Also fix problem in FrodoKEM-SHAKE

před 3 roky · 9a1319454f
--- a/crypto_kem/frodokem1344shake/opt/matrix_shake.c
+++ b/crypto_kem/frodokem1344shake/opt/matrix_shake.c
@@ -96,7 +96,7 @@ int PQCLEAN_FRODOKEM1344SHAKE_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_
            for (j = 0; j < 4; j++) {
                uint16_t sp = s[i * PARAMS_N + kk + j];
                for (k = 0; k < PARAMS_N; k++) {                // Matrix-vector multiplication
                    sum[k] += sp * a_cols[(t + j) * PARAMS_N + k];
                    sum[k] += (uint16_t)(sp * (uint32_t)a_cols[(t + j) * PARAMS_N + k]);
                }
            }
            for (k = 0; k < PARAMS_N; k++) {
--- a/crypto_kem/frodokem640aes/opt/matrix_aes.c
+++ b/crypto_kem/frodokem640aes/opt/matrix_aes.c
@@ -80,7 +80,7 @@ int PQCLEAN_FRODOKEM640AES_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_t *
        *((uint32_t *)&out[i]) = *((uint32_t *)&e[i]);
    }

    size_t k;
    int k;
    uint16_t a_cols[PARAMS_N * PARAMS_STRIPE_STEP] = {0};
    uint16_t a_cols_t[PARAMS_N * PARAMS_STRIPE_STEP];
    uint16_t a_cols_temp[PARAMS_N * PARAMS_STRIPE_STEP] = {0};
--- a/crypto_kem/frodokem640shake/opt/matrix_shake.c
+++ b/crypto_kem/frodokem640shake/opt/matrix_shake.c
@@ -96,7 +96,7 @@ int PQCLEAN_FRODOKEM640SHAKE_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_t
            for (j = 0; j < 4; j++) {
                uint16_t sp = s[i * PARAMS_N + kk + j];
                for (k = 0; k < PARAMS_N; k++) {                // Matrix-vector multiplication
                    sum[k] += sp * a_cols[(t + j) * PARAMS_N + k];
                    sum[k] += (uint16_t)(sp * (uint32_t)a_cols[(t + j) * PARAMS_N + k]);
                }
            }
            for (k = 0; k < PARAMS_N; k++) {
--- a/crypto_kem/frodokem976shake/opt/matrix_shake.c
+++ b/crypto_kem/frodokem976shake/opt/matrix_shake.c
@@ -96,7 +96,7 @@ int PQCLEAN_FRODOKEM976SHAKE_OPT_mul_add_sa_plus_e(uint16_t *out, const uint16_t
            for (j = 0; j < 4; j++) {
                uint16_t sp = s[i * PARAMS_N + kk + j];
                for (k = 0; k < PARAMS_N; k++) {                // Matrix-vector multiplication
                    sum[k] += sp * a_cols[(t + j) * PARAMS_N + k];
                    sum[k] += (uint16_t)(sp * (uint32_t)a_cols[(t + j) * PARAMS_N + k]);
                }
            }
            for (k = 0; k < PARAMS_N; k++) {