kris
/
pqcrypto
mirror of https://github.com/henrydcase/pqc.git
1
1
Fork 0
Code Issues 1 Releases 2 Wiki Activity
Browse Source

NTRU Prime: Simplified patch set

tags/v0.0.1
John M. Schanck 4 years ago
committed by Kris Kwiatkowski
parent
2c5eb2a732
commit
b568d01ac6
78 changed files with 746 additions and 320 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +17
    -15
      crypto_kem/ntrulpr653/avx2/crypto_sort_int32.c
  2. +4
    -6
      crypto_kem/ntrulpr653/avx2/crypto_sort_int32.h
  3. +3
    -5
      crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.c
  4. +2
    -4
      crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.h
  5. +2
    -0
      crypto_kem/ntrulpr653/avx2/params.h
  6. +4
    -4
      crypto_kem/ntrulpr653/clean/crypto_encode_653x3.c
  7. +74
    -4
      crypto_kem/ntrulpr653/clean/crypto_sort_int32.c
  8. +2
    -4
      crypto_kem/ntrulpr653/clean/crypto_sort_int32.h
  9. +3
    -5
      crypto_kem/ntrulpr653/clean/crypto_sort_uint32.c
  10. +2
    -4
      crypto_kem/ntrulpr653/clean/crypto_sort_uint32.h
  11. +4
    -2
      crypto_kem/ntrulpr653/clean/params.h
  12. +17
    -15
      crypto_kem/ntrulpr761/avx2/crypto_sort_int32.c
  13. +4
    -6
      crypto_kem/ntrulpr761/avx2/crypto_sort_int32.h
  14. +3
    -5
      crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.c
  15. +2
    -4
      crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.h
  16. +2
    -0
      crypto_kem/ntrulpr761/avx2/params.h
  17. +5
    -5
      crypto_kem/ntrulpr761/clean/crypto_encode_761x3.c
  18. +74
    -4
      crypto_kem/ntrulpr761/clean/crypto_sort_int32.c
  19. +2
    -4
      crypto_kem/ntrulpr761/clean/crypto_sort_int32.h
  20. +3
    -5
      crypto_kem/ntrulpr761/clean/crypto_sort_uint32.c
  21. +2
    -4
      crypto_kem/ntrulpr761/clean/crypto_sort_uint32.h
  22. +4
    -2
      crypto_kem/ntrulpr761/clean/params.h
  23. +17
    -15
      crypto_kem/ntrulpr857/avx2/crypto_sort_int32.c
  24. +4
    -6
      crypto_kem/ntrulpr857/avx2/crypto_sort_int32.h
  25. +3
    -5
      crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.c
  26. +2
    -4
      crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.h
  27. +2
    -0
      crypto_kem/ntrulpr857/avx2/params.h
  28. +4
    -4
      crypto_kem/ntrulpr857/clean/crypto_encode_857x3.c
  29. +74
    -4
      crypto_kem/ntrulpr857/clean/crypto_sort_int32.c
  30. +2
    -4
      crypto_kem/ntrulpr857/clean/crypto_sort_int32.h
  31. +3
    -5
      crypto_kem/ntrulpr857/clean/crypto_sort_uint32.c
  32. +2
    -4
      crypto_kem/ntrulpr857/clean/crypto_sort_uint32.h
  33. +4
    -2
      crypto_kem/ntrulpr857/clean/params.h
  34. +17
    -15
      crypto_kem/sntrup653/avx2/crypto_sort_int32.c
  35. +4
    -6
      crypto_kem/sntrup653/avx2/crypto_sort_int32.h
  36. +3
    -5
      crypto_kem/sntrup653/avx2/crypto_sort_uint32.c
  37. +2
    -4
      crypto_kem/sntrup653/avx2/crypto_sort_uint32.h
  38. +3
    -1
      crypto_kem/sntrup653/avx2/params.h
  39. +4
    -4
      crypto_kem/sntrup653/clean/crypto_encode_653x3.c
  40. +74
    -4
      crypto_kem/sntrup653/clean/crypto_sort_int32.c
  41. +2
    -4
      crypto_kem/sntrup653/clean/crypto_sort_int32.h
  42. +3
    -5
      crypto_kem/sntrup653/clean/crypto_sort_uint32.c
  43. +2
    -4
      crypto_kem/sntrup653/clean/crypto_sort_uint32.h
  44. +3
    -1
      crypto_kem/sntrup653/clean/params.h
  45. +17
    -15
      crypto_kem/sntrup761/avx2/crypto_sort_int32.c
  46. +4
    -6
      crypto_kem/sntrup761/avx2/crypto_sort_int32.h
  47. +3
    -5
      crypto_kem/sntrup761/avx2/crypto_sort_uint32.c
  48. +2
    -4
      crypto_kem/sntrup761/avx2/crypto_sort_uint32.h
  49. +3
    -1
      crypto_kem/sntrup761/avx2/params.h
  50. +5
    -5
      crypto_kem/sntrup761/clean/crypto_encode_761x3.c
  51. +74
    -4
      crypto_kem/sntrup761/clean/crypto_sort_int32.c
  52. +2
    -4
      crypto_kem/sntrup761/clean/crypto_sort_int32.h
  53. +3
    -5
      crypto_kem/sntrup761/clean/crypto_sort_uint32.c
  54. +2
    -4
      crypto_kem/sntrup761/clean/crypto_sort_uint32.h
  55. +3
    -1
      crypto_kem/sntrup761/clean/params.h
  56. +17
    -15
      crypto_kem/sntrup857/avx2/crypto_sort_int32.c
  57. +4
    -6
      crypto_kem/sntrup857/avx2/crypto_sort_int32.h
  58. +3
    -5
      crypto_kem/sntrup857/avx2/crypto_sort_uint32.c
  59. +2
    -4
      crypto_kem/sntrup857/avx2/crypto_sort_uint32.h
  60. +3
    -1
      crypto_kem/sntrup857/avx2/params.h
  61. +4
    -4
      crypto_kem/sntrup857/clean/crypto_encode_857x3.c
  62. +74
    -4
      crypto_kem/sntrup857/clean/crypto_sort_int32.c
  63. +2
    -4
      crypto_kem/sntrup857/clean/crypto_sort_int32.h
  64. +3
    -5
      crypto_kem/sntrup857/clean/crypto_sort_uint32.c
  65. +2
    -4
      crypto_kem/sntrup857/clean/crypto_sort_uint32.h
  66. +3
    -1
      crypto_kem/sntrup857/clean/params.h
  67. +6
    -0
      test/duplicate_consistency/ntrulpr653_avx2.yml
  68. +6
    -0
      test/duplicate_consistency/ntrulpr653_clean.yml
  69. +5
    -0
      test/duplicate_consistency/ntrulpr761_avx2.yml
  70. +5
    -0
      test/duplicate_consistency/ntrulpr761_clean.yml
  71. +4
    -0
      test/duplicate_consistency/ntrulpr857_avx2.yml
  72. +4
    -0
      test/duplicate_consistency/ntrulpr857_clean.yml
  73. +3
    -0
      test/duplicate_consistency/sntrup653_avx2.yml
  74. +3
    -0
      test/duplicate_consistency/sntrup653_clean.yml
  75. +2
    -0
      test/duplicate_consistency/sntrup761_avx2.yml
  76. +2
    -0
      test/duplicate_consistency/sntrup761_clean.yml
  77. +1
    -0
      test/duplicate_consistency/sntrup857_avx2.yml
  78. +1
    -0
      test/duplicate_consistency/sntrup857_clean.yml

+ 17
- 15
crypto_kem/ntrulpr653/avx2/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2


#define int32 int32_t

@@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c;
}

static void minmax_vector(int32 *x, int32 *y, size_t n) {
if ((long long) n < 8) {
while ((long long) n > 0) {
static void minmax_vector(int32 *x, int32 *y, long long n) {
if (n < 8) {
while (n > 0) {
int32_MINMAX(x, y);
++x;
++y;
@@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7;
n &= ~7;
}
do {
int32x8 x0 = int32x8_load(x);
@@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
}

/* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) {
size_t i;
static void int32_twostages_32(int32 *x, long long n) {
long long i;

while (n > 0) {
for (i = 0; i < 32; i += 8) {
@@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
}

/* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) {
size_t k, i;
static long long int32_threestages(int32 *x, long long n, long long q) {
long long k, i;

for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) {
@@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {

/* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
size_t p, q, i, j, k;
static void int32_sort_2power(int32 *x, long long n, int flagdown) {
long long p, q, i, j, k;
int32x8 mask;

if (n == 8) {
@@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
}
}

void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(int32 *x, size_t n) {
size_t q, i, j;
static void int32_sort(int32 *x, long long n) {
long long q, i, j;

if (n <= 8) {
if (n == 8) {
@@ -968,7 +966,7 @@ void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(int32 *x, size_t n) {
}

int32_sort_2power(x, q, 1);
PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(x + q, n - q);
int32_sort(x + q, n - q);

while (q >= 64) {
q >>= 2;
@@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]);
}
}

void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

+ 4
- 6
crypto_kem/ntrulpr653/avx2/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT
#define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT
#ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32_BYTES 4


void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(int32_t *x, size_t n);

void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32_BYTES 4


void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(void *array, long long n);
#endif

+ 2
- 0
crypto_kem/ntrulpr653/avx2/params.h View File

@@ -13,6 +13,8 @@
#include "crypto_encode_653x1541round.h"
#include "crypto_encode_653x3.h"
#include "crypto_encode_653xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1025.h"




+ 4
- 4
crypto_kem/ntrulpr653/clean/crypto_encode_653x3.c View File

@@ -10,10 +10,10 @@ void PQCLEAN_NTRULPR653_CLEAN_crypto_encode_653x3(unsigned char *s, const void *
int i;

for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1);
x = (uint8) (x + ((*f++ + 1) << 2));
x = (uint8) (x + ((*f++ + 1) << 4));
x = (uint8) (x + ((*f++ + 1) << 6));
x = *f++ + 1;
x += (*f++ + 1) << 2;
x += (*f++ + 1) << 4;
x += (*f++ + 1) << 6;
*s++ = x;
}
x = *f++ + 1;


+ 74
- 4
crypto_kem/ntrulpr653/clean/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86


#define int32 int32_t

@@ -17,10 +15,82 @@
} while(0)

/* assume 2 <= n <= 0x40000000 */
void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(int32 *array, size_t n) {
size_t top, p, q, r, i, j;
static void crypto_sort_smallindices(int32 *x, int32 n) {
int32 top, p, q, r, i, j;

top = 1;
while (top < n - top) {
top += top;
}

for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}

i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}

done:
;
}
}
}

void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array;

if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1;
while (top < n - top) {
top += top;


+ 2
- 4
crypto_kem/ntrulpr653/clean/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32_BYTES 4


void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(int32_t *array, size_t n);

void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/ntrulpr653/clean/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/ntrulpr653/clean/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32_BYTES 4


void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(void *array, long long n);
#endif

+ 4
- 2
crypto_kem/ntrulpr653/clean/params.h View File

@@ -13,14 +13,16 @@
#include "crypto_encode_653x1541round.h"
#include "crypto_encode_653x3.h"
#include "crypto_encode_653xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1025.h"


#define p 653
#define q 4621
#define w 252
#define q27 29045 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */
#define q 4621
#define w 252
#define tau0 2175
#define tau1 113
#define tau2 2031


+ 17
- 15
crypto_kem/ntrulpr761/avx2/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2


#define int32 int32_t

@@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c;
}

static void minmax_vector(int32 *x, int32 *y, size_t n) {
if ((long long) n < 8) {
while ((long long) n > 0) {
static void minmax_vector(int32 *x, int32 *y, long long n) {
if (n < 8) {
while (n > 0) {
int32_MINMAX(x, y);
++x;
++y;
@@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7;
n &= ~7;
}
do {
int32x8 x0 = int32x8_load(x);
@@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
}

/* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) {
size_t i;
static void int32_twostages_32(int32 *x, long long n) {
long long i;

while (n > 0) {
for (i = 0; i < 32; i += 8) {
@@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
}

/* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) {
size_t k, i;
static long long int32_threestages(int32 *x, long long n, long long q) {
long long k, i;

for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) {
@@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {

/* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
size_t p, q, i, j, k;
static void int32_sort_2power(int32 *x, long long n, int flagdown) {
long long p, q, i, j, k;
int32x8 mask;

if (n == 8) {
@@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
}
}

void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(int32 *x, size_t n) {
size_t q, i, j;
static void int32_sort(int32 *x, long long n) {
long long q, i, j;

if (n <= 8) {
if (n == 8) {
@@ -968,7 +966,7 @@ void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(int32 *x, size_t n) {
}

int32_sort_2power(x, q, 1);
PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(x + q, n - q);
int32_sort(x + q, n - q);

while (q >= 64) {
q >>= 2;
@@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]);
}
}

void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

+ 4
- 6
crypto_kem/ntrulpr761/avx2/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT
#define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT
#ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32_BYTES 4


void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(int32_t *x, size_t n);

void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32_BYTES 4


void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(void *array, long long n);
#endif

+ 2
- 0
crypto_kem/ntrulpr761/avx2/params.h View File

@@ -13,6 +13,8 @@
#include "crypto_encode_761x1531round.h"
#include "crypto_encode_761x3.h"
#include "crypto_encode_761xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1167.h"




+ 5
- 5
crypto_kem/ntrulpr761/clean/crypto_encode_761x3.c View File

@@ -5,15 +5,15 @@
#define p 761

void PQCLEAN_NTRULPR761_CLEAN_crypto_encode_761x3(unsigned char *s, const void *v) {
const uint8 *f = (const uint8 *)v;
const uint8 *f = v;
uint8 x;
int i;

for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1);
x = (uint8) (x + ((*f++ + 1) << 2));
x = (uint8) (x + ((*f++ + 1) << 4));
x = (uint8) (x + ((*f++ + 1) << 6));
x = *f++ + 1;
x += (*f++ + 1) << 2;
x += (*f++ + 1) << 4;
x += (*f++ + 1) << 6;
*s++ = x;
}
x = *f++ + 1;


+ 74
- 4
crypto_kem/ntrulpr761/clean/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86


#define int32 int32_t

@@ -17,10 +15,82 @@
} while(0)

/* assume 2 <= n <= 0x40000000 */
void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(int32 *array, size_t n) {
size_t top, p, q, r, i, j;
static void crypto_sort_smallindices(int32 *x, int32 n) {
int32 top, p, q, r, i, j;

top = 1;
while (top < n - top) {
top += top;
}

for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}

i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}

done:
;
}
}
}

void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array;

if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1;
while (top < n - top) {
top += top;


+ 2
- 4
crypto_kem/ntrulpr761/clean/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32_BYTES 4


void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(int32_t *array, size_t n);

void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/ntrulpr761/clean/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/ntrulpr761/clean/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32_BYTES 4


void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(void *array, long long n);
#endif

+ 4
- 2
crypto_kem/ntrulpr761/clean/params.h View File

@@ -13,14 +13,16 @@
#include "crypto_encode_761x1531round.h"
#include "crypto_encode_761x3.h"
#include "crypto_encode_761xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1167.h"


#define p 761
#define q 4591
#define w 250
#define q27 29235 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */
#define q 4591
#define w 250
#define tau0 2156
#define tau1 114
#define tau2 2007


+ 17
- 15
crypto_kem/ntrulpr857/avx2/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2


#define int32 int32_t

@@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c;
}

static void minmax_vector(int32 *x, int32 *y, size_t n) {
if ((long long) n < 8) {
while ((long long) n > 0) {
static void minmax_vector(int32 *x, int32 *y, long long n) {
if (n < 8) {
while (n > 0) {
int32_MINMAX(x, y);
++x;
++y;
@@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7;
n &= ~7;
}
do {
int32x8 x0 = int32x8_load(x);
@@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
}

/* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) {
size_t i;
static void int32_twostages_32(int32 *x, long long n) {
long long i;

while (n > 0) {
for (i = 0; i < 32; i += 8) {
@@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
}

/* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) {
size_t k, i;
static long long int32_threestages(int32 *x, long long n, long long q) {
long long k, i;

for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) {
@@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {

/* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
size_t p, q, i, j, k;
static void int32_sort_2power(int32 *x, long long n, int flagdown) {
long long p, q, i, j, k;
int32x8 mask;

if (n == 8) {
@@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
}
}

void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(int32 *x, size_t n) {
size_t q, i, j;
static void int32_sort(int32 *x, long long n) {
long long q, i, j;

if (n <= 8) {
if (n == 8) {
@@ -968,7 +966,7 @@ void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(int32 *x, size_t n) {
}

int32_sort_2power(x, q, 1);
PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(x + q, n - q);
int32_sort(x + q, n - q);

while (q >= 64) {
q >>= 2;
@@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]);
}
}

void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

+ 4
- 6
crypto_kem/ntrulpr857/avx2/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT
#define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT
#ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32_BYTES 4


void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(int32_t *x, size_t n);

void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32_BYTES 4


void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(void *array, long long n);
#endif

+ 2
- 0
crypto_kem/ntrulpr857/avx2/params.h View File

@@ -13,6 +13,8 @@
#include "crypto_encode_857x1723round.h"
#include "crypto_encode_857x3.h"
#include "crypto_encode_857xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1312.h"




+ 4
- 4
crypto_kem/ntrulpr857/clean/crypto_encode_857x3.c View File

@@ -10,10 +10,10 @@ void PQCLEAN_NTRULPR857_CLEAN_crypto_encode_857x3(unsigned char *s, const void *
int i;

for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1);
x = (uint8) (x + ((*f++ + 1) << 2));
x = (uint8) (x + ((*f++ + 1) << 4));
x = (uint8) (x + ((*f++ + 1) << 6));
x = *f++ + 1;
x += (*f++ + 1) << 2;
x += (*f++ + 1) << 4;
x += (*f++ + 1) << 6;
*s++ = x;
}
x = *f++ + 1;


+ 74
- 4
crypto_kem/ntrulpr857/clean/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86


#define int32 int32_t

@@ -17,10 +15,82 @@
} while(0)

/* assume 2 <= n <= 0x40000000 */
void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(int32 *array, size_t n) {
size_t top, p, q, r, i, j;
static void crypto_sort_smallindices(int32 *x, int32 n) {
int32 top, p, q, r, i, j;

top = 1;
while (top < n - top) {
top += top;
}

for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}

i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}

done:
;
}
}
}

void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array;

if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1;
while (top < n - top) {
top += top;


+ 2
- 4
crypto_kem/ntrulpr857/clean/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32_BYTES 4


void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(int32_t *array, size_t n);

void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/ntrulpr857/clean/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/ntrulpr857/clean/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32_BYTES 4


void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(void *array, long long n);
#endif

+ 4
- 2
crypto_kem/ntrulpr857/clean/params.h View File

@@ -13,14 +13,16 @@
#include "crypto_encode_857x1723round.h"
#include "crypto_encode_857x3.h"
#include "crypto_encode_857xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1312.h"


#define p 857
#define q 5167
#define w 281
#define q27 25976 /* closest integer to 2^27/q */
#define q18 51 /* closest integer to 2^18/q */
#define q 5167
#define w 281
#define tau0 2433
#define tau1 101
#define tau2 2265


+ 17
- 15
crypto_kem/sntrup653/avx2/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2


#define int32 int32_t

@@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c;
}

static void minmax_vector(int32 *x, int32 *y, size_t n) {
if ((long long) n < 8) {
while ((long long) n > 0) {
static void minmax_vector(int32 *x, int32 *y, long long n) {
if (n < 8) {
while (n > 0) {
int32_MINMAX(x, y);
++x;
++y;
@@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7;
n &= ~7;
}
do {
int32x8 x0 = int32x8_load(x);
@@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
}

/* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) {
size_t i;
static void int32_twostages_32(int32 *x, long long n) {
long long i;

while (n > 0) {
for (i = 0; i < 32; i += 8) {
@@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
}

/* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) {
size_t k, i;
static long long int32_threestages(int32 *x, long long n, long long q) {
long long k, i;

for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) {
@@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {

/* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
size_t p, q, i, j, k;
static void int32_sort_2power(int32 *x, long long n, int flagdown) {
long long p, q, i, j, k;
int32x8 mask;

if (n == 8) {
@@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
}
}

void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(int32 *x, size_t n) {
size_t q, i, j;
static void int32_sort(int32 *x, long long n) {
long long q, i, j;

if (n <= 8) {
if (n == 8) {
@@ -968,7 +966,7 @@ void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(int32 *x, size_t n) {
}

int32_sort_2power(x, q, 1);
PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(x + q, n - q);
int32_sort(x + q, n - q);

while (q >= 64) {
q >>= 2;
@@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]);
}
}

void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

+ 4
- 6
crypto_kem/sntrup653/avx2/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT
#define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT
#ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32_BYTES 4


void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(int32_t *x, size_t n);

void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/sntrup653/avx2/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/sntrup653/avx2/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32_BYTES 4


void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(void *array, long long n);
#endif

+ 3
- 1
crypto_kem/sntrup653/avx2/params.h View File

@@ -19,15 +19,17 @@
#include "crypto_encode_653xfreeze3.h"
#include "crypto_encode_653xint16.h"
#include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_897.h"


#define p 653
#define qinv (-29499) /* reciprocal of q mod 2^16 */
#define q27 29045 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */
#define ppad 657
#define crypto_core_weight PQCLEAN_SNTRUP653_AVX2_crypto_core_weightsntrup653
#define p 653
#define q 4621
#define w 288



+ 4
- 4
crypto_kem/sntrup653/clean/crypto_encode_653x3.c View File

@@ -10,10 +10,10 @@ void PQCLEAN_SNTRUP653_CLEAN_crypto_encode_653x3(unsigned char *s, const void *v
int i;

for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1);
x = (uint8) (x + ((*f++ + 1) << 2));
x = (uint8) (x + ((*f++ + 1) << 4));
x = (uint8) (x + ((*f++ + 1) << 6));
x = *f++ + 1;
x += (*f++ + 1) << 2;
x += (*f++ + 1) << 4;
x += (*f++ + 1) << 6;
*s++ = x;
}
x = *f++ + 1;


+ 74
- 4
crypto_kem/sntrup653/clean/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86


#define int32 int32_t

@@ -17,10 +15,82 @@
} while(0)

/* assume 2 <= n <= 0x40000000 */
void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(int32 *array, size_t n) {
size_t top, p, q, r, i, j;
static void crypto_sort_smallindices(int32 *x, int32 n) {
int32 top, p, q, r, i, j;

top = 1;
while (top < n - top) {
top += top;
}

for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}

i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}

done:
;
}
}
}

void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array;

if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1;
while (top < n - top) {
top += top;


+ 2
- 4
crypto_kem/sntrup653/clean/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32_BYTES 4


void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(int32_t *array, size_t n);

void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/sntrup653/clean/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/sntrup653/clean/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32_BYTES 4


void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(void *array, long long n);
#endif

+ 3
- 1
crypto_kem/sntrup653/clean/params.h View File

@@ -19,12 +19,14 @@
#include "crypto_encode_653xfreeze3.h"
#include "crypto_encode_653xint16.h"
#include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_897.h"


#define p 653
#define q27 29045 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */
#define p 653
#define q 4621
#define w 288



+ 17
- 15
crypto_kem/sntrup761/avx2/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2


#define int32 int32_t

@@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c;
}

static void minmax_vector(int32 *x, int32 *y, size_t n) {
if ((long long) n < 8) {
while ((long long) n > 0) {
static void minmax_vector(int32 *x, int32 *y, long long n) {
if (n < 8) {
while (n > 0) {
int32_MINMAX(x, y);
++x;
++y;
@@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7;
n &= ~7;
}
do {
int32x8 x0 = int32x8_load(x);
@@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
}

/* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) {
size_t i;
static void int32_twostages_32(int32 *x, long long n) {
long long i;

while (n > 0) {
for (i = 0; i < 32; i += 8) {
@@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
}

/* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) {
size_t k, i;
static long long int32_threestages(int32 *x, long long n, long long q) {
long long k, i;

for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) {
@@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {

/* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
size_t p, q, i, j, k;
static void int32_sort_2power(int32 *x, long long n, int flagdown) {
long long p, q, i, j, k;
int32x8 mask;

if (n == 8) {
@@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
}
}

void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(int32 *x, size_t n) {
size_t q, i, j;
static void int32_sort(int32 *x, long long n) {
long long q, i, j;

if (n <= 8) {
if (n == 8) {
@@ -968,7 +966,7 @@ void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(int32 *x, size_t n) {
}

int32_sort_2power(x, q, 1);
PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(x + q, n - q);
int32_sort(x + q, n - q);

while (q >= 64) {
q >>= 2;
@@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]);
}
}

void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

+ 4
- 6
crypto_kem/sntrup761/avx2/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT
#define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT
#ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32_BYTES 4


void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(int32_t *x, size_t n);

void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/sntrup761/avx2/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/sntrup761/avx2/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32_BYTES 4


void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(void *array, long long n);
#endif

+ 3
- 1
crypto_kem/sntrup761/avx2/params.h View File

@@ -19,15 +19,17 @@
#include "crypto_encode_761xfreeze3.h"
#include "crypto_encode_761xint16.h"
#include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1039.h"


#define p 761
#define qinv 15631 /* reciprocal of q mod 2^16 */
#define q27 29235 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */
#define ppad 769
#define crypto_core_weight PQCLEAN_SNTRUP761_AVX2_crypto_core_weightsntrup761
#define p 761
#define q 4591
#define w 286



+ 5
- 5
crypto_kem/sntrup761/clean/crypto_encode_761x3.c View File

@@ -5,15 +5,15 @@
#define p 761

void PQCLEAN_SNTRUP761_CLEAN_crypto_encode_761x3(unsigned char *s, const void *v) {
const uint8 *f = (const uint8 *)v;
const uint8 *f = v;
uint8 x;
int i;

for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1);
x = (uint8) (x + ((*f++ + 1) << 2));
x = (uint8) (x + ((*f++ + 1) << 4));
x = (uint8) (x + ((*f++ + 1) << 6));
x = *f++ + 1;
x += (*f++ + 1) << 2;
x += (*f++ + 1) << 4;
x += (*f++ + 1) << 6;
*s++ = x;
}
x = *f++ + 1;


+ 74
- 4
crypto_kem/sntrup761/clean/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86


#define int32 int32_t

@@ -17,10 +15,82 @@
} while(0)

/* assume 2 <= n <= 0x40000000 */
void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(int32 *array, size_t n) {
size_t top, p, q, r, i, j;
static void crypto_sort_smallindices(int32 *x, int32 n) {
int32 top, p, q, r, i, j;

top = 1;
while (top < n - top) {
top += top;
}

for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}

i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}

done:
;
}
}
}

void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array;

if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1;
while (top < n - top) {
top += top;


+ 2
- 4
crypto_kem/sntrup761/clean/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32_BYTES 4


void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(int32_t *array, size_t n);

void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/sntrup761/clean/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/sntrup761/clean/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32_BYTES 4


void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(void *array, long long n);
#endif

+ 3
- 1
crypto_kem/sntrup761/clean/params.h View File

@@ -19,12 +19,14 @@
#include "crypto_encode_761xfreeze3.h"
#include "crypto_encode_761xint16.h"
#include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1039.h"


#define p 761
#define q27 29235 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */
#define p 761
#define q 4591
#define w 286



+ 17
- 15
crypto_kem/sntrup857/avx2/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2


#define int32 int32_t

@@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c;
}

static void minmax_vector(int32 *x, int32 *y, size_t n) {
if ((long long) n < 8) {
while ((long long) n > 0) {
static void minmax_vector(int32 *x, int32 *y, long long n) {
if (n < 8) {
while (n > 0) {
int32_MINMAX(x, y);
++x;
++y;
@@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7;
n &= ~7;
}
do {
int32x8 x0 = int32x8_load(x);
@@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
}

/* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) {
size_t i;
static void int32_twostages_32(int32 *x, long long n) {
long long i;

while (n > 0) {
for (i = 0; i < 32; i += 8) {
@@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
}

/* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) {
size_t k, i;
static long long int32_threestages(int32 *x, long long n, long long q) {
long long k, i;

for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) {
@@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {

/* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
size_t p, q, i, j, k;
static void int32_sort_2power(int32 *x, long long n, int flagdown) {
long long p, q, i, j, k;
int32x8 mask;

if (n == 8) {
@@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
}
}

void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(int32 *x, size_t n) {
size_t q, i, j;
static void int32_sort(int32 *x, long long n) {
long long q, i, j;

if (n <= 8) {
if (n == 8) {
@@ -968,7 +966,7 @@ void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(int32 *x, size_t n) {
}

int32_sort_2power(x, q, 1);
PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(x + q, n - q);
int32_sort(x + q, n - q);

while (q >= 64) {
q >>= 2;
@@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]);
}
}

void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

+ 4
- 6
crypto_kem/sntrup857/avx2/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT
#define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT
#ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32_BYTES 4


void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(int32_t *x, size_t n);

void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/sntrup857/avx2/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/sntrup857/avx2/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32_BYTES 4


void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(void *array, long long n);
#endif

+ 3
- 1
crypto_kem/sntrup857/avx2/params.h View File

@@ -19,15 +19,17 @@
#include "crypto_encode_857xfreeze3.h"
#include "crypto_encode_857xint16.h"
#include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1184.h"


#define p 857
#define qinv (-19761) /* reciprocal of q mod 2^16 */
#define q27 25976 /* closest integer to 2^27/q */
#define q18 51 /* closest integer to 2^18/q */
#define ppad 865
#define crypto_core_weight PQCLEAN_SNTRUP857_AVX2_crypto_core_weightsntrup857
#define p 857
#define q 5167
#define w 322



+ 4
- 4
crypto_kem/sntrup857/clean/crypto_encode_857x3.c View File

@@ -10,10 +10,10 @@ void PQCLEAN_SNTRUP857_CLEAN_crypto_encode_857x3(unsigned char *s, const void *v
int i;

for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1);
x = (uint8) (x + ((*f++ + 1) << 2));
x = (uint8) (x + ((*f++ + 1) << 4));
x = (uint8) (x + ((*f++ + 1) << 6));
x = *f++ + 1;
x += (*f++ + 1) << 2;
x += (*f++ + 1) << 4;
x += (*f++ + 1) << 6;
*s++ = x;
}
x = *f++ + 1;


+ 74
- 4
crypto_kem/sntrup857/clean/crypto_sort_int32.c View File

@@ -1,7 +1,5 @@
#include "crypto_sort_int32.h"
#include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86


#define int32 int32_t

@@ -17,10 +15,82 @@
} while(0)

/* assume 2 <= n <= 0x40000000 */
void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(int32 *array, size_t n) {
size_t top, p, q, r, i, j;
static void crypto_sort_smallindices(int32 *x, int32 n) {
int32 top, p, q, r, i, j;

top = 1;
while (top < n - top) {
top += top;
}

for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}

i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}

done:
;
}
}
}

void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array;

if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1;
while (top < n - top) {
top += top;


+ 2
- 4
crypto_kem/sntrup857/clean/crypto_sort_int32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_INT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32_BYTES 4


void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(int32_t *array, size_t n);

void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(void *array, long long n);
#endif

+ 3
- 5
crypto_kem/sntrup857/clean/crypto_sort_uint32.c View File

@@ -1,15 +1,13 @@
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include <stdint.h>

#define uint32 uint32_t

/* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */

void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) {
uint32 *x = array;
size_t j;
void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32_t *x = array;
long long j;
for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000;
}


+ 2
- 4
crypto_kem/sntrup857/clean/crypto_sort_uint32.h View File

@@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_UINT32_H

#include <stddef.h>
#include <stdint.h>
#define PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32_BYTES 4


void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);

void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(void *array, long long n);
#endif

+ 3
- 1
crypto_kem/sntrup857/clean/params.h View File

@@ -19,12 +19,14 @@
#include "crypto_encode_857xfreeze3.h"
#include "crypto_encode_857xint16.h"
#include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1184.h"


#define p 857
#define q27 25976 /* closest integer to 2^27/q */
#define q18 51 /* closest integer to 2^18/q */
#define p 857
#define q 5167
#define w 322



+ 6
- 0
test/duplicate_consistency/ntrulpr653_avx2.yml View File

@@ -12,6 +12,7 @@ consistency_checks:
- crypto_encode_653x1541round.h
- crypto_encode_653x3.h
- crypto_encode_653xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_653xint16.c
@@ -53,6 +54,7 @@ consistency_checks:
scheme: sntrup761
implementation: clean
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -71,6 +73,7 @@ consistency_checks:
scheme: sntrup857
implementation: clean
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -103,6 +106,7 @@ consistency_checks:
- crypto_encode_653x1541round.h
- crypto_encode_653x3.h
- crypto_encode_653xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1025.h
@@ -122,6 +126,7 @@ consistency_checks:
- crypto_decode_256x2.h
- crypto_encode_256x16.h
- crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_256x16.c
@@ -156,6 +161,7 @@ consistency_checks:
- crypto_decode_256x2.h
- crypto_encode_256x16.h
- crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_256x16.c


+ 6
- 0
test/duplicate_consistency/ntrulpr653_clean.yml View File

@@ -40,6 +40,7 @@ consistency_checks:
- crypto_encode_653x1541round.h
- crypto_encode_653x3.h
- crypto_encode_653xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_653xint16.c
@@ -61,6 +62,7 @@ consistency_checks:
scheme: sntrup761
implementation: avx2
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -79,6 +81,7 @@ consistency_checks:
scheme: sntrup857
implementation: avx2
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -101,6 +104,7 @@ consistency_checks:
- crypto_encode_653x1541round.h
- crypto_encode_653x3.h
- crypto_encode_653xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1025.h
@@ -139,6 +143,7 @@ consistency_checks:
- crypto_decode_256x2.h
- crypto_encode_256x16.h
- crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_256x16.c
@@ -173,6 +178,7 @@ consistency_checks:
- crypto_decode_256x2.h
- crypto_encode_256x16.h
- crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_256x16.c


+ 5
- 0
test/duplicate_consistency/ntrulpr761_avx2.yml View File

@@ -3,6 +3,7 @@ consistency_checks:
scheme: sntrup653
implementation: clean
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -30,6 +31,7 @@ consistency_checks:
- crypto_encode_761x1531round.h
- crypto_encode_761x3.h
- crypto_encode_761xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_761xint16.c
@@ -71,6 +73,7 @@ consistency_checks:
scheme: sntrup857
implementation: clean
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -103,6 +106,7 @@ consistency_checks:
- crypto_encode_761x1531round.h
- crypto_encode_761x3.h
- crypto_encode_761xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1167.h
@@ -122,6 +126,7 @@ consistency_checks:
- crypto_decode_256x2.h
- crypto_encode_256x16.h
- crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_256x16.c


+ 5
- 0
test/duplicate_consistency/ntrulpr761_clean.yml View File

@@ -13,6 +13,7 @@ consistency_checks:
scheme: sntrup653
implementation: avx2
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -58,6 +59,7 @@ consistency_checks:
- crypto_encode_761x1531round.h
- crypto_encode_761x3.h
- crypto_encode_761xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_761xint16.c
@@ -79,6 +81,7 @@ consistency_checks:
scheme: sntrup857
implementation: avx2
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -101,6 +104,7 @@ consistency_checks:
- crypto_encode_761x1531round.h
- crypto_encode_761x3.h
- crypto_encode_761xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1167.h
@@ -139,6 +143,7 @@ consistency_checks:
- crypto_decode_256x2.h
- crypto_encode_256x16.h
- crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_256x16.c


+ 4
- 0
test/duplicate_consistency/ntrulpr857_avx2.yml View File

@@ -3,6 +3,7 @@ consistency_checks:
scheme: sntrup653
implementation: clean
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -21,6 +22,7 @@ consistency_checks:
scheme: sntrup761
implementation: clean
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -48,6 +50,7 @@ consistency_checks:
- crypto_encode_857x1723round.h
- crypto_encode_857x3.h
- crypto_encode_857xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_857xint16.c
@@ -103,6 +106,7 @@ consistency_checks:
- crypto_encode_857x1723round.h
- crypto_encode_857x3.h
- crypto_encode_857xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1312.h


+ 4
- 0
test/duplicate_consistency/ntrulpr857_clean.yml View File

@@ -13,6 +13,7 @@ consistency_checks:
scheme: sntrup653
implementation: avx2
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -31,6 +32,7 @@ consistency_checks:
scheme: sntrup761
implementation: avx2
files:
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_sort_uint32.c
@@ -76,6 +78,7 @@ consistency_checks:
- crypto_encode_857x1723round.h
- crypto_encode_857x3.h
- crypto_encode_857xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_decode_857xint16.c
@@ -101,6 +104,7 @@ consistency_checks:
- crypto_encode_857x1723round.h
- crypto_encode_857x3.h
- crypto_encode_857xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1312.h


+ 3
- 0
test/duplicate_consistency/sntrup653_avx2.yml View File

@@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_653xfreeze3.h
- crypto_encode_653xint16.h
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_897.h
@@ -37,6 +38,7 @@ consistency_checks:
implementation: clean
files:
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_encode_int16.c
@@ -63,6 +65,7 @@ consistency_checks:
implementation: clean
files:
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_encode_int16.c


+ 3
- 0
test/duplicate_consistency/sntrup653_clean.yml View File

@@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_653xfreeze3.h
- crypto_encode_653xint16.h
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_897.h
@@ -50,6 +51,7 @@ consistency_checks:
implementation: avx2
files:
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_encode_int16.c
@@ -74,6 +76,7 @@ consistency_checks:
implementation: avx2
files:
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_encode_int16.c


+ 2
- 0
test/duplicate_consistency/sntrup761_avx2.yml View File

@@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_761xfreeze3.h
- crypto_encode_761xint16.h
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1039.h
@@ -37,6 +38,7 @@ consistency_checks:
implementation: clean
files:
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_encode_int16.c


+ 2
- 0
test/duplicate_consistency/sntrup761_clean.yml View File

@@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_761xfreeze3.h
- crypto_encode_761xint16.h
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1039.h
@@ -50,6 +51,7 @@ consistency_checks:
implementation: avx2
files:
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_encode_int16.c


+ 1
- 0
test/duplicate_consistency/sntrup857_avx2.yml View File

@@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_857xfreeze3.h
- crypto_encode_857xint16.h
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1184.h


+ 1
- 0
test/duplicate_consistency/sntrup857_clean.yml View File

@@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_857xfreeze3.h
- crypto_encode_857xint16.h
- crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h
- crypto_stream_aes256ctr.h
- crypto_verify_1184.h


Write Preview
Loading…
Cancel
Save