mirror of
https://github.com/henrydcase/pqc.git
synced 2024-11-27 01:41:40 +00:00
Avoid type-punning error when strict-aliasing turned on
This commit is contained in:
parent
d7b739af13
commit
d0d53ab52a
@ -46,6 +46,9 @@ PQCLEAN_FALCON1024_CLEAN_prng_init(prng *p, inner_shake256_context *src) {
|
|||||||
uint64_t th, tl;
|
uint64_t th, tl;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
|
uint32_t *d32 = (uint32_t *) p->state.d;
|
||||||
|
uint64_t *d64 = (uint64_t *) p->state.d;
|
||||||
|
|
||||||
inner_shake256_extract(src, tmp, 56);
|
inner_shake256_extract(src, tmp, 56);
|
||||||
for (i = 0; i < 14; i ++) {
|
for (i = 0; i < 14; i ++) {
|
||||||
uint32_t w;
|
uint32_t w;
|
||||||
@ -54,11 +57,11 @@ PQCLEAN_FALCON1024_CLEAN_prng_init(prng *p, inner_shake256_context *src) {
|
|||||||
| ((uint32_t)tmp[(i << 2) + 1] << 8)
|
| ((uint32_t)tmp[(i << 2) + 1] << 8)
|
||||||
| ((uint32_t)tmp[(i << 2) + 2] << 16)
|
| ((uint32_t)tmp[(i << 2) + 2] << 16)
|
||||||
| ((uint32_t)tmp[(i << 2) + 3] << 24);
|
| ((uint32_t)tmp[(i << 2) + 3] << 24);
|
||||||
*(uint32_t *)(p->state.d + (i << 2)) = w;
|
d32[i] = w;
|
||||||
}
|
}
|
||||||
tl = *(uint32_t *)(p->state.d + 48);
|
tl = d32[48 / sizeof(uint32_t)];
|
||||||
th = *(uint32_t *)(p->state.d + 52);
|
th = d32[52 / sizeof(uint32_t)];
|
||||||
*(uint64_t *)(p->state.d + 48) = tl + (th << 32);
|
d64[48 / sizeof(uint64_t)] = tl + (th << 32);
|
||||||
PQCLEAN_FALCON1024_CLEAN_prng_refill(p);
|
PQCLEAN_FALCON1024_CLEAN_prng_refill(p);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -86,11 +89,14 @@ PQCLEAN_FALCON1024_CLEAN_prng_refill(prng *p) {
|
|||||||
uint64_t cc;
|
uint64_t cc;
|
||||||
size_t u;
|
size_t u;
|
||||||
|
|
||||||
|
uint32_t *d32 = (uint32_t *) p->state.d;
|
||||||
|
uint64_t *d64 = (uint64_t *) p->state.d;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* State uses local endianness. Only the output bytes must be
|
* State uses local endianness. Only the output bytes must be
|
||||||
* converted to little endian (if used on a big-endian machine).
|
* converted to little endian (if used on a big-endian machine).
|
||||||
*/
|
*/
|
||||||
cc = *(uint64_t *)(p->state.d + 48);
|
cc = d64[48 / sizeof(uint64_t)];
|
||||||
for (u = 0; u < 8; u ++) {
|
for (u = 0; u < 8; u ++) {
|
||||||
uint32_t state[16];
|
uint32_t state[16];
|
||||||
size_t v;
|
size_t v;
|
||||||
@ -134,12 +140,10 @@ PQCLEAN_FALCON1024_CLEAN_prng_refill(prng *p) {
|
|||||||
state[v] += CW[v];
|
state[v] += CW[v];
|
||||||
}
|
}
|
||||||
for (v = 4; v < 14; v ++) {
|
for (v = 4; v < 14; v ++) {
|
||||||
state[v] += ((uint32_t *)p->state.d)[v - 4];
|
state[v] += d32[v - 4];
|
||||||
}
|
}
|
||||||
state[14] += ((uint32_t *)p->state.d)[10]
|
state[14] += d32[10] ^ (uint32_t)cc;
|
||||||
^ (uint32_t)cc;
|
state[15] += d32[11] ^ (uint32_t)(cc >> 32);
|
||||||
state[15] += ((uint32_t *)p->state.d)[11]
|
|
||||||
^ (uint32_t)(cc >> 32);
|
|
||||||
cc ++;
|
cc ++;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -157,7 +161,7 @@ PQCLEAN_FALCON1024_CLEAN_prng_refill(prng *p) {
|
|||||||
(uint8_t)(state[v] >> 24);
|
(uint8_t)(state[v] >> 24);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
*(uint64_t *)(p->state.d + 48) = cc;
|
d64[48 / sizeof(uint64_t)] = cc;
|
||||||
|
|
||||||
|
|
||||||
p->ptr = 0;
|
p->ptr = 0;
|
||||||
|
@ -46,6 +46,9 @@ PQCLEAN_FALCON512_CLEAN_prng_init(prng *p, inner_shake256_context *src) {
|
|||||||
uint64_t th, tl;
|
uint64_t th, tl;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
|
uint32_t *d32 = (uint32_t *) p->state.d;
|
||||||
|
uint64_t *d64 = (uint64_t *) p->state.d;
|
||||||
|
|
||||||
inner_shake256_extract(src, tmp, 56);
|
inner_shake256_extract(src, tmp, 56);
|
||||||
for (i = 0; i < 14; i ++) {
|
for (i = 0; i < 14; i ++) {
|
||||||
uint32_t w;
|
uint32_t w;
|
||||||
@ -54,11 +57,11 @@ PQCLEAN_FALCON512_CLEAN_prng_init(prng *p, inner_shake256_context *src) {
|
|||||||
| ((uint32_t)tmp[(i << 2) + 1] << 8)
|
| ((uint32_t)tmp[(i << 2) + 1] << 8)
|
||||||
| ((uint32_t)tmp[(i << 2) + 2] << 16)
|
| ((uint32_t)tmp[(i << 2) + 2] << 16)
|
||||||
| ((uint32_t)tmp[(i << 2) + 3] << 24);
|
| ((uint32_t)tmp[(i << 2) + 3] << 24);
|
||||||
*(uint32_t *)(p->state.d + (i << 2)) = w;
|
d32[i] = w;
|
||||||
}
|
}
|
||||||
tl = *(uint32_t *)(p->state.d + 48);
|
tl = d32[48 / sizeof(uint32_t)];
|
||||||
th = *(uint32_t *)(p->state.d + 52);
|
th = d32[52 / sizeof(uint32_t)];
|
||||||
*(uint64_t *)(p->state.d + 48) = tl + (th << 32);
|
d64[48 / sizeof(uint64_t)] = tl + (th << 32);
|
||||||
PQCLEAN_FALCON512_CLEAN_prng_refill(p);
|
PQCLEAN_FALCON512_CLEAN_prng_refill(p);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -86,11 +89,14 @@ PQCLEAN_FALCON512_CLEAN_prng_refill(prng *p) {
|
|||||||
uint64_t cc;
|
uint64_t cc;
|
||||||
size_t u;
|
size_t u;
|
||||||
|
|
||||||
|
uint32_t *d32 = (uint32_t *) p->state.d;
|
||||||
|
uint64_t *d64 = (uint64_t *) p->state.d;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* State uses local endianness. Only the output bytes must be
|
* State uses local endianness. Only the output bytes must be
|
||||||
* converted to little endian (if used on a big-endian machine).
|
* converted to little endian (if used on a big-endian machine).
|
||||||
*/
|
*/
|
||||||
cc = *(uint64_t *)(p->state.d + 48);
|
cc = d64[48 / sizeof(uint64_t)];
|
||||||
for (u = 0; u < 8; u ++) {
|
for (u = 0; u < 8; u ++) {
|
||||||
uint32_t state[16];
|
uint32_t state[16];
|
||||||
size_t v;
|
size_t v;
|
||||||
@ -134,11 +140,11 @@ PQCLEAN_FALCON512_CLEAN_prng_refill(prng *p) {
|
|||||||
state[v] += CW[v];
|
state[v] += CW[v];
|
||||||
}
|
}
|
||||||
for (v = 4; v < 14; v ++) {
|
for (v = 4; v < 14; v ++) {
|
||||||
state[v] += ((uint32_t *)p->state.d)[v - 4];
|
state[v] += d32[v - 4];
|
||||||
}
|
}
|
||||||
state[14] += ((uint32_t *)p->state.d)[10]
|
state[14] += d32[10]
|
||||||
^ (uint32_t)cc;
|
^ (uint32_t)cc;
|
||||||
state[15] += ((uint32_t *)p->state.d)[11]
|
state[15] += d32[11]
|
||||||
^ (uint32_t)(cc >> 32);
|
^ (uint32_t)(cc >> 32);
|
||||||
cc ++;
|
cc ++;
|
||||||
|
|
||||||
@ -157,7 +163,7 @@ PQCLEAN_FALCON512_CLEAN_prng_refill(prng *p) {
|
|||||||
(uint8_t)(state[v] >> 24);
|
(uint8_t)(state[v] >> 24);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
*(uint64_t *)(p->state.d + 48) = cc;
|
d64[48 / sizeof(uint64_t)] = cc;
|
||||||
|
|
||||||
|
|
||||||
p->ptr = 0;
|
p->ptr = 0;
|
||||||
|
Loading…
Reference in New Issue
Block a user