Reorder ull_to_bytes parameters to group output

hash.c

@@ -11,7 +11,7 @@ void addr_to_bytes(unsigned char *bytes, const uint32_t addr[8])
 {
     int i;
     for (i = 0; i < 8; i++) {
-        ull_to_bytes(bytes + i*4, addr[i], 4);
+        ull_to_bytes(bytes + i*4, 4, addr[i]);
     }
 }
 
@@ -27,7 +27,7 @@ static int core_hash(const xmss_params *params,
      *  toByte(X, 32) || KEY || M
      */
 
-    ull_to_bytes(buf, type, n);
+    ull_to_bytes(buf, n, type);
 
     for (i=0; i < keylen; i++) {
         buf[i+n] = key[i];

wots.c

@@ -18,7 +18,7 @@ static void expand_seed(const xmss_params *params,
     unsigned char ctr[32];
 
     for (i = 0; i < params->wots_len; i++) {
-        ull_to_bytes(ctr, i, 32);
+        ull_to_bytes(ctr, 32, i);
         prf(params, outseeds + i*params->n, ctr, inseed, params->n);
     }
 }
@@ -89,7 +89,7 @@ static void wots_checksum(const xmss_params *params,
     /* Convert checksum to base_w. */
     /* Make sure expected empty zero bits are the least significant bits. */
     csum = csum << (8 - ((params->wots_len2 * params->wots_log_w) % 8));
-    ull_to_bytes(csum_bytes, csum, sizeof(csum_bytes));
+    ull_to_bytes(csum_bytes, sizeof(csum_bytes), csum);
     base_w(params, csum_base_w, params->wots_len2, csum_bytes);
 }
 

xmss_commons.c

@@ -9,13 +9,15 @@
 #include "xmss_commons.h"
 
 /**
- * Converts the value of 'in' to 'len' bytes in big-endian byte order.
+ * Converts the value of 'in' to 'outlen' bytes in big-endian byte order.
  */
-void ull_to_bytes(unsigned char *out, unsigned long long in, uint32_t len)
+void ull_to_bytes(unsigned char *out, unsigned long long outlen,
+                  unsigned long long in)
 {
     int i;
 
-    for (i = len - 1; i >= 0; i--) {
+    /* Iterate over out in decreasing order, for big-endianness. */
+    for (i = outlen - 1; i >= 0; i--) {
         out[i] = in & 0xff;
         in = in >> 8;
     }
@@ -187,7 +189,7 @@ int xmss_core_sign_open(const xmss_params *params,
     /* Prepare the hash key, of the form [R || root || idx]. */
     memcpy(hash_key, sm + params->index_len, params->n);
     memcpy(hash_key + params->n, pk, params->n);
-    ull_to_bytes(hash_key + 2*params->n, idx, params->n);
+    ull_to_bytes(hash_key + 2*params->n, params->n, idx);
 
     /* Compute the message hash. */
     h_msg(params, msg_h, sm + params->bytes, *mlen, hash_key, 3*params->n);
@@ -262,7 +264,7 @@ int xmssmt_core_sign_open(const xmss_params *params,
     /* Prepare the hash key, of the form [R || root || idx]. */
     memcpy(hash_key, sm + params->index_len, params->n);
     memcpy(hash_key + params->n, pk, params->n);
-    ull_to_bytes(hash_key + 2*params->n, idx, params->n);
+    ull_to_bytes(hash_key + 2*params->n, params->n, idx);
 
     /* Compute the message hash. */
     h_msg(params, msg_h, sm + params->bytes, *mlen, hash_key, 3*params->n);

xmss_commons.h

@@ -7,7 +7,8 @@
 /**
  * Converts the value of 'in' to 'len' bytes in big-endian byte order.
  */
-void ull_to_bytes(unsigned char *output, unsigned long long in, uint32_t bytes);
+void ull_to_bytes(unsigned char *out, unsigned long long outlen,
+                  unsigned long long in);
 
 /**
  * Computes the leaf at a given address. First generates the WOTS key pair,

xmss_core.c

@@ -158,7 +158,7 @@ int xmss_core_sign(const xmss_params *params, unsigned char *sk, unsigned char *
 
     // index as 32 bytes string
     unsigned char idx_bytes_32[32];
-    ull_to_bytes(idx_bytes_32, idx, 32);
+    ull_to_bytes(idx_bytes_32, 32, idx);
 
     memcpy(sk_seed, sk+4, params->n);
     memcpy(sk_prf, sk+4+params->n, params->n);
@@ -190,7 +190,7 @@ int xmss_core_sign(const xmss_params *params, unsigned char *sk, unsigned char *
     // Generate hash key (R || root || idx)
     memcpy(hash_key, R, params->n);
     memcpy(hash_key+params->n, sk+4+3*params->n, params->n);
-    ull_to_bytes(hash_key+2*params->n, idx, params->n);
+    ull_to_bytes(hash_key+2*params->n, params->n, idx);
     // Then use it for message digest
     h_msg(params, msg_h, m, mlen, hash_key, 3*params->n);
 
@@ -316,12 +316,12 @@ int xmssmt_core_sign(const xmss_params *params, unsigned char *sk, unsigned char
 
     // Message Hash:
     // First compute pseudorandom value
-    ull_to_bytes(idx_bytes_32, idx, 32);
+    ull_to_bytes(idx_bytes_32, 32, idx);
     prf(params, R, idx_bytes_32, sk_prf, params->n);
     // Generate hash key (R || root || idx)
     memcpy(hash_key, R, params->n);
     memcpy(hash_key+params->n, sk+params->index_len+3*params->n, params->n);
-    ull_to_bytes(hash_key+2*params->n, idx, params->n);
+    ull_to_bytes(hash_key+2*params->n, params->n, idx);
 
     // Then use it for message digest
     h_msg(params, msg_h, m, mlen, hash_key, 3*params->n);

xmss_core_fast.c

@@ -396,7 +396,7 @@ int xmss_core_sign(const xmss_params *params,
 
     // index as 32 bytes string
     unsigned char idx_bytes_32[32];
-    ull_to_bytes(idx_bytes_32, idx, 32);
+    ull_to_bytes(idx_bytes_32, 32, idx);
 
     unsigned char hash_key[3*params->n];
 
@@ -425,7 +425,7 @@ int xmss_core_sign(const xmss_params *params,
     // Generate hash key (R || root || idx)
     memcpy(hash_key, R, params->n);
     memcpy(hash_key+params->n, sk+4+3*params->n, params->n);
-    ull_to_bytes(hash_key+2*params->n, idx, params->n);
+    ull_to_bytes(hash_key+2*params->n, params->n, idx);
     // Then use it for message digest
     h_msg(params, msg_h, m, mlen, hash_key, 3*params->n);
 
@@ -577,12 +577,12 @@ int xmssmt_core_sign(const xmss_params *params,
 
     // Message Hash:
     // First compute pseudorandom value
-    ull_to_bytes(idx_bytes_32, idx, 32);
+    ull_to_bytes(idx_bytes_32, 32, idx);
     prf(params, R, idx_bytes_32, sk_prf, params->n);
     // Generate hash key (R || root || idx)
     memcpy(hash_key, R, params->n);
     memcpy(hash_key+params->n, sk+params->index_len+3*params->n, params->n);
-    ull_to_bytes(hash_key+2*params->n, idx, params->n);
+    ull_to_bytes(hash_key+2*params->n, params->n, idx);
 
     // Then use it for message digest
     h_msg(params, msg_h, m, mlen, hash_key, 3*params->n);