1
1
mirror of https://github.com/henrydcase/pqc.git synced 2024-11-22 23:48:58 +00:00

Fix endianness issues

This commit is contained in:
John M. Schanck 2020-09-10 16:27:12 -04:00 committed by Kris Kwiatkowski
parent 1f4fa5ec3e
commit d73a713fd4
40 changed files with 510 additions and 88 deletions

View File

@ -67,8 +67,8 @@ int PQCLEAN_HQC128_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, con
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQC128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Computing ciphertext // Computing ciphertext
@ -122,8 +122,8 @@ int PQCLEAN_HQC128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned char *c
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQC128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d' // Abort if c != c' or d != d'

View File

@ -47,6 +47,8 @@
#define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the BCH code) #define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the BCH code)
#define PARAM_M Define a positive integer #define PARAM_M Define a positive integer
#define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form #define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form
#define PARAM_GF_POLY_WT Hamming weight of PARAM_GF_POLY
#define PARAM_GF_POLY_M2 Distance between the primitive polynomial first two set bits
#define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1 #define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1
#define PARAM_K Define the size of the information bits of the BCH code #define PARAM_K Define the size of the information bits of the BCH code
#define PARAM_G Define the size of the generator polynomial of BCH code #define PARAM_G Define the size of the generator polynomial of BCH code
@ -96,6 +98,8 @@
#define PARAM_DELTA 57 #define PARAM_DELTA 57
#define PARAM_M 10 #define PARAM_M 10
#define PARAM_GF_POLY 0x409 #define PARAM_GF_POLY 0x409
#define PARAM_GF_POLY_WT 3
#define PARAM_GF_POLY_M2 7
#define PARAM_GF_MUL_ORDER 1023 #define PARAM_GF_MUL_ORDER 1023
#define PARAM_K 256 #define PARAM_K 256
#define PARAM_G 511 #define PARAM_G 511

View File

@ -11,6 +11,64 @@
*/ */
void PQCLEAN_HQC128_AVX2_store8(unsigned char *out, uint64_t in) {
out[0] = (in >> 0x00) & 0xFF;
out[1] = (in >> 0x08) & 0xFF;
out[2] = (in >> 0x10) & 0xFF;
out[3] = (in >> 0x18) & 0xFF;
out[4] = (in >> 0x20) & 0xFF;
out[5] = (in >> 0x28) & 0xFF;
out[6] = (in >> 0x30) & 0xFF;
out[7] = (in >> 0x38) & 0xFF;
}
uint64_t PQCLEAN_HQC128_AVX2_load8(const unsigned char *in) {
uint64_t ret = in[7];
for (int8_t i = 6; i >= 0; i--) {
ret <<= 8;
ret |= in[i];
}
return ret;
}
void PQCLEAN_HQC128_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen) {
size_t index_in = 0;
size_t index_out = 0;
// first copy by 8 bytes
if (inlen >= 8 && outlen >= 1) {
while (index_out < outlen && index_in + 8 <= inlen) {
out64[index_out] = PQCLEAN_HQC128_AVX2_load8(in8 + index_in);
index_in += 8;
index_out += 1;
}
}
// we now need to do the last 7 bytes if necessary
if (index_in >= inlen || index_out >= outlen) {
return;
}
out64[index_out] = in8[inlen - 1];
for (int8_t i = (int8_t)(inlen - index_in) - 2; i >= 0; i--) {
out64[index_out] <<= 8;
out64[index_out] |= in8[index_in + i];
}
}
void PQCLEAN_HQC128_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen) {
for (size_t index_out = 0, index_in = 0; index_out < outlen && index_in < inlen;) {
out8[index_out] = (in64[index_in] >> ((index_out % 8) * 8)) & 0xFF;
index_out++;
if (index_out % 8 == 0) {
index_in++;
}
}
}
/** /**
* @brief Parse a secret key into a string * @brief Parse a secret key into a string
@ -61,7 +119,7 @@ void PQCLEAN_HQC128_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, ui
*/ */
void PQCLEAN_HQC128_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) { void PQCLEAN_HQC128_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) {
memcpy(pk, pk_seed, SEED_BYTES); memcpy(pk, pk_seed, SEED_BYTES);
memcpy(pk + SEED_BYTES, s, VEC_N_SIZE_BYTES); PQCLEAN_HQC128_AVX2_store8_arr(pk + SEED_BYTES, VEC_N_SIZE_BYTES, s, VEC_N_SIZE_64);
} }
@ -83,7 +141,7 @@ void PQCLEAN_HQC128_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s, co
seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH); seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH);
PQCLEAN_HQC128_AVX2_vect_set_random(&pk_seedexpander, h); PQCLEAN_HQC128_AVX2_vect_set_random(&pk_seedexpander, h);
memcpy(s, pk + SEED_BYTES, VEC_N_SIZE_BYTES); PQCLEAN_HQC128_AVX2_load8_arr(s, VEC_N_SIZE_64, pk + SEED_BYTES, VEC_N_SIZE_BYTES);
} }
@ -98,8 +156,8 @@ void PQCLEAN_HQC128_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s, co
* @param[in] d String containing the hash d * @param[in] d String containing the hash d
*/ */
void PQCLEAN_HQC128_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) { void PQCLEAN_HQC128_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) {
memcpy(ct, u, VEC_N_SIZE_BYTES); PQCLEAN_HQC128_AVX2_store8_arr(ct, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC128_AVX2_store8_arr(ct + VEC_N_SIZE_BYTES, VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES); memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES);
} }
@ -115,7 +173,7 @@ void PQCLEAN_HQC128_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u
* @param[in] ct String containing the ciphertext * @param[in] ct String containing the ciphertext
*/ */
void PQCLEAN_HQC128_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) { void PQCLEAN_HQC128_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) {
memcpy(u, ct, VEC_N_SIZE_BYTES); PQCLEAN_HQC128_AVX2_load8_arr(u, VEC_N_SIZE_64, ct, VEC_N_SIZE_BYTES);
memcpy(v, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC128_AVX2_load8_arr(v, VEC_N1N2_SIZE_64, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES);
memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES); memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES);
} }

View File

@ -11,6 +11,15 @@
#include <stdint.h> #include <stdint.h>
void PQCLEAN_HQC128_AVX2_store8(unsigned char *out, uint64_t in);
uint64_t PQCLEAN_HQC128_AVX2_load8(const unsigned char *in);
void PQCLEAN_HQC128_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen);
void PQCLEAN_HQC128_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen);
void PQCLEAN_HQC128_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk); void PQCLEAN_HQC128_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk);
void PQCLEAN_HQC128_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk); void PQCLEAN_HQC128_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk);

View File

@ -1,5 +1,6 @@
#include "nistseedexpander.h" #include "nistseedexpander.h"
#include "parameters.h" #include "parameters.h"
#include "parsing.h"
#include "randombytes.h" #include "randombytes.h"
#include "vector.h" #include "vector.h"
#include <immintrin.h> #include <immintrin.h>
@ -115,7 +116,7 @@ void PQCLEAN_HQC128_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) {
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES); seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES);
memcpy(v, rand_bytes, VEC_N_SIZE_BYTES); PQCLEAN_HQC128_AVX2_load8_arr(v, VEC_N_SIZE_64, rand_bytes, VEC_N1N2_SIZE_BYTES);
v[VEC_N_SIZE_64 - 1] &= RED_MASK; v[VEC_N_SIZE_64 - 1] &= RED_MASK;
} }
@ -132,7 +133,7 @@ void PQCLEAN_HQC128_AVX2_vect_set_random_from_randombytes(uint64_t *v) {
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
randombytes(rand_bytes, VEC_K_SIZE_BYTES); randombytes(rand_bytes, VEC_K_SIZE_BYTES);
memcpy(v, rand_bytes, VEC_K_SIZE_BYTES); PQCLEAN_HQC128_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES);
} }

View File

@ -67,8 +67,8 @@ int PQCLEAN_HQC192_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, con
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQC192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Computing ciphertext // Computing ciphertext
@ -122,8 +122,8 @@ int PQCLEAN_HQC192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned char *c
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQC192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d' // Abort if c != c' or d != d'

View File

@ -47,6 +47,8 @@
#define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the BCH code) #define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the BCH code)
#define PARAM_M Define a positive integer #define PARAM_M Define a positive integer
#define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form #define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form
#define PARAM_GF_POLY_WT Hamming weight of PARAM_GF_POLY
#define PARAM_GF_POLY_M2 Distance between the primitive polynomial first two set bits
#define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1 #define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1
#define PARAM_K Define the size of the information bits of the BCH code #define PARAM_K Define the size of the information bits of the BCH code
#define PARAM_G Define the size of the generator polynomial of BCH code #define PARAM_G Define the size of the generator polynomial of BCH code
@ -96,6 +98,8 @@
#define PARAM_DELTA 57 #define PARAM_DELTA 57
#define PARAM_M 10 #define PARAM_M 10
#define PARAM_GF_POLY 0x409 #define PARAM_GF_POLY 0x409
#define PARAM_GF_POLY_WT 3
#define PARAM_GF_POLY_M2 7
#define PARAM_GF_MUL_ORDER 1023 #define PARAM_GF_MUL_ORDER 1023
#define PARAM_K 256 #define PARAM_K 256
#define PARAM_G 511 #define PARAM_G 511

View File

@ -11,6 +11,64 @@
*/ */
void PQCLEAN_HQC192_AVX2_store8(unsigned char *out, uint64_t in) {
out[0] = (in >> 0x00) & 0xFF;
out[1] = (in >> 0x08) & 0xFF;
out[2] = (in >> 0x10) & 0xFF;
out[3] = (in >> 0x18) & 0xFF;
out[4] = (in >> 0x20) & 0xFF;
out[5] = (in >> 0x28) & 0xFF;
out[6] = (in >> 0x30) & 0xFF;
out[7] = (in >> 0x38) & 0xFF;
}
uint64_t PQCLEAN_HQC192_AVX2_load8(const unsigned char *in) {
uint64_t ret = in[7];
for (int8_t i = 6; i >= 0; i--) {
ret <<= 8;
ret |= in[i];
}
return ret;
}
void PQCLEAN_HQC192_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen) {
size_t index_in = 0;
size_t index_out = 0;
// first copy by 8 bytes
if (inlen >= 8 && outlen >= 1) {
while (index_out < outlen && index_in + 8 <= inlen) {
out64[index_out] = PQCLEAN_HQC192_AVX2_load8(in8 + index_in);
index_in += 8;
index_out += 1;
}
}
// we now need to do the last 7 bytes if necessary
if (index_in >= inlen || index_out >= outlen) {
return;
}
out64[index_out] = in8[inlen - 1];
for (int8_t i = (int8_t)(inlen - index_in) - 2; i >= 0; i--) {
out64[index_out] <<= 8;
out64[index_out] |= in8[index_in + i];
}
}
void PQCLEAN_HQC192_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen) {
for (size_t index_out = 0, index_in = 0; index_out < outlen && index_in < inlen;) {
out8[index_out] = (in64[index_in] >> ((index_out % 8) * 8)) & 0xFF;
index_out++;
if (index_out % 8 == 0) {
index_in++;
}
}
}
/** /**
* @brief Parse a secret key into a string * @brief Parse a secret key into a string
@ -61,7 +119,7 @@ void PQCLEAN_HQC192_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, ui
*/ */
void PQCLEAN_HQC192_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) { void PQCLEAN_HQC192_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) {
memcpy(pk, pk_seed, SEED_BYTES); memcpy(pk, pk_seed, SEED_BYTES);
memcpy(pk + SEED_BYTES, s, VEC_N_SIZE_BYTES); PQCLEAN_HQC192_AVX2_store8_arr(pk + SEED_BYTES, VEC_N_SIZE_BYTES, s, VEC_N_SIZE_64);
} }
@ -83,7 +141,7 @@ void PQCLEAN_HQC192_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s, co
seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH); seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH);
PQCLEAN_HQC192_AVX2_vect_set_random(&pk_seedexpander, h); PQCLEAN_HQC192_AVX2_vect_set_random(&pk_seedexpander, h);
memcpy(s, pk + SEED_BYTES, VEC_N_SIZE_BYTES); PQCLEAN_HQC192_AVX2_load8_arr(s, VEC_N_SIZE_64, pk + SEED_BYTES, VEC_N_SIZE_BYTES);
} }
@ -98,8 +156,8 @@ void PQCLEAN_HQC192_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s, co
* @param[in] d String containing the hash d * @param[in] d String containing the hash d
*/ */
void PQCLEAN_HQC192_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) { void PQCLEAN_HQC192_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) {
memcpy(ct, u, VEC_N_SIZE_BYTES); PQCLEAN_HQC192_AVX2_store8_arr(ct, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC192_AVX2_store8_arr(ct + VEC_N_SIZE_BYTES, VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES); memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES);
} }
@ -115,7 +173,7 @@ void PQCLEAN_HQC192_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u
* @param[in] ct String containing the ciphertext * @param[in] ct String containing the ciphertext
*/ */
void PQCLEAN_HQC192_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) { void PQCLEAN_HQC192_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) {
memcpy(u, ct, VEC_N_SIZE_BYTES); PQCLEAN_HQC192_AVX2_load8_arr(u, VEC_N_SIZE_64, ct, VEC_N_SIZE_BYTES);
memcpy(v, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC192_AVX2_load8_arr(v, VEC_N1N2_SIZE_64, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES);
memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES); memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES);
} }

View File

@ -11,6 +11,15 @@
#include <stdint.h> #include <stdint.h>
void PQCLEAN_HQC192_AVX2_store8(unsigned char *out, uint64_t in);
uint64_t PQCLEAN_HQC192_AVX2_load8(const unsigned char *in);
void PQCLEAN_HQC192_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen);
void PQCLEAN_HQC192_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen);
void PQCLEAN_HQC192_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk); void PQCLEAN_HQC192_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk);
void PQCLEAN_HQC192_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk); void PQCLEAN_HQC192_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk);

View File

@ -67,8 +67,8 @@ int PQCLEAN_HQC256_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss, con
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQC256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Computing ciphertext // Computing ciphertext
@ -122,8 +122,8 @@ int PQCLEAN_HQC256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned char *c
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQC256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d' // Abort if c != c' or d != d'

View File

@ -47,6 +47,8 @@
#define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the BCH code) #define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the BCH code)
#define PARAM_M Define a positive integer #define PARAM_M Define a positive integer
#define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form #define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form
#define PARAM_GF_POLY_WT Hamming weight of PARAM_GF_POLY
#define PARAM_GF_POLY_M2 Distance between the primitive polynomial first two set bits
#define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1 #define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1
#define PARAM_K Define the size of the information bits of the BCH code #define PARAM_K Define the size of the information bits of the BCH code
#define PARAM_G Define the size of the generator polynomial of BCH code #define PARAM_G Define the size of the generator polynomial of BCH code
@ -96,6 +98,8 @@
#define PARAM_DELTA 60 #define PARAM_DELTA 60
#define PARAM_M 10 #define PARAM_M 10
#define PARAM_GF_POLY 0x409 #define PARAM_GF_POLY 0x409
#define PARAM_GF_POLY_WT 3
#define PARAM_GF_POLY_M2 7
#define PARAM_GF_MUL_ORDER 1023 #define PARAM_GF_MUL_ORDER 1023
#define PARAM_K 256 #define PARAM_K 256
#define PARAM_G 541 #define PARAM_G 541

View File

@ -11,6 +11,64 @@
*/ */
void PQCLEAN_HQC256_AVX2_store8(unsigned char *out, uint64_t in) {
out[0] = (in >> 0x00) & 0xFF;
out[1] = (in >> 0x08) & 0xFF;
out[2] = (in >> 0x10) & 0xFF;
out[3] = (in >> 0x18) & 0xFF;
out[4] = (in >> 0x20) & 0xFF;
out[5] = (in >> 0x28) & 0xFF;
out[6] = (in >> 0x30) & 0xFF;
out[7] = (in >> 0x38) & 0xFF;
}
uint64_t PQCLEAN_HQC256_AVX2_load8(const unsigned char *in) {
uint64_t ret = in[7];
for (int8_t i = 6; i >= 0; i--) {
ret <<= 8;
ret |= in[i];
}
return ret;
}
void PQCLEAN_HQC256_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen) {
size_t index_in = 0;
size_t index_out = 0;
// first copy by 8 bytes
if (inlen >= 8 && outlen >= 1) {
while (index_out < outlen && index_in + 8 <= inlen) {
out64[index_out] = PQCLEAN_HQC256_AVX2_load8(in8 + index_in);
index_in += 8;
index_out += 1;
}
}
// we now need to do the last 7 bytes if necessary
if (index_in >= inlen || index_out >= outlen) {
return;
}
out64[index_out] = in8[inlen - 1];
for (int8_t i = (int8_t)(inlen - index_in) - 2; i >= 0; i--) {
out64[index_out] <<= 8;
out64[index_out] |= in8[index_in + i];
}
}
void PQCLEAN_HQC256_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen) {
for (size_t index_out = 0, index_in = 0; index_out < outlen && index_in < inlen;) {
out8[index_out] = (in64[index_in] >> ((index_out % 8) * 8)) & 0xFF;
index_out++;
if (index_out % 8 == 0) {
index_in++;
}
}
}
/** /**
* @brief Parse a secret key into a string * @brief Parse a secret key into a string
@ -61,7 +119,7 @@ void PQCLEAN_HQC256_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, ui
*/ */
void PQCLEAN_HQC256_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) { void PQCLEAN_HQC256_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) {
memcpy(pk, pk_seed, SEED_BYTES); memcpy(pk, pk_seed, SEED_BYTES);
memcpy(pk + SEED_BYTES, s, VEC_N_SIZE_BYTES); PQCLEAN_HQC256_AVX2_store8_arr(pk + SEED_BYTES, VEC_N_SIZE_BYTES, s, VEC_N_SIZE_64);
} }
@ -83,7 +141,7 @@ void PQCLEAN_HQC256_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s, co
seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH); seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH);
PQCLEAN_HQC256_AVX2_vect_set_random(&pk_seedexpander, h); PQCLEAN_HQC256_AVX2_vect_set_random(&pk_seedexpander, h);
memcpy(s, pk + SEED_BYTES, VEC_N_SIZE_BYTES); PQCLEAN_HQC256_AVX2_load8_arr(s, VEC_N_SIZE_64, pk + SEED_BYTES, VEC_N_SIZE_BYTES);
} }
@ -98,8 +156,8 @@ void PQCLEAN_HQC256_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s, co
* @param[in] d String containing the hash d * @param[in] d String containing the hash d
*/ */
void PQCLEAN_HQC256_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) { void PQCLEAN_HQC256_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) {
memcpy(ct, u, VEC_N_SIZE_BYTES); PQCLEAN_HQC256_AVX2_store8_arr(ct, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC256_AVX2_store8_arr(ct + VEC_N_SIZE_BYTES, VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES); memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES);
} }
@ -115,7 +173,7 @@ void PQCLEAN_HQC256_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u
* @param[in] ct String containing the ciphertext * @param[in] ct String containing the ciphertext
*/ */
void PQCLEAN_HQC256_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) { void PQCLEAN_HQC256_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) {
memcpy(u, ct, VEC_N_SIZE_BYTES); PQCLEAN_HQC256_AVX2_load8_arr(u, VEC_N_SIZE_64, ct, VEC_N_SIZE_BYTES);
memcpy(v, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQC256_AVX2_load8_arr(v, VEC_N1N2_SIZE_64, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES);
memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES); memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES);
} }

View File

@ -11,6 +11,15 @@
#include <stdint.h> #include <stdint.h>
void PQCLEAN_HQC256_AVX2_store8(unsigned char *out, uint64_t in);
uint64_t PQCLEAN_HQC256_AVX2_load8(const unsigned char *in);
void PQCLEAN_HQC256_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen);
void PQCLEAN_HQC256_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen);
void PQCLEAN_HQC256_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk); void PQCLEAN_HQC256_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk);
void PQCLEAN_HQC256_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk); void PQCLEAN_HQC256_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk);

View File

@ -67,8 +67,8 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss,
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Computing ciphertext // Computing ciphertext
@ -122,8 +122,8 @@ int PQCLEAN_HQCRMRS128_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d' // Abort if c != c' or d != d'

View File

@ -46,6 +46,8 @@
#define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the Reed-Solomon code) #define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the Reed-Solomon code)
#define PARAM_M Define a positive integer #define PARAM_M Define a positive integer
#define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form #define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form
#define PARAM_GF_POLY_WT Hamming weight of PARAM_GF_POLY
#define PARAM_GF_POLY_M2 Distance between the primitive polynomial first two set bits
#define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1 #define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1
#define PARAM_K Define the size of the information bits of the Reed-Solomon code #define PARAM_K Define the size of the information bits of the Reed-Solomon code
#define PARAM_G Define the size of the generator polynomial of Reed-Solomon code #define PARAM_G Define the size of the generator polynomial of Reed-Solomon code
@ -93,6 +95,8 @@
#define PARAM_DELTA 24 #define PARAM_DELTA 24
#define PARAM_M 8 #define PARAM_M 8
#define PARAM_GF_POLY 0x11D #define PARAM_GF_POLY 0x11D
#define PARAM_GF_POLY_WT 5
#define PARAM_GF_POLY_M2 4
#define PARAM_GF_MUL_ORDER 255 #define PARAM_GF_MUL_ORDER 255
#define PARAM_K 32 #define PARAM_K 32
#define PARAM_G 49 #define PARAM_G 49

View File

@ -11,6 +11,64 @@
*/ */
void PQCLEAN_HQCRMRS128_AVX2_store8(unsigned char *out, uint64_t in) {
out[0] = (in >> 0x00) & 0xFF;
out[1] = (in >> 0x08) & 0xFF;
out[2] = (in >> 0x10) & 0xFF;
out[3] = (in >> 0x18) & 0xFF;
out[4] = (in >> 0x20) & 0xFF;
out[5] = (in >> 0x28) & 0xFF;
out[6] = (in >> 0x30) & 0xFF;
out[7] = (in >> 0x38) & 0xFF;
}
uint64_t PQCLEAN_HQCRMRS128_AVX2_load8(const unsigned char *in) {
uint64_t ret = in[7];
for (int8_t i = 6; i >= 0; i--) {
ret <<= 8;
ret |= in[i];
}
return ret;
}
void PQCLEAN_HQCRMRS128_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen) {
size_t index_in = 0;
size_t index_out = 0;
// first copy by 8 bytes
if (inlen >= 8 && outlen >= 1) {
while (index_out < outlen && index_in + 8 <= inlen) {
out64[index_out] = PQCLEAN_HQCRMRS128_AVX2_load8(in8 + index_in);
index_in += 8;
index_out += 1;
}
}
// we now need to do the last 7 bytes if necessary
if (index_in >= inlen || index_out >= outlen) {
return;
}
out64[index_out] = in8[inlen - 1];
for (int8_t i = (int8_t)(inlen - index_in) - 2; i >= 0; i--) {
out64[index_out] <<= 8;
out64[index_out] |= in8[index_in + i];
}
}
void PQCLEAN_HQCRMRS128_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen) {
for (size_t index_out = 0, index_in = 0; index_out < outlen && index_in < inlen;) {
out8[index_out] = (in64[index_in] >> ((index_out % 8) * 8)) & 0xFF;
index_out++;
if (index_out % 8 == 0) {
index_in++;
}
}
}
/** /**
* @brief Parse a secret key into a string * @brief Parse a secret key into a string
@ -61,7 +119,7 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y
*/ */
void PQCLEAN_HQCRMRS128_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) { void PQCLEAN_HQCRMRS128_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) {
memcpy(pk, pk_seed, SEED_BYTES); memcpy(pk, pk_seed, SEED_BYTES);
memcpy(pk + SEED_BYTES, s, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_store8_arr(pk + SEED_BYTES, VEC_N_SIZE_BYTES, s, VEC_N_SIZE_64);
} }
@ -83,7 +141,7 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s
seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH); seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH);
PQCLEAN_HQCRMRS128_AVX2_vect_set_random(&pk_seedexpander, h); PQCLEAN_HQCRMRS128_AVX2_vect_set_random(&pk_seedexpander, h);
memcpy(s, pk + SEED_BYTES, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_load8_arr(s, VEC_N_SIZE_64, pk + SEED_BYTES, VEC_N_SIZE_BYTES);
} }
@ -98,8 +156,8 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s
* @param[in] d String containing the hash d * @param[in] d String containing the hash d
*/ */
void PQCLEAN_HQCRMRS128_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) { void PQCLEAN_HQCRMRS128_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) {
memcpy(ct, u, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_store8_arr(ct, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_store8_arr(ct + VEC_N_SIZE_BYTES, VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES); memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES);
} }
@ -115,7 +173,7 @@ void PQCLEAN_HQCRMRS128_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_
* @param[in] ct String containing the ciphertext * @param[in] ct String containing the ciphertext
*/ */
void PQCLEAN_HQCRMRS128_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) { void PQCLEAN_HQCRMRS128_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) {
memcpy(u, ct, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_load8_arr(u, VEC_N_SIZE_64, ct, VEC_N_SIZE_BYTES);
memcpy(v, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_load8_arr(v, VEC_N1N2_SIZE_64, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES);
memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES); memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES);
} }

View File

@ -11,6 +11,15 @@
#include <stdint.h> #include <stdint.h>
void PQCLEAN_HQCRMRS128_AVX2_store8(unsigned char *out, uint64_t in);
uint64_t PQCLEAN_HQCRMRS128_AVX2_load8(const unsigned char *in);
void PQCLEAN_HQCRMRS128_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen);
void PQCLEAN_HQCRMRS128_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen);
void PQCLEAN_HQCRMRS128_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk); void PQCLEAN_HQCRMRS128_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk);
void PQCLEAN_HQCRMRS128_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk); void PQCLEAN_HQCRMRS128_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk);

View File

@ -1,5 +1,6 @@
#include "nistseedexpander.h" #include "nistseedexpander.h"
#include "parameters.h" #include "parameters.h"
#include "parsing.h"
#include "randombytes.h" #include "randombytes.h"
#include "vector.h" #include "vector.h"
#include <immintrin.h> #include <immintrin.h>
@ -115,7 +116,7 @@ void PQCLEAN_HQCRMRS128_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) {
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES); seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES);
memcpy(v, rand_bytes, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_load8_arr(v, VEC_N_SIZE_64, rand_bytes, VEC_N1N2_SIZE_BYTES);
v[VEC_N_SIZE_64 - 1] &= RED_MASK; v[VEC_N_SIZE_64 - 1] &= RED_MASK;
} }
@ -132,7 +133,7 @@ void PQCLEAN_HQCRMRS128_AVX2_vect_set_random_from_randombytes(uint64_t *v) {
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
randombytes(rand_bytes, VEC_K_SIZE_BYTES); randombytes(rand_bytes, VEC_K_SIZE_BYTES);
memcpy(v, rand_bytes, VEC_K_SIZE_BYTES); PQCLEAN_HQCRMRS128_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES);
} }

View File

@ -67,8 +67,8 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss,
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Computing ciphertext // Computing ciphertext
@ -122,8 +122,8 @@ int PQCLEAN_HQCRMRS192_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d' // Abort if c != c' or d != d'

View File

@ -46,6 +46,8 @@
#define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the Reed-Solomon code) #define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the Reed-Solomon code)
#define PARAM_M Define a positive integer #define PARAM_M Define a positive integer
#define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form #define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form
#define PARAM_GF_POLY_WT Hamming weight of PARAM_GF_POLY
#define PARAM_GF_POLY_M2 Distance between the primitive polynomial first two set bits
#define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1 #define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1
#define PARAM_K Define the size of the information bits of the Reed-Solomon code #define PARAM_K Define the size of the information bits of the Reed-Solomon code
#define PARAM_G Define the size of the generator polynomial of Reed-Solomon code #define PARAM_G Define the size of the generator polynomial of Reed-Solomon code
@ -93,6 +95,8 @@
#define PARAM_DELTA 22 #define PARAM_DELTA 22
#define PARAM_M 8 #define PARAM_M 8
#define PARAM_GF_POLY 0x11D #define PARAM_GF_POLY 0x11D
#define PARAM_GF_POLY_WT 5
#define PARAM_GF_POLY_M2 4
#define PARAM_GF_MUL_ORDER 255 #define PARAM_GF_MUL_ORDER 255
#define PARAM_K 32 #define PARAM_K 32
#define PARAM_G 45 #define PARAM_G 45

View File

@ -11,6 +11,64 @@
*/ */
void PQCLEAN_HQCRMRS192_AVX2_store8(unsigned char *out, uint64_t in) {
out[0] = (in >> 0x00) & 0xFF;
out[1] = (in >> 0x08) & 0xFF;
out[2] = (in >> 0x10) & 0xFF;
out[3] = (in >> 0x18) & 0xFF;
out[4] = (in >> 0x20) & 0xFF;
out[5] = (in >> 0x28) & 0xFF;
out[6] = (in >> 0x30) & 0xFF;
out[7] = (in >> 0x38) & 0xFF;
}
uint64_t PQCLEAN_HQCRMRS192_AVX2_load8(const unsigned char *in) {
uint64_t ret = in[7];
for (int8_t i = 6; i >= 0; i--) {
ret <<= 8;
ret |= in[i];
}
return ret;
}
void PQCLEAN_HQCRMRS192_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen) {
size_t index_in = 0;
size_t index_out = 0;
// first copy by 8 bytes
if (inlen >= 8 && outlen >= 1) {
while (index_out < outlen && index_in + 8 <= inlen) {
out64[index_out] = PQCLEAN_HQCRMRS192_AVX2_load8(in8 + index_in);
index_in += 8;
index_out += 1;
}
}
// we now need to do the last 7 bytes if necessary
if (index_in >= inlen || index_out >= outlen) {
return;
}
out64[index_out] = in8[inlen - 1];
for (int8_t i = (int8_t)(inlen - index_in) - 2; i >= 0; i--) {
out64[index_out] <<= 8;
out64[index_out] |= in8[index_in + i];
}
}
void PQCLEAN_HQCRMRS192_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen) {
for (size_t index_out = 0, index_in = 0; index_out < outlen && index_in < inlen;) {
out8[index_out] = (in64[index_in] >> ((index_out % 8) * 8)) & 0xFF;
index_out++;
if (index_out % 8 == 0) {
index_in++;
}
}
}
/** /**
* @brief Parse a secret key into a string * @brief Parse a secret key into a string
@ -61,7 +119,7 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y
*/ */
void PQCLEAN_HQCRMRS192_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) { void PQCLEAN_HQCRMRS192_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) {
memcpy(pk, pk_seed, SEED_BYTES); memcpy(pk, pk_seed, SEED_BYTES);
memcpy(pk + SEED_BYTES, s, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_store8_arr(pk + SEED_BYTES, VEC_N_SIZE_BYTES, s, VEC_N_SIZE_64);
} }
@ -83,7 +141,7 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s
seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH); seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH);
PQCLEAN_HQCRMRS192_AVX2_vect_set_random(&pk_seedexpander, h); PQCLEAN_HQCRMRS192_AVX2_vect_set_random(&pk_seedexpander, h);
memcpy(s, pk + SEED_BYTES, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_load8_arr(s, VEC_N_SIZE_64, pk + SEED_BYTES, VEC_N_SIZE_BYTES);
} }
@ -98,8 +156,8 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s
* @param[in] d String containing the hash d * @param[in] d String containing the hash d
*/ */
void PQCLEAN_HQCRMRS192_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) { void PQCLEAN_HQCRMRS192_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) {
memcpy(ct, u, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_store8_arr(ct, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_store8_arr(ct + VEC_N_SIZE_BYTES, VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES); memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES);
} }
@ -115,7 +173,7 @@ void PQCLEAN_HQCRMRS192_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_
* @param[in] ct String containing the ciphertext * @param[in] ct String containing the ciphertext
*/ */
void PQCLEAN_HQCRMRS192_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) { void PQCLEAN_HQCRMRS192_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) {
memcpy(u, ct, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_load8_arr(u, VEC_N_SIZE_64, ct, VEC_N_SIZE_BYTES);
memcpy(v, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_load8_arr(v, VEC_N1N2_SIZE_64, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES);
memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES); memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES);
} }

View File

@ -11,6 +11,15 @@
#include <stdint.h> #include <stdint.h>
void PQCLEAN_HQCRMRS192_AVX2_store8(unsigned char *out, uint64_t in);
uint64_t PQCLEAN_HQCRMRS192_AVX2_load8(const unsigned char *in);
void PQCLEAN_HQCRMRS192_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen);
void PQCLEAN_HQCRMRS192_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen);
void PQCLEAN_HQCRMRS192_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk); void PQCLEAN_HQCRMRS192_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk);
void PQCLEAN_HQCRMRS192_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk); void PQCLEAN_HQCRMRS192_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk);

View File

@ -1,5 +1,6 @@
#include "nistseedexpander.h" #include "nistseedexpander.h"
#include "parameters.h" #include "parameters.h"
#include "parsing.h"
#include "randombytes.h" #include "randombytes.h"
#include "vector.h" #include "vector.h"
#include <immintrin.h> #include <immintrin.h>
@ -115,7 +116,7 @@ void PQCLEAN_HQCRMRS192_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) {
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES); seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES);
memcpy(v, rand_bytes, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_load8_arr(v, VEC_N_SIZE_64, rand_bytes, VEC_N1N2_SIZE_BYTES);
v[VEC_N_SIZE_64 - 1] &= RED_MASK; v[VEC_N_SIZE_64 - 1] &= RED_MASK;
} }
@ -132,7 +133,7 @@ void PQCLEAN_HQCRMRS192_AVX2_vect_set_random_from_randombytes(uint64_t *v) {
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
randombytes(rand_bytes, VEC_K_SIZE_BYTES); randombytes(rand_bytes, VEC_K_SIZE_BYTES);
memcpy(v, rand_bytes, VEC_K_SIZE_BYTES); PQCLEAN_HQCRMRS192_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES);
} }

View File

@ -67,8 +67,8 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_enc(unsigned char *ct, unsigned char *ss,
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Computing ciphertext // Computing ciphertext
@ -122,8 +122,8 @@ int PQCLEAN_HQCRMRS256_AVX2_crypto_kem_dec(unsigned char *ss, const unsigned cha
// Computing shared secret // Computing shared secret
memcpy(mc, m, VEC_K_SIZE_BYTES); memcpy(mc, m, VEC_K_SIZE_BYTES);
memcpy(mc + VEC_K_SIZE_BYTES, u, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_store8_arr(mc + VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES); sha512(ss, mc, VEC_K_SIZE_BYTES + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES);
// Abort if c != c' or d != d' // Abort if c != c' or d != d'

View File

@ -46,6 +46,8 @@
#define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the Reed-Solomon code) #define PARAM_DELTA Define the parameter delta of the scheme (correcting capacity of the Reed-Solomon code)
#define PARAM_M Define a positive integer #define PARAM_M Define a positive integer
#define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form #define PARAM_GF_POLY Generator polynomial of galois field GF(2^PARAM_M), represented in hexadecimial form
#define PARAM_GF_POLY_WT Hamming weight of PARAM_GF_POLY
#define PARAM_GF_POLY_M2 Distance between the primitive polynomial first two set bits
#define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1 #define PARAM_GF_MUL_ORDER Define the size of the multiplicative group of GF(2^PARAM_M), i.e 2^PARAM_M -1
#define PARAM_K Define the size of the information bits of the Reed-Solomon code #define PARAM_K Define the size of the information bits of the Reed-Solomon code
#define PARAM_G Define the size of the generator polynomial of Reed-Solomon code #define PARAM_G Define the size of the generator polynomial of Reed-Solomon code
@ -93,6 +95,8 @@
#define PARAM_DELTA 23 #define PARAM_DELTA 23
#define PARAM_M 8 #define PARAM_M 8
#define PARAM_GF_POLY 0x11D #define PARAM_GF_POLY 0x11D
#define PARAM_GF_POLY_WT 5
#define PARAM_GF_POLY_M2 4
#define PARAM_GF_MUL_ORDER 255 #define PARAM_GF_MUL_ORDER 255
#define PARAM_K 32 #define PARAM_K 32
#define PARAM_G 47 #define PARAM_G 47

View File

@ -11,6 +11,64 @@
*/ */
void PQCLEAN_HQCRMRS256_AVX2_store8(unsigned char *out, uint64_t in) {
out[0] = (in >> 0x00) & 0xFF;
out[1] = (in >> 0x08) & 0xFF;
out[2] = (in >> 0x10) & 0xFF;
out[3] = (in >> 0x18) & 0xFF;
out[4] = (in >> 0x20) & 0xFF;
out[5] = (in >> 0x28) & 0xFF;
out[6] = (in >> 0x30) & 0xFF;
out[7] = (in >> 0x38) & 0xFF;
}
uint64_t PQCLEAN_HQCRMRS256_AVX2_load8(const unsigned char *in) {
uint64_t ret = in[7];
for (int8_t i = 6; i >= 0; i--) {
ret <<= 8;
ret |= in[i];
}
return ret;
}
void PQCLEAN_HQCRMRS256_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen) {
size_t index_in = 0;
size_t index_out = 0;
// first copy by 8 bytes
if (inlen >= 8 && outlen >= 1) {
while (index_out < outlen && index_in + 8 <= inlen) {
out64[index_out] = PQCLEAN_HQCRMRS256_AVX2_load8(in8 + index_in);
index_in += 8;
index_out += 1;
}
}
// we now need to do the last 7 bytes if necessary
if (index_in >= inlen || index_out >= outlen) {
return;
}
out64[index_out] = in8[inlen - 1];
for (int8_t i = (int8_t)(inlen - index_in) - 2; i >= 0; i--) {
out64[index_out] <<= 8;
out64[index_out] |= in8[index_in + i];
}
}
void PQCLEAN_HQCRMRS256_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen) {
for (size_t index_out = 0, index_in = 0; index_out < outlen && index_in < inlen;) {
out8[index_out] = (in64[index_in] >> ((index_out % 8) * 8)) & 0xFF;
index_out++;
if (index_out % 8 == 0) {
index_in++;
}
}
}
/** /**
* @brief Parse a secret key into a string * @brief Parse a secret key into a string
@ -61,7 +119,7 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y
*/ */
void PQCLEAN_HQCRMRS256_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) { void PQCLEAN_HQCRMRS256_AVX2_hqc_public_key_to_string(uint8_t *pk, const uint8_t *pk_seed, const uint64_t *s) {
memcpy(pk, pk_seed, SEED_BYTES); memcpy(pk, pk_seed, SEED_BYTES);
memcpy(pk + SEED_BYTES, s, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_store8_arr(pk + SEED_BYTES, VEC_N_SIZE_BYTES, s, VEC_N_SIZE_64);
} }
@ -83,7 +141,7 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s
seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH); seedexpander_init(&pk_seedexpander, pk_seed, pk_seed + 32, SEEDEXPANDER_MAX_LENGTH);
PQCLEAN_HQCRMRS256_AVX2_vect_set_random(&pk_seedexpander, h); PQCLEAN_HQCRMRS256_AVX2_vect_set_random(&pk_seedexpander, h);
memcpy(s, pk + SEED_BYTES, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_load8_arr(s, VEC_N_SIZE_64, pk + SEED_BYTES, VEC_N_SIZE_BYTES);
} }
@ -98,8 +156,8 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_public_key_from_string(uint64_t *h, uint64_t *s
* @param[in] d String containing the hash d * @param[in] d String containing the hash d
*/ */
void PQCLEAN_HQCRMRS256_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) { void PQCLEAN_HQCRMRS256_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_t *u, const uint64_t *v, const uint8_t *d) {
memcpy(ct, u, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_store8_arr(ct, VEC_N_SIZE_BYTES, u, VEC_N_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_store8_arr(ct + VEC_N_SIZE_BYTES, VEC_N_SIZE_BYTES, v, VEC_N1N2_SIZE_64);
memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES); memcpy(ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, d, SHA512_BYTES);
} }
@ -115,7 +173,7 @@ void PQCLEAN_HQCRMRS256_AVX2_hqc_ciphertext_to_string(uint8_t *ct, const uint64_
* @param[in] ct String containing the ciphertext * @param[in] ct String containing the ciphertext
*/ */
void PQCLEAN_HQCRMRS256_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) { void PQCLEAN_HQCRMRS256_AVX2_hqc_ciphertext_from_string(uint64_t *u, uint64_t *v, uint8_t *d, const uint8_t *ct) {
memcpy(u, ct, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_load8_arr(u, VEC_N_SIZE_64, ct, VEC_N_SIZE_BYTES);
memcpy(v, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_load8_arr(v, VEC_N1N2_SIZE_64, ct + VEC_N_SIZE_BYTES, VEC_N1N2_SIZE_BYTES);
memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES); memcpy(d, ct + VEC_N_SIZE_BYTES + VEC_N1N2_SIZE_BYTES, SHA512_BYTES);
} }

View File

@ -11,6 +11,15 @@
#include <stdint.h> #include <stdint.h>
void PQCLEAN_HQCRMRS256_AVX2_store8(unsigned char *out, uint64_t in);
uint64_t PQCLEAN_HQCRMRS256_AVX2_load8(const unsigned char *in);
void PQCLEAN_HQCRMRS256_AVX2_load8_arr(uint64_t *out64, size_t outlen, const uint8_t *in8, size_t inlen);
void PQCLEAN_HQCRMRS256_AVX2_store8_arr(uint8_t *out8, size_t outlen, const uint64_t *in64, size_t inlen);
void PQCLEAN_HQCRMRS256_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk); void PQCLEAN_HQCRMRS256_AVX2_hqc_secret_key_to_string(uint8_t *sk, const uint8_t *sk_seed, const uint8_t *pk);
void PQCLEAN_HQCRMRS256_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk); void PQCLEAN_HQCRMRS256_AVX2_hqc_secret_key_from_string(uint64_t *x, uint64_t *y, uint8_t *pk, const uint8_t *sk);

View File

@ -1,5 +1,6 @@
#include "nistseedexpander.h" #include "nistseedexpander.h"
#include "parameters.h" #include "parameters.h"
#include "parsing.h"
#include "randombytes.h" #include "randombytes.h"
#include "vector.h" #include "vector.h"
#include <immintrin.h> #include <immintrin.h>
@ -115,7 +116,7 @@ void PQCLEAN_HQCRMRS256_AVX2_vect_set_random(AES_XOF_struct *ctx, uint64_t *v) {
seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES); seedexpander(ctx, rand_bytes, VEC_N_SIZE_BYTES);
memcpy(v, rand_bytes, VEC_N_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_load8_arr(v, VEC_N_SIZE_64, rand_bytes, VEC_N1N2_SIZE_BYTES);
v[VEC_N_SIZE_64 - 1] &= RED_MASK; v[VEC_N_SIZE_64 - 1] &= RED_MASK;
} }
@ -132,7 +133,7 @@ void PQCLEAN_HQCRMRS256_AVX2_vect_set_random_from_randombytes(uint64_t *v) {
uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0}; uint8_t rand_bytes [VEC_K_SIZE_BYTES] = {0};
randombytes(rand_bytes, VEC_K_SIZE_BYTES); randombytes(rand_bytes, VEC_K_SIZE_BYTES);
memcpy(v, rand_bytes, VEC_K_SIZE_BYTES); PQCLEAN_HQCRMRS256_AVX2_load8_arr(v, VEC_K_SIZE_64, rand_bytes, VEC_K_SIZE_BYTES);
} }

View File

@ -5,14 +5,12 @@ consistency_checks:
files: files:
- api.h - api.h
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-192 scheme: hqc-192
implementation: clean implementation: clean
files: files:
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-192 scheme: hqc-192
@ -36,13 +34,11 @@ consistency_checks:
- kem.c - kem.c
- parsing.c - parsing.c
- repetition.c - repetition.c
- vector.c
- source: - source:
scheme: hqc-256 scheme: hqc-256
implementation: clean implementation: clean
files: files:
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-256 scheme: hqc-256
@ -63,7 +59,6 @@ consistency_checks:
- hqc.c - hqc.c
- kem.c - kem.c
- parsing.c - parsing.c
- vector.c
- source: - source:
scheme: hqc-rmrs-128 scheme: hqc-rmrs-128
implementation: clean implementation: clean

View File

@ -5,7 +5,6 @@ consistency_checks:
files: files:
- api.h - api.h
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-192 scheme: hqc-192
@ -34,7 +33,6 @@ consistency_checks:
implementation: avx2 implementation: avx2
files: files:
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-256 scheme: hqc-256
@ -63,7 +61,6 @@ consistency_checks:
implementation: avx2 implementation: avx2
files: files:
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-rmrs-128 scheme: hqc-rmrs-128

View File

@ -5,14 +5,12 @@ consistency_checks:
files: files:
- api.h - api.h
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-256 scheme: hqc-256
implementation: clean implementation: clean
files: files:
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-256 scheme: hqc-256
@ -52,7 +50,6 @@ consistency_checks:
- hqc.c - hqc.c
- kem.c - kem.c
- parsing.c - parsing.c
- vector.c
- source: - source:
scheme: hqc-rmrs-192 scheme: hqc-rmrs-192
implementation: clean implementation: clean
@ -72,7 +69,6 @@ consistency_checks:
- hqc.c - hqc.c
- kem.c - kem.c
- parsing.c - parsing.c
- vector.c
- source: - source:
scheme: hqc-rmrs-256 scheme: hqc-rmrs-256
implementation: clean implementation: clean
@ -91,4 +87,3 @@ consistency_checks:
- hqc.c - hqc.c
- kem.c - kem.c
- parsing.c - parsing.c
- vector.c

View File

@ -5,7 +5,6 @@ consistency_checks:
files: files:
- api.h - api.h
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-256 scheme: hqc-256
@ -34,7 +33,6 @@ consistency_checks:
implementation: avx2 implementation: avx2
files: files:
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-rmrs-128 scheme: hqc-rmrs-128

View File

@ -5,7 +5,6 @@ consistency_checks:
files: files:
- api.h - api.h
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-rmrs-128 scheme: hqc-rmrs-128
@ -25,7 +24,6 @@ consistency_checks:
- hqc.c - hqc.c
- kem.c - kem.c
- parsing.c - parsing.c
- vector.c
- source: - source:
scheme: hqc-rmrs-192 scheme: hqc-rmrs-192
implementation: clean implementation: clean
@ -44,7 +42,6 @@ consistency_checks:
- hqc.c - hqc.c
- kem.c - kem.c
- parsing.c - parsing.c
- vector.c
- source: - source:
scheme: hqc-rmrs-256 scheme: hqc-rmrs-256
implementation: clean implementation: clean
@ -64,4 +61,3 @@ consistency_checks:
- hqc.c - hqc.c
- kem.c - kem.c
- parsing.c - parsing.c
- vector.c

View File

@ -5,7 +5,6 @@ consistency_checks:
files: files:
- api.h - api.h
- code.h - code.h
- gf.h
- hqc.h - hqc.h
- source: - source:
scheme: hqc-rmrs-128 scheme: hqc-rmrs-128

View File

@ -11,6 +11,7 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c
- source: - source:
scheme: hqc-rmrs-192 scheme: hqc-rmrs-192
implementation: clean implementation: clean
@ -22,6 +23,7 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c
- source: - source:
scheme: hqc-rmrs-192 scheme: hqc-rmrs-192
implementation: avx2 implementation: avx2
@ -54,6 +56,7 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c
- source: - source:
scheme: hqc-rmrs-256 scheme: hqc-rmrs-256
implementation: avx2 implementation: avx2

View File

@ -11,6 +11,7 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c
- source: - source:
scheme: hqc-rmrs-192 scheme: hqc-rmrs-192
implementation: clean implementation: clean
@ -44,6 +45,7 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c
- source: - source:
scheme: hqc-rmrs-256 scheme: hqc-rmrs-256
implementation: clean implementation: clean
@ -77,3 +79,4 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c

View File

@ -11,6 +11,7 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c
- source: - source:
scheme: hqc-rmrs-256 scheme: hqc-rmrs-256
implementation: clean implementation: clean
@ -22,6 +23,7 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c
- source: - source:
scheme: hqc-rmrs-256 scheme: hqc-rmrs-256
implementation: avx2 implementation: avx2

View File

@ -11,6 +11,7 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c
- source: - source:
scheme: hqc-rmrs-256 scheme: hqc-rmrs-256
implementation: clean implementation: clean
@ -44,3 +45,4 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c

View File

@ -11,3 +11,4 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c

View File

@ -11,3 +11,4 @@ consistency_checks:
- reed_muller.h - reed_muller.h
- reed_solomon.h - reed_solomon.h
- code.c - code.c
- fft.c