn);
/*
* We load the private key elements directly into the B0 matrix,
* since B0 = [[g, -f], [G, -F]].
*/
f = b01;
g = b00;
F = b11;
G = b10;
rf = b01;
rg = b00;
rF = b11;
rG = b10;
smallints_to_fpr(f, f_src, logn);
smallints_to_fpr(g, g_src, logn);
smallints_to_fpr(F, F_src, logn);
smallints_to_fpr(G, G_src, logn);
smallints_to_fpr(rf, f, logn);
smallints_to_fpr(rg, g, logn);
smallints_to_fpr(rF, F, logn);
smallints_to_fpr(rG, G, logn);
/*
* Compute the FFT for the key elements, and negate f and F.
*/
PQCLEAN_FALCON1024_CLEAN_FFT(f, logn);
PQCLEAN_FALCON1024_CLEAN_FFT(g, logn);
PQCLEAN_FALCON1024_CLEAN_FFT(F, logn);
PQCLEAN_FALCON1024_CLEAN_FFT(G, logn);
PQCLEAN_FALCON1024_CLEAN_poly_neg(f, logn);
PQCLEAN_FALCON1024_CLEAN_poly_neg(F, logn);
PQCLEAN_FALCON1024_CLEAN_FFT(rf, logn);
PQCLEAN_FALCON1024_CLEAN_FFT(rg, logn);
PQCLEAN_FALCON1024_CLEAN_FFT(rF, logn);
PQCLEAN_FALCON1024_CLEAN_FFT(rG, logn);
PQCLEAN_FALCON1024_CLEAN_poly_neg(rf, logn);
PQCLEAN_FALCON1024_CLEAN_poly_neg(rF, logn);
/*
* The Gram matrix is G = B·B*. Formulas are:

24
crypto_sign/falcon-512/clean/codec.c
View File

@ -75,7 +75,7 @@ PQCLEAN_FALCON512_CLEAN_modq_encode(
size_t
PQCLEAN_FALCON512_CLEAN_modq_decode(
uint16_t *x, unsigned logn,
const void *in, size_t in_max_len) {
const void *in, size_t max_in_len) {
size_t n, in_len, u;
const uint8_t *buf;
uint32_t acc;
@ -83,7 +83,7 @@ PQCLEAN_FALCON512_CLEAN_modq_decode(
n = (size_t)1 << logn;
in_len = ((n * 14) + 7) >> 3;
if (in_len > in_max_len) {
if (in_len > max_in_len) {
return 0;
}
buf = in;
@ -132,7 +132,8 @@ PQCLEAN_FALCON512_CLEAN_trim_i16_encode(
out_len = ((n * bits) + 7) >> 3;
if (out == NULL) {
return out_len;
} else if (out_len > max_out_len) {
}
if (out_len > max_out_len) {
return 0;
}
buf = out;
@ -157,7 +158,7 @@ PQCLEAN_FALCON512_CLEAN_trim_i16_encode(
size_t
PQCLEAN_FALCON512_CLEAN_trim_i16_decode(
int16_t *x, unsigned logn, unsigned bits,
const void *in, size_t in_max_len) {
const void *in, size_t max_in_len) {
size_t n, in_len;
const uint8_t *buf;
size_t u;
@ -166,7 +167,7 @@ PQCLEAN_FALCON512_CLEAN_trim_i16_decode(
n = (size_t)1 << logn;
in_len = ((n * bits) + 7) >> 3;
if (in_len > in_max_len) {
if (in_len > max_in_len) {
return 0;
}
buf = in;
@ -225,7 +226,8 @@ PQCLEAN_FALCON512_CLEAN_trim_i8_encode(
out_len = ((n * bits) + 7) >> 3;
if (out == NULL) {
return out_len;
} else if (out_len > max_out_len) {
}
if (out_len > max_out_len) {
return 0;
}
buf = out;
@ -250,7 +252,7 @@ PQCLEAN_FALCON512_CLEAN_trim_i8_encode(
size_t
PQCLEAN_FALCON512_CLEAN_trim_i8_decode(
int8_t *x, unsigned logn, unsigned bits,
const void *in, size_t in_max_len) {
const void *in, size_t max_in_len) {
size_t n, in_len;
const uint8_t *buf;
size_t u;
@ -259,7 +261,7 @@ PQCLEAN_FALCON512_CLEAN_trim_i8_decode(
n = (size_t)1 << logn;
in_len = ((n * bits) + 7) >> 3;
if (in_len > in_max_len) {
if (in_len > max_in_len) {
return 0;
}
buf = in;
@ -395,7 +397,7 @@ PQCLEAN_FALCON512_CLEAN_comp_encode(
size_t
PQCLEAN_FALCON512_CLEAN_comp_decode(
int16_t *x, unsigned logn,
const void *in, size_t in_max_len) {
const void *in, size_t max_in_len) {
const uint8_t *buf;
size_t n, u, v;
uint32_t acc;
@ -413,7 +415,7 @@ PQCLEAN_FALCON512_CLEAN_comp_decode(
* Get next eight bits: sign and low seven bits of the
* absolute value.
*/
if (v >= in_max_len) {
if (v >= max_in_len) {
return 0;
}
acc = (acc << 8) | (uint32_t)buf[v ++];
@ -426,7 +428,7 @@ PQCLEAN_FALCON512_CLEAN_comp_decode(
*/
for (;;) {
if (acc_len == 0) {
if (v >= in_max_len) {
if (v >= max_in_len) {
return 0;
}
acc = (acc << 8) | (uint32_t)buf[v ++];

4
crypto_sign/falcon-512/clean/common.c
View File

@ -237,7 +237,7 @@ PQCLEAN_FALCON512_CLEAN_is_short(
/* see inner.h */
int
PQCLEAN_FALCON512_CLEAN_is_short_half(
uint32_t sqn, const int16_t *a, unsigned logn) {
uint32_t sqn, const int16_t *s2, unsigned logn) {
size_t n, u;
uint32_t ng;
@ -246,7 +246,7 @@ PQCLEAN_FALCON512_CLEAN_is_short_half(
for (u = 0; u < n; u ++) {
int32_t z;
z = a[u];
z = s2[u];
sqn += (uint32_t)(z * z);
ng |= sqn;
}

5
crypto_sign/falcon-512/clean/fpr.h
View File

@ -243,8 +243,7 @@ static inline int64_t
fpr_rint(fpr x) {
uint64_t m, d;
int e;
uint32_t s, dd;
unsigned f;
uint32_t s, dd, f;
/*
* We assume that the value fits in -(2^63-1)..+(2^63-1). We can
@ -278,7 +277,7 @@ fpr_rint(fpr x) {
*/
d = fpr_ulsh(m, 63 - e);
dd = (uint32_t)d | ((uint32_t)(d >> 32) & 0x1FFFFFFF);
f = (unsigned)(d >> 61) | (unsigned)((dd | -dd) >> 31);
f = (uint32_t)(d >> 61) | ((dd | -dd) >> 31);
m = fpr_ursh(m, e) + (uint64_t)((0xC8U >> f) & 1U);
/*

6
crypto_sign/falcon-512/clean/inner.h
View File

@ -343,12 +343,12 @@ int PQCLEAN_FALCON512_CLEAN_get_seed(void *seed, size_t seed_len);
*/
typedef struct {
union {
unsigned char d[512]; /* MUST be 512, exactly */
uint8_t d[512]; /* MUST be 512, exactly */
uint64_t dummy_u64;
} buf;
size_t ptr;
union {
unsigned char d[256];
uint8_t d[256];
uint64_t dummy_u64;
} state;
int type;
@ -567,7 +567,7 @@ void PQCLEAN_FALCON512_CLEAN_poly_LDLmv_fft(fpr *restrict d11, fpr *restrict l10
* f = f0(x^2) + x*f1(x^2), for half-size polynomials f0 and f1
* (polynomials modulo X^(N/2)+1). f0, f1 and f MUST NOT overlap.
*/
void PQCLEAN_FALCON512_CLEAN_poly_split_fft(fpr *restrict t0, fpr *restrict t1,
void PQCLEAN_FALCON512_CLEAN_poly_split_fft(fpr *restrict f0, fpr *restrict f1,
const fpr *restrict f, unsigned logn);
/*

6
crypto_sign/falcon-512/clean/keygen.c
View File

@ -2183,7 +2183,7 @@ get_rng_u64(shake256_context *rng) {
* We enforce little-endian representation.
*/
unsigned char tmp[8];
uint8_t tmp[8];
shake256_extract(rng, tmp, sizeof tmp);
return (uint64_t)tmp[0]
@ -2414,7 +2414,7 @@ poly_small_sqnorm(const int8_t *f, unsigned logn) {
*/
static fpr *
align_fpr(void *base, void *data) {
unsigned char *cb, *cd;
uint8_t *cb, *cd;
size_t k, km;
cb = base;
@ -2433,7 +2433,7 @@ align_fpr(void *base, void *data) {
*/
static uint32_t *
align_u32(void *base, void *data) {
unsigned char *cb, *cd;
uint8_t *cb, *cd;
size_t k, km;
cb = base;

12
crypto_sign/falcon-512/clean/rng.c
View File

@ -42,7 +42,7 @@ PQCLEAN_FALCON512_CLEAN_prng_init(prng *p, shake256_context *src) {
* must enforce little-endian interpretation of
* the state words.
*/
unsigned char tmp[56];
uint8_t tmp[56];
uint64_t th, tl;
int i;
@ -148,13 +148,13 @@ PQCLEAN_FALCON512_CLEAN_prng_refill(prng *p) {
*/
for (v = 0; v < 16; v ++) {
p->buf.d[(u << 2) + (v << 5) + 0] =
(unsigned char)state[v];
(uint8_t)state[v];
p->buf.d[(u << 2) + (v << 5) + 1] =
(unsigned char)(state[v] >> 8);
(uint8_t)(state[v] >> 8);
p->buf.d[(u << 2) + (v << 5) + 2] =
(unsigned char)(state[v] >> 16);
(uint8_t)(state[v] >> 16);
p->buf.d[(u << 2) + (v << 5) + 3] =
(unsigned char)(state[v] >> 24);
(uint8_t)(state[v] >> 24);
}
}
*(uint64_t *)(p->state.d + 48) = cc;
@ -166,7 +166,7 @@ PQCLEAN_FALCON512_CLEAN_prng_refill(prng *p) {
/* see inner.h */
void
PQCLEAN_FALCON512_CLEAN_prng_get_bytes(prng *p, void *dst, size_t len) {
unsigned char *buf;
uint8_t *buf;
buf = dst;
while (len > 0) {

46
crypto_sign/falcon-512/clean/sign.c
View File

@ -224,46 +224,46 @@ skoff_tree(unsigned logn) {
/* see inner.h */
void
PQCLEAN_FALCON512_CLEAN_expand_privkey(fpr *restrict sk,
const int8_t *f_src, const int8_t *g_src,
const int8_t *F_src, const int8_t *G_src,
PQCLEAN_FALCON512_CLEAN_expand_privkey(fpr *restrict expanded_key,
const int8_t *f, const int8_t *g,
const int8_t *F, const int8_t *G,
unsigned logn, uint8_t *restrict tmp) {
size_t n;
fpr *f, *g, *F, *G;
fpr *rf, *rg, *rF, *rG;
fpr *b00, *b01, *b10, *b11;
fpr *g00, *g01, *g11, *gxx;
fpr *tree;
n = MKN(logn);
b00 = sk + skoff_b00(logn);
b01 = sk + skoff_b01(logn);
b10 = sk + skoff_b10(logn);
b11 = sk + skoff_b11(logn);
tree = sk + skoff_tree(logn);
b00 = expanded_key + skoff_b00(logn);
b01 = expanded_key + skoff_b01(logn);
b10 = expanded_key + skoff_b10(logn);
b11 = expanded_key + skoff_b11(logn);
tree = expanded_key + skoff_tree(logn);
/*
* We load the private key elements directly into the B0 matrix,
* since B0 = [[g, -f], [G, -F]].
*/
f = b01;
g = b00;
F = b11;
G = b10;
rf = b01;
rg = b00;
rF = b11;
rG = b10;
smallints_to_fpr(f, f_src, logn);
smallints_to_fpr(g, g_src, logn);
smallints_to_fpr(F, F_src, logn);
smallints_to_fpr(G, G_src, logn);
smallints_to_fpr(rf, f, logn);
smallints_to_fpr(rg, g, logn);
smallints_to_fpr(rF, F, logn);
smallints_to_fpr(rG, G, logn);
/*
* Compute the FFT for the key elements, and negate f and F.
*/
PQCLEAN_FALCON512_CLEAN_FFT(f, logn);
PQCLEAN_FALCON512_CLEAN_FFT(g, logn);
PQCLEAN_FALCON512_CLEAN_FFT(F, logn);
PQCLEAN_FALCON512_CLEAN_FFT(G, logn);
PQCLEAN_FALCON512_CLEAN_poly_neg(f, logn);
PQCLEAN_FALCON512_CLEAN_poly_neg(F, logn);
PQCLEAN_FALCON512_CLEAN_FFT(rf, logn);
PQCLEAN_FALCON512_CLEAN_FFT(rg, logn);
PQCLEAN_FALCON512_CLEAN_FFT(rF, logn);
PQCLEAN_FALCON512_CLEAN_FFT(rG, logn);
PQCLEAN_FALCON512_CLEAN_poly_neg(rf, logn);
PQCLEAN_FALCON512_CLEAN_poly_neg(rF, logn);
/*
* The Gram matrix is G = B·B*. Formulas are: