1
1
mirror of https://github.com/henrydcase/pqc.git synced 2024-11-23 07:59:01 +00:00
pqcrypto/crypto_sign/dilithium4/clean/reduce.c
Matthias J. Kannwischer e56b2e5556
Add Dilithium (#172)
* fixes dynamic memory allocation test. previously a function called freeze() would trigger it

* this adds DilithiumII. Preprocessor conditionals still need to be removed

* fix ms Makefile

* fix MS compiler warnings

* clean-up

* remove preprocessor conditionals

* add dilithium3

* add dilithium4

* add duplicate consistency checks

* SHA2 state constants in common

* clean up symmetric.h

* Port SPHINCS+-SHA256 to sha256ctx struct

* Implement ctx struct for fips202

* Port Kyber{512,768,1024} to fips202 ctx struct

* Port NewHope to fips202 structs

* Port SPHINCS+-SHAKE256 to fips202 ctx structs

* Use opaque fips202 structs in MQDSS

* port dilithium to use fips202 ctx structs

* include -Wredundant-decls

* remove comment; format NTT constants

* reduce casts in power2round
2019-06-11 04:18:05 -05:00

75 lines
1.8 KiB
C

#include "params.h"
#include "reduce.h"
#include <stdint.h>
/*************************************************
* Name: montgomery_reduce
*
* Description: For finite field element a with 0 <= a <= Q*2^32,
* compute r \equiv a*2^{-32} (mod Q) such that 0 <= r < 2*Q.
*
* Arguments: - uint64_t: finite field element a
*
* Returns r.
**************************************************/
uint32_t PQCLEAN_DILITHIUM4_CLEAN_montgomery_reduce(uint64_t a) {
uint64_t t;
t = a * QINV;
t &= (1ULL << 32) - 1;
t *= Q;
t = a + t;
t >>= 32;
return (uint32_t) t;
}
/*************************************************
* Name: reduce32
*
* Description: For finite field element a, compute r \equiv a (mod Q)
* such that 0 <= r < 2*Q.
*
* Arguments: - uint32_t: finite field element a
*
* Returns r.
**************************************************/
uint32_t PQCLEAN_DILITHIUM4_CLEAN_reduce32(uint32_t a) {
uint32_t t;
t = a & 0x7FFFFF;
a >>= 23;
t += (a << 13) - a;
return t;
}
/*************************************************
* Name: csubq
*
* Description: Subtract Q if input coefficient is bigger than Q.
*
* Arguments: - uint32_t: finite field element a
*
* Returns r.
**************************************************/
uint32_t PQCLEAN_DILITHIUM4_CLEAN_csubq(uint32_t a) {
a -= Q;
a += ((int32_t)a >> 31) & Q;
return a;
}
/*************************************************
* Name: freeze
*
* Description: For finite field element a, compute standard
* representative r = a mod Q.
*
* Arguments: - uint32_t: finite field element a
*
* Returns r.
**************************************************/
uint32_t PQCLEAN_DILITHIUM4_CLEAN_freeze(uint32_t a) {
a = PQCLEAN_DILITHIUM4_CLEAN_reduce32(a);
a = PQCLEAN_DILITHIUM4_CLEAN_csubq(a);
return a;
}