Skip to content

Commit

Permalink
mlkem: update from formosa-crypto/formosa-mlkem#22
Browse files Browse the repository at this point in the history
  • Loading branch information
tfaoliveira committed Feb 9, 2024
1 parent e9f1d69 commit 76e3b53
Show file tree
Hide file tree
Showing 6 changed files with 5 additions and 28 deletions.
4 changes: 0 additions & 4 deletions src/crypto_kem/mlkem/mlkem768/amd64/avx2/poly.jinc
Original file line number Diff line number Diff line change
Expand Up @@ -318,7 +318,6 @@ fn _poly_decompress(reg ptr u16[MLKEM_N] rp, reg u64 ap) -> stack u16[MLKEM_N]

for i=0 to MLKEM_N/16
{
// was patched in the context of Kyber: check https://github.com/formosa-crypto/libjade/commit/d05492d5eab67c86733b5e841d910bc353f1b38d
h = (128u)(u64)[ap + 8*i];
sh = h;
f = #VPBROADCAST_2u128(sh);
Expand Down Expand Up @@ -889,7 +888,6 @@ fn _poly_invntt(reg ptr u16[MLKEM_N] rp) -> reg ptr u16[MLKEM_N]
{
reg u256 zeta0 zeta1 zeta2 zeta3 r0 r1 r2 r3 r4 r5 r6 r7 qx16 vx16 flox16 fhix16;
reg ptr u16[400] zetasp;
reg ptr u16[16] qx16p;
inline int i;

zetasp = jzetas_inv_exp;
Expand Down Expand Up @@ -1087,8 +1085,6 @@ fn __butterfly64x(reg u256 rl0 rl1 rl2 rl3 rh0 rh1 rh2 rh3 zl0 zl1 zh0 zh1 qx16)
fn _poly_ntt(reg ptr u16[MLKEM_N] rp) -> reg ptr u16[MLKEM_N]
{
reg u256 zeta0 zeta1 zeta2 zeta3 r0 r1 r2 r3 r4 r5 r6 r7 qx16 vx16;
reg u32 t;
reg u16 w;
reg ptr u16[400] zetasp;
inline int i;

Expand Down
5 changes: 0 additions & 5 deletions src/crypto_kem/mlkem/mlkem768/amd64/ref/fips202.jinc
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,6 @@ param int SHAKE256_RATE = 136;
param int SHA3_256_RATE = 136;
param int SHA3_512_RATE = 72;

param int SHAKE128_RATE = 168;
param int SHAKE256_RATE = 136;
param int SHA3_512_RATE = 72;

inline
fn __index(inline int x, inline int y) -> inline int {
inline int r;
Expand Down Expand Up @@ -148,7 +144,6 @@ u64[24] roundconstants = {0x0000000000000001, 0x0000000000008082, 0x800000000000


fn __keccakf1600_ref(reg ptr u64[25] state) -> reg ptr u64[25] {
inline int round;
reg ptr u64[24] constptr;

reg u64 rctr;
Expand Down
10 changes: 4 additions & 6 deletions src/crypto_kem/mlkem/mlkem768/amd64/ref/indcpa.jinc
Original file line number Diff line number Diff line change
Expand Up @@ -88,11 +88,10 @@ fn __indcpa_enc(stack u64 sctp, reg ptr u8[32] msgp, reg u64 pkp, reg ptr u8[MLK
{
stack u16[MLKEM_VECN] pkpv sp ep bp;
stack u16[MLKEM_K*MLKEM_VECN] aat;
stack u16[MLKEM_N] k poly epp v poly0 poly1 poly2;
stack u16[MLKEM_N] k epp v;
stack u8[MLKEM_SYMBYTES] publicseed;
reg u64 i j t64;
reg u64 i t64;
reg u64 ctp;
reg u16 t;
reg u8 nonce;

pkpv = __polyvec_frombytes(pkp);
Expand Down Expand Up @@ -156,10 +155,9 @@ fn __iindcpa_enc(reg ptr u8[MLKEM_CT_LEN] ctp, reg ptr u8[32] msgp, reg u64 pkp,
{
stack u16[MLKEM_VECN] pkpv sp ep bp;
stack u16[MLKEM_K*MLKEM_VECN] aat;
stack u16[MLKEM_N] k poly epp v poly0 poly1 poly2;
stack u16[MLKEM_N] k epp v;
stack u8[MLKEM_SYMBYTES] publicseed;
reg u64 i j t64;
reg u16 t;
reg u64 i t64;
reg u8 nonce;
stack ptr u8[MLKEM_CT_LEN] sctp;

Expand Down
10 changes: 0 additions & 10 deletions src/crypto_kem/mlkem/mlkem768/amd64/ref/poly.jinc
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,6 @@ fn _poly_csubq(reg ptr u16[MLKEM_N] rp) -> reg ptr u16[MLKEM_N]

fn _poly_basemul(reg ptr u16[MLKEM_N] rp, reg const ptr u16[MLKEM_N] ap bp) -> reg ptr u16[MLKEM_N]
{
reg u64 offset;
reg u16 zeta;
reg u16 r0;
reg u16 r1;
Expand Down Expand Up @@ -293,7 +292,6 @@ fn _poly_frommsg(reg ptr u16[MLKEM_N] rp, reg u64 ap) -> stack u16[MLKEM_N]
reg u8 c;
reg u16 t;
inline int i;
inline int j;

for i = 0 to 32
{
Expand Down Expand Up @@ -356,7 +354,6 @@ fn _i_poly_frommsg(reg ptr u16[MLKEM_N] rp, reg ptr u8[32] ap) -> stack u16[MLKE
reg u8 c;
reg u16 t;
inline int i;
inline int j;

for i = 0 to 32
{
Expand Down Expand Up @@ -417,7 +414,6 @@ fn _poly_getnoise(reg ptr u16[MLKEM_N] rp, reg ptr u8[MLKEM_SYMBYTES] seed, reg
{
stack u8[33] extseed; /* 33 = MLKEM_SYMBYTES +1 */
stack u8[128] buf; /* 128 = MLKEM_ETA*MLKEM_N/4 */
reg u64 outlen;
reg u8 c,a,b;
reg u16 t;
reg u64 i;
Expand Down Expand Up @@ -499,11 +495,9 @@ fn _poly_invntt(reg ptr u16[MLKEM_N] rp) -> reg ptr u16[MLKEM_N]
zetasctr += 1;

j = start;
//cmp = #LEA(start + len);
cmp = start; cmp += len;
while (j < cmp)
{
//offset = #LEA(j + len);
offset = j; offset += len;
s = rp[(int)offset];
t = rp[(int)j];
Expand All @@ -515,7 +509,6 @@ fn _poly_invntt(reg ptr u16[MLKEM_N] rp) -> reg ptr u16[MLKEM_N]
rp[(int)offset] = t;
j += 1;
}
//start = #LEA(j + len);
start = j; start += len;
}
len <<= 1;
Expand Down Expand Up @@ -560,11 +553,9 @@ fn _poly_ntt(reg ptr u16[MLKEM_N] rp) -> reg ptr u16[MLKEM_N]
zetasctr += 1;
zeta = zetasp[(int)zetasctr];
j = start;
// cmp = #LEA(start + len);
cmp = start; cmp += len;
while (j < cmp)
{
//offset = #LEA(j + len);
offset = j; offset += len;
t = rp[(int)offset];
t = __fqmul(t, zeta);
Expand All @@ -576,7 +567,6 @@ fn _poly_ntt(reg ptr u16[MLKEM_N] rp) -> reg ptr u16[MLKEM_N]
rp[(int)j] = t;
j += 1;
}
//start = #LEA(j + len);
start = j; start += len;
}
len >>= 1;
Expand Down
2 changes: 0 additions & 2 deletions src/crypto_kem/mlkem/mlkem768/amd64/ref/polyvec.jinc
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ fn __polyvec_compress(reg u64 rp, stack u16[MLKEM_VECN] a)
{
stack u16[MLKEM_VECN] aa;
reg u16 c, b;
reg u16 d;
reg u64[4] t;
reg u64 i j;
inline int k;
Expand Down Expand Up @@ -90,7 +89,6 @@ fn __i_polyvec_compress(reg ptr u8[MLKEM_POLYVECCOMPRESSEDBYTES] rp, stack u16[M
{
stack u16[MLKEM_VECN] aa;
reg u16 c, b;
reg u16 d;
reg u64[4] t;
reg u64 i j;
inline int k;
Expand Down
2 changes: 1 addition & 1 deletion src/crypto_kem/mlkem/mlkem768/amd64/ref/verify.jinc
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ fn __verify(reg u64 ctp, reg ptr u8[MLKEM_CT_LEN] ctpc) -> reg u64
inline
fn __cmov(reg u64 dst, reg ptr u8[MLKEM_SYMBYTES] src, reg u64 cnd)
{
reg u8 t1 t2 bcond;
reg u8 t1 t2;
inline int i;

cnd = -cnd;
Expand Down

0 comments on commit 76e3b53

Please sign in to comment.