kris/pqcrypto
1
1
Fork 0
mirror of https://github.com/henrydcase/pqc.git synced 2024-11-26 01:11:25 +00:00
Code Issues 1 Releases Wiki Activity

NTRU Prime: Simplified patch set

Browse Source
This commit is contained in:
John M. Schanck 2020-09-02 12:48:28 -04:00 committed by Kris Kwiatkowski
parent 2c5eb2a732
commit b568d01ac6
78 changed files with 746 additions and 320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
crypto_kem/ntrulpr653/avx2/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <immintrin.h> #include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2
#define int32 int32_t #define int32 int32_t
@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c; *b ^= c;
} }
static void minmax_vector(int32 *x, int32 *y, size_t n) { static void minmax_vector(int32 *x, int32 *y, long long n) {
if ((long long) n < 8) { if (n < 8) {
while ((long long) n > 0) { while (n > 0) {
int32_MINMAX(x, y); int32_MINMAX(x, y);
++x; ++x;
++y; ++y;
@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0); int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0); int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0); int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7; n &= ~7;
} }
do { do {
int32x8 x0 = int32x8_load(x); int32x8 x0 = int32x8_load(x);
@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
} }
/* stages 64,32 of bitonic merging; n is multiple of 128 */ /* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) { static void int32_twostages_32(int32 *x, long long n) {
size_t i; long long i;
while (n > 0) { while (n > 0) {
for (i = 0; i < 32; i += 8) { for (i = 0; i < 32; i += 8) {
@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
} }
/* stages 4q,2q,q of bitonic merging */ /* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) { static long long int32_threestages(int32 *x, long long n, long long q) {
size_t k, i; long long k, i;
for (k = 0; k + 8 * q <= n; k += 8 * q) { for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) { for (i = k; i < k + q; i += 8) {
@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {
/* n is a power of 2; n >= 8; if n == 8 then flagdown */ /* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size) // NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) { static void int32_sort_2power(int32 *x, long long n, int flagdown) {
size_t p, q, i, j, k; long long p, q, i, j, k;
int32x8 mask; int32x8 mask;
if (n == 8) { if (n == 8) {
@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
} }
} }
void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(int32 *x, size_t n) { static void int32_sort(int32 *x, long long n) {
size_t q, i, j; long long q, i, j;
if (n <= 8) { if (n <= 8) {
if (n == 8) { if (n == 8) {
@ -968,7 +966,7 @@ void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(int32 *x, size_t n) {
} }
int32_sort_2power(x, q, 1); int32_sort_2power(x, q, 1);
PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(x + q, n - q); int32_sort(x + q, n - q);
while (q >= 64) { while (q >= 64) {
q >>= 2; q >>= 2;
@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]); int32_MINMAX(&x[j], &x[j + 1]);
} }
} }
void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

10
crypto_kem/ntrulpr653/avx2/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT #ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT #define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32_BYTES 4
void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(void *array, long long n);
void PQCLEAN_NTRULPR653_AVX2_crypto_sort_int32(int32_t *x, size_t n);
#endif #endif

8
crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/ntrulpr653/avx2/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR653_AVX2_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32_BYTES 4
void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_NTRULPR653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

2
crypto_kem/ntrulpr653/avx2/params.h
View File

@ -13,6 +13,8 @@
#include "crypto_encode_653x1541round.h" #include "crypto_encode_653x1541round.h"
#include "crypto_encode_653x3.h" #include "crypto_encode_653x3.h"
#include "crypto_encode_653xint16.h" #include "crypto_encode_653xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1025.h" #include "crypto_verify_1025.h"

8
crypto_kem/ntrulpr653/clean/crypto_encode_653x3.c
View File

@ -10,10 +10,10 @@ void PQCLEAN_NTRULPR653_CLEAN_crypto_encode_653x3(unsigned char *s, const void *
int i; int i;
for (i = 0; i < p / 4; ++i) { for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1); x = *f++ + 1;
x = (uint8) (x + ((*f++ + 1) << 2)); x += (*f++ + 1) << 2;
x = (uint8) (x + ((*f++ + 1) << 4)); x += (*f++ + 1) << 4;
x = (uint8) (x + ((*f++ + 1) << 6)); x += (*f++ + 1) << 6;
*s++ = x; *s++ = x;
} }
x = *f++ + 1; x = *f++ + 1;

78
crypto_kem/ntrulpr653/clean/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <stdint.h> #include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86
#define int32 int32_t #define int32 int32_t
@ -17,10 +15,82 @@
} while(0) } while(0)
/* assume 2 <= n <= 0x40000000 */ /* assume 2 <= n <= 0x40000000 */
void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(int32 *array, size_t n) { static void crypto_sort_smallindices(int32 *x, int32 n) {
size_t top, p, q, r, i, j; int32 top, p, q, r, i, j;
top = 1;
while (top < n - top) {
top += top;
}
for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}
done:
;
}
}
}
void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array; int32 *x = array;
if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1; top = 1;
while (top < n - top) { while (top < n - top) {
top += top; top += top;

6
crypto_kem/ntrulpr653/clean/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_INT32_H #ifndef PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32_BYTES 4
void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(void *array, long long n);
void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_int32(int32_t *array, size_t n);
#endif #endif

8
crypto_kem/ntrulpr653/clean/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/ntrulpr653/clean/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR653_CLEAN_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32_BYTES 4
void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_NTRULPR653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

6
crypto_kem/ntrulpr653/clean/params.h
View File

@ -13,14 +13,16 @@
#include "crypto_encode_653x1541round.h" #include "crypto_encode_653x1541round.h"
#include "crypto_encode_653x3.h" #include "crypto_encode_653x3.h"
#include "crypto_encode_653xint16.h" #include "crypto_encode_653xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1025.h" #include "crypto_verify_1025.h"
#define p 653 #define p 653
#define q 4621
#define w 252
#define q27 29045 /* closest integer to 2^27/q */ #define q27 29045 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */ #define q18 57 /* closest integer to 2^18/q */
#define q 4621
#define w 252
#define tau0 2175 #define tau0 2175
#define tau1 113 #define tau1 113
#define tau2 2031 #define tau2 2031

32
crypto_kem/ntrulpr761/avx2/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <immintrin.h> #include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2
#define int32 int32_t #define int32 int32_t
@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c; *b ^= c;
} }
static void minmax_vector(int32 *x, int32 *y, size_t n) { static void minmax_vector(int32 *x, int32 *y, long long n) {
if ((long long) n < 8) { if (n < 8) {
while ((long long) n > 0) { while (n > 0) {
int32_MINMAX(x, y); int32_MINMAX(x, y);
++x; ++x;
++y; ++y;
@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0); int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0); int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0); int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7; n &= ~7;
} }
do { do {
int32x8 x0 = int32x8_load(x); int32x8 x0 = int32x8_load(x);
@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
} }
/* stages 64,32 of bitonic merging; n is multiple of 128 */ /* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) { static void int32_twostages_32(int32 *x, long long n) {
size_t i; long long i;
while (n > 0) { while (n > 0) {
for (i = 0; i < 32; i += 8) { for (i = 0; i < 32; i += 8) {
@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
} }
/* stages 4q,2q,q of bitonic merging */ /* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) { static long long int32_threestages(int32 *x, long long n, long long q) {
size_t k, i; long long k, i;
for (k = 0; k + 8 * q <= n; k += 8 * q) { for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) { for (i = k; i < k + q; i += 8) {
@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {
/* n is a power of 2; n >= 8; if n == 8 then flagdown */ /* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size) // NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) { static void int32_sort_2power(int32 *x, long long n, int flagdown) {
size_t p, q, i, j, k; long long p, q, i, j, k;
int32x8 mask; int32x8 mask;
if (n == 8) { if (n == 8) {
@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
} }
} }
void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(int32 *x, size_t n) { static void int32_sort(int32 *x, long long n) {
size_t q, i, j; long long q, i, j;
if (n <= 8) { if (n <= 8) {
if (n == 8) { if (n == 8) {
@ -968,7 +966,7 @@ void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(int32 *x, size_t n) {
} }
int32_sort_2power(x, q, 1); int32_sort_2power(x, q, 1);
PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(x + q, n - q); int32_sort(x + q, n - q);
while (q >= 64) { while (q >= 64) {
q >>= 2; q >>= 2;
@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]); int32_MINMAX(&x[j], &x[j + 1]);
} }
} }
void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

10
crypto_kem/ntrulpr761/avx2/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT #ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT #define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32_BYTES 4
void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(void *array, long long n);
void PQCLEAN_NTRULPR761_AVX2_crypto_sort_int32(int32_t *x, size_t n);
#endif #endif

8
crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/ntrulpr761/avx2/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR761_AVX2_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32_BYTES 4
void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_NTRULPR761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

2
crypto_kem/ntrulpr761/avx2/params.h
View File

@ -13,6 +13,8 @@
#include "crypto_encode_761x1531round.h" #include "crypto_encode_761x1531round.h"
#include "crypto_encode_761x3.h" #include "crypto_encode_761x3.h"
#include "crypto_encode_761xint16.h" #include "crypto_encode_761xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1167.h" #include "crypto_verify_1167.h"

10
crypto_kem/ntrulpr761/clean/crypto_encode_761x3.c
View File

@ -5,15 +5,15 @@
#define p 761 #define p 761
void PQCLEAN_NTRULPR761_CLEAN_crypto_encode_761x3(unsigned char *s, const void *v) { void PQCLEAN_NTRULPR761_CLEAN_crypto_encode_761x3(unsigned char *s, const void *v) {
const uint8 *f = (const uint8 *)v; const uint8 *f = v;
uint8 x; uint8 x;
int i; int i;
for (i = 0; i < p / 4; ++i) { for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1); x = *f++ + 1;
x = (uint8) (x + ((*f++ + 1) << 2)); x += (*f++ + 1) << 2;
x = (uint8) (x + ((*f++ + 1) << 4)); x += (*f++ + 1) << 4;
x = (uint8) (x + ((*f++ + 1) << 6)); x += (*f++ + 1) << 6;
*s++ = x; *s++ = x;
} }
x = *f++ + 1; x = *f++ + 1;

78
crypto_kem/ntrulpr761/clean/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <stdint.h> #include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86
#define int32 int32_t #define int32 int32_t
@ -17,10 +15,82 @@
} while(0) } while(0)
/* assume 2 <= n <= 0x40000000 */ /* assume 2 <= n <= 0x40000000 */
void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(int32 *array, size_t n) { static void crypto_sort_smallindices(int32 *x, int32 n) {
size_t top, p, q, r, i, j; int32 top, p, q, r, i, j;
top = 1;
while (top < n - top) {
top += top;
}
for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}
done:
;
}
}
}
void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array; int32 *x = array;
if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1; top = 1;
while (top < n - top) { while (top < n - top) {
top += top; top += top;

6
crypto_kem/ntrulpr761/clean/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_INT32_H #ifndef PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32_BYTES 4
void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(void *array, long long n);
void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_int32(int32_t *array, size_t n);
#endif #endif

8
crypto_kem/ntrulpr761/clean/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/ntrulpr761/clean/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR761_CLEAN_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32_BYTES 4
void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_NTRULPR761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

6
crypto_kem/ntrulpr761/clean/params.h
View File

@ -13,14 +13,16 @@
#include "crypto_encode_761x1531round.h" #include "crypto_encode_761x1531round.h"
#include "crypto_encode_761x3.h" #include "crypto_encode_761x3.h"
#include "crypto_encode_761xint16.h" #include "crypto_encode_761xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1167.h" #include "crypto_verify_1167.h"
#define p 761 #define p 761
#define q 4591
#define w 250
#define q27 29235 /* closest integer to 2^27/q */ #define q27 29235 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */ #define q18 57 /* closest integer to 2^18/q */
#define q 4591
#define w 250
#define tau0 2156 #define tau0 2156
#define tau1 114 #define tau1 114
#define tau2 2007 #define tau2 2007

32
crypto_kem/ntrulpr857/avx2/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <immintrin.h> #include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2
#define int32 int32_t #define int32 int32_t
@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c; *b ^= c;
} }
static void minmax_vector(int32 *x, int32 *y, size_t n) { static void minmax_vector(int32 *x, int32 *y, long long n) {
if ((long long) n < 8) { if (n < 8) {
while ((long long) n > 0) { while (n > 0) {
int32_MINMAX(x, y); int32_MINMAX(x, y);
++x; ++x;
++y; ++y;
@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0); int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0); int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0); int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7; n &= ~7;
} }
do { do {
int32x8 x0 = int32x8_load(x); int32x8 x0 = int32x8_load(x);
@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
} }
/* stages 64,32 of bitonic merging; n is multiple of 128 */ /* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) { static void int32_twostages_32(int32 *x, long long n) {
size_t i; long long i;
while (n > 0) { while (n > 0) {
for (i = 0; i < 32; i += 8) { for (i = 0; i < 32; i += 8) {
@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
} }
/* stages 4q,2q,q of bitonic merging */ /* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) { static long long int32_threestages(int32 *x, long long n, long long q) {
size_t k, i; long long k, i;
for (k = 0; k + 8 * q <= n; k += 8 * q) { for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) { for (i = k; i < k + q; i += 8) {
@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {
/* n is a power of 2; n >= 8; if n == 8 then flagdown */ /* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size) // NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) { static void int32_sort_2power(int32 *x, long long n, int flagdown) {
size_t p, q, i, j, k; long long p, q, i, j, k;
int32x8 mask; int32x8 mask;
if (n == 8) { if (n == 8) {
@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
} }
} }
void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(int32 *x, size_t n) { static void int32_sort(int32 *x, long long n) {
size_t q, i, j; long long q, i, j;
if (n <= 8) { if (n <= 8) {
if (n == 8) { if (n == 8) {
@ -968,7 +966,7 @@ void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(int32 *x, size_t n) {
} }
int32_sort_2power(x, q, 1); int32_sort_2power(x, q, 1);
PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(x + q, n - q); int32_sort(x + q, n - q);
while (q >= 64) { while (q >= 64) {
q >>= 2; q >>= 2;
@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]); int32_MINMAX(&x[j], &x[j + 1]);
} }
} }
void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

10
crypto_kem/ntrulpr857/avx2/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT #ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT #define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32_BYTES 4
void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(void *array, long long n);
void PQCLEAN_NTRULPR857_AVX2_crypto_sort_int32(int32_t *x, size_t n);
#endif #endif

8
crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/ntrulpr857/avx2/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR857_AVX2_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32_BYTES 4
void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_NTRULPR857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

2
crypto_kem/ntrulpr857/avx2/params.h
View File

@ -13,6 +13,8 @@
#include "crypto_encode_857x1723round.h" #include "crypto_encode_857x1723round.h"
#include "crypto_encode_857x3.h" #include "crypto_encode_857x3.h"
#include "crypto_encode_857xint16.h" #include "crypto_encode_857xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1312.h" #include "crypto_verify_1312.h"

8
crypto_kem/ntrulpr857/clean/crypto_encode_857x3.c
View File

@ -10,10 +10,10 @@ void PQCLEAN_NTRULPR857_CLEAN_crypto_encode_857x3(unsigned char *s, const void *
int i; int i;
for (i = 0; i < p / 4; ++i) { for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1); x = *f++ + 1;
x = (uint8) (x + ((*f++ + 1) << 2)); x += (*f++ + 1) << 2;
x = (uint8) (x + ((*f++ + 1) << 4)); x += (*f++ + 1) << 4;
x = (uint8) (x + ((*f++ + 1) << 6)); x += (*f++ + 1) << 6;
*s++ = x; *s++ = x;
} }
x = *f++ + 1; x = *f++ + 1;

78
crypto_kem/ntrulpr857/clean/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <stdint.h> #include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86
#define int32 int32_t #define int32 int32_t
@ -17,10 +15,82 @@
} while(0) } while(0)
/* assume 2 <= n <= 0x40000000 */ /* assume 2 <= n <= 0x40000000 */
void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(int32 *array, size_t n) { static void crypto_sort_smallindices(int32 *x, int32 n) {
size_t top, p, q, r, i, j; int32 top, p, q, r, i, j;
top = 1;
while (top < n - top) {
top += top;
}
for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}
done:
;
}
}
}
void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array; int32 *x = array;
if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1; top = 1;
while (top < n - top) { while (top < n - top) {
top += top; top += top;

6
crypto_kem/ntrulpr857/clean/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_INT32_H #ifndef PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32_BYTES 4
void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(void *array, long long n);
void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_int32(int32_t *array, size_t n);
#endif #endif

8
crypto_kem/ntrulpr857/clean/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/ntrulpr857/clean/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_NTRULPR857_CLEAN_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32_BYTES 4
void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_NTRULPR857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

6
crypto_kem/ntrulpr857/clean/params.h
View File

@ -13,14 +13,16 @@
#include "crypto_encode_857x1723round.h" #include "crypto_encode_857x1723round.h"
#include "crypto_encode_857x3.h" #include "crypto_encode_857x3.h"
#include "crypto_encode_857xint16.h" #include "crypto_encode_857xint16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1312.h" #include "crypto_verify_1312.h"
#define p 857 #define p 857
#define q 5167
#define w 281
#define q27 25976 /* closest integer to 2^27/q */ #define q27 25976 /* closest integer to 2^27/q */
#define q18 51 /* closest integer to 2^18/q */ #define q18 51 /* closest integer to 2^18/q */
#define q 5167
#define w 281
#define tau0 2433 #define tau0 2433
#define tau1 101 #define tau1 101
#define tau2 2265 #define tau2 2265

32
crypto_kem/sntrup653/avx2/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <immintrin.h> #include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2
#define int32 int32_t #define int32 int32_t
@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c; *b ^= c;
} }
static void minmax_vector(int32 *x, int32 *y, size_t n) { static void minmax_vector(int32 *x, int32 *y, long long n) {
if ((long long) n < 8) { if (n < 8) {
while ((long long) n > 0) { while (n > 0) {
int32_MINMAX(x, y); int32_MINMAX(x, y);
++x; ++x;
++y; ++y;
@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0); int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0); int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0); int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7; n &= ~7;
} }
do { do {
int32x8 x0 = int32x8_load(x); int32x8 x0 = int32x8_load(x);
@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
} }
/* stages 64,32 of bitonic merging; n is multiple of 128 */ /* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) { static void int32_twostages_32(int32 *x, long long n) {
size_t i; long long i;
while (n > 0) { while (n > 0) {
for (i = 0; i < 32; i += 8) { for (i = 0; i < 32; i += 8) {
@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
} }
/* stages 4q,2q,q of bitonic merging */ /* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) { static long long int32_threestages(int32 *x, long long n, long long q) {
size_t k, i; long long k, i;
for (k = 0; k + 8 * q <= n; k += 8 * q) { for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) { for (i = k; i < k + q; i += 8) {
@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {
/* n is a power of 2; n >= 8; if n == 8 then flagdown */ /* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size) // NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) { static void int32_sort_2power(int32 *x, long long n, int flagdown) {
size_t p, q, i, j, k; long long p, q, i, j, k;
int32x8 mask; int32x8 mask;
if (n == 8) { if (n == 8) {
@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
} }
} }
void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(int32 *x, size_t n) { static void int32_sort(int32 *x, long long n) {
size_t q, i, j; long long q, i, j;
if (n <= 8) { if (n <= 8) {
if (n == 8) { if (n == 8) {
@ -968,7 +966,7 @@ void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(int32 *x, size_t n) {
} }
int32_sort_2power(x, q, 1); int32_sort_2power(x, q, 1);
PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(x + q, n - q); int32_sort(x + q, n - q);
while (q >= 64) { while (q >= 64) {
q >>= 2; q >>= 2;
@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]); int32_MINMAX(&x[j], &x[j + 1]);
} }
} }
void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

10
crypto_kem/sntrup653/avx2/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT #ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT #define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32_BYTES 4
void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(void *array, long long n);
void PQCLEAN_SNTRUP653_AVX2_crypto_sort_int32(int32_t *x, size_t n);
#endif #endif

8
crypto_kem/sntrup653/avx2/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/sntrup653/avx2/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP653_AVX2_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32_BYTES 4
void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_SNTRUP653_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

4
crypto_kem/sntrup653/avx2/params.h
View File

@ -19,15 +19,17 @@
#include "crypto_encode_653xfreeze3.h" #include "crypto_encode_653xfreeze3.h"
#include "crypto_encode_653xint16.h" #include "crypto_encode_653xint16.h"
#include "crypto_encode_int16.h" #include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_897.h" #include "crypto_verify_897.h"
#define p 653
#define qinv (-29499) /* reciprocal of q mod 2^16 */ #define qinv (-29499) /* reciprocal of q mod 2^16 */
#define q27 29045 /* closest integer to 2^27/q */ #define q27 29045 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */ #define q18 57 /* closest integer to 2^18/q */
#define ppad 657 #define ppad 657
#define crypto_core_weight PQCLEAN_SNTRUP653_AVX2_crypto_core_weightsntrup653 #define crypto_core_weight PQCLEAN_SNTRUP653_AVX2_crypto_core_weightsntrup653
#define p 653
#define q 4621 #define q 4621
#define w 288 #define w 288

8
crypto_kem/sntrup653/clean/crypto_encode_653x3.c
View File

@ -10,10 +10,10 @@ void PQCLEAN_SNTRUP653_CLEAN_crypto_encode_653x3(unsigned char *s, const void *v
int i; int i;
for (i = 0; i < p / 4; ++i) { for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1); x = *f++ + 1;
x = (uint8) (x + ((*f++ + 1) << 2)); x += (*f++ + 1) << 2;
x = (uint8) (x + ((*f++ + 1) << 4)); x += (*f++ + 1) << 4;
x = (uint8) (x + ((*f++ + 1) << 6)); x += (*f++ + 1) << 6;
*s++ = x; *s++ = x;
} }
x = *f++ + 1; x = *f++ + 1;

78
crypto_kem/sntrup653/clean/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <stdint.h> #include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86
#define int32 int32_t #define int32 int32_t
@ -17,10 +15,82 @@
} while(0) } while(0)
/* assume 2 <= n <= 0x40000000 */ /* assume 2 <= n <= 0x40000000 */
void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(int32 *array, size_t n) { static void crypto_sort_smallindices(int32 *x, int32 n) {
size_t top, p, q, r, i, j; int32 top, p, q, r, i, j;
top = 1;
while (top < n - top) {
top += top;
}
for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}
done:
;
}
}
}
void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array; int32 *x = array;
if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1; top = 1;
while (top < n - top) { while (top < n - top) {
top += top; top += top;

6
crypto_kem/sntrup653/clean/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_INT32_H #ifndef PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32_BYTES 4
void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(void *array, long long n);
void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_int32(int32_t *array, size_t n);
#endif #endif

8
crypto_kem/sntrup653/clean/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/sntrup653/clean/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP653_CLEAN_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32_BYTES 4
void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_SNTRUP653_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

4
crypto_kem/sntrup653/clean/params.h
View File

@ -19,12 +19,14 @@
#include "crypto_encode_653xfreeze3.h" #include "crypto_encode_653xfreeze3.h"
#include "crypto_encode_653xint16.h" #include "crypto_encode_653xint16.h"
#include "crypto_encode_int16.h" #include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_897.h" #include "crypto_verify_897.h"
#define p 653
#define q27 29045 /* closest integer to 2^27/q */ #define q27 29045 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */ #define q18 57 /* closest integer to 2^18/q */
#define p 653
#define q 4621 #define q 4621
#define w 288 #define w 288

32
crypto_kem/sntrup761/avx2/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <immintrin.h> #include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2
#define int32 int32_t #define int32 int32_t
@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c; *b ^= c;
} }
static void minmax_vector(int32 *x, int32 *y, size_t n) { static void minmax_vector(int32 *x, int32 *y, long long n) {
if ((long long) n < 8) { if (n < 8) {
while ((long long) n > 0) { while (n > 0) {
int32_MINMAX(x, y); int32_MINMAX(x, y);
++x; ++x;
++y; ++y;
@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0); int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0); int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0); int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7; n &= ~7;
} }
do { do {
int32x8 x0 = int32x8_load(x); int32x8 x0 = int32x8_load(x);
@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
} }
/* stages 64,32 of bitonic merging; n is multiple of 128 */ /* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) { static void int32_twostages_32(int32 *x, long long n) {
size_t i; long long i;
while (n > 0) { while (n > 0) {
for (i = 0; i < 32; i += 8) { for (i = 0; i < 32; i += 8) {
@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
} }
/* stages 4q,2q,q of bitonic merging */ /* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) { static long long int32_threestages(int32 *x, long long n, long long q) {
size_t k, i; long long k, i;
for (k = 0; k + 8 * q <= n; k += 8 * q) { for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) { for (i = k; i < k + q; i += 8) {
@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {
/* n is a power of 2; n >= 8; if n == 8 then flagdown */ /* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size) // NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) { static void int32_sort_2power(int32 *x, long long n, int flagdown) {
size_t p, q, i, j, k; long long p, q, i, j, k;
int32x8 mask; int32x8 mask;
if (n == 8) { if (n == 8) {
@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
} }
} }
void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(int32 *x, size_t n) { static void int32_sort(int32 *x, long long n) {
size_t q, i, j; long long q, i, j;
if (n <= 8) { if (n <= 8) {
if (n == 8) { if (n == 8) {
@ -968,7 +966,7 @@ void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(int32 *x, size_t n) {
} }
int32_sort_2power(x, q, 1); int32_sort_2power(x, q, 1);
PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(x + q, n - q); int32_sort(x + q, n - q);
while (q >= 64) { while (q >= 64) {
q >>= 2; q >>= 2;
@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]); int32_MINMAX(&x[j], &x[j + 1]);
} }
} }
void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

10
crypto_kem/sntrup761/avx2/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT #ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT #define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32_BYTES 4
void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(void *array, long long n);
void PQCLEAN_SNTRUP761_AVX2_crypto_sort_int32(int32_t *x, size_t n);
#endif #endif

8
crypto_kem/sntrup761/avx2/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/sntrup761/avx2/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP761_AVX2_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32_BYTES 4
void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

4
crypto_kem/sntrup761/avx2/params.h
View File

@ -19,15 +19,17 @@
#include "crypto_encode_761xfreeze3.h" #include "crypto_encode_761xfreeze3.h"
#include "crypto_encode_761xint16.h" #include "crypto_encode_761xint16.h"
#include "crypto_encode_int16.h" #include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1039.h" #include "crypto_verify_1039.h"
#define p 761
#define qinv 15631 /* reciprocal of q mod 2^16 */ #define qinv 15631 /* reciprocal of q mod 2^16 */
#define q27 29235 /* closest integer to 2^27/q */ #define q27 29235 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */ #define q18 57 /* closest integer to 2^18/q */
#define ppad 769 #define ppad 769
#define crypto_core_weight PQCLEAN_SNTRUP761_AVX2_crypto_core_weightsntrup761 #define crypto_core_weight PQCLEAN_SNTRUP761_AVX2_crypto_core_weightsntrup761
#define p 761
#define q 4591 #define q 4591
#define w 286 #define w 286

10
crypto_kem/sntrup761/clean/crypto_encode_761x3.c
View File

@ -5,15 +5,15 @@
#define p 761 #define p 761
void PQCLEAN_SNTRUP761_CLEAN_crypto_encode_761x3(unsigned char *s, const void *v) { void PQCLEAN_SNTRUP761_CLEAN_crypto_encode_761x3(unsigned char *s, const void *v) {
const uint8 *f = (const uint8 *)v; const uint8 *f = v;
uint8 x; uint8 x;
int i; int i;
for (i = 0; i < p / 4; ++i) { for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1); x = *f++ + 1;
x = (uint8) (x + ((*f++ + 1) << 2)); x += (*f++ + 1) << 2;
x = (uint8) (x + ((*f++ + 1) << 4)); x += (*f++ + 1) << 4;
x = (uint8) (x + ((*f++ + 1) << 6)); x += (*f++ + 1) << 6;
*s++ = x; *s++ = x;
} }
x = *f++ + 1; x = *f++ + 1;

78
crypto_kem/sntrup761/clean/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <stdint.h> #include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86
#define int32 int32_t #define int32 int32_t
@ -17,10 +15,82 @@
} while(0) } while(0)
/* assume 2 <= n <= 0x40000000 */ /* assume 2 <= n <= 0x40000000 */
void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(int32 *array, size_t n) { static void crypto_sort_smallindices(int32 *x, int32 n) {
size_t top, p, q, r, i, j; int32 top, p, q, r, i, j;
top = 1;
while (top < n - top) {
top += top;
}
for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}
done:
;
}
}
}
void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array; int32 *x = array;
if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1; top = 1;
while (top < n - top) { while (top < n - top) {
top += top; top += top;

6
crypto_kem/sntrup761/clean/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_INT32_H #ifndef PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32_BYTES 4
void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(void *array, long long n);
void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_int32(int32_t *array, size_t n);
#endif #endif

8
crypto_kem/sntrup761/clean/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/sntrup761/clean/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP761_CLEAN_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32_BYTES 4
void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

4
crypto_kem/sntrup761/clean/params.h
View File

@ -19,12 +19,14 @@
#include "crypto_encode_761xfreeze3.h" #include "crypto_encode_761xfreeze3.h"
#include "crypto_encode_761xint16.h" #include "crypto_encode_761xint16.h"
#include "crypto_encode_int16.h" #include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1039.h" #include "crypto_verify_1039.h"
#define p 761
#define q27 29235 /* closest integer to 2^27/q */ #define q27 29235 /* closest integer to 2^27/q */
#define q18 57 /* closest integer to 2^18/q */ #define q18 57 /* closest integer to 2^18/q */
#define p 761
#define q 4591 #define q 4591
#define w 286 #define w 286

32
crypto_kem/sntrup857/avx2/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <immintrin.h> #include <immintrin.h>
// Based on supercop-20200820/crypto_sort/int32/avx2
#define int32 int32_t #define int32 int32_t
@ -28,9 +26,9 @@ static inline void int32_MINMAX(int32 *a, int32 *b) {
*b ^= c; *b ^= c;
} }
static void minmax_vector(int32 *x, int32 *y, size_t n) { static void minmax_vector(int32 *x, int32 *y, long long n) {
if ((long long) n < 8) { if (n < 8) {
while ((long long) n > 0) { while (n > 0) {
int32_MINMAX(x, y); int32_MINMAX(x, y);
++x; ++x;
++y; ++y;
@ -44,7 +42,7 @@ static void minmax_vector(int32 *x, int32 *y, size_t n) {
int32x8_MINMAX(x0, y0); int32x8_MINMAX(x0, y0);
int32x8_store(x + n - 8, x0); int32x8_store(x + n - 8, x0);
int32x8_store(y + n - 8, y0); int32x8_store(y + n - 8, y0);
n &= ~(size_t) 7; n &= ~7;
} }
do { do {
int32x8 x0 = int32x8_load(x); int32x8 x0 = int32x8_load(x);
@ -99,8 +97,8 @@ static void merge16_finish(int32 *x, int32x8 x0, int32x8 x1, int flagdown) {
} }
/* stages 64,32 of bitonic merging; n is multiple of 128 */ /* stages 64,32 of bitonic merging; n is multiple of 128 */
static void int32_twostages_32(int32 *x, size_t n) { static void int32_twostages_32(int32 *x, long long n) {
size_t i; long long i;
while (n > 0) { while (n > 0) {
for (i = 0; i < 32; i += 8) { for (i = 0; i < 32; i += 8) {
@ -125,8 +123,8 @@ static void int32_twostages_32(int32 *x, size_t n) {
} }
/* stages 4q,2q,q of bitonic merging */ /* stages 4q,2q,q of bitonic merging */
static size_t int32_threestages(int32 *x, size_t n, size_t q) { static long long int32_threestages(int32 *x, long long n, long long q) {
size_t k, i; long long k, i;
for (k = 0; k + 8 * q <= n; k += 8 * q) { for (k = 0; k + 8 * q <= n; k += 8 * q) {
for (i = k; i < k + q; i += 8) { for (i = k; i < k + q; i += 8) {
@ -168,8 +166,8 @@ static size_t int32_threestages(int32 *x, size_t n, size_t q) {
/* n is a power of 2; n >= 8; if n == 8 then flagdown */ /* n is a power of 2; n >= 8; if n == 8 then flagdown */
// NOLINTNEXTLINE(google-readability-function-size) // NOLINTNEXTLINE(google-readability-function-size)
static void int32_sort_2power(int32 *x, size_t n, int flagdown) { static void int32_sort_2power(int32 *x, long long n, int flagdown) {
size_t p, q, i, j, k; long long p, q, i, j, k;
int32x8 mask; int32x8 mask;
if (n == 8) { if (n == 8) {
@ -892,8 +890,8 @@ static void int32_sort_2power(int32 *x, size_t n, int flagdown) {
} }
} }
void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(int32 *x, size_t n) { static void int32_sort(int32 *x, long long n) {
size_t q, i, j; long long q, i, j;
if (n <= 8) { if (n <= 8) {
if (n == 8) { if (n == 8) {
@ -968,7 +966,7 @@ void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(int32 *x, size_t n) {
} }
int32_sort_2power(x, q, 1); int32_sort_2power(x, q, 1);
PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(x + q, n - q); int32_sort(x + q, n - q);
while (q >= 64) { while (q >= 64) {
q >>= 2; q >>= 2;
@ -1208,3 +1206,7 @@ continue8:
int32_MINMAX(&x[j], &x[j + 1]); int32_MINMAX(&x[j], &x[j + 1]);
} }
} }
void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(void *array, long long n) {
int32_sort(array, n);
}

10
crypto_kem/sntrup857/avx2/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT #ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT #define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32_BYTES 4
void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(void *array, long long n);
void PQCLEAN_SNTRUP857_AVX2_crypto_sort_int32(int32_t *x, size_t n);
#endif #endif

8
crypto_kem/sntrup857/avx2/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/sntrup857/avx2/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP857_AVX2_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32_BYTES 4
void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_SNTRUP857_AVX2_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

4
crypto_kem/sntrup857/avx2/params.h
View File

@ -19,15 +19,17 @@
#include "crypto_encode_857xfreeze3.h" #include "crypto_encode_857xfreeze3.h"
#include "crypto_encode_857xint16.h" #include "crypto_encode_857xint16.h"
#include "crypto_encode_int16.h" #include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1184.h" #include "crypto_verify_1184.h"
#define p 857
#define qinv (-19761) /* reciprocal of q mod 2^16 */ #define qinv (-19761) /* reciprocal of q mod 2^16 */
#define q27 25976 /* closest integer to 2^27/q */ #define q27 25976 /* closest integer to 2^27/q */
#define q18 51 /* closest integer to 2^18/q */ #define q18 51 /* closest integer to 2^18/q */
#define ppad 865 #define ppad 865
#define crypto_core_weight PQCLEAN_SNTRUP857_AVX2_crypto_core_weightsntrup857 #define crypto_core_weight PQCLEAN_SNTRUP857_AVX2_crypto_core_weightsntrup857
#define p 857
#define q 5167 #define q 5167
#define w 322 #define w 322

8
crypto_kem/sntrup857/clean/crypto_encode_857x3.c
View File

@ -10,10 +10,10 @@ void PQCLEAN_SNTRUP857_CLEAN_crypto_encode_857x3(unsigned char *s, const void *v
int i; int i;
for (i = 0; i < p / 4; ++i) { for (i = 0; i < p / 4; ++i) {
x = (uint8) (*f++ + 1); x = *f++ + 1;
x = (uint8) (x + ((*f++ + 1) << 2)); x += (*f++ + 1) << 2;
x = (uint8) (x + ((*f++ + 1) << 4)); x += (*f++ + 1) << 4;
x = (uint8) (x + ((*f++ + 1) << 6)); x += (*f++ + 1) << 6;
*s++ = x; *s++ = x;
} }
x = *f++ + 1; x = *f++ + 1;

78
crypto_kem/sntrup857/clean/crypto_sort_int32.c
View File

@ -1,7 +1,5 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include <stdint.h> #include <stdint.h>
// Based on supercop-20190110/crypto_sort/int32/x86
#define int32 int32_t #define int32 int32_t
@ -17,10 +15,82 @@
} while(0) } while(0)
/* assume 2 <= n <= 0x40000000 */ /* assume 2 <= n <= 0x40000000 */
void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(int32 *array, size_t n) { static void crypto_sort_smallindices(int32 *x, int32 n) {
size_t top, p, q, r, i, j; int32 top, p, q, r, i, j;
top = 1;
while (top < n - top) {
top += top;
}
for (p = top; p >= 1; p >>= 1) {
i = 0;
while (i + 2 * p <= n) {
for (j = i; j < i + p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i += 2 * p;
}
for (j = i; j < n - p; ++j) {
int32_MINMAX(x[j], x[j + p]);
}
i = 0;
j = 0;
for (q = top; q > p; q >>= 1) {
if (j != i) for (;;) {
if (j == n - q) {
goto done;
}
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
if (j == i + p) {
i += 2 * p;
break;
}
}
while (i + p <= n - q) {
for (j = i; j < i + p; ++j) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
}
i += 2 * p;
}
/* now i + p > n - q */
j = i;
while (j < n - q) {
int32 a = x[j + p];
for (r = q; r > p; r >>= 1) {
int32_MINMAX(a, x[j + r]);
}
x[j + p] = a;
++j;
}
done:
;
}
}
}
void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(void *array, long long n) {
long long top, p, q, r, i, j;
int32 *x = array; int32 *x = array;
if (n < 2) {
return;
}
if (n < 0x40000000) {
crypto_sort_smallindices(x, n);
return;
}
top = 1; top = 1;
while (top < n - top) { while (top < n - top) {
top += top; top += top;

6
crypto_kem/sntrup857/clean/crypto_sort_int32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_INT32_H #ifndef PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_INT32_H
#define PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_INT32_H #define PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_INT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32_BYTES 4
void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(void *array, long long n);
void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_int32(int32_t *array, size_t n);
#endif #endif

8
crypto_kem/sntrup857/clean/crypto_sort_uint32.c
View File

@ -1,15 +1,13 @@
#include "crypto_sort_int32.h" #include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h" #include "crypto_sort_uint32.h"
#include <stdint.h>
#define uint32 uint32_t
/* can save time by vectorizing xor loops */ /* can save time by vectorizing xor loops */
/* can save time by integrating xor loops with int32_sort */ /* can save time by integrating xor loops with int32_sort */
void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n) { void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(void *array, long long n) {
uint32 *x = array; uint32_t *x = array;
size_t j; long long j;
for (j = 0; j < n; ++j) { for (j = 0; j < n; ++j) {
x[j] ^= 0x80000000; x[j] ^= 0x80000000;
} }

6
crypto_kem/sntrup857/clean/crypto_sort_uint32.h
View File

@ -1,10 +1,8 @@
#ifndef PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_UINT32_H #ifndef PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_UINT32_H
#define PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_UINT32_H #define PQCLEAN_SNTRUP857_CLEAN_CRYPTO_SORT_UINT32_H
#include <stddef.h>
#include <stdint.h> #include <stdint.h>
#define PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32_BYTES 4
void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(void *array, long long n);
void PQCLEAN_SNTRUP857_CLEAN_crypto_sort_uint32(uint32_t *array, size_t n);
#endif #endif

4
crypto_kem/sntrup857/clean/params.h
View File

@ -19,12 +19,14 @@
#include "crypto_encode_857xfreeze3.h" #include "crypto_encode_857xfreeze3.h"
#include "crypto_encode_857xint16.h" #include "crypto_encode_857xint16.h"
#include "crypto_encode_int16.h" #include "crypto_encode_int16.h"
#include "crypto_sort_int32.h"
#include "crypto_sort_uint32.h"
#include "crypto_verify_1184.h" #include "crypto_verify_1184.h"
#define p 857
#define q27 25976 /* closest integer to 2^27/q */ #define q27 25976 /* closest integer to 2^27/q */
#define q18 51 /* closest integer to 2^18/q */ #define q18 51 /* closest integer to 2^18/q */
#define p 857
#define q 5167 #define q 5167
#define w 322 #define w 322

6
test/duplicate_consistency/ntrulpr653_avx2.yml
View File

@ -12,6 +12,7 @@ consistency_checks:
- crypto_encode_653x1541round.h - crypto_encode_653x1541round.h
- crypto_encode_653x3.h - crypto_encode_653x3.h
- crypto_encode_653xint16.h - crypto_encode_653xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_653xint16.c - crypto_decode_653xint16.c
@ -53,6 +54,7 @@ consistency_checks:
scheme: sntrup761 scheme: sntrup761
implementation: clean implementation: clean
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -71,6 +73,7 @@ consistency_checks:
scheme: sntrup857 scheme: sntrup857
implementation: clean implementation: clean
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -103,6 +106,7 @@ consistency_checks:
- crypto_encode_653x1541round.h - crypto_encode_653x1541round.h
- crypto_encode_653x3.h - crypto_encode_653x3.h
- crypto_encode_653xint16.h - crypto_encode_653xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1025.h - crypto_verify_1025.h
@ -122,6 +126,7 @@ consistency_checks:
- crypto_decode_256x2.h - crypto_decode_256x2.h
- crypto_encode_256x16.h - crypto_encode_256x16.h
- crypto_encode_256x2.h - crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_256x16.c - crypto_decode_256x16.c
@ -156,6 +161,7 @@ consistency_checks:
- crypto_decode_256x2.h - crypto_decode_256x2.h
- crypto_encode_256x16.h - crypto_encode_256x16.h
- crypto_encode_256x2.h - crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_256x16.c - crypto_decode_256x16.c

6
test/duplicate_consistency/ntrulpr653_clean.yml
View File

@ -40,6 +40,7 @@ consistency_checks:
- crypto_encode_653x1541round.h - crypto_encode_653x1541round.h
- crypto_encode_653x3.h - crypto_encode_653x3.h
- crypto_encode_653xint16.h - crypto_encode_653xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_653xint16.c - crypto_decode_653xint16.c
@ -61,6 +62,7 @@ consistency_checks:
scheme: sntrup761 scheme: sntrup761
implementation: avx2 implementation: avx2
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -79,6 +81,7 @@ consistency_checks:
scheme: sntrup857 scheme: sntrup857
implementation: avx2 implementation: avx2
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -101,6 +104,7 @@ consistency_checks:
- crypto_encode_653x1541round.h - crypto_encode_653x1541round.h
- crypto_encode_653x3.h - crypto_encode_653x3.h
- crypto_encode_653xint16.h - crypto_encode_653xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1025.h - crypto_verify_1025.h
@ -139,6 +143,7 @@ consistency_checks:
- crypto_decode_256x2.h - crypto_decode_256x2.h
- crypto_encode_256x16.h - crypto_encode_256x16.h
- crypto_encode_256x2.h - crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_256x16.c - crypto_decode_256x16.c
@ -173,6 +178,7 @@ consistency_checks:
- crypto_decode_256x2.h - crypto_decode_256x2.h
- crypto_encode_256x16.h - crypto_encode_256x16.h
- crypto_encode_256x2.h - crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_256x16.c - crypto_decode_256x16.c

5
test/duplicate_consistency/ntrulpr761_avx2.yml
View File

@ -3,6 +3,7 @@ consistency_checks:
scheme: sntrup653 scheme: sntrup653
implementation: clean implementation: clean
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -30,6 +31,7 @@ consistency_checks:
- crypto_encode_761x1531round.h - crypto_encode_761x1531round.h
- crypto_encode_761x3.h - crypto_encode_761x3.h
- crypto_encode_761xint16.h - crypto_encode_761xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_761xint16.c - crypto_decode_761xint16.c
@ -71,6 +73,7 @@ consistency_checks:
scheme: sntrup857 scheme: sntrup857
implementation: clean implementation: clean
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -103,6 +106,7 @@ consistency_checks:
- crypto_encode_761x1531round.h - crypto_encode_761x1531round.h
- crypto_encode_761x3.h - crypto_encode_761x3.h
- crypto_encode_761xint16.h - crypto_encode_761xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1167.h - crypto_verify_1167.h
@ -122,6 +126,7 @@ consistency_checks:
- crypto_decode_256x2.h - crypto_decode_256x2.h
- crypto_encode_256x16.h - crypto_encode_256x16.h
- crypto_encode_256x2.h - crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_256x16.c - crypto_decode_256x16.c

5
test/duplicate_consistency/ntrulpr761_clean.yml
View File

@ -13,6 +13,7 @@ consistency_checks:
scheme: sntrup653 scheme: sntrup653
implementation: avx2 implementation: avx2
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -58,6 +59,7 @@ consistency_checks:
- crypto_encode_761x1531round.h - crypto_encode_761x1531round.h
- crypto_encode_761x3.h - crypto_encode_761x3.h
- crypto_encode_761xint16.h - crypto_encode_761xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_761xint16.c - crypto_decode_761xint16.c
@ -79,6 +81,7 @@ consistency_checks:
scheme: sntrup857 scheme: sntrup857
implementation: avx2 implementation: avx2
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -101,6 +104,7 @@ consistency_checks:
- crypto_encode_761x1531round.h - crypto_encode_761x1531round.h
- crypto_encode_761x3.h - crypto_encode_761x3.h
- crypto_encode_761xint16.h - crypto_encode_761xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1167.h - crypto_verify_1167.h
@ -139,6 +143,7 @@ consistency_checks:
- crypto_decode_256x2.h - crypto_decode_256x2.h
- crypto_encode_256x16.h - crypto_encode_256x16.h
- crypto_encode_256x2.h - crypto_encode_256x2.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_256x16.c - crypto_decode_256x16.c

4
test/duplicate_consistency/ntrulpr857_avx2.yml
View File

@ -3,6 +3,7 @@ consistency_checks:
scheme: sntrup653 scheme: sntrup653
implementation: clean implementation: clean
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -21,6 +22,7 @@ consistency_checks:
scheme: sntrup761 scheme: sntrup761
implementation: clean implementation: clean
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -48,6 +50,7 @@ consistency_checks:
- crypto_encode_857x1723round.h - crypto_encode_857x1723round.h
- crypto_encode_857x3.h - crypto_encode_857x3.h
- crypto_encode_857xint16.h - crypto_encode_857xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_857xint16.c - crypto_decode_857xint16.c
@ -103,6 +106,7 @@ consistency_checks:
- crypto_encode_857x1723round.h - crypto_encode_857x1723round.h
- crypto_encode_857x3.h - crypto_encode_857x3.h
- crypto_encode_857xint16.h - crypto_encode_857xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1312.h - crypto_verify_1312.h

4
test/duplicate_consistency/ntrulpr857_clean.yml
View File

@ -13,6 +13,7 @@ consistency_checks:
scheme: sntrup653 scheme: sntrup653
implementation: avx2 implementation: avx2
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -31,6 +32,7 @@ consistency_checks:
scheme: sntrup761 scheme: sntrup761
implementation: avx2 implementation: avx2
files: files:
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_sort_uint32.c - crypto_sort_uint32.c
@ -76,6 +78,7 @@ consistency_checks:
- crypto_encode_857x1723round.h - crypto_encode_857x1723round.h
- crypto_encode_857x3.h - crypto_encode_857x3.h
- crypto_encode_857xint16.h - crypto_encode_857xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_decode_857xint16.c - crypto_decode_857xint16.c
@ -101,6 +104,7 @@ consistency_checks:
- crypto_encode_857x1723round.h - crypto_encode_857x1723round.h
- crypto_encode_857x3.h - crypto_encode_857x3.h
- crypto_encode_857xint16.h - crypto_encode_857xint16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1312.h - crypto_verify_1312.h

3
test/duplicate_consistency/sntrup653_avx2.yml
View File

@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_653xfreeze3.h - crypto_encode_653xfreeze3.h
- crypto_encode_653xint16.h - crypto_encode_653xint16.h
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_897.h - crypto_verify_897.h
@ -37,6 +38,7 @@ consistency_checks:
implementation: clean implementation: clean
files: files:
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_encode_int16.c - crypto_encode_int16.c
@ -63,6 +65,7 @@ consistency_checks:
implementation: clean implementation: clean
files: files:
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_encode_int16.c - crypto_encode_int16.c

3
test/duplicate_consistency/sntrup653_clean.yml
View File

@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_653xfreeze3.h - crypto_encode_653xfreeze3.h
- crypto_encode_653xint16.h - crypto_encode_653xint16.h
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_897.h - crypto_verify_897.h
@ -50,6 +51,7 @@ consistency_checks:
implementation: avx2 implementation: avx2
files: files:
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_encode_int16.c - crypto_encode_int16.c
@ -74,6 +76,7 @@ consistency_checks:
implementation: avx2 implementation: avx2
files: files:
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_encode_int16.c - crypto_encode_int16.c

2
test/duplicate_consistency/sntrup761_avx2.yml
View File

@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_761xfreeze3.h - crypto_encode_761xfreeze3.h
- crypto_encode_761xint16.h - crypto_encode_761xint16.h
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1039.h - crypto_verify_1039.h
@ -37,6 +38,7 @@ consistency_checks:
implementation: clean implementation: clean
files: files:
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_encode_int16.c - crypto_encode_int16.c

2
test/duplicate_consistency/sntrup761_clean.yml
View File

@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_761xfreeze3.h - crypto_encode_761xfreeze3.h
- crypto_encode_761xint16.h - crypto_encode_761xint16.h
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1039.h - crypto_verify_1039.h
@ -50,6 +51,7 @@ consistency_checks:
implementation: avx2 implementation: avx2
files: files:
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_encode_int16.c - crypto_encode_int16.c

1
test/duplicate_consistency/sntrup857_avx2.yml
View File

@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_857xfreeze3.h - crypto_encode_857xfreeze3.h
- crypto_encode_857xint16.h - crypto_encode_857xint16.h
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1184.h - crypto_verify_1184.h

1
test/duplicate_consistency/sntrup857_clean.yml
View File

@ -22,6 +22,7 @@ consistency_checks:
- crypto_encode_857xfreeze3.h - crypto_encode_857xfreeze3.h
- crypto_encode_857xint16.h - crypto_encode_857xint16.h
- crypto_encode_int16.h - crypto_encode_int16.h
- crypto_sort_int32.h
- crypto_sort_uint32.h - crypto_sort_uint32.h
- crypto_stream_aes256ctr.h - crypto_stream_aes256ctr.h
- crypto_verify_1184.h - crypto_verify_1184.h