Some cleanup

src/P434/P434_api.h

@@ -42,7 +42,7 @@ int crypto_kem_dec_SIKEp434(unsigned char *ss, const unsigned char *ct, const un
 // Elements over GF(p434) are encoded in 55 octets in little endian format (i.e., the least significant octet is located in the lowest memory address). 
 // Elements (a+b*i) over GF(p434^2), where a and b are defined over GF(p434), are encoded as {a, b}, with a in the lowest memory portion.
 //
-// Private keys sk consist of the concatenation of a 16-byte random value, a value in the range [0, 2^217-1] and the public key pk. In the SIKE API, 
+// Private keys sk consist of the concatenation of a 16-byte random value, a value in the range [0, 2^Floor(Log(2,3^137))-1] and the public key pk. In the SIKE API, 
 // private keys are encoded in 374 octets in little endian format. 
 // Public keys pk consist of 3 elements in GF(p434^2). In the SIKE API, pk is encoded in 330 octets. 
 // Ciphertexts ct consist of the concatenation of a public key value and a 16-byte value. In the SIKE API, ct is encoded in 330 + 16 = 346 octets.  

src/P503/P503_api.h

@@ -42,7 +42,7 @@ int crypto_kem_dec_SIKEp503(unsigned char *ss, const unsigned char *ct, const un
 // Elements over GF(p503) are encoded in 63 octets in little endian format (i.e., the least significant octet is located in the lowest memory address). 
 // Elements (a+b*i) over GF(p503^2), where a and b are defined over GF(p503), are encoded as {a, b}, with a in the lowest memory portion.
 //
-// Private keys sk consist of the concatenation of a 24-byte random value, a value in the range [0, 2^250-1] and the public key pk. In the SIKE API, 
+// Private keys sk consist of the concatenation of a 24-byte random value, a value in the range [0, 2^Floor(Log(2,3^159))-1] and the public key pk. In the SIKE API, 
 // private keys are encoded in 434 octets in little endian format. 
 // Public keys pk consist of 3 elements in GF(p503^2). In the SIKE API, pk is encoded in 378 octets. 
 // Ciphertexts ct consist of the concatenation of a public key value and a 24-byte value. In the SIKE API, ct is encoded in 378 + 24 = 402 octets.  

src/P610/P610_api.h

@@ -42,7 +42,7 @@ int crypto_kem_dec_SIKEp610(unsigned char *ss, const unsigned char *ct, const un
 // Elements over GF(p610) are encoded in 77 octets in little endian format (i.e., the least significant octet is located in the lowest memory address). 
 // Elements (a+b*i) over GF(p610^2), where a and b are defined over GF(p610), are encoded as {a, b}, with a in the lowest memory portion.
 //
-// Private keys sk consist of the concatenation of a 24-byte random value, a value in the range [0, 2^305-1] and the public key pk. In the SIKE API, 
+// Private keys sk consist of the concatenation of a 24-byte random value, a value in the range [0, 2^Floor(Log(2,3^192)) - 1] and the public key pk. In the SIKE API, 
 // private keys are encoded in 524 octets in little endian format. 
 // Public keys pk consist of 3 elements in GF(p610^2). In the SIKE API, pk is encoded in 462 octets. 
 // Ciphertexts ct consist of the concatenation of a public key value and a 24-byte value. In the SIKE API, ct is encoded in 462 + 24 = 486 octets.  

src/P751/AMD64/fp_x64_asm.S

@@ -739,8 +739,6 @@ fmt(mul751_asm):
     and    r15, rax     
     mov    [rcx], r8
     mov    [rcx+8], r9
-    mov    [rcx+16], rbx    /////
-    mov    [rcx+24], rbp    /////
 
     // r8-r13 <- masked (AH + AL)
     mov    r8, [rsp]

src/P751/P751_api.h

@@ -42,7 +42,7 @@ int crypto_kem_dec_SIKEp751(unsigned char *ss, const unsigned char *ct, const un
 // Elements over GF(p751) are encoded in 94 octets in little endian format (i.e., the least significant octet is located in the lowest memory address). 
 // Elements (a+b*i) over GF(p751^2), where a and b are defined over GF(p751), are encoded as {a, b}, with a in the lowest memory portion.
 //
-// Private keys sk consist of the concatenation of a 32-byte random value, a value in the range [0, 2^372-1] and the public key pk. In the SIKE API, 
+// Private keys sk consist of the concatenation of a 32-byte random value, a value in the range [0, 2^Floor(Log(2,3^239)) - 1] and the public key pk. In the SIKE API, 
 // private keys are encoded in 644 octets in little endian format. 
 // Public keys pk consist of 3 elements in GF(p751^2). In the SIKE API, pk is encoded in 564 octets. 
 // Ciphertexts ct consist of the concatenation of a public key value and a 32-byte value. In the SIKE API, ct is encoded in 564 + 32 = 596 octets.  

src/ec_isogeny.c

@@ -206,16 +206,16 @@ void inv_3_way(f2elm_t z1, f2elm_t z2, f2elm_t z3)
 { // 3-way simultaneous inversion
   // Input:  z1,z2,z3
   // Output: 1/z1,1/z2,1/z3 (override inputs).
-    f2elm_t t0, t1, t2, t3;
+    f2elm_t t0, t1, t2;
 
     fp2mul_mont(z1, z2, t0);                      // t0 = z1*z2
     fp2mul_mont(z3, t0, t1);                      // t1 = z1*z2*z3
     fp2inv_mont(t1);                              // t1 = 1/(z1*z2*z3)
-    fp2mul_mont(z3, t1, t2);                      // t2 = 1/(z1*z2) 
-    fp2mul_mont(t2, z2, t3);                      // t3 = 1/z1
-    fp2mul_mont(t2, z1, z2);                      // z2 = 1/z2
+    fp2mul_mont(z3, t1, t2);                      // t2 = 1/(z1*z2)
     fp2mul_mont(t0, t1, z3);                      // z3 = 1/z3
-    fp2copy(t3, z1);                              // z1 = 1/z1
+    fp2mul_mont(t2, z2, t0);                      // z1 = 1/z1
+    fp2mul_mont(t2, z1, z2);                      // z2 = 1/z2
+    fp2copy(t0, z1);
 }
 
 
@@ -295,7 +295,6 @@ void xDBLADD(point_proj_t P, point_proj_t Q, const f2elm_t XPQ, const f2elm_t ZP
 }
 
 
-
 static void swap_points(point_proj_t P, point_proj_t Q, const digit_t option)
 { // Swap points.
   // If option = 0 then P <- P and Q <- Q, else if option = 0xFF...FF then P <- Q and Q <- P

src/fpx.c

@@ -133,6 +133,7 @@ void copy_words(const digit_t* a, digit_t* c, const unsigned int nwords)
         c[i] = a[i];
 }
 
+
 void fpmul_mont(const felm_t ma, const felm_t mb, felm_t mc)
 { // Multiprecision multiplication, c = a*b mod p.
     dfelm_t temp = {0};
@@ -240,13 +241,6 @@ __inline static void mp2_sub_p2(const f2elm_t a, const f2elm_t b, f2elm_t c)
 }
 
 
-__inline static void mp2_sub_p4(const f2elm_t a, const f2elm_t b, f2elm_t c)       
-{ // GF(p^2) subtraction with correction with 4*p, c = a-b+4p in GF(p^2). 
-    mp_sub_p4(a[0], b[0], c[0]);  
-    mp_sub_p4(a[1], b[1], c[1]); 
-}
-
-
 __inline unsigned int mp_add(const digit_t* a, const digit_t* b, digit_t* c, const unsigned int nwords)
 { // Multiprecision addition, c = a+b, where lng(a) = lng(b) = nwords. Returns the carry bit.
     unsigned int i, carry = 0;
@@ -810,9 +804,8 @@ void mp_shiftleft(digit_t* x, unsigned int shift, const unsigned int nwords)
 
 void mp_shiftr1(digit_t* x, const unsigned int nwords)
 { // Multiprecision right shift by one.
-    unsigned int i;
 
-    for (i = 0; i < nwords-1; i++) {
+    for (unsigned int i = 0; i < nwords-1; i++) {
         SHIFTR(x[i+1], x[i], 1, x[i], RADIX);
     }
     x[nwords-1] >>= 1;
@@ -821,9 +814,8 @@ void mp_shiftr1(digit_t* x, const unsigned int nwords)
 
 void mp_shiftl1(digit_t* x, const unsigned int nwords)
 { // Multiprecision left shift by one.
-    int i;
 
-    for (i = nwords-1; i > 0; i--) {
+    for (int i = nwords-1; i > 0; i--) {
         SHIFTL(x[i], x[i-1], 1, x[i], RADIX);
     }
     x[0] <<= 1;

tests/arith_tests-p434.c

@@ -12,12 +12,12 @@
 
 
 // Benchmark and test parameters  
-#if defined(OPTIMIZED_GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
+#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
     #define BENCH_LOOPS           100       // Number of iterations per bench
     #define SMALL_BENCH_LOOPS     100       // Number of iterations per bench
     #define TEST_LOOPS             10       // Number of iterations per test
 #else
-    #define BENCH_LOOPS        1000000 
+    #define BENCH_LOOPS        100000 
     #define SMALL_BENCH_LOOPS   10000       
     #define TEST_LOOPS            100   
 #endif

tests/arith_tests-p503.c

@@ -12,7 +12,7 @@
 
 
 // Benchmark and test parameters  
-#if defined(OPTIMIZED_GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
+#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
     #define BENCH_LOOPS           100       // Number of iterations per bench
     #define SMALL_BENCH_LOOPS     100       // Number of iterations per bench
     #define TEST_LOOPS             10       // Number of iterations per test

tests/arith_tests-p610.c

@@ -12,7 +12,7 @@
 
 
 // Benchmark and test parameters  
-#if defined(OPTIMIZED_GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
+#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
     #define BENCH_LOOPS           100       // Number of iterations per bench
     #define SMALL_BENCH_LOOPS     100       // Number of iterations per bench
     #define TEST_LOOPS             10       // Number of iterations per test

tests/arith_tests-p751.c

@@ -12,7 +12,7 @@
 
 
 // Benchmark and test parameters  
-#if defined(OPTIMIZED_GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
+#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM)
     #define BENCH_LOOPS           100       // Number of iterations per bench
     #define SMALL_BENCH_LOOPS     100       // Number of iterations per bench
     #define TEST_LOOPS             10       // Number of iterations per test

tests/test_sidh.c

@@ -6,7 +6,7 @@
 
 
 // Benchmark and test parameters  
-#if defined(OPTIMIZED_GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
+#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
     #define BENCH_LOOPS        5      // Number of iterations per bench 
     #define TEST_LOOPS         5      // Number of iterations per test
 #else

tests/test_sike.c

@@ -8,7 +8,7 @@
 
 
 // Benchmark and test parameters  
-#if defined(OPTIMIZED_GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
+#if defined(GENERIC_IMPLEMENTATION) || (TARGET == TARGET_ARM) 
     #define BENCH_LOOPS        5      // Number of iterations per bench 
     #define TEST_LOOPS         5      // Number of iterations per test
 #else