kris
/
pqcrypto
mirror of https://github.com/henrydcase/pqc.git
1
1
Fork 0
Code Issues 1 Releases 2 Wiki Activity
Browse Source

remove rainbow

pull/21/head
Henry Case 2 years ago
parent
c8207d2153
commit
b01ea397e2
74 changed files with 27 additions and 5635 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +0
    -3
      CMakeLists.txt
  2. +0
    -3
      public/pqc/pqc.h
  3. +0
    -3
      src/capi/schemes.h
  4. +27
    -32
      src/rustapi/pqc-sys/src/bindings.rs
  5. +0
    -16
      src/sign/rainbow/rainbowI-classic/clean/CMakeLists.txt
  6. +0
    -32
      src/sign/rainbow/rainbowI-classic/clean/api.h
  7. +0
    -43
      src/sign/rainbow/rainbowI-classic/clean/blas.c
  8. +0
    -20
      src/sign/rainbow/rainbowI-classic/clean/blas.h
  9. +0
    -152
      src/sign/rainbow/rainbowI-classic/clean/blas_comm.c
  10. +0
    -74
      src/sign/rainbow/rainbowI-classic/clean/blas_comm.h
  11. +0
    -54
      src/sign/rainbow/rainbowI-classic/clean/gf.c
  12. +0
    -18
      src/sign/rainbow/rainbowI-classic/clean/gf.h
  13. +0
    -182
      src/sign/rainbow/rainbowI-classic/clean/parallel_matrix_op.c
  14. +0
    -260
      src/sign/rainbow/rainbowI-classic/clean/parallel_matrix_op.h
  15. +0
    -168
      src/sign/rainbow/rainbowI-classic/clean/rainbow.c
  16. +0
    -33
      src/sign/rainbow/rainbowI-classic/clean/rainbow.h
  17. +0
    -32
      src/sign/rainbow/rainbowI-classic/clean/rainbow_blas.h
  18. +0
    -49
      src/sign/rainbow/rainbowI-classic/clean/rainbow_config.h
  19. +0
    -155
      src/sign/rainbow/rainbowI-classic/clean/rainbow_keypair.c
  20. +0
    -61
      src/sign/rainbow/rainbowI-classic/clean/rainbow_keypair.h
  21. +0
    -189
      src/sign/rainbow/rainbowI-classic/clean/rainbow_keypair_computation.c
  22. +0
    -53
      src/sign/rainbow/rainbowI-classic/clean/rainbow_keypair_computation.h
  23. +0
    -74
      src/sign/rainbow/rainbowI-classic/clean/sign.c
  24. +0
    -50
      src/sign/rainbow/rainbowI-classic/clean/utils_hash.c
  25. +0
    -11
      src/sign/rainbow/rainbowI-classic/clean/utils_hash.h
  26. +0
    -97
      src/sign/rainbow/rainbowI-classic/clean/utils_prng.c
  27. +0
    -18
      src/sign/rainbow/rainbowI-classic/clean/utils_prng.h
  28. +0
    -16
      src/sign/rainbow/rainbowIII-classic/clean/CMakeLists.txt
  29. +0
    -32
      src/sign/rainbow/rainbowIII-classic/clean/api.h
  30. +0
    -31
      src/sign/rainbow/rainbowIII-classic/clean/blas.c
  31. +0
    -19
      src/sign/rainbow/rainbowIII-classic/clean/blas.h
  32. +0
    -144
      src/sign/rainbow/rainbowIII-classic/clean/blas_comm.c
  33. +0
    -90
      src/sign/rainbow/rainbowIII-classic/clean/blas_comm.h
  34. +0
    -91
      src/sign/rainbow/rainbowIII-classic/clean/gf.c
  35. +0
    -19
      src/sign/rainbow/rainbowIII-classic/clean/gf.h
  36. +0
    -183
      src/sign/rainbow/rainbowIII-classic/clean/parallel_matrix_op.c
  37. +0
    -260
      src/sign/rainbow/rainbowIII-classic/clean/parallel_matrix_op.h
  38. +0
    -168
      src/sign/rainbow/rainbowIII-classic/clean/rainbow.c
  39. +0
    -33
      src/sign/rainbow/rainbowIII-classic/clean/rainbow.h
  40. +0
    -32
      src/sign/rainbow/rainbowIII-classic/clean/rainbow_blas.h
  41. +0
    -48
      src/sign/rainbow/rainbowIII-classic/clean/rainbow_config.h
  42. +0
    -155
      src/sign/rainbow/rainbowIII-classic/clean/rainbow_keypair.c
  43. +0
    -61
      src/sign/rainbow/rainbowIII-classic/clean/rainbow_keypair.h
  44. +0
    -189
      src/sign/rainbow/rainbowIII-classic/clean/rainbow_keypair_computation.c
  45. +0
    -53
      src/sign/rainbow/rainbowIII-classic/clean/rainbow_keypair_computation.h
  46. +0
    -74
      src/sign/rainbow/rainbowIII-classic/clean/sign.c
  47. +0
    -50
      src/sign/rainbow/rainbowIII-classic/clean/utils_hash.c
  48. +0
    -11
      src/sign/rainbow/rainbowIII-classic/clean/utils_hash.h
  49. +0
    -97
      src/sign/rainbow/rainbowIII-classic/clean/utils_prng.c
  50. +0
    -18
      src/sign/rainbow/rainbowIII-classic/clean/utils_prng.h
  51. +0
    -16
      src/sign/rainbow/rainbowV-classic/clean/CMakeLists.txt
  52. +0
    -32
      src/sign/rainbow/rainbowV-classic/clean/api.h
  53. +0
    -31
      src/sign/rainbow/rainbowV-classic/clean/blas.c
  54. +0
    -19
      src/sign/rainbow/rainbowV-classic/clean/blas.h
  55. +0
    -144
      src/sign/rainbow/rainbowV-classic/clean/blas_comm.c
  56. +0
    -90
      src/sign/rainbow/rainbowV-classic/clean/blas_comm.h
  57. +0
    -91
      src/sign/rainbow/rainbowV-classic/clean/gf.c
  58. +0
    -19
      src/sign/rainbow/rainbowV-classic/clean/gf.h
  59. +0
    -183
      src/sign/rainbow/rainbowV-classic/clean/parallel_matrix_op.c
  60. +0
    -260
      src/sign/rainbow/rainbowV-classic/clean/parallel_matrix_op.h
  61. +0
    -168
      src/sign/rainbow/rainbowV-classic/clean/rainbow.c
  62. +0
    -33
      src/sign/rainbow/rainbowV-classic/clean/rainbow.h
  63. +0
    -32
      src/sign/rainbow/rainbowV-classic/clean/rainbow_blas.h
  64. +0
    -48
      src/sign/rainbow/rainbowV-classic/clean/rainbow_config.h
  65. +0
    -155
      src/sign/rainbow/rainbowV-classic/clean/rainbow_keypair.c
  66. +0
    -61
      src/sign/rainbow/rainbowV-classic/clean/rainbow_keypair.h
  67. +0
    -189
      src/sign/rainbow/rainbowV-classic/clean/rainbow_keypair_computation.c
  68. +0
    -53
      src/sign/rainbow/rainbowV-classic/clean/rainbow_keypair_computation.h
  69. +0
    -74
      src/sign/rainbow/rainbowV-classic/clean/sign.c
  70. +0
    -50
      src/sign/rainbow/rainbowV-classic/clean/utils_hash.c
  71. +0
    -11
      src/sign/rainbow/rainbowV-classic/clean/utils_hash.h
  72. +0
    -97
      src/sign/rainbow/rainbowV-classic/clean/utils_prng.c
  73. +0
    -18
      src/sign/rainbow/rainbowV-classic/clean/utils_prng.h
  74. +0
    -5
      test/katrunner/src/main.rs

+ 0
- 3
CMakeLists.txt View File

@@ -208,9 +208,6 @@ add_subdirectory(src/sign/dilithium/dilithium2/clean)
add_subdirectory(src/sign/dilithium/dilithium3/clean)
add_subdirectory(src/sign/dilithium/dilithium5/clean)
add_subdirectory(src/sign/falcon)
add_subdirectory(src/sign/rainbow/rainbowV-classic/clean)
add_subdirectory(src/sign/rainbow/rainbowI-classic/clean)
add_subdirectory(src/sign/rainbow/rainbowIII-classic/clean)
add_subdirectory(src/sign/sphincs/sphincs-sha256-192f-simple/clean)
add_subdirectory(src/sign/sphincs/sphincs-shake256-256f-simple/clean)
add_subdirectory(src/sign/sphincs/sphincs-shake256-192f-robust/clean)


+ 0
- 3
public/pqc/pqc.h View File

@@ -16,9 +16,6 @@ extern "C" {
_(DILITHIUM5) \
_(FALCON512) \
_(FALCON1024) \
_(RAINBOWICLASSIC) \
_(RAINBOWIIICLASSIC) \
_(RAINBOWVCLASSIC) \
_(SPHINCSSHAKE256128FSIMPLE) \
_(SPHINCSSHAKE256128SSIMPLE) \
_(SPHINCSSHAKE256128FROBUST) \


+ 0
- 3
src/capi/schemes.h View File

@@ -2,9 +2,6 @@
#define PQC_SCHEMES_

// PQClean include
#include "sign/rainbow/rainbowV-classic/clean/api.h"
#include "sign/rainbow/rainbowI-classic/clean/api.h"
#include "sign/rainbow/rainbowIII-classic/clean/api.h"
#include "sign/sphincs/sphincs-sha256-192f-simple/clean/api.h"
#include "sign/sphincs/sphincs-sha256-192f-simple/avx2/api.h"
#include "sign/sphincs/sphincs-shake256-256f-simple/clean/api.h"


+ 27
- 32
src/rustapi/pqc-sys/src/bindings.rs View File

@@ -28,13 +28,13 @@ pub const __STDC_IEC_559_COMPLEX__: u32 = 1;
pub const __STDC_ISO_10646__: u32 = 201706;
pub const __GNU_LIBRARY__: u32 = 6;
pub const __GLIBC__: u32 = 2;
pub const __GLIBC_MINOR__: u32 = 33;
pub const __GLIBC_MINOR__: u32 = 31;
pub const _SYS_CDEFS_H: u32 = 1;
pub const __glibc_c99_flexarr_available: u32 = 1;
pub const __WORDSIZE: u32 = 64;
pub const __WORDSIZE_TIME64_COMPAT32: u32 = 1;
pub const __SYSCALL_WORDSIZE: u32 = 64;
pub const __LDOUBLE_REDIRECTS_TO_FLOAT128_ABI: u32 = 0;
pub const __LONG_DOUBLE_USES_FLOAT128: u32 = 0;
pub const __HAVE_GENERIC_SELECTION: u32 = 1;
pub const __GLIBC_USE_LIB_EXT2: u32 = 0;
pub const __GLIBC_USE_IEC_60559_BFP_EXT: u32 = 0;
@@ -49,7 +49,6 @@ pub const __OFF_T_MATCHES_OFF64_T: u32 = 1;
pub const __INO_T_MATCHES_INO64_T: u32 = 1;
pub const __RLIM_T_MATCHES_RLIM64_T: u32 = 1;
pub const __STATFS_MATCHES_STATFS64: u32 = 1;
pub const __KERNEL_OLD_TIMEVAL_MATCHES_TIMEVAL64: u32 = 1;
pub const __FD_SETSIZE: u32 = 1024;
pub const _BITS_TIME64_H: u32 = 1;
pub const _BITS_WCHAR_H: u32 = 1;
@@ -164,7 +163,6 @@ pub type __id_t = ::std::os::raw::c_uint;
pub type __time_t = ::std::os::raw::c_long;
pub type __useconds_t = ::std::os::raw::c_uint;
pub type __suseconds_t = ::std::os::raw::c_long;
pub type __suseconds64_t = ::std::os::raw::c_long;
pub type __daddr_t = ::std::os::raw::c_int;
pub type __key_t = ::std::os::raw::c_int;
pub type __clockid_t = ::std::os::raw::c_int;
@@ -208,34 +206,31 @@ pub const PQC_ALG_SIG_DILITHIUM3: ::std::os::raw::c_uint = 1;
pub const PQC_ALG_SIG_DILITHIUM5: ::std::os::raw::c_uint = 2;
pub const PQC_ALG_SIG_FALCON512: ::std::os::raw::c_uint = 3;
pub const PQC_ALG_SIG_FALCON1024: ::std::os::raw::c_uint = 4;
pub const PQC_ALG_SIG_RAINBOWICLASSIC: ::std::os::raw::c_uint = 5;
pub const PQC_ALG_SIG_RAINBOWIIICLASSIC: ::std::os::raw::c_uint = 6;
pub const PQC_ALG_SIG_RAINBOWVCLASSIC: ::std::os::raw::c_uint = 7;
pub const PQC_ALG_SIG_SPHINCSSHAKE256128FSIMPLE: ::std::os::raw::c_uint = 8;
pub const PQC_ALG_SIG_SPHINCSSHAKE256128SSIMPLE: ::std::os::raw::c_uint = 9;
pub const PQC_ALG_SIG_SPHINCSSHAKE256128FROBUST: ::std::os::raw::c_uint = 10;
pub const PQC_ALG_SIG_SPHINCSSHAKE256128SROBUST: ::std::os::raw::c_uint = 11;
pub const PQC_ALG_SIG_SPHINCSSHAKE256192FSIMPLE: ::std::os::raw::c_uint = 12;
pub const PQC_ALG_SIG_SPHINCSSHAKE256192SSIMPLE: ::std::os::raw::c_uint = 13;
pub const PQC_ALG_SIG_SPHINCSSHAKE256192FROBUST: ::std::os::raw::c_uint = 14;
pub const PQC_ALG_SIG_SPHINCSSHAKE256192SROBUST: ::std::os::raw::c_uint = 15;
pub const PQC_ALG_SIG_SPHINCSSHAKE256256FSIMPLE: ::std::os::raw::c_uint = 16;
pub const PQC_ALG_SIG_SPHINCSSHAKE256256SSIMPLE: ::std::os::raw::c_uint = 17;
pub const PQC_ALG_SIG_SPHINCSSHAKE256256FROBUST: ::std::os::raw::c_uint = 18;
pub const PQC_ALG_SIG_SPHINCSSHAKE256256SROBUST: ::std::os::raw::c_uint = 19;
pub const PQC_ALG_SIG_SPHINCSSHA256128FSIMPLE: ::std::os::raw::c_uint = 20;
pub const PQC_ALG_SIG_SPHINCSSHA256128SSIMPLE: ::std::os::raw::c_uint = 21;
pub const PQC_ALG_SIG_SPHINCSSHA256128FROBUST: ::std::os::raw::c_uint = 22;
pub const PQC_ALG_SIG_SPHINCSSHA256128SROBUST: ::std::os::raw::c_uint = 23;
pub const PQC_ALG_SIG_SPHINCSSHA256192FSIMPLE: ::std::os::raw::c_uint = 24;
pub const PQC_ALG_SIG_SPHINCSSHA256192SSIMPLE: ::std::os::raw::c_uint = 25;
pub const PQC_ALG_SIG_SPHINCSSHA256192FROBUST: ::std::os::raw::c_uint = 26;
pub const PQC_ALG_SIG_SPHINCSSHA256192SROBUST: ::std::os::raw::c_uint = 27;
pub const PQC_ALG_SIG_SPHINCSSHA256256FSIMPLE: ::std::os::raw::c_uint = 28;
pub const PQC_ALG_SIG_SPHINCSSHA256256SSIMPLE: ::std::os::raw::c_uint = 29;
pub const PQC_ALG_SIG_SPHINCSSHA256256FROBUST: ::std::os::raw::c_uint = 30;
pub const PQC_ALG_SIG_SPHINCSSHA256256SROBUST: ::std::os::raw::c_uint = 31;
pub const PQC_ALG_SIG_MAX: ::std::os::raw::c_uint = 32;
pub const PQC_ALG_SIG_SPHINCSSHAKE256128FSIMPLE: ::std::os::raw::c_uint = 5;
pub const PQC_ALG_SIG_SPHINCSSHAKE256128SSIMPLE: ::std::os::raw::c_uint = 6;
pub const PQC_ALG_SIG_SPHINCSSHAKE256128FROBUST: ::std::os::raw::c_uint = 7;
pub const PQC_ALG_SIG_SPHINCSSHAKE256128SROBUST: ::std::os::raw::c_uint = 8;
pub const PQC_ALG_SIG_SPHINCSSHAKE256192FSIMPLE: ::std::os::raw::c_uint = 9;
pub const PQC_ALG_SIG_SPHINCSSHAKE256192SSIMPLE: ::std::os::raw::c_uint = 10;
pub const PQC_ALG_SIG_SPHINCSSHAKE256192FROBUST: ::std::os::raw::c_uint = 11;
pub const PQC_ALG_SIG_SPHINCSSHAKE256192SROBUST: ::std::os::raw::c_uint = 12;
pub const PQC_ALG_SIG_SPHINCSSHAKE256256FSIMPLE: ::std::os::raw::c_uint = 13;
pub const PQC_ALG_SIG_SPHINCSSHAKE256256SSIMPLE: ::std::os::raw::c_uint = 14;
pub const PQC_ALG_SIG_SPHINCSSHAKE256256FROBUST: ::std::os::raw::c_uint = 15;
pub const PQC_ALG_SIG_SPHINCSSHAKE256256SROBUST: ::std::os::raw::c_uint = 16;
pub const PQC_ALG_SIG_SPHINCSSHA256128FSIMPLE: ::std::os::raw::c_uint = 17;
pub const PQC_ALG_SIG_SPHINCSSHA256128SSIMPLE: ::std::os::raw::c_uint = 18;
pub const PQC_ALG_SIG_SPHINCSSHA256128FROBUST: ::std::os::raw::c_uint = 19;
pub const PQC_ALG_SIG_SPHINCSSHA256128SROBUST: ::std::os::raw::c_uint = 20;
pub const PQC_ALG_SIG_SPHINCSSHA256192FSIMPLE: ::std::os::raw::c_uint = 21;
pub const PQC_ALG_SIG_SPHINCSSHA256192SSIMPLE: ::std::os::raw::c_uint = 22;
pub const PQC_ALG_SIG_SPHINCSSHA256192FROBUST: ::std::os::raw::c_uint = 23;
pub const PQC_ALG_SIG_SPHINCSSHA256192SROBUST: ::std::os::raw::c_uint = 24;
pub const PQC_ALG_SIG_SPHINCSSHA256256FSIMPLE: ::std::os::raw::c_uint = 25;
pub const PQC_ALG_SIG_SPHINCSSHA256256SSIMPLE: ::std::os::raw::c_uint = 26;
pub const PQC_ALG_SIG_SPHINCSSHA256256FROBUST: ::std::os::raw::c_uint = 27;
pub const PQC_ALG_SIG_SPHINCSSHA256256SROBUST: ::std::os::raw::c_uint = 28;
pub const PQC_ALG_SIG_MAX: ::std::os::raw::c_uint = 29;
pub type _bindgen_ty_1 = ::std::os::raw::c_uint;
pub const PQC_ALG_KEM_FRODOKEM640SHAKE: ::std::os::raw::c_uint = 0;
pub const PQC_ALG_KEM_FRODOKEM976SHAKE: ::std::os::raw::c_uint = 1;


+ 0
- 16
src/sign/rainbow/rainbowI-classic/clean/CMakeLists.txt View File

@@ -1,16 +0,0 @@
set(
SRC_CLEAN_RAINBOW_I_CLASSSIC
blas.c
blas_comm.c
gf.c
parallel_matrix_op.c
rainbow.c
rainbow_keypair.c
rainbow_keypair_computation.c
sign.c
utils_hash.c
utils_prng.c)

define_sig_alg(
rainbowIclassic_clean
PQCLEAN_RAINBOWICLASSIC_CLEAN "${SRC_CLEAN_RAINBOW_I_CLASSSIC}" "${CMAKE_CURRENT_SOURCE_DIR}")

+ 0
- 32
src/sign/rainbow/rainbowI-classic/clean/api.h View File

@@ -1,32 +0,0 @@
#ifndef PQCLEAN_RAINBOWICLASSIC_CLEAN_API_H
#define PQCLEAN_RAINBOWICLASSIC_CLEAN_API_H

#include <stddef.h>
#include <stdint.h>

#define PQCLEAN_RAINBOWICLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 103648
#define PQCLEAN_RAINBOWICLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 161600
#define PQCLEAN_RAINBOWICLASSIC_CLEAN_CRYPTO_BYTES 66
#define PQCLEAN_RAINBOWICLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(16,36,32,32) - classic"

int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);


int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_signature(
uint8_t *sig, size_t *siglen,
const uint8_t *m, size_t mlen, const uint8_t *sk);

int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_verify(
const uint8_t *sig, size_t siglen,
const uint8_t *m, size_t mlen, const uint8_t *pk);

int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
const uint8_t *m, size_t mlen,
const uint8_t *sk);

int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
const uint8_t *sm, size_t smlen,
const uint8_t *pk);


#endif

+ 0
- 43
src/sign/rainbow/rainbowI-classic/clean/blas.c View File

@@ -1,43 +0,0 @@
#include "blas.h"
#include "gf.h"

#include <stddef.h>

void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) {
uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate);
for (size_t i = 0; i < _num_byte; i++) {
accu_b[i] ^= (a[i] & pr_u8);
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
accu_b[i] ^= a[i];
}
}


void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte) {
uint8_t tmp;
for (size_t i = 0; i < _num_byte; i++) {
tmp = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i] & 0xF, gf16_b);
tmp |= (uint8_t) (PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4);
a[i] = tmp;
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
accu_c[i] ^= PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i] & 0xF, gf16_b);
accu_c[i] ^= (uint8_t) (PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i] >> 4, gf16_b) << 4);
}
}

uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte) {
uint8_t r = 0;
for (size_t i = 0; i < _num_byte; i++) {
r ^= PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a[i], b[i]);
}
return r;
}


+ 0
- 20
src/sign/rainbow/rainbowI-classic/clean/blas.h View File

@@ -1,20 +0,0 @@
#ifndef _BLAS_H_
#define _BLAS_H_
/// @file blas.h
/// @brief Functions for implementing basic linear algebra functions.
///

#include "rainbow_config.h"
#include <stddef.h>
#include <stdint.h>

void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte);
void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte);


void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf16_b, size_t _num_byte);
void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_mul_scalar(uint8_t *a, uint8_t gf16_b, size_t _num_byte);
uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_dot(const uint8_t *a, const uint8_t *b, size_t _num_byte);


#endif // _BLAS_H_

+ 0
- 152
src/sign/rainbow/rainbowI-classic/clean/blas_comm.c View File

@@ -1,152 +0,0 @@
/// @file blas_comm.c
/// @brief The standard implementations for blas_comm.h
///

#include "blas_comm.h"
#include "blas.h"
#include "gf.h"
#include "rainbow_config.h"

#include <stdint.h>
#include <string.h>

void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
b[i] = 0;
}
}

/// @brief get an element from GF(16) vector .
///
/// @param[in] a - the input vector a.
/// @param[in] i - the index in the vector a.
/// @return the value of the element.
///
uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i) {
uint8_t r = a[i >> 1];
uint8_t r0 = r & 0xf;
uint8_t r1 = r >> 4;
uint8_t m = (uint8_t)(-((int8_t)i & 1));
return (uint8_t)((r1 & m) | ((~m) & r0));
}

/// @brief set an element for a GF(16) vector .
///
/// @param[in,out] a - the vector a.
/// @param[in] i - the index in the vector a.
/// @param[in] v - the value for the i-th element in vector a.
/// @return the value of the element.
///
static uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_set_ele(uint8_t *a, unsigned int i, uint8_t v) {
uint8_t m = (uint8_t)(0xf ^ (-((int8_t)i & 1))); /// 1--> 0xf0 , 0--> 0x0f
uint8_t ai_remaining = (uint8_t)(a[i >> 1] & (~m)); /// erase
a[i >> 1] = (uint8_t)(ai_remaining | (m & (v << 4)) | (m & v & 0xf)); /// set
return v;
}

static void gf16mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte);
for (unsigned int i = 0; i < n_A_width; i++) {
uint8_t bb = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(b, i);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(c, matA, bb, n_A_vec_byte);
matA += n_A_vec_byte;
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) {
unsigned int n_vec_byte = (len_vec + 1) / 2;
for (unsigned int k = 0; k < len_vec; k++) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte);
const uint8_t *bk = b + n_vec_byte * k;
for (unsigned int i = 0; i < len_vec; i++) {
uint8_t bb = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(bk, i);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(c, a + n_vec_byte * i, bb, n_vec_byte);
}
c += n_vec_byte;
}
}

static unsigned int gf16mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) {
unsigned int n_w_byte = (w + 1) / 2;
unsigned int r8 = 1;
for (unsigned int i = 0; i < h; i++) {
unsigned int offset_byte = i >> 1;
uint8_t *ai = mat + n_w_byte * i;
for (unsigned int j = i + 1; j < h; j++) {
uint8_t *aj = mat + n_w_byte * j;
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_predicated_add(ai + offset_byte, 1 ^ PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_is_nonzero(PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(ai, i)), aj + offset_byte, n_w_byte - offset_byte);
}
uint8_t pivot = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(ai, i);
r8 &= PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_is_nonzero(pivot);
pivot = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_inv(pivot);
offset_byte = (i + 1) >> 1;
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_mul_scalar(ai + offset_byte, pivot, n_w_byte - offset_byte);
for (unsigned int j = 0; j < h; j++) {
if (i == j) {
continue;
}
uint8_t *aj = mat + n_w_byte * j;
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(aj + offset_byte, ai + offset_byte, PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(aj, i), n_w_byte - offset_byte);
}
}
return r8;
}

static unsigned int gf16mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
uint8_t mat[64 * 33];
unsigned int n_byte = (n + 1) >> 1;
for (unsigned int i = 0; i < n; i++) {
memcpy(mat + i * (n_byte + 1), inp_mat + i * n_byte, n_byte);
mat[i * (n_byte + 1) + n_byte] = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(c_terms, i);
}
unsigned int r8 = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_gauss_elim(mat, n, n + 2);
for (unsigned int i = 0; i < n; i++) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_set_ele(sol, i, mat[i * (n_byte + 1) + n_byte]);
}
return r8;
}

static inline void gf16mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) {
unsigned int n_byte_w1 = (w + 1) / 2;
unsigned int n_byte_w2 = (w2 + 1) / 2;
unsigned int st_2 = st / 2;
for (unsigned int i = 0; i < h; i++) {
for (unsigned int j = 0; j < n_byte_w2; j++) {
mat2[i * n_byte_w2 + j] = mat[i * n_byte_w1 + st_2 + j];
}
}
}

unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) {
unsigned int n_w_byte = (H + 1) / 2;

uint8_t *aa = buffer;
for (unsigned int i = 0; i < H; i++) {
uint8_t *ai = aa + i * 2 * n_w_byte;
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(ai, 2 * n_w_byte);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(ai, a + i * n_w_byte, n_w_byte);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_set_ele(ai + n_w_byte, i, 1);
}
unsigned int r8 = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_gauss_elim(aa, H, 2 * H);
gf16mat_submat(inv_a, H, H, aa, 2 * H, H);
return r8;
}

// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE

#define gf16mat_prod_impl gf16mat_prod_ref
#define gf16mat_gauss_elim_impl gf16mat_gauss_elim_ref
#define gf16mat_solve_linear_eq_impl gf16mat_solve_linear_eq_ref

void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
gf16mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b);
}

unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) {
return gf16mat_gauss_elim_impl(mat, h, w);
}

unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
return gf16mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n);
}


+ 0
- 74
src/sign/rainbow/rainbowI-classic/clean/blas_comm.h View File

@@ -1,74 +0,0 @@
#ifndef _BLAS_COMM_H_
#define _BLAS_COMM_H_
/// @file blas_comm.h
/// @brief Common functions for linear algebra.
///

#include "rainbow_config.h"
#include <stdint.h>

/// @brief set a vector to 0.
///
/// @param[in,out] b - the vector b.
/// @param[in] _num_byte - number of bytes for the vector b.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte);

/// @brief get an element from GF(16) vector .
///
/// @param[in] a - the input vector a.
/// @param[in] i - the index in the vector a.
/// @return the value of the element.
///
uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(const uint8_t *a, unsigned int i);

/// @brief matrix-matrix multiplication: c = a * b , in GF(16)
///
/// @param[out] c - the output matrix c
/// @param[in] c - a matrix a.
/// @param[in] b - a matrix b.
/// @param[in] len_vec - the length of column vectors.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec);

/// @brief Gauss elimination for a matrix, in GF(16)
///
/// @param[in,out] mat - the matrix.
/// @param[in] h - the height of the matrix.
/// @param[in] w - the width of the matrix.
/// @return 1(true) if success. 0(false) if the matrix is singular.
///
unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w);

/// @brief Solving linear equations, in GF(16)
///
/// @param[out] sol - the solutions.
/// @param[in] inp_mat - the matrix parts of input equations.
/// @param[in] c_terms - the constant terms of the input equations.
/// @param[in] n - the number of equations.
/// @return 1(true) if success. 0(false) if the matrix is singular.
///
unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n);

/// @brief Computing the inverse matrix, in GF(16)
///
/// @param[out] inv_a - the output of matrix a.
/// @param[in] a - a matrix a.
/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix.
/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes.
/// @return 1(true) if success. 0(false) if the matrix is singular.
///
unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer);

/// @brief matrix-vector multiplication: c = matA * b , in GF(16)
///
/// @param[out] c - the output vector c
/// @param[in] matA - a column-major matrix A.
/// @param[in] n_A_vec_byte - the size of column vectors in bytes.
/// @param[in] n_A_width - the width of matrix A.
/// @param[in] b - the vector b.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b);


#endif // _BLAS_COMM_H_

+ 0
- 54
src/sign/rainbow/rainbowI-classic/clean/gf.c View File

@@ -1,54 +0,0 @@
#include "gf.h"

//// gf4 := gf2[x]/x^2+x+1
static inline uint8_t gf4_mul_2(uint8_t a) {
uint8_t r = (uint8_t)(a << 1);
r ^= (uint8_t)((a >> 1) * 7);
return r;
}

static inline uint8_t gf4_mul(uint8_t a, uint8_t b) {
uint8_t r = (uint8_t)(a * (b & 1));
return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1));
}

static inline uint8_t gf4_squ(uint8_t a) {
return a ^ (a >> 1);
}

//// gf16 := gf4[y]/y^2+y+x
uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) {
uint8_t a0 = a & 3;
uint8_t a1 = (a >> 2);
uint8_t b0 = b & 3;
uint8_t b1 = (b >> 2);
uint8_t a0b0 = gf4_mul(a0, b0);
uint8_t a1b1 = gf4_mul(a1, b1);
uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
uint8_t a1b1_x2 = gf4_mul_2(a1b1);
return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2);
}

static inline uint8_t gf16_squ(uint8_t a) {
uint8_t a0 = a & 3;
uint8_t a1 = (a >> 2);
a1 = gf4_squ(a1);
uint8_t a1squ_x2 = gf4_mul_2(a1);
return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0));
}

uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_is_nonzero(uint8_t a) {
unsigned int a4 = a & 0xf;
unsigned int r = ((unsigned int)0) - a4;
r >>= 4;
return r & 1;
}

uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_inv(uint8_t a) {
uint8_t a2 = gf16_squ(a);
uint8_t a4 = gf16_squ(a2);
uint8_t a8 = gf16_squ(a4);
uint8_t a6 = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a4, a2);
return PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(a8, a6);
}


+ 0
- 18
src/sign/rainbow/rainbowI-classic/clean/gf.h View File

@@ -1,18 +0,0 @@
#ifndef _GF16_H_
#define _GF16_H_

#include "rainbow_config.h"
#include <stdint.h>

/// @file gf16.h
/// @brief Library for arithmetics in GF(16) and GF(256)
///

uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b);


uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_is_nonzero(uint8_t a);
uint8_t PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16_inv(uint8_t a);


#endif // _GF16_H_

+ 0
- 182
src/sign/rainbow/rainbowI-classic/clean/parallel_matrix_op.c View File

@@ -1,182 +0,0 @@
/// @file parallel_matrix_op.c
/// @brief the standard implementations for functions in parallel_matrix_op.h
///
/// the standard implementations for functions in parallel_matrix_op.h
///

#include "parallel_matrix_op.h"
#include "blas.h"
#include "blas_comm.h"

///
/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
///
/// @param[in] i_row - the i-th row in an upper-triangle matrix.
/// @param[in] j_col - the j-th column in an upper-triangle matrix.
/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
/// @return the corresponding index in an array storage.
///
unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) {
return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row;
}

///
/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix.
///
/// @param[in] i_row - the i-th row in a triangle matrix.
/// @param[in] j_col - the j-th column in a triangle matrix.
/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix.
/// @return the corresponding index in an array storage.
///
static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) {
if (i_row > j_col) {
return PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var);
}
return PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var);
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) {
unsigned char *runningC = btriC;
unsigned int Aheight = Awidth;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < i; j++) {
unsigned int idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(j, i, Aheight);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch);
}
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i));
runningC += size_batch * (Aheight - i);
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Awidth = Bheight;
unsigned int Aheight = Awidth;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
if (k < i) {
continue;
}
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
btriA += (Aheight - i) * size_batch;
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Aheight = Bheight;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
if (i < k) {
continue;
}
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Aheight = Bheight;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
if (i == k) {
continue;
}
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Atr_height = Awidth;
unsigned int Atr_width = Aheight;
for (unsigned int i = 0; i < Atr_height; i++) {
for (unsigned int j = 0; j < Atr_width; j++) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth);
}
bC += size_batch * Bwidth;
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
const unsigned char *bA = bA_to_tr;
unsigned int Aheight = Awidth_before_tr;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Awidth = Bheight;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
bA += (Awidth) * size_batch;
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat,
const unsigned char *x, unsigned int dim_x, unsigned int size_batch) {
unsigned char tmp[128];

unsigned char _x[128];
for (unsigned int i = 0; i < dim_x; i++) {
_x[i] = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(x, i);
}
unsigned char _y[128];
for (unsigned int i = 0; i < dim_y; i++) {
_y[i] = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(y, i);
}

PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(z, size_batch);
for (unsigned int i = 0; i < dim_y; i++) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
for (unsigned int j = 0; j < dim_x; j++) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(tmp, mat, _x[j], size_batch);
mat += size_batch;
}
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(z, tmp, _y[i], size_batch);
}
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) {
unsigned char tmp[256];

unsigned char _x[256];
for (unsigned int i = 0; i < dim; i++) {
_x[i] = PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele(x, i);
}

PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(y, size_batch);
for (unsigned int i = 0; i < dim; i++) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
for (unsigned int j = i; j < dim; j++) {
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(tmp, trimat, _x[j], size_batch);
trimat += size_batch;
}
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd(y, tmp, _x[i], size_batch);
}
}

+ 0
- 260
src/sign/rainbow/rainbowI-classic/clean/parallel_matrix_op.h View File

@@ -1,260 +0,0 @@
#ifndef _P_MATRIX_OP_H_
#define _P_MATRIX_OP_H_
/// @file parallel_matrix_op.h
/// @brief Librarys for operations of batched matrixes.
///
///

//////////////// Section: triangle matrix <-> rectangle matrix ///////////////////////////////////

///
/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
///
/// @param[in] i_row - the i-th row in an upper-triangle matrix.
/// @param[in] j_col - the j-th column in an upper-triangle matrix.
/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
/// @return the corresponding index in an array storage.
///
unsigned int PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim);

///
/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix.
///
/// @param[out] btriC - the batched upper-trianglized matrix C.
/// @param[in] bA - a batched retangle matrix A.
/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch);

//////////////////// Section: matrix multiplications ///////////////////////////////

///
/// @brief bC += btriA * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += btriA * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += btriA^Tr * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += btriA^Tr * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += (btriA + btriA^Tr) *B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += (btriA + btriA^Tr) *B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += A^Tr * bB , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
/// @param[in] Aheight - the height of A.
/// @param[in] size_Acolvec - the size of a column vector in A.
/// @param[in] Awidth - the width of A.
/// @param[in] bB - a batched matrix B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC,
const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += A^Tr * bB , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
/// @param[in] Aheight - the height of A.
/// @param[in] size_Acolvec - the size of a column vector in A.
/// @param[in] Awidth - the width of A.
/// @param[in] bB - a batched matrix B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC,
const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA^Tr * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
/// @param[in] Awidth_befor_tr - the width of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA^Tr * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
/// @param[in] Awidth_befor_tr - the width of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA - a batched matrix A.
/// @param[in] Aheigh - the height of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA - a batched matrix A.
/// @param[in] Aheigh - the height of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

//////////////////// Section: "quadratric" matrix evaluation ///////////////////////////////

///
/// @brief y = x^Tr * trimat * x , in GF(16)
///
/// @param[out] y - the returned batched element y.
/// @param[in] trimat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim - the dimension of matrix trimat (and x).
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);

///
/// @brief y = x^Tr * trimat * x , in GF(256)
///
/// @param[out] y - the returned batched element y.
/// @param[in] trimat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim - the dimension of matrix trimat (and x).
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);

///
/// @brief z = y^Tr * mat * x , in GF(16)
///
/// @param[out] z - the returned batched element z.
/// @param[in] y - an input vector y.
/// @param[in] dim_y - the length of y.
/// @param[in] mat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim_x - the length of x.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y,
const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);

///
/// @brief z = y^Tr * mat * x , in GF(256)
///
/// @param[out] z - the returned batched element z.
/// @param[in] y - an input vector y.
/// @param[in] dim_y - the length of y.
/// @param[in] mat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim_x - the length of x.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y,
const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);

#endif // _P_MATRIX_OP_H_

+ 0
- 168
src/sign/rainbow/rainbowI-classic/clean/rainbow.c View File

@@ -1,168 +0,0 @@
/// @file rainbow.c
/// @brief The standard implementations for functions in rainbow.h
///

#include "blas.h"
#include "parallel_matrix_op.h"
#include "rainbow.h"
#include "rainbow_blas.h"
#include "rainbow_config.h"
#include "rainbow_keypair.h"
#include "utils_hash.h"
#include "utils_prng.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

#define MAX_ATTEMPT_FRMAT 128

int PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) {
uint8_t mat_l1[_O1 * _O1_BYTE];
uint8_t mat_l2[_O2 * _O2_BYTE];
uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE];

// setup PRNG
prng_t prng_sign;
uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN];
memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED);
memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest
uint8_t prng_seed[_HASH_LEN];
PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest )
for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) {
prng_preseed[i] ^= prng_preseed[i]; // clean
}
for (unsigned int i = 0; i < _HASH_LEN; i++) {
prng_seed[i] ^= prng_seed[i]; // clean
}

// roll vinegars.
uint8_t vinegar[_V1_BYTE];
unsigned int n_attempt = 0;
unsigned int l1_succ = 0;
while (!l1_succ) {
if (MAX_ATTEMPT_FRMAT <= n_attempt) {
break;
}
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars
gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1
l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable
n_attempt++;
}

// Given the vinegars, pre-compute variables needed for layer 2
uint8_t r_l1_F1[_O1_BYTE] = {0};
uint8_t r_l2_F1[_O2_BYTE] = {0};
batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE);
batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE);
uint8_t mat_l2_F3[_O2 * _O2_BYTE];
uint8_t mat_l2_F2[_O1 * _O2_BYTE];
gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar);
gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar);

// Some local variables.
uint8_t _z[_PUB_M_BYTE];
uint8_t y[_PUB_M_BYTE];
uint8_t *x_v1 = vinegar;
uint8_t x_o1[_O1_BYTE];
uint8_t x_o2[_O2_BYTE];

uint8_t digest_salt[_HASH_LEN + _SALT_BYTE];
memcpy(digest_salt, _digest, _HASH_LEN);
uint8_t *salt = digest_salt + _HASH_LEN;

uint8_t temp_o[_MAX_O_BYTE + 32] = {0};
unsigned int succ = 0;
while (!succ) {
if (MAX_ATTEMPT_FRMAT <= n_attempt) {
break;
}
// The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w

PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt
PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt)

// y = S^-1 * z
memcpy(y, _z, _PUB_M_BYTE); // identity part of S
gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE);

// Central Map:
// layer 1: calculate x_o1
memcpy(temp_o, r_l1_F1, _O1_BYTE);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE);
gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o);

// layer 2: calculate x_o2
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE);
gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2
batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE);

// generate the linear equations of the 2nd layer
gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3
succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer);
gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs

n_attempt++;
};
// w = T^-1 * y
uint8_t w[_PUB_N_BYTE];
// identity part of T.
memcpy(w, x_v1, _V1_BYTE);
memcpy(w + _V1_BYTE, x_o1, _O1_BYTE);
memcpy(w + _V2_BYTE, x_o2, _O2_BYTE);
// Computing the t1 part.
gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
// Computing the t4 part.
gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
// Computing the t3 part.
gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE);

memset(signature, 0, _SIGNATURE_BYTE); // set the output 0
// clean
memset(&prng_sign, 0, sizeof(prng_t));
memset(vinegar, 0, _V1_BYTE);
memset(r_l1_F1, 0, _O1_BYTE);
memset(r_l2_F1, 0, _O2_BYTE);
memset(_z, 0, _PUB_M_BYTE);
memset(y, 0, _PUB_M_BYTE);
memset(x_o1, 0, _O1_BYTE);
memset(x_o2, 0, _O2_BYTE);
memset(temp_o, 0, sizeof(temp_o));

// return: copy w and salt to the signature.
if (MAX_ATTEMPT_FRMAT <= n_attempt) {
return -1;
}
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE);
return 0;
}

int PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) {
unsigned char digest_ck[_PUB_M_BYTE];
// public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials.
batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE);

unsigned char correct[_PUB_M_BYTE];
unsigned char digest_salt[_HASH_LEN + _SALT_BYTE];
memcpy(digest_salt, digest, _HASH_LEN);
memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE);
PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt )

// check consistancy.
unsigned char cc = 0;
for (unsigned int i = 0; i < _PUB_M_BYTE; i++) {
cc |= (digest_ck[i] ^ correct[i]);
}
return (0 == cc) ? 0 : -1;
}



+ 0
- 33
src/sign/rainbow/rainbowI-classic/clean/rainbow.h View File

@@ -1,33 +0,0 @@
#ifndef _RAINBOW_H_
#define _RAINBOW_H_
/// @file rainbow.h
/// @brief APIs for rainbow.
///

#include "rainbow_config.h"
#include "rainbow_keypair.h"

#include <stdint.h>

///
/// @brief Signing function for classical secret key.
///
/// @param[out] signature - the signature.
/// @param[in] sk - the secret key.
/// @param[in] digest - the digest.
///
int PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest);

///
/// @brief Verifying function.
///
/// @param[in] digest - the digest.
/// @param[in] signature - the signature.
/// @param[in] pk - the public key.
/// @return 0 for successful verified. -1 for failed verification.
///
int PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk);



#endif // _RAINBOW_H_

+ 0
- 32
src/sign/rainbow/rainbowI-classic/clean/rainbow_blas.h View File

@@ -1,32 +0,0 @@
#ifndef _RAINBOW_BLAS_H_
#define _RAINBOW_BLAS_H_
/// @file rainbow_blas.h
/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
///
/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h

#include "blas.h"
#include "blas_comm.h"
#include "parallel_matrix_op.h"
#include "rainbow_config.h"


#define gfv_get_ele PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_get_ele
#define gfv_mul_scalar PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_mul_scalar
#define gfv_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16v_madd

#define gfmat_prod PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_prod
#define gfmat_inv PQCLEAN_RAINBOWICLASSIC_CLEAN_gf16mat_inv

#define batch_trimat_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimat_madd_gf16
#define batch_trimatTr_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_trimatTr_madd_gf16
#define batch_2trimat_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_2trimat_madd_gf16
#define batch_matTr_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_matTr_madd_gf16
#define batch_bmatTr_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_bmatTr_madd_gf16
#define batch_mat_madd PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_mat_madd_gf16

#define batch_quad_trimat_eval PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_trimat_eval_gf16
#define batch_quad_recmat_eval PQCLEAN_RAINBOWICLASSIC_CLEAN_batch_quad_recmat_eval_gf16


#endif // _RAINBOW_BLAS_H_

+ 0
- 49
src/sign/rainbow/rainbowI-classic/clean/rainbow_config.h View File

@@ -1,49 +0,0 @@
#ifndef _H_RAINBOW_CONFIG_H_
#define _H_RAINBOW_CONFIG_H_

/// @file rainbow_config.h
/// @brief Defining the parameters of the Rainbow and the corresponding constants.
///

#define _USE_GF16
#define _GFSIZE 16
#define _V1 36
#define _O1 32
#define _O2 32
#define _MAX_O 32
#define _HASH_LEN 32


#define _V2 ((_V1) + (_O1))

/// size of N, in # of gf elements.
#define _PUB_N (_V1 + _O1 + _O2)

/// size of M, in # gf elements.
#define _PUB_M (_O1 + _O2)

/// size of variables, in # bytes.

// GF16
#define _V1_BYTE (_V1 / 2)
#define _V2_BYTE (_V2 / 2)
#define _O1_BYTE (_O1 / 2)
#define _O2_BYTE (_O2 / 2)
#define _MAX_O_BYTE (_MAX_O / 2)
#define _PUB_N_BYTE (_PUB_N / 2)
#define _PUB_M_BYTE (_PUB_M / 2)


/// length of seed for public key, in # bytes
#define LEN_PKSEED 32

/// length of seed for secret key, in # bytes
#define LEN_SKSEED 32

/// length of salt for a signature, in # bytes
#define _SALT_BYTE 16

/// length of a signature
#define _SIGNATURE_BYTE (_PUB_N_BYTE + _SALT_BYTE)

#endif // _H_RAINBOW_CONFIG_H_

+ 0
- 155
src/sign/rainbow/rainbowI-classic/clean/rainbow_keypair.c View File

@@ -1,155 +0,0 @@
/// @file rainbow_keypair.c
/// @brief implementations of functions in rainbow_keypair.h
///

#include "rainbow_keypair.h"
#include "blas.h"
#include "blas_comm.h"
#include "rainbow_blas.h"
#include "rainbow_keypair_computation.h"
#include "utils_prng.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

static
void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) {
sk_t *_sk;
unsigned size;

size = sizeof(_sk->s1);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
s_and_t += size;

size = sizeof(_sk->t1);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
s_and_t += size;

size = sizeof(_sk->t4);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
s_and_t += size;

size = sizeof(_sk->t3);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
}


static
unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) {
unsigned n_byte_generated = 0;
sk_t *_sk;
unsigned size;

size = sizeof(_sk->l1_F1);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l1_F2);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size );
n_byte_generated += size;

return n_byte_generated;
}


static
unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) {
unsigned n_byte_generated = 0;
sk_t *_sk;
unsigned size;

size = sizeof(_sk->l2_F1);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F2);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F3);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F5);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F6);
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen( prng0, sk, size );
n_byte_generated += size;

return n_byte_generated;
}


static void generate_B1_B2(unsigned char *sk, prng_t *prng0) {
sk += generate_l1_F12(sk, prng0);
generate_l2_F12356(sk, prng0);
}

static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) {
// t4 = T_sk.t1 * T_sk.t3 - T_sk.t2
unsigned char temp[_V1_BYTE + 32];
unsigned char *t4 = t2_to_t4;
for (unsigned int i = 0; i < _O2; i++) { /// t3 width
gfmat_prod(temp, t1, _V1_BYTE, _O1, t3);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE);
t4 += _V1_BYTE;
t3 += _O1_BYTE;
}
}

static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) {
unsigned char temp[_O1_BYTE + 32];
while (n_terms--) {
gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys);
PQCLEAN_RAINBOWICLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE);
l1_polys += _O1_BYTE;
l2_polys += _O2_BYTE;
}
}

/////////////////// Classic //////////////////////////////////

static void generate_secretkey(sk_t *sk, const unsigned char *sk_seed) {
memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);

// set up prng
prng_t prng0;
PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED);

// generating secret key with prng.
generate_S_T(sk->s1, &prng0);
generate_B1_B2(sk->l1_F1, &prng0);

// clean prng
memset(&prng0, 0, sizeof(prng_t));
}

void PQCLEAN_RAINBOWICLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) {
generate_secretkey(sk, sk_seed);

// set up a temporary structure ext_cpk_t for calculating public key.
ext_cpk_t pk;

PQCLEAN_RAINBOWICLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format.
calculate_t4(sk->t4, sk->t1, sk->t3);

obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1);
obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1);
obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1);
obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1);
obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1);
obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1);
// so far, the pk contains the full pk but in ext_cpk_t format.

PQCLEAN_RAINBOWICLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t.
}




+ 0
- 61
src/sign/rainbow/rainbowI-classic/clean/rainbow_keypair.h View File

@@ -1,61 +0,0 @@
#ifndef _RAINBOW_KEYPAIR_H_
#define _RAINBOW_KEYPAIR_H_
/// @file rainbow_keypair.h
/// @brief Formats of key pairs and functions for generating key pairs.
/// Formats of key pairs and functions for generating key pairs.
///

#include "rainbow_config.h"

#define N_TRIANGLE_TERMS(n_var) ((n_var) * ((n_var) + 1) / 2)

/// @brief public key for classic rainbow
///
/// public key for classic rainbow
///
typedef struct rainbow_publickey {
unsigned char pk[(_PUB_M_BYTE)*N_TRIANGLE_TERMS(_PUB_N)];
} pk_t;

/// @brief secret key for classic rainbow
///
/// secret key for classic rainbow
///
typedef struct rainbow_secretkey {
///
/// seed for generating secret key.
/// Generating S, T, and F for classic rainbow.
/// Generating S and T only for cyclic rainbow.
unsigned char sk_seed[LEN_SKSEED];

unsigned char s1[_O1_BYTE * _O2]; ///< part of S map
unsigned char t1[_V1_BYTE * _O1]; ///< part of T map
unsigned char t4[_V1_BYTE * _O2]; ///< part of T map
unsigned char t3[_O1_BYTE * _O2]; ///< part of T map

unsigned char l1_F1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer1
unsigned char l1_F2[_O1_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer1

unsigned char l2_F1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer2
unsigned char l2_F2[_O2_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer2

unsigned char l2_F3[_O2_BYTE * _V1 * _O2]; ///< part of C-map, F3, Layer2
unsigned char l2_F5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< part of C-map, F5, Layer2
unsigned char l2_F6[_O2_BYTE * _O1 * _O2]; ///< part of C-map, F6, Layer2
} sk_t;


///
/// @brief Generate key pairs for classic rainbow.
///
/// @param[out] pk - the public key.
/// @param[out] sk - the secret key.
/// @param[in] sk_seed - seed for generating the secret key.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed);





#endif // _RAINBOW_KEYPAIR_H_

+ 0
- 189
src/sign/rainbow/rainbowI-classic/clean/rainbow_keypair_computation.c View File

@@ -1,189 +0,0 @@
/// @file rainbow_keypair_computation.c
/// @brief Implementations for functions in rainbow_keypair_computation.h
///

#include "rainbow_keypair_computation.h"
#include "blas.h"
#include "blas_comm.h"
#include "rainbow_blas.h"
#include "rainbow_keypair.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

void PQCLEAN_RAINBOWICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) {
const unsigned char *idx_l1 = cpk->l1_Q1;
const unsigned char *idx_l2 = cpk->l2_Q1;
for (unsigned int i = 0; i < _V1; i++) {
for (unsigned int j = i; j < _V1; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q2;
idx_l2 = cpk->l2_Q2;
for (unsigned int i = 0; i < _V1; i++) {
for (unsigned int j = _V1; j < _V1 + _O1; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q3;
idx_l2 = cpk->l2_Q3;
for (unsigned int i = 0; i < _V1; i++) {
for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q5;
idx_l2 = cpk->l2_Q5;
for (unsigned int i = _V1; i < _V1 + _O1; i++) {
for (unsigned int j = i; j < _V1 + _O1; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q6;
idx_l2 = cpk->l2_Q6;
for (unsigned int i = _V1; i < _V1 + _O1; i++) {
for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q9;
idx_l2 = cpk->l2_Q9;
for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) {
for (unsigned int j = i; j < _PUB_N; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
}

static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
/*
Layer 1
Computing :
Q_pk.l1_F1s[i] = F_sk.l1_F1s[i]

Q_pk.l1_F2s[i] = (F1* T1 + F2) + F1tr * t1
Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) )
*/
const unsigned char *t2 = Ts->t4;

memcpy(Qs->l1_Q1, Fs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1));

memcpy(Qs->l1_Q2, Fs->l1_F2, _O1_BYTE * _V1 * _O1);
batch_trimat_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2

memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2);
memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1));
memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2);
memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2));

// l1_Q5 : _O1_BYTE * _O1 * _O1
// l1_Q9 : _O1_BYTE * _O2 * _O2
// l2_Q5 : _O2_BYTE * _V1 * _O1
// l2_Q9 : _O2_BYTE * _V1 * _O2

unsigned char tempQ[_MAX_O_BYTE * _MAX_O * _MAX_O + 32];

memset(tempQ, 0, _O1_BYTE * _O1 * _O1); // l1_Q5
batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q2, _O1, _O1_BYTE); // t1_tr*(F1*T1 + F2)
PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5

batch_trimatTr_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // Q2
/*
Computing:
F1_T2 = F1 * t2
F2_T3 = F2 * t3
F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3
Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2
Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) )
*/
batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2
batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F2_T3

memset(tempQ, 0, _O1_BYTE * _O2 * _O2); // l1_Q9
batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 )
PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9

batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3

batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2
batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6

/*
layer 2
Computing:
Q1 = F1
Q2 = F1_F1T*T1 + F2
Q5 = UT( T1tr( F1*T1 + F2 ) + F5 )
*/
memcpy(Qs->l2_Q1, Fs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1));

memcpy(Qs->l2_Q2, Fs->l2_F2, _O2_BYTE * _V1 * _O1);
batch_trimat_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F1*T1 + F2

memcpy(Qs->l2_Q5, Fs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1));
memset(tempQ, 0, _O2_BYTE * _O1 * _O1); // l2_Q5
batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q2, _O1, _O2_BYTE); // t1_tr*(F1*T1 + F2)
PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5

batch_trimatTr_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q2

/*
Computing:
F1_T2 = F1 * t2
F2_T3 = F2 * t3
F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2

Q3 = F1_F1T*T2 + F2*T3 + F3
Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) )
Q6 = T1tr*( F1_F1T*T2 + F2*T3 + F3 ) + F2Tr*T2 + F5_F5T*T3 + F6
*/
memcpy(Qs->l2_Q3, Fs->l2_F3, _O2_BYTE * _V1 * _O2);
batch_trimat_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3
batch_mat_madd(Qs->l2_Q3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3 + F3

memset(tempQ, 0, _O2_BYTE * _O2 * _O2); // l2_Q9
batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l2_Q3, _O2, _O2_BYTE); // T2tr * ( ..... )

memcpy(Qs->l2_Q6, Fs->l2_F6, _O2_BYTE * _O1 * _O2);

batch_trimat_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6
batch_matTr_madd(tempQ, Ts->t3, _O1, _O1_BYTE, _O2, Qs->l2_Q6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... )
memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
PQCLEAN_RAINBOWICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9

batch_trimatTr_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1_F1T_T2 + F2_T3 + F3 // Q3

batch_bmatTr_madd(Qs->l2_Q6, Fs->l2_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 + F2tr*T2
batch_trimatTr_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F2tr*T2 + F5_F5T*T3 + F6
batch_matTr_madd(Qs->l2_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q3, _O2, _O2_BYTE); // Q6
}
#define calculate_Q_from_F_impl calculate_Q_from_F_ref
void PQCLEAN_RAINBOWICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
calculate_Q_from_F_impl(Qs, Fs, Ts);
}

+ 0
- 53
src/sign/rainbow/rainbowI-classic/clean/rainbow_keypair_computation.h View File

@@ -1,53 +0,0 @@
#ifndef _RAINBOW_KEYPAIR_COMP_H_
#define _RAINBOW_KEYPAIR_COMP_H_
/// @file rainbow_keypair_computation.h
/// @brief Functions for calculating pk/sk while generating keys.
///
/// Defining an internal structure of public key.
/// Functions for calculating pk/sk for key generation.
///

#include "rainbow_keypair.h"

/// @brief The (internal use) public key for rainbow
///
/// The (internal use) public key for rainbow. The public
/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9,
/// l2_Q1, .... , l2_Q9.
///
typedef struct rainbow_extend_publickey {
unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)];
unsigned char l1_Q2[_O1_BYTE * _V1 * _O1];
unsigned char l1_Q3[_O1_BYTE * _V1 * _O2];
unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)];
unsigned char l1_Q6[_O1_BYTE * _O1 * _O2];
unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)];

unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)];
unsigned char l2_Q2[_O2_BYTE * _V1 * _O1];
unsigned char l2_Q3[_O2_BYTE * _V1 * _O2];
unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)];
unsigned char l2_Q6[_O2_BYTE * _O1 * _O2];
unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)];
} ext_cpk_t;

///
/// @brief converting formats of public keys : from ext_cpk_t version to pk_t
///
/// @param[out] pk - the classic public key.
/// @param[in] cpk - the internel public key.
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk);
/////////////////////////////////////////////////

///
/// @brief Computing public key from secret key
///
/// @param[out] Qs - the public key
/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
/// @param[in] Ts - parts of the secret key: T1, T4, T3
///
void PQCLEAN_RAINBOWICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);


#endif // _RAINBOW_KEYPAIR_COMP_H_

+ 0
- 74
src/sign/rainbow/rainbowI-classic/clean/sign.c View File

@@ -1,74 +0,0 @@
/// @file sign.c
/// @brief the implementations for functions in api.h
///
///

#include "api.h"
#include "rainbow.h"
#include "rainbow_config.h"
#include "rainbow_keypair.h"
#include "randombytes.h"
#include "utils_hash.h"
#include <stdlib.h>
#include <string.h>

int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) {
unsigned char sk_seed[LEN_SKSEED] = {0};
randombytes(sk_seed, LEN_SKSEED);

PQCLEAN_RAINBOWICLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed);
return 0;
}

int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) {
unsigned char digest[_HASH_LEN];

PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);

memcpy(sm, m, mlen);
smlen[0] = mlen + _SIGNATURE_BYTE;

return PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest);
}

int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) {
int rc;
if (_SIGNATURE_BYTE > smlen) {
rc = -1;
} else {
*mlen = smlen - _SIGNATURE_BYTE;

unsigned char digest[_HASH_LEN];
PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen);

rc = PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk);
}
if (!rc) {
memmove(m, sm, smlen - _SIGNATURE_BYTE);
} else { // bad signature
*mlen = (size_t) -1;
memset(m, 0, smlen);
}
return rc;
}

int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_signature(
uint8_t *sig, size_t *siglen,
const uint8_t *m, size_t mlen, const uint8_t *sk) {
unsigned char digest[_HASH_LEN];

PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
*siglen = _SIGNATURE_BYTE;
return PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest);
}

int PQCLEAN_RAINBOWICLASSIC_CLEAN_crypto_sign_verify(
const uint8_t *sig, size_t siglen,
const uint8_t *m, size_t mlen, const uint8_t *pk) {
if (siglen != _SIGNATURE_BYTE) {
return -1;
}
unsigned char digest[_HASH_LEN];
PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
return PQCLEAN_RAINBOWICLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk);
}

+ 0
- 50
src/sign/rainbow/rainbowI-classic/clean/utils_hash.c View File

@@ -1,50 +0,0 @@
/// @file utils_hash.c
/// @brief the adapter for SHA2 families.
///
///

#include "utils_hash.h"
#include "rainbow_config.h"
#include "sha2.h"

static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) {
sha256(digest, m, mlen);
return 0;
}

static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsigned char *hash) {
if (_HASH_LEN >= n_digest) {
for (size_t i = 0; i < n_digest; i++) {
digest[i] = hash[i];
}
return 0;
}
for (size_t i = 0; i < _HASH_LEN; i++) {
digest[i] = hash[i];
}
n_digest -= _HASH_LEN;

while (_HASH_LEN <= n_digest) {
h(digest + _HASH_LEN, digest, _HASH_LEN);

n_digest -= _HASH_LEN;
digest += _HASH_LEN;
}
unsigned char temp[_HASH_LEN];
if (n_digest) {
h(temp, digest, _HASH_LEN);
for (size_t i = 0; i < n_digest; i++) {
digest[_HASH_LEN + i] = temp[i];
}
}
return 0;
}

int PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(unsigned char *digest,
size_t len_digest,
const unsigned char *m,
size_t mlen) {
unsigned char buf[_HASH_LEN];
h(buf, m, mlen);
return expand_hash(digest, len_digest, buf);
}

+ 0
- 11
src/sign/rainbow/rainbowI-classic/clean/utils_hash.h View File

@@ -1,11 +0,0 @@
#ifndef _UTILS_HASH_H_
#define _UTILS_HASH_H_
/// @file utils_hash.h
/// @brief the interface for adapting hash functions.
///

#include <stddef.h>

int PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen);

#endif // _UTILS_HASH_H_

+ 0
- 97
src/sign/rainbow/rainbowI-classic/clean/utils_prng.c View File

@@ -1,97 +0,0 @@
/// @file utils_prng.c
/// @brief The implementation of PRNG related functions.
///

#include "utils_prng.h"
#include "aes.h"
#include "randombytes.h"
#include "utils_hash.h"
#include <stdlib.h>
#include <string.h>

static void prng_update(const unsigned char *provided_data,
unsigned char *Key,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
if (V[j] == 0xff) {
V[j] = 0x00;
} else {
V[j]++;
break;
}
}
aes256_ecb(temp + 16 * i, V, 1, &ctx);
}
if (provided_data != NULL) {
for (int i = 0; i < 48; i++) {
temp[i] ^= provided_data[i];
}
}
aes256_ctx_release(&ctx);
memcpy(Key, temp, 32);
memcpy(V, temp + 32, 16);
}
static void randombytes_init_with_state(prng_t *state,
unsigned char *entropy_input_48bytes) {
memset(state->Key, 0x00, 32);
memset(state->V, 0x00, 16);
prng_update(entropy_input_48bytes, state->Key, state->V);
}

static int randombytes_with_state(prng_t *state,
unsigned char *x,
size_t xlen) {

unsigned char block[16];
int i = 0;

aes256ctx ctx;
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V
for (int j = 15; j >= 0; j--) {
if (state->V[j] == 0xff) {
state->V[j] = 0x00;
} else {
state->V[j]++;
break;
}
}
aes256_ecb(block, state->V, 1, &ctx);
if (xlen > 15) {
memcpy(x + i, block, 16);
i += 16;
xlen -= 16;
} else {
memcpy(x + i, block, xlen);
xlen = 0;
}
}
aes256_ctx_release(&ctx);
prng_update(NULL, state->Key, state->V);
return 0;
}

int PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) {
unsigned char seed[48];
if (prng_seedlen >= 48) {
memcpy(seed, prng_seed, 48);
} else {
memcpy(seed, prng_seed, prng_seedlen);
PQCLEAN_RAINBOWICLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen);
}

randombytes_init_with_state(ctx, seed);

return 0;
}

int PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) {
return randombytes_with_state(ctx, out, outlen);
}

+ 0
- 18
src/sign/rainbow/rainbowI-classic/clean/utils_prng.h View File

@@ -1,18 +0,0 @@
#ifndef _UTILS_PRNG_H_
#define _UTILS_PRNG_H_
/// @file utils_prng.h
/// @brief the interface for adapting PRNG functions.
///
///

#include "randombytes.h"

typedef struct {
unsigned char Key[32];
unsigned char V[16];
} prng_t;

int PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen);
int PQCLEAN_RAINBOWICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen);

#endif // _UTILS_PRNG_H_

+ 0
- 16
src/sign/rainbow/rainbowIII-classic/clean/CMakeLists.txt View File

@@ -1,16 +0,0 @@
set(
SRC_CLEAN_RAINBOW_III_CLASSSIC
blas.c
blas_comm.c
gf.c
parallel_matrix_op.c
rainbow.c
rainbow_keypair.c
rainbow_keypair_computation.c
sign.c
utils_hash.c
utils_prng.c)

define_sig_alg(
rainbowIIIclassic_clean
PQCLEAN_RAINBOWIIICLASSIC_CLEAN "${SRC_CLEAN_RAINBOW_III_CLASSSIC}" "${CMAKE_CURRENT_SOURCE_DIR}")

+ 0
- 32
src/sign/rainbow/rainbowIII-classic/clean/api.h View File

@@ -1,32 +0,0 @@
#ifndef PQCLEAN_RAINBOWIIICLASSIC_CLEAN_API_H
#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_API_H

#include <stddef.h>
#include <stdint.h>

#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 626048
#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 882080
#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_BYTES 164
#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,32,48) - classic"

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);


int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_signature(
uint8_t *sig, size_t *siglen,
const uint8_t *m, size_t mlen, const uint8_t *sk);

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_verify(
const uint8_t *sig, size_t siglen,
const uint8_t *m, size_t mlen, const uint8_t *pk);

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
const uint8_t *m, size_t mlen,
const uint8_t *sk);

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
const uint8_t *sm, size_t smlen,
const uint8_t *pk);


#endif

+ 0
- 31
src/sign/rainbow/rainbowIII-classic/clean/blas.c View File

@@ -1,31 +0,0 @@
#include "blas.h"
#include "gf.h"

#include <stddef.h>

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) {
uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate);
for (size_t i = 0; i < _num_byte; i++) {
accu_b[i] ^= (a[i] & pr_u8);
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
accu_b[i] ^= a[i];
}
}


void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
a[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a[i], b);
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
accu_c[i] ^= PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a[i], gf256_b);
}
}


+ 0
- 19
src/sign/rainbow/rainbowIII-classic/clean/blas.h View File

@@ -1,19 +0,0 @@
#ifndef _BLAS_H_
#define _BLAS_H_
/// @file blas.h
/// @brief Functions for implementing basic linear algebra functions.
///

#include "rainbow_config.h"
#include <stddef.h>
#include <stdint.h>

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte);
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte);


void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte);
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte);


#endif // _BLAS_H_

+ 0
- 144
src/sign/rainbow/rainbowIII-classic/clean/blas_comm.c View File

@@ -1,144 +0,0 @@
/// @file blas_comm.c
/// @brief The standard implementations for blas_comm.h
///

#include "blas_comm.h"
#include "blas.h"
#include "gf.h"
#include "rainbow_config.h"

#include <stdint.h>
#include <string.h>

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
b[i] = 0;
}
}
/// @brief get an element from GF(256) vector .
///
/// @param[in] a - the input vector a.
/// @param[in] i - the index in the vector a.
/// @return the value of the element.
///
uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) {
return a[i];
}

unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) {
uint8_t r = 0;
while (_num_byte--) {
r |= a[0];
a++;
}
return (0 == r);
}

/// polynomial multplication
/// School boook
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1);
for (unsigned int i = 0; i < _num; i++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(c + i, a, b[i], _num);
}
}

static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte);
for (unsigned int i = 0; i < n_A_width; i++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte);
matA += n_A_vec_byte;
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) {
unsigned int n_vec_byte = len_vec;
for (unsigned int k = 0; k < len_vec; k++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte);
const uint8_t *bk = b + n_vec_byte * k;
for (unsigned int i = 0; i < len_vec; i++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte);
}
c += n_vec_byte;
}
}

static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) {
unsigned int r8 = 1;

for (unsigned int i = 0; i < h; i++) {
uint8_t *ai = mat + w * i;
unsigned int skip_len_align4 = i & ((unsigned int)~0x3);

for (unsigned int j = i + 1; j < h; j++) {
uint8_t *aj = mat + w * j;
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4);
}
r8 &= PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(ai[i]);
uint8_t pivot = ai[i];
pivot = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_inv(pivot);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4);
for (unsigned int j = 0; j < h; j++) {
if (i == j) {
continue;
}
uint8_t *aj = mat + w * j;
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4);
}
}

return r8;
}

static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
uint8_t mat[64 * 64];
for (unsigned int i = 0; i < n; i++) {
memcpy(mat + i * (n + 1), inp_mat + i * n, n);
mat[i * (n + 1) + n] = c_terms[i];
}
unsigned int r8 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1);
for (unsigned int i = 0; i < n; i++) {
sol[i] = mat[i * (n + 1) + n];
}
return r8;
}

static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) {
for (unsigned int i = 0; i < h; i++) {
for (unsigned int j = 0; j < w2; j++) {
mat2[i * w2 + j] = mat[i * w + st + j];
}
}
}

unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) {
uint8_t *aa = buffer;
for (unsigned int i = 0; i < H; i++) {
uint8_t *ai = aa + i * 2 * H;
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(ai, 2 * H);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(ai, a + i * H, H);
ai[H + i] = 1;
}
unsigned int r8 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H);
gf256mat_submat(inv_a, H, H, aa, 2 * H, H);
return r8;
}


// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE

#define gf256mat_prod_impl gf256mat_prod_ref
#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref
#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b);
}

unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) {
return gf256mat_gauss_elim_impl(mat, h, w);
}

unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n);
}


+ 0
- 90
src/sign/rainbow/rainbowIII-classic/clean/blas_comm.h View File

@@ -1,90 +0,0 @@
#ifndef _BLAS_COMM_H_
#define _BLAS_COMM_H_
/// @file blas_comm.h
/// @brief Common functions for linear algebra.
///

#include "rainbow_config.h"
#include <stdint.h>

/// @brief set a vector to 0.
///
/// @param[in,out] b - the vector b.
/// @param[in] _num_byte - number of bytes for the vector b.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte);

/// @brief get an element from GF(256) vector .
///
/// @param[in] a - the input vector a.
/// @param[in] i - the index in the vector a.
/// @return the value of the element.
///
uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i);

/// @brief check if a vector is 0.
///
/// @param[in] a - the vector a.
/// @param[in] _num_byte - number of bytes for the vector a.
/// @return 1(true) if a is 0. 0(false) else.
///
unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte);

/// @brief polynomial multiplication: c = a*b
///
/// @param[out] c - the output polynomial c
/// @param[in] a - the vector a.
/// @param[in] b - the vector b.
/// @param[in] _num - number of elements for the polynomials a and b.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num);

/// @brief matrix-vector multiplication: c = matA * b , in GF(256)
///
/// @param[out] c - the output vector c
/// @param[in] matA - a column-major matrix A.
/// @param[in] n_A_vec_byte - the size of column vectors in bytes.
/// @param[in] n_A_width - the width of matrix A.
/// @param[in] b - the vector b.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b);

/// @brief matrix-matrix multiplication: c = a * b , in GF(256)
///
/// @param[out] c - the output matrix c
/// @param[in] c - a matrix a.
/// @param[in] b - a matrix b.
/// @param[in] len_vec - the length of column vectors.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec);

/// @brief Gauss elimination for a matrix, in GF(256)
///
/// @param[in,out] mat - the matrix.
/// @param[in] h - the height of the matrix.
/// @param[in] w - the width of the matrix.
/// @return 1(true) if success. 0(false) if the matrix is singular.
///
unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w);

/// @brief Solving linear equations, in GF(256)
///
/// @param[out] sol - the solutions.
/// @param[in] inp_mat - the matrix parts of input equations.
/// @param[in] c_terms - the constant terms of the input equations.
/// @param[in] n - the number of equations.
/// @return 1(true) if success. 0(false) if the matrix is singular.
///
unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n);

/// @brief Computing the inverse matrix, in GF(256)
///
/// @param[out] inv_a - the output of matrix a.
/// @param[in] a - a matrix a.
/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix.
/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes.
/// @return 1(true) if success. 0(false) if the matrix is singular.
///
unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer);

#endif // _BLAS_COMM_H_

+ 0
- 91
src/sign/rainbow/rainbowIII-classic/clean/gf.c View File

@@ -1,91 +0,0 @@
#include "gf.h"

//// gf4 := gf2[x]/x^2+x+1
static inline uint8_t gf4_mul_2(uint8_t a) {
uint8_t r = (uint8_t)(a << 1);
r ^= (uint8_t)((a >> 1) * 7);
return r;
}

static inline uint8_t gf4_mul(uint8_t a, uint8_t b) {
uint8_t r = (uint8_t)(a * (b & 1));
return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1));
}

static inline uint8_t gf4_squ(uint8_t a) {
return a ^ (a >> 1);
}

//// gf16 := gf4[y]/y^2+y+x
uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) {
uint8_t a0 = a & 3;
uint8_t a1 = (a >> 2);
uint8_t b0 = b & 3;
uint8_t b1 = (b >> 2);
uint8_t a0b0 = gf4_mul(a0, b0);
uint8_t a1b1 = gf4_mul(a1, b1);
uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
uint8_t a1b1_x2 = gf4_mul_2(a1b1);
return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2);
}

static inline uint8_t gf16_squ(uint8_t a) {
uint8_t a0 = a & 3;
uint8_t a1 = (a >> 2);
a1 = gf4_squ(a1);
uint8_t a1squ_x2 = gf4_mul_2(a1);
return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0));
}

uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(uint8_t a) {
unsigned int a8 = a;
unsigned int r = ((unsigned int)0) - a8;
r >>= 8;
return r & 1;
}

static inline uint8_t gf4_mul_3(uint8_t a) {
uint8_t msk = (uint8_t)((a - 2) >> 1);
return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1)));
}
static inline uint8_t gf16_mul_8(uint8_t a) {
uint8_t a0 = a & 3;
uint8_t a1 = a >> 2;
return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1));
}

// gf256 := gf16[X]/X^2+X+xy
uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) {
uint8_t a0 = a & 15;
uint8_t a1 = (a >> 4);
uint8_t b0 = b & 15;
uint8_t b1 = (b >> 4);
uint8_t a0b0 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(a0, b0);
uint8_t a1b1 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(a1, b1);
uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
uint8_t a1b1_x8 = gf16_mul_8(a1b1);
return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8);
}

static inline uint8_t gf256_squ(uint8_t a) {
uint8_t a0 = a & 15;
uint8_t a1 = (a >> 4);
a1 = gf16_squ(a1);
uint8_t a1squ_x8 = gf16_mul_8(a1);
return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0));
}

uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_inv(uint8_t a) {
// 128+64+32+16+8+4+2 = 254
uint8_t a2 = gf256_squ(a);
uint8_t a4 = gf256_squ(a2);
uint8_t a8 = gf256_squ(a4);
uint8_t a4_2 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a4, a2);
uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a4_2, a8);
uint8_t a64_ = gf256_squ(a8_4_2);
a64_ = gf256_squ(a64_);
a64_ = gf256_squ(a64_);
uint8_t a64_2 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a64_, a8_4_2);
uint8_t a128_ = gf256_squ(a64_2);
return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a2, a128_);
}

+ 0
- 19
src/sign/rainbow/rainbowIII-classic/clean/gf.h View File

@@ -1,19 +0,0 @@
#ifndef _GF16_H_
#define _GF16_H_

#include "rainbow_config.h"
#include <stdint.h>

/// @file gf16.h
/// @brief Library for arithmetics in GF(16) and GF(256)
///

uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b);


uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(uint8_t a);
uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_inv(uint8_t a);
uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b);


#endif // _GF16_H_

+ 0
- 183
src/sign/rainbow/rainbowIII-classic/clean/parallel_matrix_op.c View File

@@ -1,183 +0,0 @@
/// @file parallel_matrix_op.c
/// @brief the standard implementations for functions in parallel_matrix_op.h
///
/// the standard implementations for functions in parallel_matrix_op.h
///

#include "parallel_matrix_op.h"
#include "blas.h"
#include "blas_comm.h"

///
/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
///
/// @param[in] i_row - the i-th row in an upper-triangle matrix.
/// @param[in] j_col - the j-th column in an upper-triangle matrix.
/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
/// @return the corresponding index in an array storage.
///
unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) {
return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row;
}

///
/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix.
///
/// @param[in] i_row - the i-th row in a triangle matrix.
/// @param[in] j_col - the j-th column in a triangle matrix.
/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix.
/// @return the corresponding index in an array storage.
///
static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) {
if (i_row > j_col) {
return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var);
}
return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var);
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) {
unsigned char *runningC = btriC;
unsigned int Aheight = Awidth;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < i; j++) {
unsigned int idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(j, i, Aheight);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch);
}
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i));
runningC += size_batch * (Aheight - i);
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Awidth = Bheight;
unsigned int Aheight = Awidth;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
if (k < i) {
continue;
}
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
btriA += (Aheight - i) * size_batch;
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Aheight = Bheight;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
if (i < k) {
continue;
}
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Aheight = Bheight;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
if (i == k) {
continue;
}
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Atr_height = Awidth;
unsigned int Atr_width = Aheight;
for (unsigned int i = 0; i < Atr_height; i++) {
for (unsigned int j = 0; j < Atr_width; j++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth);
}
bC += size_batch * Bwidth;
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
const unsigned char *bA = bA_to_tr;
unsigned int Aheight = Awidth_before_tr;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Awidth = Bheight;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
bA += (Awidth) * size_batch;
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) {
unsigned char tmp[256];

unsigned char _x[256];
for (unsigned int i = 0; i < dim; i++) {
_x[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(x, i);
}

PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(y, size_batch);
for (unsigned int i = 0; i < dim; i++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
for (unsigned int j = i; j < dim; j++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch);
trimat += size_batch;
}
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch);
}
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat,
const unsigned char *x, unsigned dim_x, unsigned size_batch) {
unsigned char tmp[128];

unsigned char _x[128];
for (unsigned int i = 0; i < dim_x; i++) {
_x[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(x, i);
}
unsigned char _y[128];
for (unsigned int i = 0; i < dim_y; i++) {
_y[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(y, i);
}

PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(z, size_batch);
for (unsigned int i = 0; i < dim_y; i++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
for (unsigned int j = 0; j < dim_x; j++) {
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch);
mat += size_batch;
}
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch);
}
}


+ 0
- 260
src/sign/rainbow/rainbowIII-classic/clean/parallel_matrix_op.h View File

@@ -1,260 +0,0 @@
#ifndef _P_MATRIX_OP_H_
#define _P_MATRIX_OP_H_
/// @file parallel_matrix_op.h
/// @brief Librarys for operations of batched matrixes.
///
///

//////////////// Section: triangle matrix <-> rectangle matrix ///////////////////////////////////

///
/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
///
/// @param[in] i_row - the i-th row in an upper-triangle matrix.
/// @param[in] j_col - the j-th column in an upper-triangle matrix.
/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
/// @return the corresponding index in an array storage.
///
unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim);

///
/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix.
///
/// @param[out] btriC - the batched upper-trianglized matrix C.
/// @param[in] bA - a batched retangle matrix A.
/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch);

//////////////////// Section: matrix multiplications ///////////////////////////////

///
/// @brief bC += btriA * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += btriA * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += btriA^Tr * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += btriA^Tr * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += (btriA + btriA^Tr) *B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += (btriA + btriA^Tr) *B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += A^Tr * bB , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
/// @param[in] Aheight - the height of A.
/// @param[in] size_Acolvec - the size of a column vector in A.
/// @param[in] Awidth - the width of A.
/// @param[in] bB - a batched matrix B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC,
const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += A^Tr * bB , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
/// @param[in] Aheight - the height of A.
/// @param[in] size_Acolvec - the size of a column vector in A.
/// @param[in] Awidth - the width of A.
/// @param[in] bB - a batched matrix B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC,
const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA^Tr * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
/// @param[in] Awidth_befor_tr - the width of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA^Tr * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
/// @param[in] Awidth_befor_tr - the width of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA - a batched matrix A.
/// @param[in] Aheigh - the height of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA - a batched matrix A.
/// @param[in] Aheigh - the height of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

//////////////////// Section: "quadratric" matrix evaluation ///////////////////////////////

///
/// @brief y = x^Tr * trimat * x , in GF(16)
///
/// @param[out] y - the returned batched element y.
/// @param[in] trimat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim - the dimension of matrix trimat (and x).
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);

///
/// @brief y = x^Tr * trimat * x , in GF(256)
///
/// @param[out] y - the returned batched element y.
/// @param[in] trimat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim - the dimension of matrix trimat (and x).
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);

///
/// @brief z = y^Tr * mat * x , in GF(16)
///
/// @param[out] z - the returned batched element z.
/// @param[in] y - an input vector y.
/// @param[in] dim_y - the length of y.
/// @param[in] mat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim_x - the length of x.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y,
const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);

///
/// @brief z = y^Tr * mat * x , in GF(256)
///
/// @param[out] z - the returned batched element z.
/// @param[in] y - an input vector y.
/// @param[in] dim_y - the length of y.
/// @param[in] mat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim_x - the length of x.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y,
const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);

#endif // _P_MATRIX_OP_H_

+ 0
- 168
src/sign/rainbow/rainbowIII-classic/clean/rainbow.c View File

@@ -1,168 +0,0 @@
/// @file rainbow.c
/// @brief The standard implementations for functions in rainbow.h
///

#include "blas.h"
#include "parallel_matrix_op.h"
#include "rainbow.h"
#include "rainbow_blas.h"
#include "rainbow_config.h"
#include "rainbow_keypair.h"
#include "utils_hash.h"
#include "utils_prng.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

#define MAX_ATTEMPT_FRMAT 128

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) {
uint8_t mat_l1[_O1 * _O1_BYTE];
uint8_t mat_l2[_O2 * _O2_BYTE];
uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE];

// setup PRNG
prng_t prng_sign;
uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN];
memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED);
memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest
uint8_t prng_seed[_HASH_LEN];
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest )
for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) {
prng_preseed[i] ^= prng_preseed[i]; // clean
}
for (unsigned int i = 0; i < _HASH_LEN; i++) {
prng_seed[i] ^= prng_seed[i]; // clean
}

// roll vinegars.
uint8_t vinegar[_V1_BYTE];
unsigned int n_attempt = 0;
unsigned int l1_succ = 0;
while (!l1_succ) {
if (MAX_ATTEMPT_FRMAT <= n_attempt) {
break;
}
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars
gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1
l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable
n_attempt++;
}

// Given the vinegars, pre-compute variables needed for layer 2
uint8_t r_l1_F1[_O1_BYTE] = {0};
uint8_t r_l2_F1[_O2_BYTE] = {0};
batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE);
batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE);
uint8_t mat_l2_F3[_O2 * _O2_BYTE];
uint8_t mat_l2_F2[_O1 * _O2_BYTE];
gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar);
gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar);

// Some local variables.
uint8_t _z[_PUB_M_BYTE];
uint8_t y[_PUB_M_BYTE];
uint8_t *x_v1 = vinegar;
uint8_t x_o1[_O1_BYTE];
uint8_t x_o2[_O2_BYTE];

uint8_t digest_salt[_HASH_LEN + _SALT_BYTE];
memcpy(digest_salt, _digest, _HASH_LEN);
uint8_t *salt = digest_salt + _HASH_LEN;

uint8_t temp_o[_MAX_O_BYTE + 32] = {0};
unsigned int succ = 0;
while (!succ) {
if (MAX_ATTEMPT_FRMAT <= n_attempt) {
break;
}
// The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w

PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt)

// y = S^-1 * z
memcpy(y, _z, _PUB_M_BYTE); // identity part of S
gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE);

// Central Map:
// layer 1: calculate x_o1
memcpy(temp_o, r_l1_F1, _O1_BYTE);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE);
gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o);

// layer 2: calculate x_o2
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE);
gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2
batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE);

// generate the linear equations of the 2nd layer
gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3
succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer);
gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs

n_attempt++;
};
// w = T^-1 * y
uint8_t w[_PUB_N_BYTE];
// identity part of T.
memcpy(w, x_v1, _V1_BYTE);
memcpy(w + _V1_BYTE, x_o1, _O1_BYTE);
memcpy(w + _V2_BYTE, x_o2, _O2_BYTE);
// Computing the t1 part.
gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
// Computing the t4 part.
gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
// Computing the t3 part.
gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE);

memset(signature, 0, _SIGNATURE_BYTE); // set the output 0
// clean
memset(&prng_sign, 0, sizeof(prng_t));
memset(vinegar, 0, _V1_BYTE);
memset(r_l1_F1, 0, _O1_BYTE);
memset(r_l2_F1, 0, _O2_BYTE);
memset(_z, 0, _PUB_M_BYTE);
memset(y, 0, _PUB_M_BYTE);
memset(x_o1, 0, _O1_BYTE);
memset(x_o2, 0, _O2_BYTE);
memset(temp_o, 0, sizeof(temp_o));

// return: copy w and salt to the signature.
if (MAX_ATTEMPT_FRMAT <= n_attempt) {
return -1;
}
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE);
return 0;
}

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) {
unsigned char digest_ck[_PUB_M_BYTE];
// public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials.
batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE);

unsigned char correct[_PUB_M_BYTE];
unsigned char digest_salt[_HASH_LEN + _SALT_BYTE];
memcpy(digest_salt, digest, _HASH_LEN);
memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt )

// check consistancy.
unsigned char cc = 0;
for (unsigned int i = 0; i < _PUB_M_BYTE; i++) {
cc |= (digest_ck[i] ^ correct[i]);
}
return (0 == cc) ? 0 : -1;
}



+ 0
- 33
src/sign/rainbow/rainbowIII-classic/clean/rainbow.h View File

@@ -1,33 +0,0 @@
#ifndef _RAINBOW_H_
#define _RAINBOW_H_
/// @file rainbow.h
/// @brief APIs for rainbow.
///

#include "rainbow_config.h"
#include "rainbow_keypair.h"

#include <stdint.h>

///
/// @brief Signing function for classical secret key.
///
/// @param[out] signature - the signature.
/// @param[in] sk - the secret key.
/// @param[in] digest - the digest.
///
int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest);

///
/// @brief Verifying function.
///
/// @param[in] digest - the digest.
/// @param[in] signature - the signature.
/// @param[in] pk - the public key.
/// @return 0 for successful verified. -1 for failed verification.
///
int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk);



#endif // _RAINBOW_H_

+ 0
- 32
src/sign/rainbow/rainbowIII-classic/clean/rainbow_blas.h View File

@@ -1,32 +0,0 @@
#ifndef _RAINBOW_BLAS_H_
#define _RAINBOW_BLAS_H_
/// @file rainbow_blas.h
/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
///
/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h

#include "blas.h"
#include "blas_comm.h"
#include "parallel_matrix_op.h"
#include "rainbow_config.h"


#define gfv_get_ele PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele
#define gfv_mul_scalar PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar
#define gfv_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd

#define gfmat_prod PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_prod
#define gfmat_inv PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_inv

#define batch_trimat_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf256
#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf256
#define batch_2trimat_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf256
#define batch_matTr_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf256
#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf256
#define batch_mat_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf256

#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf256
#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf256


#endif // _RAINBOW_BLAS_H_

+ 0
- 48
src/sign/rainbow/rainbowIII-classic/clean/rainbow_config.h View File

@@ -1,48 +0,0 @@
#ifndef _H_RAINBOW_CONFIG_H_
#define _H_RAINBOW_CONFIG_H_

/// @file rainbow_config.h
/// @brief Defining the parameters of the Rainbow and the corresponding constants.
///

#define _GFSIZE 256
#define _V1 68
#define _O1 32
#define _O2 48
#define _MAX_O 48
#define _HASH_LEN 48


#define _V2 ((_V1) + (_O1))

/// size of N, in # of gf elements.
#define _PUB_N (_V1 + _O1 + _O2)

/// size of M, in # gf elements.
#define _PUB_M (_O1 + _O2)

/// size of variables, in # bytes.

// GF256
#define _V1_BYTE (_V1)
#define _V2_BYTE (_V2)
#define _O1_BYTE (_O1)
#define _O2_BYTE (_O2)
#define _MAX_O_BYTE (_MAX_O)
#define _PUB_N_BYTE (_PUB_N)
#define _PUB_M_BYTE (_PUB_M)


/// length of seed for public key, in # bytes
#define LEN_PKSEED 32

/// length of seed for secret key, in # bytes
#define LEN_SKSEED 32

/// length of salt for a signature, in # bytes
#define _SALT_BYTE 16

/// length of a signature
#define _SIGNATURE_BYTE (_PUB_N_BYTE + _SALT_BYTE)

#endif // _H_RAINBOW_CONFIG_H_

+ 0
- 155
src/sign/rainbow/rainbowIII-classic/clean/rainbow_keypair.c View File

@@ -1,155 +0,0 @@
/// @file rainbow_keypair.c
/// @brief implementations of functions in rainbow_keypair.h
///

#include "rainbow_keypair.h"
#include "blas.h"
#include "blas_comm.h"
#include "rainbow_blas.h"
#include "rainbow_keypair_computation.h"
#include "utils_prng.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

static
void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) {
sk_t *_sk;
unsigned size;

size = sizeof(_sk->s1);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
s_and_t += size;

size = sizeof(_sk->t1);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
s_and_t += size;

size = sizeof(_sk->t4);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
s_and_t += size;

size = sizeof(_sk->t3);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
}


static
unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) {
unsigned n_byte_generated = 0;
sk_t *_sk;
unsigned size;

size = sizeof(_sk->l1_F1);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l1_F2);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
n_byte_generated += size;

return n_byte_generated;
}


static
unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) {
unsigned n_byte_generated = 0;
sk_t *_sk;
unsigned size;

size = sizeof(_sk->l2_F1);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F2);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F3);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F5);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F6);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
n_byte_generated += size;

return n_byte_generated;
}


static void generate_B1_B2(unsigned char *sk, prng_t *prng0) {
sk += generate_l1_F12(sk, prng0);
generate_l2_F12356(sk, prng0);
}

static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) {
// t4 = T_sk.t1 * T_sk.t3 - T_sk.t2
unsigned char temp[_V1_BYTE + 32];
unsigned char *t4 = t2_to_t4;
for (unsigned int i = 0; i < _O2; i++) { /// t3 width
gfmat_prod(temp, t1, _V1_BYTE, _O1, t3);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE);
t4 += _V1_BYTE;
t3 += _O1_BYTE;
}
}

static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) {
unsigned char temp[_O1_BYTE + 32];
while (n_terms--) {
gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE);
l1_polys += _O1_BYTE;
l2_polys += _O2_BYTE;
}
}

/////////////////// Classic //////////////////////////////////

static void generate_secretkey(sk_t *sk, const unsigned char *sk_seed) {
memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);

// set up prng
prng_t prng0;
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED);

// generating secret key with prng.
generate_S_T(sk->s1, &prng0);
generate_B1_B2(sk->l1_F1, &prng0);

// clean prng
memset(&prng0, 0, sizeof(prng_t));
}

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) {
generate_secretkey(sk, sk_seed);

// set up a temporary structure ext_cpk_t for calculating public key.
ext_cpk_t pk;

PQCLEAN_RAINBOWIIICLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format.
calculate_t4(sk->t4, sk->t1, sk->t3);

obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1);
obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1);
obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1);
obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1);
obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1);
obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1);
// so far, the pk contains the full pk but in ext_cpk_t format.

PQCLEAN_RAINBOWIIICLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t.
}




+ 0
- 61
src/sign/rainbow/rainbowIII-classic/clean/rainbow_keypair.h View File

@@ -1,61 +0,0 @@
#ifndef _RAINBOW_KEYPAIR_H_
#define _RAINBOW_KEYPAIR_H_
/// @file rainbow_keypair.h
/// @brief Formats of key pairs and functions for generating key pairs.
/// Formats of key pairs and functions for generating key pairs.
///

#include "rainbow_config.h"

#define N_TRIANGLE_TERMS(n_var) ((n_var) * ((n_var) + 1) / 2)

/// @brief public key for classic rainbow
///
/// public key for classic rainbow
///
typedef struct rainbow_publickey {
unsigned char pk[(_PUB_M_BYTE)*N_TRIANGLE_TERMS(_PUB_N)];
} pk_t;

/// @brief secret key for classic rainbow
///
/// secret key for classic rainbow
///
typedef struct rainbow_secretkey {
///
/// seed for generating secret key.
/// Generating S, T, and F for classic rainbow.
/// Generating S and T only for cyclic rainbow.
unsigned char sk_seed[LEN_SKSEED];

unsigned char s1[_O1_BYTE * _O2]; ///< part of S map
unsigned char t1[_V1_BYTE * _O1]; ///< part of T map
unsigned char t4[_V1_BYTE * _O2]; ///< part of T map
unsigned char t3[_O1_BYTE * _O2]; ///< part of T map

unsigned char l1_F1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer1
unsigned char l1_F2[_O1_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer1

unsigned char l2_F1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer2
unsigned char l2_F2[_O2_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer2

unsigned char l2_F3[_O2_BYTE * _V1 * _O2]; ///< part of C-map, F3, Layer2
unsigned char l2_F5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< part of C-map, F5, Layer2
unsigned char l2_F6[_O2_BYTE * _O1 * _O2]; ///< part of C-map, F6, Layer2
} sk_t;


///
/// @brief Generate key pairs for classic rainbow.
///
/// @param[out] pk - the public key.
/// @param[out] sk - the secret key.
/// @param[in] sk_seed - seed for generating the secret key.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed);





#endif // _RAINBOW_KEYPAIR_H_

+ 0
- 189
src/sign/rainbow/rainbowIII-classic/clean/rainbow_keypair_computation.c View File

@@ -1,189 +0,0 @@
/// @file rainbow_keypair_computation.c
/// @brief Implementations for functions in rainbow_keypair_computation.h
///

#include "rainbow_keypair_computation.h"
#include "blas.h"
#include "blas_comm.h"
#include "rainbow_blas.h"
#include "rainbow_keypair.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) {
const unsigned char *idx_l1 = cpk->l1_Q1;
const unsigned char *idx_l2 = cpk->l2_Q1;
for (unsigned int i = 0; i < _V1; i++) {
for (unsigned int j = i; j < _V1; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q2;
idx_l2 = cpk->l2_Q2;
for (unsigned int i = 0; i < _V1; i++) {
for (unsigned int j = _V1; j < _V1 + _O1; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q3;
idx_l2 = cpk->l2_Q3;
for (unsigned int i = 0; i < _V1; i++) {
for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q5;
idx_l2 = cpk->l2_Q5;
for (unsigned int i = _V1; i < _V1 + _O1; i++) {
for (unsigned int j = i; j < _V1 + _O1; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q6;
idx_l2 = cpk->l2_Q6;
for (unsigned int i = _V1; i < _V1 + _O1; i++) {
for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q9;
idx_l2 = cpk->l2_Q9;
for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) {
for (unsigned int j = i; j < _PUB_N; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
}

static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
/*
Layer 1
Computing :
Q_pk.l1_F1s[i] = F_sk.l1_F1s[i]

Q_pk.l1_F2s[i] = (F1* T1 + F2) + F1tr * t1
Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) )
*/
const unsigned char *t2 = Ts->t4;

memcpy(Qs->l1_Q1, Fs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1));

memcpy(Qs->l1_Q2, Fs->l1_F2, _O1_BYTE * _V1 * _O1);
batch_trimat_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2

memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2);
memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1));
memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2);
memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2));

// l1_Q5 : _O1_BYTE * _O1 * _O1
// l1_Q9 : _O1_BYTE * _O2 * _O2
// l2_Q5 : _O2_BYTE * _V1 * _O1
// l2_Q9 : _O2_BYTE * _V1 * _O2

unsigned char tempQ[_MAX_O_BYTE * _MAX_O * _MAX_O + 32];

memset(tempQ, 0, _O1_BYTE * _O1 * _O1); // l1_Q5
batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q2, _O1, _O1_BYTE); // t1_tr*(F1*T1 + F2)
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5

batch_trimatTr_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // Q2
/*
Computing:
F1_T2 = F1 * t2
F2_T3 = F2 * t3
F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3
Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2
Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) )
*/
batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2
batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F2_T3

memset(tempQ, 0, _O1_BYTE * _O2 * _O2); // l1_Q9
batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 )
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9

batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3

batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2
batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6

/*
layer 2
Computing:
Q1 = F1
Q2 = F1_F1T*T1 + F2
Q5 = UT( T1tr( F1*T1 + F2 ) + F5 )
*/
memcpy(Qs->l2_Q1, Fs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1));

memcpy(Qs->l2_Q2, Fs->l2_F2, _O2_BYTE * _V1 * _O1);
batch_trimat_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F1*T1 + F2

memcpy(Qs->l2_Q5, Fs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1));
memset(tempQ, 0, _O2_BYTE * _O1 * _O1); // l2_Q5
batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q2, _O1, _O2_BYTE); // t1_tr*(F1*T1 + F2)
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5

batch_trimatTr_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q2

/*
Computing:
F1_T2 = F1 * t2
F2_T3 = F2 * t3
F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2

Q3 = F1_F1T*T2 + F2*T3 + F3
Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) )
Q6 = T1tr*( F1_F1T*T2 + F2*T3 + F3 ) + F2Tr*T2 + F5_F5T*T3 + F6
*/
memcpy(Qs->l2_Q3, Fs->l2_F3, _O2_BYTE * _V1 * _O2);
batch_trimat_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3
batch_mat_madd(Qs->l2_Q3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3 + F3

memset(tempQ, 0, _O2_BYTE * _O2 * _O2); // l2_Q9
batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l2_Q3, _O2, _O2_BYTE); // T2tr * ( ..... )

memcpy(Qs->l2_Q6, Fs->l2_F6, _O2_BYTE * _O1 * _O2);

batch_trimat_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6
batch_matTr_madd(tempQ, Ts->t3, _O1, _O1_BYTE, _O2, Qs->l2_Q6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... )
memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9

batch_trimatTr_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1_F1T_T2 + F2_T3 + F3 // Q3

batch_bmatTr_madd(Qs->l2_Q6, Fs->l2_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 + F2tr*T2
batch_trimatTr_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F2tr*T2 + F5_F5T*T3 + F6
batch_matTr_madd(Qs->l2_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q3, _O2, _O2_BYTE); // Q6
}
#define calculate_Q_from_F_impl calculate_Q_from_F_ref
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
calculate_Q_from_F_impl(Qs, Fs, Ts);
}

+ 0
- 53
src/sign/rainbow/rainbowIII-classic/clean/rainbow_keypair_computation.h View File

@@ -1,53 +0,0 @@
#ifndef _RAINBOW_KEYPAIR_COMP_H_
#define _RAINBOW_KEYPAIR_COMP_H_
/// @file rainbow_keypair_computation.h
/// @brief Functions for calculating pk/sk while generating keys.
///
/// Defining an internal structure of public key.
/// Functions for calculating pk/sk for key generation.
///

#include "rainbow_keypair.h"

/// @brief The (internal use) public key for rainbow
///
/// The (internal use) public key for rainbow. The public
/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9,
/// l2_Q1, .... , l2_Q9.
///
typedef struct rainbow_extend_publickey {
unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)];
unsigned char l1_Q2[_O1_BYTE * _V1 * _O1];
unsigned char l1_Q3[_O1_BYTE * _V1 * _O2];
unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)];
unsigned char l1_Q6[_O1_BYTE * _O1 * _O2];
unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)];

unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)];
unsigned char l2_Q2[_O2_BYTE * _V1 * _O1];
unsigned char l2_Q3[_O2_BYTE * _V1 * _O2];
unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)];
unsigned char l2_Q6[_O2_BYTE * _O1 * _O2];
unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)];
} ext_cpk_t;

///
/// @brief converting formats of public keys : from ext_cpk_t version to pk_t
///
/// @param[out] pk - the classic public key.
/// @param[in] cpk - the internel public key.
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk);
/////////////////////////////////////////////////

///
/// @brief Computing public key from secret key
///
/// @param[out] Qs - the public key
/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
/// @param[in] Ts - parts of the secret key: T1, T4, T3
///
void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);


#endif // _RAINBOW_KEYPAIR_COMP_H_

+ 0
- 74
src/sign/rainbow/rainbowIII-classic/clean/sign.c View File

@@ -1,74 +0,0 @@
/// @file sign.c
/// @brief the implementations for functions in api.h
///
///

#include "api.h"
#include "rainbow.h"
#include "rainbow_config.h"
#include "rainbow_keypair.h"
#include "randombytes.h"
#include "utils_hash.h"
#include <stdlib.h>
#include <string.h>

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) {
unsigned char sk_seed[LEN_SKSEED] = {0};
randombytes(sk_seed, LEN_SKSEED);

PQCLEAN_RAINBOWIIICLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed);
return 0;
}

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) {
unsigned char digest[_HASH_LEN];

PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);

memcpy(sm, m, mlen);
smlen[0] = mlen + _SIGNATURE_BYTE;

return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest);
}

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) {
int rc;
if (_SIGNATURE_BYTE > smlen) {
rc = -1;
} else {
*mlen = smlen - _SIGNATURE_BYTE;

unsigned char digest[_HASH_LEN];
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen);

rc = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk);
}
if (!rc) {
memmove(m, sm, smlen - _SIGNATURE_BYTE);
} else { // bad signature
*mlen = (size_t) -1;
memset(m, 0, smlen);
}
return rc;
}

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_signature(
uint8_t *sig, size_t *siglen,
const uint8_t *m, size_t mlen, const uint8_t *sk) {
unsigned char digest[_HASH_LEN];

PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
*siglen = _SIGNATURE_BYTE;
return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest);
}

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_verify(
const uint8_t *sig, size_t siglen,
const uint8_t *m, size_t mlen, const uint8_t *pk) {
if (siglen != _SIGNATURE_BYTE) {
return -1;
}
unsigned char digest[_HASH_LEN];
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk);
}

+ 0
- 50
src/sign/rainbow/rainbowIII-classic/clean/utils_hash.c View File

@@ -1,50 +0,0 @@
/// @file utils_hash.c
/// @brief the adapter for SHA2 families.
///
///

#include "utils_hash.h"
#include "rainbow_config.h"
#include "sha2.h"

static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) {
sha384(digest, m, mlen);
return 0;
}

static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsigned char *hash) {
if (_HASH_LEN >= n_digest) {
for (size_t i = 0; i < n_digest; i++) {
digest[i] = hash[i];
}
return 0;
}
for (size_t i = 0; i < _HASH_LEN; i++) {
digest[i] = hash[i];
}
n_digest -= _HASH_LEN;

while (_HASH_LEN <= n_digest) {
h(digest + _HASH_LEN, digest, _HASH_LEN);

n_digest -= _HASH_LEN;
digest += _HASH_LEN;
}
unsigned char temp[_HASH_LEN];
if (n_digest) {
h(temp, digest, _HASH_LEN);
for (size_t i = 0; i < n_digest; i++) {
digest[_HASH_LEN + i] = temp[i];
}
}
return 0;
}

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(unsigned char *digest,
size_t len_digest,
const unsigned char *m,
size_t mlen) {
unsigned char buf[_HASH_LEN];
h(buf, m, mlen);
return expand_hash(digest, len_digest, buf);
}

+ 0
- 11
src/sign/rainbow/rainbowIII-classic/clean/utils_hash.h View File

@@ -1,11 +0,0 @@
#ifndef _UTILS_HASH_H_
#define _UTILS_HASH_H_
/// @file utils_hash.h
/// @brief the interface for adapting hash functions.
///

#include <stddef.h>

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen);

#endif // _UTILS_HASH_H_

+ 0
- 97
src/sign/rainbow/rainbowIII-classic/clean/utils_prng.c View File

@@ -1,97 +0,0 @@
/// @file utils_prng.c
/// @brief The implementation of PRNG related functions.
///

#include "utils_prng.h"
#include "aes.h"
#include "randombytes.h"
#include "utils_hash.h"
#include <stdlib.h>
#include <string.h>

static void prng_update(const unsigned char *provided_data,
unsigned char *Key,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
if (V[j] == 0xff) {
V[j] = 0x00;
} else {
V[j]++;
break;
}
}
aes256_ecb(temp + 16 * i, V, 1, &ctx);
}
if (provided_data != NULL) {
for (int i = 0; i < 48; i++) {
temp[i] ^= provided_data[i];
}
}
aes256_ctx_release(&ctx);
memcpy(Key, temp, 32);
memcpy(V, temp + 32, 16);
}
static void randombytes_init_with_state(prng_t *state,
unsigned char *entropy_input_48bytes) {
memset(state->Key, 0x00, 32);
memset(state->V, 0x00, 16);
prng_update(entropy_input_48bytes, state->Key, state->V);
}

static int randombytes_with_state(prng_t *state,
unsigned char *x,
size_t xlen) {

unsigned char block[16];
int i = 0;

aes256ctx ctx;
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V
for (int j = 15; j >= 0; j--) {
if (state->V[j] == 0xff) {
state->V[j] = 0x00;
} else {
state->V[j]++;
break;
}
}
aes256_ecb(block, state->V, 1, &ctx);
if (xlen > 15) {
memcpy(x + i, block, 16);
i += 16;
xlen -= 16;
} else {
memcpy(x + i, block, xlen);
xlen = 0;
}
}
aes256_ctx_release(&ctx);
prng_update(NULL, state->Key, state->V);
return 0;
}

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) {
unsigned char seed[48];
if (prng_seedlen >= 48) {
memcpy(seed, prng_seed, 48);
} else {
memcpy(seed, prng_seed, prng_seedlen);
PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen);
}

randombytes_init_with_state(ctx, seed);

return 0;
}

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) {
return randombytes_with_state(ctx, out, outlen);
}

+ 0
- 18
src/sign/rainbow/rainbowIII-classic/clean/utils_prng.h View File

@@ -1,18 +0,0 @@
#ifndef _UTILS_PRNG_H_
#define _UTILS_PRNG_H_
/// @file utils_prng.h
/// @brief the interface for adapting PRNG functions.
///
///

#include "randombytes.h"

typedef struct {
unsigned char Key[32];
unsigned char V[16];
} prng_t;

int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen);
int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen);

#endif // _UTILS_PRNG_H_

+ 0
- 16
src/sign/rainbow/rainbowV-classic/clean/CMakeLists.txt View File

@@ -1,16 +0,0 @@
set(
SRC_CLEAN_RAINBOW_V_CLASSSIC
blas.c
blas_comm.c
gf.c
parallel_matrix_op.c
rainbow.c
rainbow_keypair.c
rainbow_keypair_computation.c
sign.c
utils_hash.c
utils_prng.c)

define_sig_alg(
rainbowVclassic_clean
PQCLEAN_RAINBOWVCLASSIC_CLEAN "${SRC_CLEAN_RAINBOW_V_CLASSSIC}" "${CMAKE_CURRENT_SOURCE_DIR}")

+ 0
- 32
src/sign/rainbow/rainbowV-classic/clean/api.h View File

@@ -1,32 +0,0 @@
#ifndef PQCLEAN_RAINBOWVCLASSIC_CLEAN_API_H
#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_API_H

#include <stddef.h>
#include <stdint.h>

#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 1408736
#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 1930600
#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_BYTES 212
#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,96,36,64) - classic"

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);


int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_signature(
uint8_t *sig, size_t *siglen,
const uint8_t *m, size_t mlen, const uint8_t *sk);

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_verify(
const uint8_t *sig, size_t siglen,
const uint8_t *m, size_t mlen, const uint8_t *pk);

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
const uint8_t *m, size_t mlen,
const uint8_t *sk);

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
const uint8_t *sm, size_t smlen,
const uint8_t *pk);


#endif

+ 0
- 31
src/sign/rainbow/rainbowV-classic/clean/blas.c View File

@@ -1,31 +0,0 @@
#include "blas.h"
#include "gf.h"

#include <stddef.h>

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) {
uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate);
for (size_t i = 0; i < _num_byte; i++) {
accu_b[i] ^= (a[i] & pr_u8);
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
accu_b[i] ^= a[i];
}
}


void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
a[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a[i], b);
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
accu_c[i] ^= PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a[i], gf256_b);
}
}


+ 0
- 19
src/sign/rainbow/rainbowV-classic/clean/blas.h View File

@@ -1,19 +0,0 @@
#ifndef _BLAS_H_
#define _BLAS_H_
/// @file blas.h
/// @brief Functions for implementing basic linear algebra functions.
///

#include "rainbow_config.h"
#include <stddef.h>
#include <stdint.h>

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte);
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte);


void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte);
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte);


#endif // _BLAS_H_

+ 0
- 144
src/sign/rainbow/rainbowV-classic/clean/blas_comm.c View File

@@ -1,144 +0,0 @@
/// @file blas_comm.c
/// @brief The standard implementations for blas_comm.h
///

#include "blas_comm.h"
#include "blas.h"
#include "gf.h"
#include "rainbow_config.h"

#include <stdint.h>
#include <string.h>

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) {
for (size_t i = 0; i < _num_byte; i++) {
b[i] = 0;
}
}
/// @brief get an element from GF(256) vector .
///
/// @param[in] a - the input vector a.
/// @param[in] i - the index in the vector a.
/// @return the value of the element.
///
uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) {
return a[i];
}

unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) {
uint8_t r = 0;
while (_num_byte--) {
r |= a[0];
a++;
}
return (0 == r);
}

/// polynomial multplication
/// School boook
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1);
for (unsigned int i = 0; i < _num; i++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(c + i, a, b[i], _num);
}
}

static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte);
for (unsigned int i = 0; i < n_A_width; i++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte);
matA += n_A_vec_byte;
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) {
unsigned int n_vec_byte = len_vec;
for (unsigned int k = 0; k < len_vec; k++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte);
const uint8_t *bk = b + n_vec_byte * k;
for (unsigned int i = 0; i < len_vec; i++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte);
}
c += n_vec_byte;
}
}

static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) {
unsigned int r8 = 1;

for (unsigned int i = 0; i < h; i++) {
uint8_t *ai = mat + w * i;
unsigned int skip_len_align4 = i & ((unsigned int)~0x3);

for (unsigned int j = i + 1; j < h; j++) {
uint8_t *aj = mat + w * j;
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4);
}
r8 &= PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(ai[i]);
uint8_t pivot = ai[i];
pivot = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_inv(pivot);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4);
for (unsigned int j = 0; j < h; j++) {
if (i == j) {
continue;
}
uint8_t *aj = mat + w * j;
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4);
}
}

return r8;
}

static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
uint8_t mat[64 * 64];
for (unsigned int i = 0; i < n; i++) {
memcpy(mat + i * (n + 1), inp_mat + i * n, n);
mat[i * (n + 1) + n] = c_terms[i];
}
unsigned int r8 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1);
for (unsigned int i = 0; i < n; i++) {
sol[i] = mat[i * (n + 1) + n];
}
return r8;
}

static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) {
for (unsigned int i = 0; i < h; i++) {
for (unsigned int j = 0; j < w2; j++) {
mat2[i * w2 + j] = mat[i * w + st + j];
}
}
}

unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) {
uint8_t *aa = buffer;
for (unsigned int i = 0; i < H; i++) {
uint8_t *ai = aa + i * 2 * H;
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(ai, 2 * H);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(ai, a + i * H, H);
ai[H + i] = 1;
}
unsigned int r8 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H);
gf256mat_submat(inv_a, H, H, aa, 2 * H, H);
return r8;
}


// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE

#define gf256mat_prod_impl gf256mat_prod_ref
#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref
#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b);
}

unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) {
return gf256mat_gauss_elim_impl(mat, h, w);
}

unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n);
}


+ 0
- 90
src/sign/rainbow/rainbowV-classic/clean/blas_comm.h View File

@@ -1,90 +0,0 @@
#ifndef _BLAS_COMM_H_
#define _BLAS_COMM_H_
/// @file blas_comm.h
/// @brief Common functions for linear algebra.
///

#include "rainbow_config.h"
#include <stdint.h>

/// @brief set a vector to 0.
///
/// @param[in,out] b - the vector b.
/// @param[in] _num_byte - number of bytes for the vector b.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte);

/// @brief get an element from GF(256) vector .
///
/// @param[in] a - the input vector a.
/// @param[in] i - the index in the vector a.
/// @return the value of the element.
///
uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i);

/// @brief check if a vector is 0.
///
/// @param[in] a - the vector a.
/// @param[in] _num_byte - number of bytes for the vector a.
/// @return 1(true) if a is 0. 0(false) else.
///
unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte);

/// @brief polynomial multiplication: c = a*b
///
/// @param[out] c - the output polynomial c
/// @param[in] a - the vector a.
/// @param[in] b - the vector b.
/// @param[in] _num - number of elements for the polynomials a and b.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num);

/// @brief matrix-vector multiplication: c = matA * b , in GF(256)
///
/// @param[out] c - the output vector c
/// @param[in] matA - a column-major matrix A.
/// @param[in] n_A_vec_byte - the size of column vectors in bytes.
/// @param[in] n_A_width - the width of matrix A.
/// @param[in] b - the vector b.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b);

/// @brief matrix-matrix multiplication: c = a * b , in GF(256)
///
/// @param[out] c - the output matrix c
/// @param[in] c - a matrix a.
/// @param[in] b - a matrix b.
/// @param[in] len_vec - the length of column vectors.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec);

/// @brief Gauss elimination for a matrix, in GF(256)
///
/// @param[in,out] mat - the matrix.
/// @param[in] h - the height of the matrix.
/// @param[in] w - the width of the matrix.
/// @return 1(true) if success. 0(false) if the matrix is singular.
///
unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w);

/// @brief Solving linear equations, in GF(256)
///
/// @param[out] sol - the solutions.
/// @param[in] inp_mat - the matrix parts of input equations.
/// @param[in] c_terms - the constant terms of the input equations.
/// @param[in] n - the number of equations.
/// @return 1(true) if success. 0(false) if the matrix is singular.
///
unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n);

/// @brief Computing the inverse matrix, in GF(256)
///
/// @param[out] inv_a - the output of matrix a.
/// @param[in] a - a matrix a.
/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix.
/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes.
/// @return 1(true) if success. 0(false) if the matrix is singular.
///
unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer);

#endif // _BLAS_COMM_H_

+ 0
- 91
src/sign/rainbow/rainbowV-classic/clean/gf.c View File

@@ -1,91 +0,0 @@
#include "gf.h"

//// gf4 := gf2[x]/x^2+x+1
static inline uint8_t gf4_mul_2(uint8_t a) {
uint8_t r = (uint8_t)(a << 1);
r ^= (uint8_t)((a >> 1) * 7);
return r;
}

static inline uint8_t gf4_mul(uint8_t a, uint8_t b) {
uint8_t r = (uint8_t)(a * (b & 1));
return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1));
}

static inline uint8_t gf4_squ(uint8_t a) {
return a ^ (a >> 1);
}

//// gf16 := gf4[y]/y^2+y+x
uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) {
uint8_t a0 = a & 3;
uint8_t a1 = (a >> 2);
uint8_t b0 = b & 3;
uint8_t b1 = (b >> 2);
uint8_t a0b0 = gf4_mul(a0, b0);
uint8_t a1b1 = gf4_mul(a1, b1);
uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
uint8_t a1b1_x2 = gf4_mul_2(a1b1);
return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2);
}

static inline uint8_t gf16_squ(uint8_t a) {
uint8_t a0 = a & 3;
uint8_t a1 = (a >> 2);
a1 = gf4_squ(a1);
uint8_t a1squ_x2 = gf4_mul_2(a1);
return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0));
}

uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a) {
unsigned int a8 = a;
unsigned int r = ((unsigned int)0) - a8;
r >>= 8;
return r & 1;
}

static inline uint8_t gf4_mul_3(uint8_t a) {
uint8_t msk = (uint8_t)((a - 2) >> 1);
return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1)));
}
static inline uint8_t gf16_mul_8(uint8_t a) {
uint8_t a0 = a & 3;
uint8_t a1 = a >> 2;
return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1));
}

// gf256 := gf16[X]/X^2+X+xy
uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) {
uint8_t a0 = a & 15;
uint8_t a1 = (a >> 4);
uint8_t b0 = b & 15;
uint8_t b1 = (b >> 4);
uint8_t a0b0 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(a0, b0);
uint8_t a1b1 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(a1, b1);
uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
uint8_t a1b1_x8 = gf16_mul_8(a1b1);
return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8);
}

static inline uint8_t gf256_squ(uint8_t a) {
uint8_t a0 = a & 15;
uint8_t a1 = (a >> 4);
a1 = gf16_squ(a1);
uint8_t a1squ_x8 = gf16_mul_8(a1);
return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0));
}

uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_inv(uint8_t a) {
// 128+64+32+16+8+4+2 = 254
uint8_t a2 = gf256_squ(a);
uint8_t a4 = gf256_squ(a2);
uint8_t a8 = gf256_squ(a4);
uint8_t a4_2 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a4, a2);
uint8_t a8_4_2 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a4_2, a8);
uint8_t a64_ = gf256_squ(a8_4_2);
a64_ = gf256_squ(a64_);
a64_ = gf256_squ(a64_);
uint8_t a64_2 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a64_, a8_4_2);
uint8_t a128_ = gf256_squ(a64_2);
return PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a2, a128_);
}

+ 0
- 19
src/sign/rainbow/rainbowV-classic/clean/gf.h View File

@@ -1,19 +0,0 @@
#ifndef _GF16_H_
#define _GF16_H_

#include "rainbow_config.h"
#include <stdint.h>

/// @file gf16.h
/// @brief Library for arithmetics in GF(16) and GF(256)
///

uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b);


uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a);
uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_inv(uint8_t a);
uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b);


#endif // _GF16_H_

+ 0
- 183
src/sign/rainbow/rainbowV-classic/clean/parallel_matrix_op.c View File

@@ -1,183 +0,0 @@
/// @file parallel_matrix_op.c
/// @brief the standard implementations for functions in parallel_matrix_op.h
///
/// the standard implementations for functions in parallel_matrix_op.h
///

#include "parallel_matrix_op.h"
#include "blas.h"
#include "blas_comm.h"

///
/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
///
/// @param[in] i_row - the i-th row in an upper-triangle matrix.
/// @param[in] j_col - the j-th column in an upper-triangle matrix.
/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
/// @return the corresponding index in an array storage.
///
unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) {
return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row;
}

///
/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix.
///
/// @param[in] i_row - the i-th row in a triangle matrix.
/// @param[in] j_col - the j-th column in a triangle matrix.
/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix.
/// @return the corresponding index in an array storage.
///
static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) {
if (i_row > j_col) {
return PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var);
}
return PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var);
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) {
unsigned char *runningC = btriC;
unsigned int Aheight = Awidth;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < i; j++) {
unsigned int idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(j, i, Aheight);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch);
}
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i));
runningC += size_batch * (Aheight - i);
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Awidth = Bheight;
unsigned int Aheight = Awidth;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
if (k < i) {
continue;
}
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
btriA += (Aheight - i) * size_batch;
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Aheight = Bheight;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
if (i < k) {
continue;
}
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Aheight = Bheight;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
if (i == k) {
continue;
}
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Atr_height = Awidth;
unsigned int Atr_width = Aheight;
for (unsigned int i = 0; i < Atr_height; i++) {
for (unsigned int j = 0; j < Atr_width; j++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth);
}
bC += size_batch * Bwidth;
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
const unsigned char *bA = bA_to_tr;
unsigned int Aheight = Awidth_before_tr;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
unsigned int Awidth = Bheight;
for (unsigned int i = 0; i < Aheight; i++) {
for (unsigned int j = 0; j < Bwidth; j++) {
for (unsigned int k = 0; k < Bheight; k++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
}
bC += size_batch;
}
bA += (Awidth) * size_batch;
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) {
unsigned char tmp[256];

unsigned char _x[256];
for (unsigned int i = 0; i < dim; i++) {
_x[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(x, i);
}

PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(y, size_batch);
for (unsigned int i = 0; i < dim; i++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
for (unsigned int j = i; j < dim; j++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch);
trimat += size_batch;
}
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch);
}
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat,
const unsigned char *x, unsigned dim_x, unsigned size_batch) {
unsigned char tmp[128];

unsigned char _x[128];
for (unsigned int i = 0; i < dim_x; i++) {
_x[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(x, i);
}
unsigned char _y[128];
for (unsigned int i = 0; i < dim_y; i++) {
_y[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(y, i);
}

PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(z, size_batch);
for (unsigned int i = 0; i < dim_y; i++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
for (unsigned int j = 0; j < dim_x; j++) {
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch);
mat += size_batch;
}
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch);
}
}


+ 0
- 260
src/sign/rainbow/rainbowV-classic/clean/parallel_matrix_op.h View File

@@ -1,260 +0,0 @@
#ifndef _P_MATRIX_OP_H_
#define _P_MATRIX_OP_H_
/// @file parallel_matrix_op.h
/// @brief Librarys for operations of batched matrixes.
///
///

//////////////// Section: triangle matrix <-> rectangle matrix ///////////////////////////////////

///
/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
///
/// @param[in] i_row - the i-th row in an upper-triangle matrix.
/// @param[in] j_col - the j-th column in an upper-triangle matrix.
/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
/// @return the corresponding index in an array storage.
///
unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim);

///
/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix.
///
/// @param[out] btriC - the batched upper-trianglized matrix C.
/// @param[in] bA - a batched retangle matrix A.
/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch);

//////////////////// Section: matrix multiplications ///////////////////////////////

///
/// @brief bC += btriA * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += btriA * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += btriA^Tr * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += btriA^Tr * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += (btriA + btriA^Tr) *B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += (btriA + btriA^Tr) *B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += A^Tr * bB , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
/// @param[in] Aheight - the height of A.
/// @param[in] size_Acolvec - the size of a column vector in A.
/// @param[in] Awidth - the width of A.
/// @param[in] bB - a batched matrix B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC,
const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += A^Tr * bB , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
/// @param[in] Aheight - the height of A.
/// @param[in] size_Acolvec - the size of a column vector in A.
/// @param[in] Awidth - the width of A.
/// @param[in] bB - a batched matrix B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC,
const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA^Tr * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
/// @param[in] Awidth_befor_tr - the width of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA^Tr * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
/// @param[in] Awidth_befor_tr - the width of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA * B , in GF(16)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA - a batched matrix A.
/// @param[in] Aheigh - the height of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

///
/// @brief bC += bA * B , in GF(256)
///
/// @param[out] bC - the batched matrix C.
/// @param[in] bA - a batched matrix A.
/// @param[in] Aheigh - the height of A.
/// @param[in] B - a column-major matrix B.
/// @param[in] Bheight - the height of B.
/// @param[in] size_Bcolvec - the size of the column vector in B.
/// @param[in] Bwidth - the width of B.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);

//////////////////// Section: "quadratric" matrix evaluation ///////////////////////////////

///
/// @brief y = x^Tr * trimat * x , in GF(16)
///
/// @param[out] y - the returned batched element y.
/// @param[in] trimat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim - the dimension of matrix trimat (and x).
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);

///
/// @brief y = x^Tr * trimat * x , in GF(256)
///
/// @param[out] y - the returned batched element y.
/// @param[in] trimat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim - the dimension of matrix trimat (and x).
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);

///
/// @brief z = y^Tr * mat * x , in GF(16)
///
/// @param[out] z - the returned batched element z.
/// @param[in] y - an input vector y.
/// @param[in] dim_y - the length of y.
/// @param[in] mat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim_x - the length of x.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y,
const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);

///
/// @brief z = y^Tr * mat * x , in GF(256)
///
/// @param[out] z - the returned batched element z.
/// @param[in] y - an input vector y.
/// @param[in] dim_y - the length of y.
/// @param[in] mat - a batched matrix.
/// @param[in] x - an input vector x.
/// @param[in] dim_x - the length of x.
/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y,
const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);

#endif // _P_MATRIX_OP_H_

+ 0
- 168
src/sign/rainbow/rainbowV-classic/clean/rainbow.c View File

@@ -1,168 +0,0 @@
/// @file rainbow.c
/// @brief The standard implementations for functions in rainbow.h
///

#include "blas.h"
#include "parallel_matrix_op.h"
#include "rainbow.h"
#include "rainbow_blas.h"
#include "rainbow_config.h"
#include "rainbow_keypair.h"
#include "utils_hash.h"
#include "utils_prng.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

#define MAX_ATTEMPT_FRMAT 128

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) {
uint8_t mat_l1[_O1 * _O1_BYTE];
uint8_t mat_l2[_O2 * _O2_BYTE];
uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE];

// setup PRNG
prng_t prng_sign;
uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN];
memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED);
memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest
uint8_t prng_seed[_HASH_LEN];
PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest )
for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) {
prng_preseed[i] ^= prng_preseed[i]; // clean
}
for (unsigned int i = 0; i < _HASH_LEN; i++) {
prng_seed[i] ^= prng_seed[i]; // clean
}

// roll vinegars.
uint8_t vinegar[_V1_BYTE];
unsigned int n_attempt = 0;
unsigned int l1_succ = 0;
while (!l1_succ) {
if (MAX_ATTEMPT_FRMAT <= n_attempt) {
break;
}
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars
gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1
l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable
n_attempt++;
}

// Given the vinegars, pre-compute variables needed for layer 2
uint8_t r_l1_F1[_O1_BYTE] = {0};
uint8_t r_l2_F1[_O2_BYTE] = {0};
batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE);
batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE);
uint8_t mat_l2_F3[_O2 * _O2_BYTE];
uint8_t mat_l2_F2[_O1 * _O2_BYTE];
gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar);
gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar);

// Some local variables.
uint8_t _z[_PUB_M_BYTE];
uint8_t y[_PUB_M_BYTE];
uint8_t *x_v1 = vinegar;
uint8_t x_o1[_O1_BYTE];
uint8_t x_o2[_O2_BYTE];

uint8_t digest_salt[_HASH_LEN + _SALT_BYTE];
memcpy(digest_salt, _digest, _HASH_LEN);
uint8_t *salt = digest_salt + _HASH_LEN;

uint8_t temp_o[_MAX_O_BYTE + 32] = {0};
unsigned int succ = 0;
while (!succ) {
if (MAX_ATTEMPT_FRMAT <= n_attempt) {
break;
}
// The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w

PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt
PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt)

// y = S^-1 * z
memcpy(y, _z, _PUB_M_BYTE); // identity part of S
gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE);

// Central Map:
// layer 1: calculate x_o1
memcpy(temp_o, r_l1_F1, _O1_BYTE);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE);
gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o);

// layer 2: calculate x_o2
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE);
gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2
batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE);

// generate the linear equations of the 2nd layer
gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3
succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer);
gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs

n_attempt++;
};
// w = T^-1 * y
uint8_t w[_PUB_N_BYTE];
// identity part of T.
memcpy(w, x_v1, _V1_BYTE);
memcpy(w + _V1_BYTE, x_o1, _O1_BYTE);
memcpy(w + _V2_BYTE, x_o2, _O2_BYTE);
// Computing the t1 part.
gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
// Computing the t4 part.
gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
// Computing the t3 part.
gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE);

memset(signature, 0, _SIGNATURE_BYTE); // set the output 0
// clean
memset(&prng_sign, 0, sizeof(prng_t));
memset(vinegar, 0, _V1_BYTE);
memset(r_l1_F1, 0, _O1_BYTE);
memset(r_l2_F1, 0, _O2_BYTE);
memset(_z, 0, _PUB_M_BYTE);
memset(y, 0, _PUB_M_BYTE);
memset(x_o1, 0, _O1_BYTE);
memset(x_o2, 0, _O2_BYTE);
memset(temp_o, 0, sizeof(temp_o));

// return: copy w and salt to the signature.
if (MAX_ATTEMPT_FRMAT <= n_attempt) {
return -1;
}
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE);
return 0;
}

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) {
unsigned char digest_ck[_PUB_M_BYTE];
// public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials.
batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE);

unsigned char correct[_PUB_M_BYTE];
unsigned char digest_salt[_HASH_LEN + _SALT_BYTE];
memcpy(digest_salt, digest, _HASH_LEN);
memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt )

// check consistancy.
unsigned char cc = 0;
for (unsigned int i = 0; i < _PUB_M_BYTE; i++) {
cc |= (digest_ck[i] ^ correct[i]);
}
return (0 == cc) ? 0 : -1;
}



+ 0
- 33
src/sign/rainbow/rainbowV-classic/clean/rainbow.h View File

@@ -1,33 +0,0 @@
#ifndef _RAINBOW_H_
#define _RAINBOW_H_
/// @file rainbow.h
/// @brief APIs for rainbow.
///

#include "rainbow_config.h"
#include "rainbow_keypair.h"

#include <stdint.h>

///
/// @brief Signing function for classical secret key.
///
/// @param[out] signature - the signature.
/// @param[in] sk - the secret key.
/// @param[in] digest - the digest.
///
int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest);

///
/// @brief Verifying function.
///
/// @param[in] digest - the digest.
/// @param[in] signature - the signature.
/// @param[in] pk - the public key.
/// @return 0 for successful verified. -1 for failed verification.
///
int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk);



#endif // _RAINBOW_H_

+ 0
- 32
src/sign/rainbow/rainbowV-classic/clean/rainbow_blas.h View File

@@ -1,32 +0,0 @@
#ifndef _RAINBOW_BLAS_H_
#define _RAINBOW_BLAS_H_
/// @file rainbow_blas.h
/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
///
/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h

#include "blas.h"
#include "blas_comm.h"
#include "parallel_matrix_op.h"
#include "rainbow_config.h"


#define gfv_get_ele PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele
#define gfv_mul_scalar PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar
#define gfv_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd

#define gfmat_prod PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_prod
#define gfmat_inv PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_inv

#define batch_trimat_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf256
#define batch_trimatTr_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf256
#define batch_2trimat_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf256
#define batch_matTr_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf256
#define batch_bmatTr_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf256
#define batch_mat_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf256

#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf256
#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf256


#endif // _RAINBOW_BLAS_H_

+ 0
- 48
src/sign/rainbow/rainbowV-classic/clean/rainbow_config.h View File

@@ -1,48 +0,0 @@
#ifndef _H_RAINBOW_CONFIG_H_
#define _H_RAINBOW_CONFIG_H_

/// @file rainbow_config.h
/// @brief Defining the parameters of the Rainbow and the corresponding constants.
///

#define _GFSIZE 256
#define _V1 96
#define _O1 36
#define _O2 64
#define _MAX_O 64
#define _HASH_LEN 64


#define _V2 ((_V1) + (_O1))

/// size of N, in # of gf elements.
#define _PUB_N (_V1 + _O1 + _O2)

/// size of M, in # gf elements.
#define _PUB_M (_O1 + _O2)

/// size of variables, in # bytes.

// GF256
#define _V1_BYTE (_V1)
#define _V2_BYTE (_V2)
#define _O1_BYTE (_O1)
#define _O2_BYTE (_O2)
#define _MAX_O_BYTE (_MAX_O)
#define _PUB_N_BYTE (_PUB_N)
#define _PUB_M_BYTE (_PUB_M)


/// length of seed for public key, in # bytes
#define LEN_PKSEED 32

/// length of seed for secret key, in # bytes
#define LEN_SKSEED 32

/// length of salt for a signature, in # bytes
#define _SALT_BYTE 16

/// length of a signature
#define _SIGNATURE_BYTE (_PUB_N_BYTE + _SALT_BYTE)

#endif // _H_RAINBOW_CONFIG_H_

+ 0
- 155
src/sign/rainbow/rainbowV-classic/clean/rainbow_keypair.c View File

@@ -1,155 +0,0 @@
/// @file rainbow_keypair.c
/// @brief implementations of functions in rainbow_keypair.h
///

#include "rainbow_keypair.h"
#include "blas.h"
#include "blas_comm.h"
#include "rainbow_blas.h"
#include "rainbow_keypair_computation.h"
#include "utils_prng.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

static
void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) {
sk_t *_sk;
unsigned size;

size = sizeof(_sk->s1);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
s_and_t += size;

size = sizeof(_sk->t1);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
s_and_t += size;

size = sizeof(_sk->t4);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
s_and_t += size;

size = sizeof(_sk->t3);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
}


static
unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) {
unsigned n_byte_generated = 0;
sk_t *_sk;
unsigned size;

size = sizeof(_sk->l1_F1);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l1_F2);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
n_byte_generated += size;

return n_byte_generated;
}


static
unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) {
unsigned n_byte_generated = 0;
sk_t *_sk;
unsigned size;

size = sizeof(_sk->l2_F1);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F2);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F3);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F5);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
sk += size;
n_byte_generated += size;

size = sizeof(_sk->l2_F6);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
n_byte_generated += size;

return n_byte_generated;
}


static void generate_B1_B2(unsigned char *sk, prng_t *prng0) {
sk += generate_l1_F12(sk, prng0);
generate_l2_F12356(sk, prng0);
}

static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) {
// t4 = T_sk.t1 * T_sk.t3 - T_sk.t2
unsigned char temp[_V1_BYTE + 32];
unsigned char *t4 = t2_to_t4;
for (unsigned int i = 0; i < _O2; i++) { /// t3 width
gfmat_prod(temp, t1, _V1_BYTE, _O1, t3);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE);
t4 += _V1_BYTE;
t3 += _O1_BYTE;
}
}

static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) {
unsigned char temp[_O1_BYTE + 32];
while (n_terms--) {
gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE);
l1_polys += _O1_BYTE;
l2_polys += _O2_BYTE;
}
}

/////////////////// Classic //////////////////////////////////

static void generate_secretkey(sk_t *sk, const unsigned char *sk_seed) {
memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);

// set up prng
prng_t prng0;
PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED);

// generating secret key with prng.
generate_S_T(sk->s1, &prng0);
generate_B1_B2(sk->l1_F1, &prng0);

// clean prng
memset(&prng0, 0, sizeof(prng_t));
}

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) {
generate_secretkey(sk, sk_seed);

// set up a temporary structure ext_cpk_t for calculating public key.
ext_cpk_t pk;

PQCLEAN_RAINBOWVCLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format.
calculate_t4(sk->t4, sk->t1, sk->t3);

obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1);
obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1);
obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1);
obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1);
obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1);
obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1);
// so far, the pk contains the full pk but in ext_cpk_t format.

PQCLEAN_RAINBOWVCLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t.
}




+ 0
- 61
src/sign/rainbow/rainbowV-classic/clean/rainbow_keypair.h View File

@@ -1,61 +0,0 @@
#ifndef _RAINBOW_KEYPAIR_H_
#define _RAINBOW_KEYPAIR_H_
/// @file rainbow_keypair.h
/// @brief Formats of key pairs and functions for generating key pairs.
/// Formats of key pairs and functions for generating key pairs.
///

#include "rainbow_config.h"

#define N_TRIANGLE_TERMS(n_var) ((n_var) * ((n_var) + 1) / 2)

/// @brief public key for classic rainbow
///
/// public key for classic rainbow
///
typedef struct rainbow_publickey {
unsigned char pk[(_PUB_M_BYTE)*N_TRIANGLE_TERMS(_PUB_N)];
} pk_t;

/// @brief secret key for classic rainbow
///
/// secret key for classic rainbow
///
typedef struct rainbow_secretkey {
///
/// seed for generating secret key.
/// Generating S, T, and F for classic rainbow.
/// Generating S and T only for cyclic rainbow.
unsigned char sk_seed[LEN_SKSEED];

unsigned char s1[_O1_BYTE * _O2]; ///< part of S map
unsigned char t1[_V1_BYTE * _O1]; ///< part of T map
unsigned char t4[_V1_BYTE * _O2]; ///< part of T map
unsigned char t3[_O1_BYTE * _O2]; ///< part of T map

unsigned char l1_F1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer1
unsigned char l1_F2[_O1_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer1

unsigned char l2_F1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer2
unsigned char l2_F2[_O2_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer2

unsigned char l2_F3[_O2_BYTE * _V1 * _O2]; ///< part of C-map, F3, Layer2
unsigned char l2_F5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< part of C-map, F5, Layer2
unsigned char l2_F6[_O2_BYTE * _O1 * _O2]; ///< part of C-map, F6, Layer2
} sk_t;


///
/// @brief Generate key pairs for classic rainbow.
///
/// @param[out] pk - the public key.
/// @param[out] sk - the secret key.
/// @param[in] sk_seed - seed for generating the secret key.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed);





#endif // _RAINBOW_KEYPAIR_H_

+ 0
- 189
src/sign/rainbow/rainbowV-classic/clean/rainbow_keypair_computation.c View File

@@ -1,189 +0,0 @@
/// @file rainbow_keypair_computation.c
/// @brief Implementations for functions in rainbow_keypair_computation.h
///

#include "rainbow_keypair_computation.h"
#include "blas.h"
#include "blas_comm.h"
#include "rainbow_blas.h"
#include "rainbow_keypair.h"
#include <stdint.h>
#include <stdlib.h>
#include <string.h>

void PQCLEAN_RAINBOWVCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) {
const unsigned char *idx_l1 = cpk->l1_Q1;
const unsigned char *idx_l2 = cpk->l2_Q1;
for (unsigned int i = 0; i < _V1; i++) {
for (unsigned int j = i; j < _V1; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q2;
idx_l2 = cpk->l2_Q2;
for (unsigned int i = 0; i < _V1; i++) {
for (unsigned int j = _V1; j < _V1 + _O1; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q3;
idx_l2 = cpk->l2_Q3;
for (unsigned int i = 0; i < _V1; i++) {
for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q5;
idx_l2 = cpk->l2_Q5;
for (unsigned int i = _V1; i < _V1 + _O1; i++) {
for (unsigned int j = i; j < _V1 + _O1; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q6;
idx_l2 = cpk->l2_Q6;
for (unsigned int i = _V1; i < _V1 + _O1; i++) {
for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
idx_l1 = cpk->l1_Q9;
idx_l2 = cpk->l2_Q9;
for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) {
for (unsigned int j = i; j < _PUB_N; j++) {
unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
idx_l1 += _O1_BYTE;
idx_l2 += _O2_BYTE;
}
}
}

static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
/*
Layer 1
Computing :
Q_pk.l1_F1s[i] = F_sk.l1_F1s[i]

Q_pk.l1_F2s[i] = (F1* T1 + F2) + F1tr * t1
Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) )
*/
const unsigned char *t2 = Ts->t4;

memcpy(Qs->l1_Q1, Fs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1));

memcpy(Qs->l1_Q2, Fs->l1_F2, _O1_BYTE * _V1 * _O1);
batch_trimat_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2

memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2);
memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1));
memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2);
memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2));

// l1_Q5 : _O1_BYTE * _O1 * _O1
// l1_Q9 : _O1_BYTE * _O2 * _O2
// l2_Q5 : _O2_BYTE * _V1 * _O1
// l2_Q9 : _O2_BYTE * _V1 * _O2

unsigned char tempQ[_MAX_O_BYTE * _MAX_O * _MAX_O + 32];

memset(tempQ, 0, _O1_BYTE * _O1 * _O1); // l1_Q5
batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q2, _O1, _O1_BYTE); // t1_tr*(F1*T1 + F2)
PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5

batch_trimatTr_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // Q2
/*
Computing:
F1_T2 = F1 * t2
F2_T3 = F2 * t3
F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3
Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2
Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) )
*/
batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2
batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F2_T3

memset(tempQ, 0, _O1_BYTE * _O2 * _O2); // l1_Q9
batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 )
PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9

batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3

batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2
batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6

/*
layer 2
Computing:
Q1 = F1
Q2 = F1_F1T*T1 + F2
Q5 = UT( T1tr( F1*T1 + F2 ) + F5 )
*/
memcpy(Qs->l2_Q1, Fs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1));

memcpy(Qs->l2_Q2, Fs->l2_F2, _O2_BYTE * _V1 * _O1);
batch_trimat_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F1*T1 + F2

memcpy(Qs->l2_Q5, Fs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1));
memset(tempQ, 0, _O2_BYTE * _O1 * _O1); // l2_Q5
batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q2, _O1, _O2_BYTE); // t1_tr*(F1*T1 + F2)
PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5

batch_trimatTr_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q2

/*
Computing:
F1_T2 = F1 * t2
F2_T3 = F2 * t3
F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2

Q3 = F1_F1T*T2 + F2*T3 + F3
Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) )
Q6 = T1tr*( F1_F1T*T2 + F2*T3 + F3 ) + F2Tr*T2 + F5_F5T*T3 + F6
*/
memcpy(Qs->l2_Q3, Fs->l2_F3, _O2_BYTE * _V1 * _O2);
batch_trimat_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3
batch_mat_madd(Qs->l2_Q3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3 + F3

memset(tempQ, 0, _O2_BYTE * _O2 * _O2); // l2_Q9
batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l2_Q3, _O2, _O2_BYTE); // T2tr * ( ..... )

memcpy(Qs->l2_Q6, Fs->l2_F6, _O2_BYTE * _O1 * _O2);

batch_trimat_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6
batch_matTr_madd(tempQ, Ts->t3, _O1, _O1_BYTE, _O2, Qs->l2_Q6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... )
memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9

batch_trimatTr_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1_F1T_T2 + F2_T3 + F3 // Q3

batch_bmatTr_madd(Qs->l2_Q6, Fs->l2_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 + F2tr*T2
batch_trimatTr_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F2tr*T2 + F5_F5T*T3 + F6
batch_matTr_madd(Qs->l2_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q3, _O2, _O2_BYTE); // Q6
}
#define calculate_Q_from_F_impl calculate_Q_from_F_ref
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
calculate_Q_from_F_impl(Qs, Fs, Ts);
}

+ 0
- 53
src/sign/rainbow/rainbowV-classic/clean/rainbow_keypair_computation.h View File

@@ -1,53 +0,0 @@
#ifndef _RAINBOW_KEYPAIR_COMP_H_
#define _RAINBOW_KEYPAIR_COMP_H_
/// @file rainbow_keypair_computation.h
/// @brief Functions for calculating pk/sk while generating keys.
///
/// Defining an internal structure of public key.
/// Functions for calculating pk/sk for key generation.
///

#include "rainbow_keypair.h"

/// @brief The (internal use) public key for rainbow
///
/// The (internal use) public key for rainbow. The public
/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9,
/// l2_Q1, .... , l2_Q9.
///
typedef struct rainbow_extend_publickey {
unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)];
unsigned char l1_Q2[_O1_BYTE * _V1 * _O1];
unsigned char l1_Q3[_O1_BYTE * _V1 * _O2];
unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)];
unsigned char l1_Q6[_O1_BYTE * _O1 * _O2];
unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)];

unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)];
unsigned char l2_Q2[_O2_BYTE * _V1 * _O1];
unsigned char l2_Q3[_O2_BYTE * _V1 * _O2];
unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)];
unsigned char l2_Q6[_O2_BYTE * _O1 * _O2];
unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)];
} ext_cpk_t;

///
/// @brief converting formats of public keys : from ext_cpk_t version to pk_t
///
/// @param[out] pk - the classic public key.
/// @param[in] cpk - the internel public key.
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk);
/////////////////////////////////////////////////

///
/// @brief Computing public key from secret key
///
/// @param[out] Qs - the public key
/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
/// @param[in] Ts - parts of the secret key: T1, T4, T3
///
void PQCLEAN_RAINBOWVCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);


#endif // _RAINBOW_KEYPAIR_COMP_H_

+ 0
- 74
src/sign/rainbow/rainbowV-classic/clean/sign.c View File

@@ -1,74 +0,0 @@
/// @file sign.c
/// @brief the implementations for functions in api.h
///
///

#include "api.h"
#include "rainbow.h"
#include "rainbow_config.h"
#include "rainbow_keypair.h"
#include "randombytes.h"
#include "utils_hash.h"
#include <stdlib.h>
#include <string.h>

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) {
unsigned char sk_seed[LEN_SKSEED] = {0};
randombytes(sk_seed, LEN_SKSEED);

PQCLEAN_RAINBOWVCLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed);
return 0;
}

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) {
unsigned char digest[_HASH_LEN];

PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);

memcpy(sm, m, mlen);
smlen[0] = mlen + _SIGNATURE_BYTE;

return PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest);
}

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) {
int rc;
if (_SIGNATURE_BYTE > smlen) {
rc = -1;
} else {
*mlen = smlen - _SIGNATURE_BYTE;

unsigned char digest[_HASH_LEN];
PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen);

rc = PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk);
}
if (!rc) {
memmove(m, sm, smlen - _SIGNATURE_BYTE);
} else { // bad signature
*mlen = (size_t) -1;
memset(m, 0, smlen);
}
return rc;
}

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_signature(
uint8_t *sig, size_t *siglen,
const uint8_t *m, size_t mlen, const uint8_t *sk) {
unsigned char digest[_HASH_LEN];

PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
*siglen = _SIGNATURE_BYTE;
return PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest);
}

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_verify(
const uint8_t *sig, size_t siglen,
const uint8_t *m, size_t mlen, const uint8_t *pk) {
if (siglen != _SIGNATURE_BYTE) {
return -1;
}
unsigned char digest[_HASH_LEN];
PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
return PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk);
}

+ 0
- 50
src/sign/rainbow/rainbowV-classic/clean/utils_hash.c View File

@@ -1,50 +0,0 @@
/// @file utils_hash.c
/// @brief the adapter for SHA2 families.
///
///

#include "utils_hash.h"
#include "rainbow_config.h"
#include "sha2.h"

static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) {
sha512(digest, m, mlen);
return 0;
}

static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsigned char *hash) {
if (_HASH_LEN >= n_digest) {
for (size_t i = 0; i < n_digest; i++) {
digest[i] = hash[i];
}
return 0;
}
for (size_t i = 0; i < _HASH_LEN; i++) {
digest[i] = hash[i];
}
n_digest -= _HASH_LEN;

while (_HASH_LEN <= n_digest) {
h(digest + _HASH_LEN, digest, _HASH_LEN);

n_digest -= _HASH_LEN;
digest += _HASH_LEN;
}
unsigned char temp[_HASH_LEN];
if (n_digest) {
h(temp, digest, _HASH_LEN);
for (size_t i = 0; i < n_digest; i++) {
digest[_HASH_LEN + i] = temp[i];
}
}
return 0;
}

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(unsigned char *digest,
size_t len_digest,
const unsigned char *m,
size_t mlen) {
unsigned char buf[_HASH_LEN];
h(buf, m, mlen);
return expand_hash(digest, len_digest, buf);
}

+ 0
- 11
src/sign/rainbow/rainbowV-classic/clean/utils_hash.h View File

@@ -1,11 +0,0 @@
#ifndef _UTILS_HASH_H_
#define _UTILS_HASH_H_
/// @file utils_hash.h
/// @brief the interface for adapting hash functions.
///

#include <stddef.h>

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen);

#endif // _UTILS_HASH_H_

+ 0
- 97
src/sign/rainbow/rainbowV-classic/clean/utils_prng.c View File

@@ -1,97 +0,0 @@
/// @file utils_prng.c
/// @brief The implementation of PRNG related functions.
///

#include "utils_prng.h"
#include "aes.h"
#include "randombytes.h"
#include "utils_hash.h"
#include <stdlib.h>
#include <string.h>

static void prng_update(const unsigned char *provided_data,
unsigned char *Key,
unsigned char *V) {
unsigned char temp[48];
aes256ctx ctx;
aes256_ecb_keyexp(&ctx, Key);
for (int i = 0; i < 3; i++) {
//increment V
for (int j = 15; j >= 0; j--) {
if (V[j] == 0xff) {
V[j] = 0x00;
} else {
V[j]++;
break;
}
}
aes256_ecb(temp + 16 * i, V, 1, &ctx);
}
if (provided_data != NULL) {
for (int i = 0; i < 48; i++) {
temp[i] ^= provided_data[i];
}
}
aes256_ctx_release(&ctx);
memcpy(Key, temp, 32);
memcpy(V, temp + 32, 16);
}
static void randombytes_init_with_state(prng_t *state,
unsigned char *entropy_input_48bytes) {
memset(state->Key, 0x00, 32);
memset(state->V, 0x00, 16);
prng_update(entropy_input_48bytes, state->Key, state->V);
}

static int randombytes_with_state(prng_t *state,
unsigned char *x,
size_t xlen) {

unsigned char block[16];
int i = 0;

aes256ctx ctx;
aes256_ecb_keyexp(&ctx, state->Key);

while (xlen > 0) {
//increment V
for (int j = 15; j >= 0; j--) {
if (state->V[j] == 0xff) {
state->V[j] = 0x00;
} else {
state->V[j]++;
break;
}
}
aes256_ecb(block, state->V, 1, &ctx);
if (xlen > 15) {
memcpy(x + i, block, 16);
i += 16;
xlen -= 16;
} else {
memcpy(x + i, block, xlen);
xlen = 0;
}
}
aes256_ctx_release(&ctx);
prng_update(NULL, state->Key, state->V);
return 0;
}

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) {
unsigned char seed[48];
if (prng_seedlen >= 48) {
memcpy(seed, prng_seed, 48);
} else {
memcpy(seed, prng_seed, prng_seedlen);
PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen);
}

randombytes_init_with_state(ctx, seed);

return 0;
}

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) {
return randombytes_with_state(ctx, out, outlen);
}

+ 0
- 18
src/sign/rainbow/rainbowV-classic/clean/utils_prng.h View File

@@ -1,18 +0,0 @@
#ifndef _UTILS_PRNG_H_
#define _UTILS_PRNG_H_
/// @file utils_prng.h
/// @brief the interface for adapting PRNG functions.
///
///

#include "randombytes.h"

typedef struct {
unsigned char Key[32];
unsigned char V[16];
} prng_t;

int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen);
int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen);

#endif // _UTILS_PRNG_H_

+ 0
- 5
test/katrunner/src/main.rs View File

@@ -219,11 +219,6 @@ const KATS: &'static[Register] = &[
REG_KEM!(PQC_ALG_KEM_HQCRMRS192, "round3/hqc/hqc-192/hqc-192_kat.rsp"),
REG_KEM!(PQC_ALG_KEM_HQCRMRS256, "round3/hqc/hqc-256/hqc-256_kat.rsp"),
REG_KEM!(PQC_ALG_KEM_SIKE434, "round3/sike/PQCkemKAT_374.rsp"),

// Those are Round2. KATs are very big, so skip testing until it makes sense to do so.
//REG_SIGN!(PQC_ALG_SIG_RAINBOWVCLASSIC),
//REG_SIGN!(PQC_ALG_SIG_RAINBOWICLASSIC),
//REG_SIGN!(PQC_ALG_SIG_RAINBOWIIICLASSIC),
];

fn execute(kat_dir: String, thc: usize, file_filter: &str) {


Write Preview
Loading…
Cancel
Save