From baa7c05eac7168b58bafe7c68cde6fc44e316273 Mon Sep 17 00:00:00 2001 From: Basil Hess Date: Mon, 26 Feb 2024 19:18:41 +0100 Subject: [PATCH] new import --- docs/algorithms/sig/mayo.md | 2 +- docs/algorithms/sig/mayo.yml | 2 +- .../copy_from_upstream/copy_from_upstream.yml | 2 +- src/sig/mayo/pqmayo_mayo_1_avx2/api.c | 20 +++--- src/sig/mayo/pqmayo_mayo_1_avx2/api.h | 16 ++--- src/sig/mayo/pqmayo_mayo_1_avx2/arithmetic.h | 4 ++ src/sig/mayo/pqmayo_mayo_1_avx2/mayo.c | 72 ++++++++++++------- src/sig/mayo/pqmayo_mayo_1_avx2/mayo.h | 15 ++-- src/sig/mayo/pqmayo_mayo_1_avx2/mem.h | 2 + src/sig/mayo/pqmayo_mayo_1_opt/api.c | 20 +++--- src/sig/mayo/pqmayo_mayo_1_opt/api.h | 16 ++--- src/sig/mayo/pqmayo_mayo_1_opt/arithmetic.h | 4 ++ src/sig/mayo/pqmayo_mayo_1_opt/echelon_form.h | 15 +++- src/sig/mayo/pqmayo_mayo_1_opt/mayo.c | 72 ++++++++++++------- src/sig/mayo/pqmayo_mayo_1_opt/mayo.h | 15 ++-- src/sig/mayo/pqmayo_mayo_1_opt/mem.h | 2 + src/sig/mayo/pqmayo_mayo_2_avx2/api.c | 20 +++--- src/sig/mayo/pqmayo_mayo_2_avx2/api.h | 16 ++--- src/sig/mayo/pqmayo_mayo_2_avx2/arithmetic.h | 4 ++ src/sig/mayo/pqmayo_mayo_2_avx2/mayo.c | 72 ++++++++++++------- src/sig/mayo/pqmayo_mayo_2_avx2/mayo.h | 15 ++-- src/sig/mayo/pqmayo_mayo_2_avx2/mem.h | 2 + src/sig/mayo/pqmayo_mayo_2_opt/api.c | 20 +++--- src/sig/mayo/pqmayo_mayo_2_opt/api.h | 16 ++--- src/sig/mayo/pqmayo_mayo_2_opt/arithmetic.h | 4 ++ src/sig/mayo/pqmayo_mayo_2_opt/echelon_form.h | 15 +++- src/sig/mayo/pqmayo_mayo_2_opt/mayo.c | 72 ++++++++++++------- src/sig/mayo/pqmayo_mayo_2_opt/mayo.h | 15 ++-- src/sig/mayo/pqmayo_mayo_2_opt/mem.h | 2 + src/sig/mayo/pqmayo_mayo_3_avx2/api.c | 20 +++--- src/sig/mayo/pqmayo_mayo_3_avx2/api.h | 16 ++--- src/sig/mayo/pqmayo_mayo_3_avx2/arithmetic.h | 4 ++ src/sig/mayo/pqmayo_mayo_3_avx2/mayo.c | 72 ++++++++++++------- src/sig/mayo/pqmayo_mayo_3_avx2/mayo.h | 15 ++-- src/sig/mayo/pqmayo_mayo_3_avx2/mem.h | 2 + src/sig/mayo/pqmayo_mayo_3_opt/api.c | 20 +++--- src/sig/mayo/pqmayo_mayo_3_opt/api.h | 16 ++--- src/sig/mayo/pqmayo_mayo_3_opt/arithmetic.h | 4 ++ src/sig/mayo/pqmayo_mayo_3_opt/echelon_form.h | 15 +++- src/sig/mayo/pqmayo_mayo_3_opt/mayo.c | 72 ++++++++++++------- src/sig/mayo/pqmayo_mayo_3_opt/mayo.h | 15 ++-- src/sig/mayo/pqmayo_mayo_3_opt/mem.h | 2 + 42 files changed, 519 insertions(+), 306 deletions(-) diff --git a/docs/algorithms/sig/mayo.md b/docs/algorithms/sig/mayo.md index 9332a0225e..fc313da3d9 100644 --- a/docs/algorithms/sig/mayo.md +++ b/docs/algorithms/sig/mayo.md @@ -6,7 +6,7 @@ - **Authors' website**: https://pqmayo.org - **Specification version**: 1.1. - **Primary Source**: - - **Source**: https://github.com/PQCMayo/MAYO-C/commit/af6ddc71af9451e00c55433b224825eb6f6fea2b with copy_from_upstream patches + - **Source**: https://github.com/PQCMayo/MAYO-C/commit/5002c0c1772b7ea7eb75da14d8b12c42903f5fda with copy_from_upstream patches - **Implementation license (SPDX-Identifier)**: Apache-2.0 diff --git a/docs/algorithms/sig/mayo.yml b/docs/algorithms/sig/mayo.yml index 8b5cff0088..1dcfbb732d 100644 --- a/docs/algorithms/sig/mayo.yml +++ b/docs/algorithms/sig/mayo.yml @@ -11,7 +11,7 @@ website: https://pqmayo.org nist-round: 1 spec-version: 1.1 primary-upstream: - source: https://github.com/PQCMayo/MAYO-C/commit/af6ddc71af9451e00c55433b224825eb6f6fea2b + source: https://github.com/PQCMayo/MAYO-C/commit/5002c0c1772b7ea7eb75da14d8b12c42903f5fda with copy_from_upstream patches spdx-license-identifier: Apache-2.0 parameter-sets: diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml index ca2873c0b0..bd762f0371 100644 --- a/scripts/copy_from_upstream/copy_from_upstream.yml +++ b/scripts/copy_from_upstream/copy_from_upstream.yml @@ -57,7 +57,7 @@ upstreams: name: pqmayo git_url: https://github.com/PQCMayo/MAYO-C.git git_branch: bhe-liboqs-integration - git_commit: af6ddc71af9451e00c55433b224825eb6f6fea2b + git_commit: 5002c0c1772b7ea7eb75da14d8b12c42903f5fda sig_meta_path: 'META/{pretty_name_full}_META.yml' sig_scheme_path: '.' patches: [pqmayo-aes.patch, pqmayo-mem.patch] diff --git a/src/sig/mayo/pqmayo_mayo_1_avx2/api.c b/src/sig/mayo/pqmayo_mayo_1_avx2/api.c index 8c10f2a7fc..224e220d56 100644 --- a/src/sig/mayo/pqmayo_mayo_1_avx2/api.c +++ b/src/sig/mayo/pqmayo_mayo_1_avx2/api.c @@ -16,29 +16,29 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { #ifndef PQM4 int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk) { return mayo_sign(MAYO_PARAMS, sm, smlen, m, mlen, sk); } int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk) { return mayo_sign_signature(MAYO_PARAMS, sig, siglen, m, mlen, sk); } int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk) { return mayo_open(MAYO_PARAMS, m, mlen, sm, smlen, pk); } int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk) { if (siglen != CRYPTO_BYTES) return -1; @@ -50,7 +50,7 @@ crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned long long smlen_ll; + size_t smlen_ll; int rc = mayo_sign(MAYO_PARAMS, sm, &smlen_ll, m, mlen, sk); *smlen = smlen_ll; return rc; @@ -60,7 +60,7 @@ int crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - unsigned long long mlen_ll; + size_t mlen_ll; int rc = mayo_open(MAYO_PARAMS, m, &mlen_ll, sm, smlen, pk); *mlen = mlen_ll; return rc; diff --git a/src/sig/mayo/pqmayo_mayo_1_avx2/api.h b/src/sig/mayo/pqmayo_mayo_1_avx2/api.h index 07b98c65d9..74ed57fbc0 100644 --- a/src/sig/mayo/pqmayo_mayo_1_avx2/api.h +++ b/src/sig/mayo/pqmayo_mayo_1_avx2/api.h @@ -19,26 +19,26 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk); #ifndef PQM4 #define crypto_sign MAYO_NAMESPACE(crypto_sign) int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk); #define crypto_sign_signature MAYO_NAMESPACE(crypto_sign_signature) int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk); #define crypto_sign_open MAYO_NAMESPACE(crypto_sign_open) int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk); #define crypto_sign_verify MAYO_NAMESPACE(crypto_sign_verify) int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk); #else #include diff --git a/src/sig/mayo/pqmayo_mayo_1_avx2/arithmetic.h b/src/sig/mayo/pqmayo_mayo_1_avx2/arithmetic.h index 268ecba327..4c12831eb1 100644 --- a/src/sig/mayo/pqmayo_mayo_1_avx2/arithmetic.h +++ b/src/sig/mayo/pqmayo_mayo_1_avx2/arithmetic.h @@ -8,6 +8,10 @@ #include #include +#if defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#define TARGET_BIG_ENDIAN +#endif + #if defined(MAYO_AVX) && (M_MAX == 64) #include #endif diff --git a/src/sig/mayo/pqmayo_mayo_1_avx2/mayo.c b/src/sig/mayo/pqmayo_mayo_1_avx2/mayo.c index 4c2da41748..eb52d46892 100644 --- a/src/sig/mayo/pqmayo_mayo_1_avx2/mayo.c +++ b/src/sig/mayo/pqmayo_mayo_1_avx2/mayo.c @@ -40,7 +40,7 @@ static void encode(const unsigned char *m, unsigned char *menc, int mlen) { } } -static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned char *t, unsigned char *y){ +static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, const unsigned char *t, unsigned char *y){ #ifndef ENABLE_PARAMS_DYNAMIC (void) p; #endif @@ -62,10 +62,18 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // reduce mod f(X) for (int jj = 0; jj < F_TAIL_LEN; jj++) { if(jj%2 == 0){ +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#endif } else { +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#endif } } @@ -80,8 +88,14 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // add to y for (int i = 0; i < PARAM_m(p); i+=2) { +#ifdef TARGET_BIG_ENDIAN + y[i] = t[i] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] & 0xF); + y[i+1] = t[i+1] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] >> 4); +#else y[i] = t[i] ^ (temp_bytes[i/2] & 0xF); y[i+1] = t[i+1] ^ (temp_bytes[i/2] >> 4); +#endif + } } @@ -208,6 +222,11 @@ static void compute_A(const mayo_params_t *p, const uint64_t *_VtL, unsigned cha } } +#ifdef TARGET_BIG_ENDIAN + for (int i = 0; i < (((PARAM_o(p)*PARAM_k(p)+15)/16)*16)*MAYO_M_OVER_8; ++i) + A[i] = BSWAP64(A[i]); +#endif + for (int r = 0; r < PARAM_m(p); r+=16) { for (int c = 0; c < PARAM_A_cols(p)-1 ; c+=16) @@ -235,8 +254,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk) { } int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; unsigned char tenc[M_BYTES_MAX], t[M_MAX]; // no secret data unsigned char y[M_MAX]; // secret data @@ -264,6 +283,9 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, const int param_v_bytes = PARAM_v_bytes(p); const int param_r_bytes = PARAM_r_bytes(p); const int param_P1_bytes = PARAM_P1_bytes(p); +#ifdef TARGET_BIG_ENDIAN + const int param_P2_bytes = PARAM_P2_bytes(p); +#endif const int param_sig_bytes = PARAM_sig_bytes(p); const int param_A_cols = PARAM_A_cols(p); const int param_digest_bytes = PARAM_digest_bytes(p); @@ -286,11 +308,11 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, alignas (32) uint64_t Mtmp[K_MAX * O_MAX * M_MAX / 16] = {0}; #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - L[i] = BSWAP32(L[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + L[i] = BSWAP64(L[i]); } #endif @@ -377,13 +399,13 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, } int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; const int param_sig_bytes = PARAM_sig_bytes(p); - unsigned long long siglen = param_sig_bytes; + size_t siglen = param_sig_bytes; ret = mayo_sign_signature(p, sm, &siglen, m, mlen, csk); - if (ret != MAYO_OK || siglen != (unsigned long long) param_sig_bytes) + if (ret != MAYO_OK || siglen != (size_t) param_sig_bytes) goto err; memmove(sm + param_sig_bytes, m, mlen); @@ -393,10 +415,10 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, } int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk) { + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk) { const int param_sig_bytes = PARAM_sig_bytes(p); - if (smlen < (unsigned long long)param_sig_bytes) { + if (smlen < (size_t)param_sig_bytes) { return MAYO_ERR; } int result = mayo_verify(p, sm + param_sig_bytes, smlen - param_sig_bytes, sm, @@ -535,8 +557,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, uint64_t *P2 = P + (param_P1_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -549,8 +571,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, memcpy(sk->o, S + param_pk_seed_bytes, param_O_bytes); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -560,7 +582,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, } int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *cpk) { unsigned char tEnc[M_BYTES_MAX]; unsigned char t[M_MAX]; @@ -594,14 +616,14 @@ int mayo_verify(const mayo_params_t *p, const unsigned char *m, uint64_t *P3 = P2 + (param_P2_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - P2[i] = BSWAP32(P2[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + P2[i] = BSWAP64(P2[i]); } - for (int i = 0; i < param_P3_bytes / 4; ++i) { - P3[i] = BSWAP32(P3[i]); + for (int i = 0; i < param_P3_bytes / 8; ++i) { + P3[i] = BSWAP64(P3[i]); } #endif diff --git a/src/sig/mayo/pqmayo_mayo_1_avx2/mayo.h b/src/sig/mayo/pqmayo_mayo_1_avx2/mayo.h index cf630e56d2..1a86bb8c76 100644 --- a/src/sig/mayo/pqmayo_mayo_1_avx2/mayo.h +++ b/src/sig/mayo/pqmayo_mayo_1_avx2/mayo.h @@ -4,6 +4,7 @@ #define MAYO_H #include +#include #define F_TAIL_LEN 5 #define F_TAIL_64 \ @@ -321,8 +322,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk); #define mayo_sign_signature MAYO_NAMESPACE(mayo_sign_signature) int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk); /** * MAYO signature generation. @@ -341,8 +342,8 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, */ #define mayo_sign MAYO_NAMESPACE(mayo_sign) int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *sk); /** * Mayo open signature. @@ -361,8 +362,8 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, */ #define mayo_open MAYO_NAMESPACE(mayo_open) int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk); + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk); /** * Mayo compact keypair generation. @@ -427,7 +428,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, */ #define mayo_verify MAYO_NAMESPACE(mayo_verify) int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *pk); #endif diff --git a/src/sig/mayo/pqmayo_mayo_1_avx2/mem.h b/src/sig/mayo/pqmayo_mayo_1_avx2/mem.h index 797cd5130c..e699202b2d 100644 --- a/src/sig/mayo/pqmayo_mayo_1_avx2/mem.h +++ b/src/sig/mayo/pqmayo_mayo_1_avx2/mem.h @@ -7,8 +7,10 @@ #if defined(__GNUC__) || defined(__clang__) #define BSWAP32(i) __builtin_bswap32((i)) +#define BSWAP64(i) __builtin_bswap64((i)) #else #define BSWAP32(i) ((((i) >> 24) & 0xff) | (((i) >> 8) & 0xff00) | (((i) & 0xff00) << 8) | ((i) << 24)) +#define BSWAP64(i) ((BSWAP32((i) >> 32) & 0xffffffff) | (BSWAP32(i) << 32)) #endif // a > b -> b - a is negative diff --git a/src/sig/mayo/pqmayo_mayo_1_opt/api.c b/src/sig/mayo/pqmayo_mayo_1_opt/api.c index 8c10f2a7fc..224e220d56 100644 --- a/src/sig/mayo/pqmayo_mayo_1_opt/api.c +++ b/src/sig/mayo/pqmayo_mayo_1_opt/api.c @@ -16,29 +16,29 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { #ifndef PQM4 int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk) { return mayo_sign(MAYO_PARAMS, sm, smlen, m, mlen, sk); } int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk) { return mayo_sign_signature(MAYO_PARAMS, sig, siglen, m, mlen, sk); } int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk) { return mayo_open(MAYO_PARAMS, m, mlen, sm, smlen, pk); } int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk) { if (siglen != CRYPTO_BYTES) return -1; @@ -50,7 +50,7 @@ crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned long long smlen_ll; + size_t smlen_ll; int rc = mayo_sign(MAYO_PARAMS, sm, &smlen_ll, m, mlen, sk); *smlen = smlen_ll; return rc; @@ -60,7 +60,7 @@ int crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - unsigned long long mlen_ll; + size_t mlen_ll; int rc = mayo_open(MAYO_PARAMS, m, &mlen_ll, sm, smlen, pk); *mlen = mlen_ll; return rc; diff --git a/src/sig/mayo/pqmayo_mayo_1_opt/api.h b/src/sig/mayo/pqmayo_mayo_1_opt/api.h index 07b98c65d9..74ed57fbc0 100644 --- a/src/sig/mayo/pqmayo_mayo_1_opt/api.h +++ b/src/sig/mayo/pqmayo_mayo_1_opt/api.h @@ -19,26 +19,26 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk); #ifndef PQM4 #define crypto_sign MAYO_NAMESPACE(crypto_sign) int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk); #define crypto_sign_signature MAYO_NAMESPACE(crypto_sign_signature) int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk); #define crypto_sign_open MAYO_NAMESPACE(crypto_sign_open) int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk); #define crypto_sign_verify MAYO_NAMESPACE(crypto_sign_verify) int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk); #else #include diff --git a/src/sig/mayo/pqmayo_mayo_1_opt/arithmetic.h b/src/sig/mayo/pqmayo_mayo_1_opt/arithmetic.h index 268ecba327..4c12831eb1 100644 --- a/src/sig/mayo/pqmayo_mayo_1_opt/arithmetic.h +++ b/src/sig/mayo/pqmayo_mayo_1_opt/arithmetic.h @@ -8,6 +8,10 @@ #include #include +#if defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#define TARGET_BIG_ENDIAN +#endif + #if defined(MAYO_AVX) && (M_MAX == 64) #include #endif diff --git a/src/sig/mayo/pqmayo_mayo_1_opt/echelon_form.h b/src/sig/mayo/pqmayo_mayo_1_opt/echelon_form.h index 40d7d10480..57326ad65d 100644 --- a/src/sig/mayo/pqmayo_mayo_1_opt/echelon_form.h +++ b/src/sig/mayo/pqmayo_mayo_1_opt/echelon_form.h @@ -25,10 +25,18 @@ ef_pack_m_vec(const unsigned char *in, uint64_t *out, int ncols) { int i; unsigned char *out8 = (unsigned char *)out; for(i = 0; i+1 < ncols; i += 2){ +#ifdef TARGET_BIG_ENDIAN + out8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] = (in[i+0] << 0) | (in[i+1] << 4); +#else out8[i/2] = (in[i+0] << 0) | (in[i+1] << 4); +#endif } if (ncols % 2 == 1){ +#ifdef TARGET_BIG_ENDIAN + out8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] = (in[i+0] << 0); +#else out8[i/2] = (in[i+0] << 0); +#endif } } @@ -36,8 +44,13 @@ static inline void ef_unpack_m_vec(int legs, const uint64_t *in, unsigned char *out) { const unsigned char *in8 = (const unsigned char *)in; for(int i = 0; i < legs * 16; i += 2){ +#ifdef TARGET_BIG_ENDIAN + out[i] = (in8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8]) & 0xF; + out[i+1] = (in8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] >> 4); +#else out[i] = (in8[i/2]) & 0xF; out[i+1] = (in8[i/2] >> 4); +#endif } } @@ -116,7 +129,7 @@ static inline void EF(unsigned char *A, int nrows, int ncols) { packed_A + row * row_len); } - pivot_row += (-(int32_t)(~pivot_is_zero)); + pivot_row += (-(int64_t)(~pivot_is_zero)); } unsigned char temp[(O_MAX * K_MAX + 1 + 15)]; diff --git a/src/sig/mayo/pqmayo_mayo_1_opt/mayo.c b/src/sig/mayo/pqmayo_mayo_1_opt/mayo.c index 4c2da41748..eb52d46892 100644 --- a/src/sig/mayo/pqmayo_mayo_1_opt/mayo.c +++ b/src/sig/mayo/pqmayo_mayo_1_opt/mayo.c @@ -40,7 +40,7 @@ static void encode(const unsigned char *m, unsigned char *menc, int mlen) { } } -static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned char *t, unsigned char *y){ +static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, const unsigned char *t, unsigned char *y){ #ifndef ENABLE_PARAMS_DYNAMIC (void) p; #endif @@ -62,10 +62,18 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // reduce mod f(X) for (int jj = 0; jj < F_TAIL_LEN; jj++) { if(jj%2 == 0){ +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#endif } else { +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#endif } } @@ -80,8 +88,14 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // add to y for (int i = 0; i < PARAM_m(p); i+=2) { +#ifdef TARGET_BIG_ENDIAN + y[i] = t[i] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] & 0xF); + y[i+1] = t[i+1] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] >> 4); +#else y[i] = t[i] ^ (temp_bytes[i/2] & 0xF); y[i+1] = t[i+1] ^ (temp_bytes[i/2] >> 4); +#endif + } } @@ -208,6 +222,11 @@ static void compute_A(const mayo_params_t *p, const uint64_t *_VtL, unsigned cha } } +#ifdef TARGET_BIG_ENDIAN + for (int i = 0; i < (((PARAM_o(p)*PARAM_k(p)+15)/16)*16)*MAYO_M_OVER_8; ++i) + A[i] = BSWAP64(A[i]); +#endif + for (int r = 0; r < PARAM_m(p); r+=16) { for (int c = 0; c < PARAM_A_cols(p)-1 ; c+=16) @@ -235,8 +254,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk) { } int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; unsigned char tenc[M_BYTES_MAX], t[M_MAX]; // no secret data unsigned char y[M_MAX]; // secret data @@ -264,6 +283,9 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, const int param_v_bytes = PARAM_v_bytes(p); const int param_r_bytes = PARAM_r_bytes(p); const int param_P1_bytes = PARAM_P1_bytes(p); +#ifdef TARGET_BIG_ENDIAN + const int param_P2_bytes = PARAM_P2_bytes(p); +#endif const int param_sig_bytes = PARAM_sig_bytes(p); const int param_A_cols = PARAM_A_cols(p); const int param_digest_bytes = PARAM_digest_bytes(p); @@ -286,11 +308,11 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, alignas (32) uint64_t Mtmp[K_MAX * O_MAX * M_MAX / 16] = {0}; #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - L[i] = BSWAP32(L[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + L[i] = BSWAP64(L[i]); } #endif @@ -377,13 +399,13 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, } int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; const int param_sig_bytes = PARAM_sig_bytes(p); - unsigned long long siglen = param_sig_bytes; + size_t siglen = param_sig_bytes; ret = mayo_sign_signature(p, sm, &siglen, m, mlen, csk); - if (ret != MAYO_OK || siglen != (unsigned long long) param_sig_bytes) + if (ret != MAYO_OK || siglen != (size_t) param_sig_bytes) goto err; memmove(sm + param_sig_bytes, m, mlen); @@ -393,10 +415,10 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, } int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk) { + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk) { const int param_sig_bytes = PARAM_sig_bytes(p); - if (smlen < (unsigned long long)param_sig_bytes) { + if (smlen < (size_t)param_sig_bytes) { return MAYO_ERR; } int result = mayo_verify(p, sm + param_sig_bytes, smlen - param_sig_bytes, sm, @@ -535,8 +557,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, uint64_t *P2 = P + (param_P1_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -549,8 +571,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, memcpy(sk->o, S + param_pk_seed_bytes, param_O_bytes); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -560,7 +582,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, } int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *cpk) { unsigned char tEnc[M_BYTES_MAX]; unsigned char t[M_MAX]; @@ -594,14 +616,14 @@ int mayo_verify(const mayo_params_t *p, const unsigned char *m, uint64_t *P3 = P2 + (param_P2_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - P2[i] = BSWAP32(P2[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + P2[i] = BSWAP64(P2[i]); } - for (int i = 0; i < param_P3_bytes / 4; ++i) { - P3[i] = BSWAP32(P3[i]); + for (int i = 0; i < param_P3_bytes / 8; ++i) { + P3[i] = BSWAP64(P3[i]); } #endif diff --git a/src/sig/mayo/pqmayo_mayo_1_opt/mayo.h b/src/sig/mayo/pqmayo_mayo_1_opt/mayo.h index cf630e56d2..1a86bb8c76 100644 --- a/src/sig/mayo/pqmayo_mayo_1_opt/mayo.h +++ b/src/sig/mayo/pqmayo_mayo_1_opt/mayo.h @@ -4,6 +4,7 @@ #define MAYO_H #include +#include #define F_TAIL_LEN 5 #define F_TAIL_64 \ @@ -321,8 +322,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk); #define mayo_sign_signature MAYO_NAMESPACE(mayo_sign_signature) int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk); /** * MAYO signature generation. @@ -341,8 +342,8 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, */ #define mayo_sign MAYO_NAMESPACE(mayo_sign) int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *sk); /** * Mayo open signature. @@ -361,8 +362,8 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, */ #define mayo_open MAYO_NAMESPACE(mayo_open) int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk); + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk); /** * Mayo compact keypair generation. @@ -427,7 +428,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, */ #define mayo_verify MAYO_NAMESPACE(mayo_verify) int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *pk); #endif diff --git a/src/sig/mayo/pqmayo_mayo_1_opt/mem.h b/src/sig/mayo/pqmayo_mayo_1_opt/mem.h index 797cd5130c..e699202b2d 100644 --- a/src/sig/mayo/pqmayo_mayo_1_opt/mem.h +++ b/src/sig/mayo/pqmayo_mayo_1_opt/mem.h @@ -7,8 +7,10 @@ #if defined(__GNUC__) || defined(__clang__) #define BSWAP32(i) __builtin_bswap32((i)) +#define BSWAP64(i) __builtin_bswap64((i)) #else #define BSWAP32(i) ((((i) >> 24) & 0xff) | (((i) >> 8) & 0xff00) | (((i) & 0xff00) << 8) | ((i) << 24)) +#define BSWAP64(i) ((BSWAP32((i) >> 32) & 0xffffffff) | (BSWAP32(i) << 32)) #endif // a > b -> b - a is negative diff --git a/src/sig/mayo/pqmayo_mayo_2_avx2/api.c b/src/sig/mayo/pqmayo_mayo_2_avx2/api.c index 99e6ec72f4..9661408d3f 100644 --- a/src/sig/mayo/pqmayo_mayo_2_avx2/api.c +++ b/src/sig/mayo/pqmayo_mayo_2_avx2/api.c @@ -16,29 +16,29 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { #ifndef PQM4 int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk) { return mayo_sign(MAYO_PARAMS, sm, smlen, m, mlen, sk); } int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk) { return mayo_sign_signature(MAYO_PARAMS, sig, siglen, m, mlen, sk); } int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk) { return mayo_open(MAYO_PARAMS, m, mlen, sm, smlen, pk); } int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk) { if (siglen != CRYPTO_BYTES) return -1; @@ -50,7 +50,7 @@ crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned long long smlen_ll; + size_t smlen_ll; int rc = mayo_sign(MAYO_PARAMS, sm, &smlen_ll, m, mlen, sk); *smlen = smlen_ll; return rc; @@ -60,7 +60,7 @@ int crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - unsigned long long mlen_ll; + size_t mlen_ll; int rc = mayo_open(MAYO_PARAMS, m, &mlen_ll, sm, smlen, pk); *mlen = mlen_ll; return rc; diff --git a/src/sig/mayo/pqmayo_mayo_2_avx2/api.h b/src/sig/mayo/pqmayo_mayo_2_avx2/api.h index 5d980f9b1d..80923694aa 100644 --- a/src/sig/mayo/pqmayo_mayo_2_avx2/api.h +++ b/src/sig/mayo/pqmayo_mayo_2_avx2/api.h @@ -19,26 +19,26 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk); #ifndef PQM4 #define crypto_sign MAYO_NAMESPACE(crypto_sign) int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk); #define crypto_sign_signature MAYO_NAMESPACE(crypto_sign_signature) int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk); #define crypto_sign_open MAYO_NAMESPACE(crypto_sign_open) int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk); #define crypto_sign_verify MAYO_NAMESPACE(crypto_sign_verify) int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk); #else #include diff --git a/src/sig/mayo/pqmayo_mayo_2_avx2/arithmetic.h b/src/sig/mayo/pqmayo_mayo_2_avx2/arithmetic.h index 268ecba327..4c12831eb1 100644 --- a/src/sig/mayo/pqmayo_mayo_2_avx2/arithmetic.h +++ b/src/sig/mayo/pqmayo_mayo_2_avx2/arithmetic.h @@ -8,6 +8,10 @@ #include #include +#if defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#define TARGET_BIG_ENDIAN +#endif + #if defined(MAYO_AVX) && (M_MAX == 64) #include #endif diff --git a/src/sig/mayo/pqmayo_mayo_2_avx2/mayo.c b/src/sig/mayo/pqmayo_mayo_2_avx2/mayo.c index 4c2da41748..eb52d46892 100644 --- a/src/sig/mayo/pqmayo_mayo_2_avx2/mayo.c +++ b/src/sig/mayo/pqmayo_mayo_2_avx2/mayo.c @@ -40,7 +40,7 @@ static void encode(const unsigned char *m, unsigned char *menc, int mlen) { } } -static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned char *t, unsigned char *y){ +static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, const unsigned char *t, unsigned char *y){ #ifndef ENABLE_PARAMS_DYNAMIC (void) p; #endif @@ -62,10 +62,18 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // reduce mod f(X) for (int jj = 0; jj < F_TAIL_LEN; jj++) { if(jj%2 == 0){ +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#endif } else { +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#endif } } @@ -80,8 +88,14 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // add to y for (int i = 0; i < PARAM_m(p); i+=2) { +#ifdef TARGET_BIG_ENDIAN + y[i] = t[i] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] & 0xF); + y[i+1] = t[i+1] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] >> 4); +#else y[i] = t[i] ^ (temp_bytes[i/2] & 0xF); y[i+1] = t[i+1] ^ (temp_bytes[i/2] >> 4); +#endif + } } @@ -208,6 +222,11 @@ static void compute_A(const mayo_params_t *p, const uint64_t *_VtL, unsigned cha } } +#ifdef TARGET_BIG_ENDIAN + for (int i = 0; i < (((PARAM_o(p)*PARAM_k(p)+15)/16)*16)*MAYO_M_OVER_8; ++i) + A[i] = BSWAP64(A[i]); +#endif + for (int r = 0; r < PARAM_m(p); r+=16) { for (int c = 0; c < PARAM_A_cols(p)-1 ; c+=16) @@ -235,8 +254,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk) { } int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; unsigned char tenc[M_BYTES_MAX], t[M_MAX]; // no secret data unsigned char y[M_MAX]; // secret data @@ -264,6 +283,9 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, const int param_v_bytes = PARAM_v_bytes(p); const int param_r_bytes = PARAM_r_bytes(p); const int param_P1_bytes = PARAM_P1_bytes(p); +#ifdef TARGET_BIG_ENDIAN + const int param_P2_bytes = PARAM_P2_bytes(p); +#endif const int param_sig_bytes = PARAM_sig_bytes(p); const int param_A_cols = PARAM_A_cols(p); const int param_digest_bytes = PARAM_digest_bytes(p); @@ -286,11 +308,11 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, alignas (32) uint64_t Mtmp[K_MAX * O_MAX * M_MAX / 16] = {0}; #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - L[i] = BSWAP32(L[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + L[i] = BSWAP64(L[i]); } #endif @@ -377,13 +399,13 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, } int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; const int param_sig_bytes = PARAM_sig_bytes(p); - unsigned long long siglen = param_sig_bytes; + size_t siglen = param_sig_bytes; ret = mayo_sign_signature(p, sm, &siglen, m, mlen, csk); - if (ret != MAYO_OK || siglen != (unsigned long long) param_sig_bytes) + if (ret != MAYO_OK || siglen != (size_t) param_sig_bytes) goto err; memmove(sm + param_sig_bytes, m, mlen); @@ -393,10 +415,10 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, } int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk) { + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk) { const int param_sig_bytes = PARAM_sig_bytes(p); - if (smlen < (unsigned long long)param_sig_bytes) { + if (smlen < (size_t)param_sig_bytes) { return MAYO_ERR; } int result = mayo_verify(p, sm + param_sig_bytes, smlen - param_sig_bytes, sm, @@ -535,8 +557,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, uint64_t *P2 = P + (param_P1_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -549,8 +571,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, memcpy(sk->o, S + param_pk_seed_bytes, param_O_bytes); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -560,7 +582,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, } int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *cpk) { unsigned char tEnc[M_BYTES_MAX]; unsigned char t[M_MAX]; @@ -594,14 +616,14 @@ int mayo_verify(const mayo_params_t *p, const unsigned char *m, uint64_t *P3 = P2 + (param_P2_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - P2[i] = BSWAP32(P2[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + P2[i] = BSWAP64(P2[i]); } - for (int i = 0; i < param_P3_bytes / 4; ++i) { - P3[i] = BSWAP32(P3[i]); + for (int i = 0; i < param_P3_bytes / 8; ++i) { + P3[i] = BSWAP64(P3[i]); } #endif diff --git a/src/sig/mayo/pqmayo_mayo_2_avx2/mayo.h b/src/sig/mayo/pqmayo_mayo_2_avx2/mayo.h index cf630e56d2..1a86bb8c76 100644 --- a/src/sig/mayo/pqmayo_mayo_2_avx2/mayo.h +++ b/src/sig/mayo/pqmayo_mayo_2_avx2/mayo.h @@ -4,6 +4,7 @@ #define MAYO_H #include +#include #define F_TAIL_LEN 5 #define F_TAIL_64 \ @@ -321,8 +322,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk); #define mayo_sign_signature MAYO_NAMESPACE(mayo_sign_signature) int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk); /** * MAYO signature generation. @@ -341,8 +342,8 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, */ #define mayo_sign MAYO_NAMESPACE(mayo_sign) int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *sk); /** * Mayo open signature. @@ -361,8 +362,8 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, */ #define mayo_open MAYO_NAMESPACE(mayo_open) int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk); + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk); /** * Mayo compact keypair generation. @@ -427,7 +428,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, */ #define mayo_verify MAYO_NAMESPACE(mayo_verify) int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *pk); #endif diff --git a/src/sig/mayo/pqmayo_mayo_2_avx2/mem.h b/src/sig/mayo/pqmayo_mayo_2_avx2/mem.h index 797cd5130c..e699202b2d 100644 --- a/src/sig/mayo/pqmayo_mayo_2_avx2/mem.h +++ b/src/sig/mayo/pqmayo_mayo_2_avx2/mem.h @@ -7,8 +7,10 @@ #if defined(__GNUC__) || defined(__clang__) #define BSWAP32(i) __builtin_bswap32((i)) +#define BSWAP64(i) __builtin_bswap64((i)) #else #define BSWAP32(i) ((((i) >> 24) & 0xff) | (((i) >> 8) & 0xff00) | (((i) & 0xff00) << 8) | ((i) << 24)) +#define BSWAP64(i) ((BSWAP32((i) >> 32) & 0xffffffff) | (BSWAP32(i) << 32)) #endif // a > b -> b - a is negative diff --git a/src/sig/mayo/pqmayo_mayo_2_opt/api.c b/src/sig/mayo/pqmayo_mayo_2_opt/api.c index 99e6ec72f4..9661408d3f 100644 --- a/src/sig/mayo/pqmayo_mayo_2_opt/api.c +++ b/src/sig/mayo/pqmayo_mayo_2_opt/api.c @@ -16,29 +16,29 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { #ifndef PQM4 int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk) { return mayo_sign(MAYO_PARAMS, sm, smlen, m, mlen, sk); } int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk) { return mayo_sign_signature(MAYO_PARAMS, sig, siglen, m, mlen, sk); } int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk) { return mayo_open(MAYO_PARAMS, m, mlen, sm, smlen, pk); } int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk) { if (siglen != CRYPTO_BYTES) return -1; @@ -50,7 +50,7 @@ crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned long long smlen_ll; + size_t smlen_ll; int rc = mayo_sign(MAYO_PARAMS, sm, &smlen_ll, m, mlen, sk); *smlen = smlen_ll; return rc; @@ -60,7 +60,7 @@ int crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - unsigned long long mlen_ll; + size_t mlen_ll; int rc = mayo_open(MAYO_PARAMS, m, &mlen_ll, sm, smlen, pk); *mlen = mlen_ll; return rc; diff --git a/src/sig/mayo/pqmayo_mayo_2_opt/api.h b/src/sig/mayo/pqmayo_mayo_2_opt/api.h index 5d980f9b1d..80923694aa 100644 --- a/src/sig/mayo/pqmayo_mayo_2_opt/api.h +++ b/src/sig/mayo/pqmayo_mayo_2_opt/api.h @@ -19,26 +19,26 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk); #ifndef PQM4 #define crypto_sign MAYO_NAMESPACE(crypto_sign) int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk); #define crypto_sign_signature MAYO_NAMESPACE(crypto_sign_signature) int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk); #define crypto_sign_open MAYO_NAMESPACE(crypto_sign_open) int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk); #define crypto_sign_verify MAYO_NAMESPACE(crypto_sign_verify) int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk); #else #include diff --git a/src/sig/mayo/pqmayo_mayo_2_opt/arithmetic.h b/src/sig/mayo/pqmayo_mayo_2_opt/arithmetic.h index 268ecba327..4c12831eb1 100644 --- a/src/sig/mayo/pqmayo_mayo_2_opt/arithmetic.h +++ b/src/sig/mayo/pqmayo_mayo_2_opt/arithmetic.h @@ -8,6 +8,10 @@ #include #include +#if defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#define TARGET_BIG_ENDIAN +#endif + #if defined(MAYO_AVX) && (M_MAX == 64) #include #endif diff --git a/src/sig/mayo/pqmayo_mayo_2_opt/echelon_form.h b/src/sig/mayo/pqmayo_mayo_2_opt/echelon_form.h index 40d7d10480..57326ad65d 100644 --- a/src/sig/mayo/pqmayo_mayo_2_opt/echelon_form.h +++ b/src/sig/mayo/pqmayo_mayo_2_opt/echelon_form.h @@ -25,10 +25,18 @@ ef_pack_m_vec(const unsigned char *in, uint64_t *out, int ncols) { int i; unsigned char *out8 = (unsigned char *)out; for(i = 0; i+1 < ncols; i += 2){ +#ifdef TARGET_BIG_ENDIAN + out8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] = (in[i+0] << 0) | (in[i+1] << 4); +#else out8[i/2] = (in[i+0] << 0) | (in[i+1] << 4); +#endif } if (ncols % 2 == 1){ +#ifdef TARGET_BIG_ENDIAN + out8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] = (in[i+0] << 0); +#else out8[i/2] = (in[i+0] << 0); +#endif } } @@ -36,8 +44,13 @@ static inline void ef_unpack_m_vec(int legs, const uint64_t *in, unsigned char *out) { const unsigned char *in8 = (const unsigned char *)in; for(int i = 0; i < legs * 16; i += 2){ +#ifdef TARGET_BIG_ENDIAN + out[i] = (in8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8]) & 0xF; + out[i+1] = (in8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] >> 4); +#else out[i] = (in8[i/2]) & 0xF; out[i+1] = (in8[i/2] >> 4); +#endif } } @@ -116,7 +129,7 @@ static inline void EF(unsigned char *A, int nrows, int ncols) { packed_A + row * row_len); } - pivot_row += (-(int32_t)(~pivot_is_zero)); + pivot_row += (-(int64_t)(~pivot_is_zero)); } unsigned char temp[(O_MAX * K_MAX + 1 + 15)]; diff --git a/src/sig/mayo/pqmayo_mayo_2_opt/mayo.c b/src/sig/mayo/pqmayo_mayo_2_opt/mayo.c index 4c2da41748..eb52d46892 100644 --- a/src/sig/mayo/pqmayo_mayo_2_opt/mayo.c +++ b/src/sig/mayo/pqmayo_mayo_2_opt/mayo.c @@ -40,7 +40,7 @@ static void encode(const unsigned char *m, unsigned char *menc, int mlen) { } } -static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned char *t, unsigned char *y){ +static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, const unsigned char *t, unsigned char *y){ #ifndef ENABLE_PARAMS_DYNAMIC (void) p; #endif @@ -62,10 +62,18 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // reduce mod f(X) for (int jj = 0; jj < F_TAIL_LEN; jj++) { if(jj%2 == 0){ +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#endif } else { +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#endif } } @@ -80,8 +88,14 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // add to y for (int i = 0; i < PARAM_m(p); i+=2) { +#ifdef TARGET_BIG_ENDIAN + y[i] = t[i] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] & 0xF); + y[i+1] = t[i+1] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] >> 4); +#else y[i] = t[i] ^ (temp_bytes[i/2] & 0xF); y[i+1] = t[i+1] ^ (temp_bytes[i/2] >> 4); +#endif + } } @@ -208,6 +222,11 @@ static void compute_A(const mayo_params_t *p, const uint64_t *_VtL, unsigned cha } } +#ifdef TARGET_BIG_ENDIAN + for (int i = 0; i < (((PARAM_o(p)*PARAM_k(p)+15)/16)*16)*MAYO_M_OVER_8; ++i) + A[i] = BSWAP64(A[i]); +#endif + for (int r = 0; r < PARAM_m(p); r+=16) { for (int c = 0; c < PARAM_A_cols(p)-1 ; c+=16) @@ -235,8 +254,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk) { } int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; unsigned char tenc[M_BYTES_MAX], t[M_MAX]; // no secret data unsigned char y[M_MAX]; // secret data @@ -264,6 +283,9 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, const int param_v_bytes = PARAM_v_bytes(p); const int param_r_bytes = PARAM_r_bytes(p); const int param_P1_bytes = PARAM_P1_bytes(p); +#ifdef TARGET_BIG_ENDIAN + const int param_P2_bytes = PARAM_P2_bytes(p); +#endif const int param_sig_bytes = PARAM_sig_bytes(p); const int param_A_cols = PARAM_A_cols(p); const int param_digest_bytes = PARAM_digest_bytes(p); @@ -286,11 +308,11 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, alignas (32) uint64_t Mtmp[K_MAX * O_MAX * M_MAX / 16] = {0}; #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - L[i] = BSWAP32(L[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + L[i] = BSWAP64(L[i]); } #endif @@ -377,13 +399,13 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, } int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; const int param_sig_bytes = PARAM_sig_bytes(p); - unsigned long long siglen = param_sig_bytes; + size_t siglen = param_sig_bytes; ret = mayo_sign_signature(p, sm, &siglen, m, mlen, csk); - if (ret != MAYO_OK || siglen != (unsigned long long) param_sig_bytes) + if (ret != MAYO_OK || siglen != (size_t) param_sig_bytes) goto err; memmove(sm + param_sig_bytes, m, mlen); @@ -393,10 +415,10 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, } int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk) { + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk) { const int param_sig_bytes = PARAM_sig_bytes(p); - if (smlen < (unsigned long long)param_sig_bytes) { + if (smlen < (size_t)param_sig_bytes) { return MAYO_ERR; } int result = mayo_verify(p, sm + param_sig_bytes, smlen - param_sig_bytes, sm, @@ -535,8 +557,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, uint64_t *P2 = P + (param_P1_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -549,8 +571,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, memcpy(sk->o, S + param_pk_seed_bytes, param_O_bytes); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -560,7 +582,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, } int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *cpk) { unsigned char tEnc[M_BYTES_MAX]; unsigned char t[M_MAX]; @@ -594,14 +616,14 @@ int mayo_verify(const mayo_params_t *p, const unsigned char *m, uint64_t *P3 = P2 + (param_P2_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - P2[i] = BSWAP32(P2[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + P2[i] = BSWAP64(P2[i]); } - for (int i = 0; i < param_P3_bytes / 4; ++i) { - P3[i] = BSWAP32(P3[i]); + for (int i = 0; i < param_P3_bytes / 8; ++i) { + P3[i] = BSWAP64(P3[i]); } #endif diff --git a/src/sig/mayo/pqmayo_mayo_2_opt/mayo.h b/src/sig/mayo/pqmayo_mayo_2_opt/mayo.h index cf630e56d2..1a86bb8c76 100644 --- a/src/sig/mayo/pqmayo_mayo_2_opt/mayo.h +++ b/src/sig/mayo/pqmayo_mayo_2_opt/mayo.h @@ -4,6 +4,7 @@ #define MAYO_H #include +#include #define F_TAIL_LEN 5 #define F_TAIL_64 \ @@ -321,8 +322,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk); #define mayo_sign_signature MAYO_NAMESPACE(mayo_sign_signature) int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk); /** * MAYO signature generation. @@ -341,8 +342,8 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, */ #define mayo_sign MAYO_NAMESPACE(mayo_sign) int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *sk); /** * Mayo open signature. @@ -361,8 +362,8 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, */ #define mayo_open MAYO_NAMESPACE(mayo_open) int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk); + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk); /** * Mayo compact keypair generation. @@ -427,7 +428,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, */ #define mayo_verify MAYO_NAMESPACE(mayo_verify) int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *pk); #endif diff --git a/src/sig/mayo/pqmayo_mayo_2_opt/mem.h b/src/sig/mayo/pqmayo_mayo_2_opt/mem.h index 797cd5130c..e699202b2d 100644 --- a/src/sig/mayo/pqmayo_mayo_2_opt/mem.h +++ b/src/sig/mayo/pqmayo_mayo_2_opt/mem.h @@ -7,8 +7,10 @@ #if defined(__GNUC__) || defined(__clang__) #define BSWAP32(i) __builtin_bswap32((i)) +#define BSWAP64(i) __builtin_bswap64((i)) #else #define BSWAP32(i) ((((i) >> 24) & 0xff) | (((i) >> 8) & 0xff00) | (((i) & 0xff00) << 8) | ((i) << 24)) +#define BSWAP64(i) ((BSWAP32((i) >> 32) & 0xffffffff) | (BSWAP32(i) << 32)) #endif // a > b -> b - a is negative diff --git a/src/sig/mayo/pqmayo_mayo_3_avx2/api.c b/src/sig/mayo/pqmayo_mayo_3_avx2/api.c index 4117a9ac33..8b8748ea62 100644 --- a/src/sig/mayo/pqmayo_mayo_3_avx2/api.c +++ b/src/sig/mayo/pqmayo_mayo_3_avx2/api.c @@ -16,29 +16,29 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { #ifndef PQM4 int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk) { return mayo_sign(MAYO_PARAMS, sm, smlen, m, mlen, sk); } int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk) { return mayo_sign_signature(MAYO_PARAMS, sig, siglen, m, mlen, sk); } int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk) { return mayo_open(MAYO_PARAMS, m, mlen, sm, smlen, pk); } int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk) { if (siglen != CRYPTO_BYTES) return -1; @@ -50,7 +50,7 @@ crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned long long smlen_ll; + size_t smlen_ll; int rc = mayo_sign(MAYO_PARAMS, sm, &smlen_ll, m, mlen, sk); *smlen = smlen_ll; return rc; @@ -60,7 +60,7 @@ int crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - unsigned long long mlen_ll; + size_t mlen_ll; int rc = mayo_open(MAYO_PARAMS, m, &mlen_ll, sm, smlen, pk); *mlen = mlen_ll; return rc; diff --git a/src/sig/mayo/pqmayo_mayo_3_avx2/api.h b/src/sig/mayo/pqmayo_mayo_3_avx2/api.h index cd465a411a..f264e54083 100644 --- a/src/sig/mayo/pqmayo_mayo_3_avx2/api.h +++ b/src/sig/mayo/pqmayo_mayo_3_avx2/api.h @@ -19,26 +19,26 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk); #ifndef PQM4 #define crypto_sign MAYO_NAMESPACE(crypto_sign) int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk); #define crypto_sign_signature MAYO_NAMESPACE(crypto_sign_signature) int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk); #define crypto_sign_open MAYO_NAMESPACE(crypto_sign_open) int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk); #define crypto_sign_verify MAYO_NAMESPACE(crypto_sign_verify) int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk); #else #include diff --git a/src/sig/mayo/pqmayo_mayo_3_avx2/arithmetic.h b/src/sig/mayo/pqmayo_mayo_3_avx2/arithmetic.h index 268ecba327..4c12831eb1 100644 --- a/src/sig/mayo/pqmayo_mayo_3_avx2/arithmetic.h +++ b/src/sig/mayo/pqmayo_mayo_3_avx2/arithmetic.h @@ -8,6 +8,10 @@ #include #include +#if defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#define TARGET_BIG_ENDIAN +#endif + #if defined(MAYO_AVX) && (M_MAX == 64) #include #endif diff --git a/src/sig/mayo/pqmayo_mayo_3_avx2/mayo.c b/src/sig/mayo/pqmayo_mayo_3_avx2/mayo.c index 4c2da41748..eb52d46892 100644 --- a/src/sig/mayo/pqmayo_mayo_3_avx2/mayo.c +++ b/src/sig/mayo/pqmayo_mayo_3_avx2/mayo.c @@ -40,7 +40,7 @@ static void encode(const unsigned char *m, unsigned char *menc, int mlen) { } } -static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned char *t, unsigned char *y){ +static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, const unsigned char *t, unsigned char *y){ #ifndef ENABLE_PARAMS_DYNAMIC (void) p; #endif @@ -62,10 +62,18 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // reduce mod f(X) for (int jj = 0; jj < F_TAIL_LEN; jj++) { if(jj%2 == 0){ +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#endif } else { +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#endif } } @@ -80,8 +88,14 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // add to y for (int i = 0; i < PARAM_m(p); i+=2) { +#ifdef TARGET_BIG_ENDIAN + y[i] = t[i] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] & 0xF); + y[i+1] = t[i+1] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] >> 4); +#else y[i] = t[i] ^ (temp_bytes[i/2] & 0xF); y[i+1] = t[i+1] ^ (temp_bytes[i/2] >> 4); +#endif + } } @@ -208,6 +222,11 @@ static void compute_A(const mayo_params_t *p, const uint64_t *_VtL, unsigned cha } } +#ifdef TARGET_BIG_ENDIAN + for (int i = 0; i < (((PARAM_o(p)*PARAM_k(p)+15)/16)*16)*MAYO_M_OVER_8; ++i) + A[i] = BSWAP64(A[i]); +#endif + for (int r = 0; r < PARAM_m(p); r+=16) { for (int c = 0; c < PARAM_A_cols(p)-1 ; c+=16) @@ -235,8 +254,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk) { } int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; unsigned char tenc[M_BYTES_MAX], t[M_MAX]; // no secret data unsigned char y[M_MAX]; // secret data @@ -264,6 +283,9 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, const int param_v_bytes = PARAM_v_bytes(p); const int param_r_bytes = PARAM_r_bytes(p); const int param_P1_bytes = PARAM_P1_bytes(p); +#ifdef TARGET_BIG_ENDIAN + const int param_P2_bytes = PARAM_P2_bytes(p); +#endif const int param_sig_bytes = PARAM_sig_bytes(p); const int param_A_cols = PARAM_A_cols(p); const int param_digest_bytes = PARAM_digest_bytes(p); @@ -286,11 +308,11 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, alignas (32) uint64_t Mtmp[K_MAX * O_MAX * M_MAX / 16] = {0}; #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - L[i] = BSWAP32(L[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + L[i] = BSWAP64(L[i]); } #endif @@ -377,13 +399,13 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, } int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; const int param_sig_bytes = PARAM_sig_bytes(p); - unsigned long long siglen = param_sig_bytes; + size_t siglen = param_sig_bytes; ret = mayo_sign_signature(p, sm, &siglen, m, mlen, csk); - if (ret != MAYO_OK || siglen != (unsigned long long) param_sig_bytes) + if (ret != MAYO_OK || siglen != (size_t) param_sig_bytes) goto err; memmove(sm + param_sig_bytes, m, mlen); @@ -393,10 +415,10 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, } int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk) { + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk) { const int param_sig_bytes = PARAM_sig_bytes(p); - if (smlen < (unsigned long long)param_sig_bytes) { + if (smlen < (size_t)param_sig_bytes) { return MAYO_ERR; } int result = mayo_verify(p, sm + param_sig_bytes, smlen - param_sig_bytes, sm, @@ -535,8 +557,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, uint64_t *P2 = P + (param_P1_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -549,8 +571,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, memcpy(sk->o, S + param_pk_seed_bytes, param_O_bytes); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -560,7 +582,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, } int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *cpk) { unsigned char tEnc[M_BYTES_MAX]; unsigned char t[M_MAX]; @@ -594,14 +616,14 @@ int mayo_verify(const mayo_params_t *p, const unsigned char *m, uint64_t *P3 = P2 + (param_P2_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - P2[i] = BSWAP32(P2[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + P2[i] = BSWAP64(P2[i]); } - for (int i = 0; i < param_P3_bytes / 4; ++i) { - P3[i] = BSWAP32(P3[i]); + for (int i = 0; i < param_P3_bytes / 8; ++i) { + P3[i] = BSWAP64(P3[i]); } #endif diff --git a/src/sig/mayo/pqmayo_mayo_3_avx2/mayo.h b/src/sig/mayo/pqmayo_mayo_3_avx2/mayo.h index cf630e56d2..1a86bb8c76 100644 --- a/src/sig/mayo/pqmayo_mayo_3_avx2/mayo.h +++ b/src/sig/mayo/pqmayo_mayo_3_avx2/mayo.h @@ -4,6 +4,7 @@ #define MAYO_H #include +#include #define F_TAIL_LEN 5 #define F_TAIL_64 \ @@ -321,8 +322,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk); #define mayo_sign_signature MAYO_NAMESPACE(mayo_sign_signature) int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk); /** * MAYO signature generation. @@ -341,8 +342,8 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, */ #define mayo_sign MAYO_NAMESPACE(mayo_sign) int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *sk); /** * Mayo open signature. @@ -361,8 +362,8 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, */ #define mayo_open MAYO_NAMESPACE(mayo_open) int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk); + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk); /** * Mayo compact keypair generation. @@ -427,7 +428,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, */ #define mayo_verify MAYO_NAMESPACE(mayo_verify) int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *pk); #endif diff --git a/src/sig/mayo/pqmayo_mayo_3_avx2/mem.h b/src/sig/mayo/pqmayo_mayo_3_avx2/mem.h index 797cd5130c..e699202b2d 100644 --- a/src/sig/mayo/pqmayo_mayo_3_avx2/mem.h +++ b/src/sig/mayo/pqmayo_mayo_3_avx2/mem.h @@ -7,8 +7,10 @@ #if defined(__GNUC__) || defined(__clang__) #define BSWAP32(i) __builtin_bswap32((i)) +#define BSWAP64(i) __builtin_bswap64((i)) #else #define BSWAP32(i) ((((i) >> 24) & 0xff) | (((i) >> 8) & 0xff00) | (((i) & 0xff00) << 8) | ((i) << 24)) +#define BSWAP64(i) ((BSWAP32((i) >> 32) & 0xffffffff) | (BSWAP32(i) << 32)) #endif // a > b -> b - a is negative diff --git a/src/sig/mayo/pqmayo_mayo_3_opt/api.c b/src/sig/mayo/pqmayo_mayo_3_opt/api.c index 4117a9ac33..8b8748ea62 100644 --- a/src/sig/mayo/pqmayo_mayo_3_opt/api.c +++ b/src/sig/mayo/pqmayo_mayo_3_opt/api.c @@ -16,29 +16,29 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk) { #ifndef PQM4 int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk) { return mayo_sign(MAYO_PARAMS, sm, smlen, m, mlen, sk); } int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk) { return mayo_sign_signature(MAYO_PARAMS, sig, siglen, m, mlen, sk); } int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk) { return mayo_open(MAYO_PARAMS, m, mlen, sm, smlen, pk); } int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk) { if (siglen != CRYPTO_BYTES) return -1; @@ -50,7 +50,7 @@ crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) { - unsigned long long smlen_ll; + size_t smlen_ll; int rc = mayo_sign(MAYO_PARAMS, sm, &smlen_ll, m, mlen, sk); *smlen = smlen_ll; return rc; @@ -60,7 +60,7 @@ int crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) { - unsigned long long mlen_ll; + size_t mlen_ll; int rc = mayo_open(MAYO_PARAMS, m, &mlen_ll, sm, smlen, pk); *mlen = mlen_ll; return rc; diff --git a/src/sig/mayo/pqmayo_mayo_3_opt/api.h b/src/sig/mayo/pqmayo_mayo_3_opt/api.h index cd465a411a..f264e54083 100644 --- a/src/sig/mayo/pqmayo_mayo_3_opt/api.h +++ b/src/sig/mayo/pqmayo_mayo_3_opt/api.h @@ -19,26 +19,26 @@ crypto_sign_keypair(unsigned char *pk, unsigned char *sk); #ifndef PQM4 #define crypto_sign MAYO_NAMESPACE(crypto_sign) int -crypto_sign(unsigned char *sm, unsigned long long *smlen, - const unsigned char *m, unsigned long long mlen, +crypto_sign(unsigned char *sm, size_t *smlen, + const unsigned char *m, size_t mlen, const unsigned char *sk); #define crypto_sign_signature MAYO_NAMESPACE(crypto_sign_signature) int crypto_sign_signature(unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *sk); #define crypto_sign_open MAYO_NAMESPACE(crypto_sign_open) int -crypto_sign_open(unsigned char *m, unsigned long long *mlen, - const unsigned char *sm, unsigned long long smlen, +crypto_sign_open(unsigned char *m, size_t *mlen, + const unsigned char *sm, size_t smlen, const unsigned char *pk); #define crypto_sign_verify MAYO_NAMESPACE(crypto_sign_verify) int -crypto_sign_verify(const unsigned char *sig, unsigned long long siglen, - const unsigned char *m, unsigned long long mlen, +crypto_sign_verify(const unsigned char *sig, size_t siglen, + const unsigned char *m, size_t mlen, const unsigned char *pk); #else #include diff --git a/src/sig/mayo/pqmayo_mayo_3_opt/arithmetic.h b/src/sig/mayo/pqmayo_mayo_3_opt/arithmetic.h index 268ecba327..4c12831eb1 100644 --- a/src/sig/mayo/pqmayo_mayo_3_opt/arithmetic.h +++ b/src/sig/mayo/pqmayo_mayo_3_opt/arithmetic.h @@ -8,6 +8,10 @@ #include #include +#if defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#define TARGET_BIG_ENDIAN +#endif + #if defined(MAYO_AVX) && (M_MAX == 64) #include #endif diff --git a/src/sig/mayo/pqmayo_mayo_3_opt/echelon_form.h b/src/sig/mayo/pqmayo_mayo_3_opt/echelon_form.h index 40d7d10480..57326ad65d 100644 --- a/src/sig/mayo/pqmayo_mayo_3_opt/echelon_form.h +++ b/src/sig/mayo/pqmayo_mayo_3_opt/echelon_form.h @@ -25,10 +25,18 @@ ef_pack_m_vec(const unsigned char *in, uint64_t *out, int ncols) { int i; unsigned char *out8 = (unsigned char *)out; for(i = 0; i+1 < ncols; i += 2){ +#ifdef TARGET_BIG_ENDIAN + out8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] = (in[i+0] << 0) | (in[i+1] << 4); +#else out8[i/2] = (in[i+0] << 0) | (in[i+1] << 4); +#endif } if (ncols % 2 == 1){ +#ifdef TARGET_BIG_ENDIAN + out8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] = (in[i+0] << 0); +#else out8[i/2] = (in[i+0] << 0); +#endif } } @@ -36,8 +44,13 @@ static inline void ef_unpack_m_vec(int legs, const uint64_t *in, unsigned char *out) { const unsigned char *in8 = (const unsigned char *)in; for(int i = 0; i < legs * 16; i += 2){ +#ifdef TARGET_BIG_ENDIAN + out[i] = (in8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8]) & 0xF; + out[i+1] = (in8[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] >> 4); +#else out[i] = (in8[i/2]) & 0xF; out[i+1] = (in8[i/2] >> 4); +#endif } } @@ -116,7 +129,7 @@ static inline void EF(unsigned char *A, int nrows, int ncols) { packed_A + row * row_len); } - pivot_row += (-(int32_t)(~pivot_is_zero)); + pivot_row += (-(int64_t)(~pivot_is_zero)); } unsigned char temp[(O_MAX * K_MAX + 1 + 15)]; diff --git a/src/sig/mayo/pqmayo_mayo_3_opt/mayo.c b/src/sig/mayo/pqmayo_mayo_3_opt/mayo.c index 4c2da41748..eb52d46892 100644 --- a/src/sig/mayo/pqmayo_mayo_3_opt/mayo.c +++ b/src/sig/mayo/pqmayo_mayo_3_opt/mayo.c @@ -40,7 +40,7 @@ static void encode(const unsigned char *m, unsigned char *menc, int mlen) { } } -static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned char *t, unsigned char *y){ +static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, const unsigned char *t, unsigned char *y){ #ifndef ENABLE_PARAMS_DYNAMIC (void) p; #endif @@ -62,10 +62,18 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // reduce mod f(X) for (int jj = 0; jj < F_TAIL_LEN; jj++) { if(jj%2 == 0){ +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]); +#endif } else { +#ifdef TARGET_BIG_ENDIAN + temp_bytes[(((jj/2 + 8) / 8) * 8) - 1 - (jj/2)%8] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#else temp_bytes[jj/2] ^= mul_f(top, PARAM_f_tail(p)[jj]) << 4; +#endif } } @@ -80,8 +88,14 @@ static void compute_rhs(const mayo_params_t *p, const uint64_t *_vPv, unsigned c // add to y for (int i = 0; i < PARAM_m(p); i+=2) { +#ifdef TARGET_BIG_ENDIAN + y[i] = t[i] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] & 0xF); + y[i+1] = t[i+1] ^ (temp_bytes[(((i/2 + 8) / 8) * 8) - 1 - (i/2)%8] >> 4); +#else y[i] = t[i] ^ (temp_bytes[i/2] & 0xF); y[i+1] = t[i+1] ^ (temp_bytes[i/2] >> 4); +#endif + } } @@ -208,6 +222,11 @@ static void compute_A(const mayo_params_t *p, const uint64_t *_VtL, unsigned cha } } +#ifdef TARGET_BIG_ENDIAN + for (int i = 0; i < (((PARAM_o(p)*PARAM_k(p)+15)/16)*16)*MAYO_M_OVER_8; ++i) + A[i] = BSWAP64(A[i]); +#endif + for (int r = 0; r < PARAM_m(p); r+=16) { for (int c = 0; c < PARAM_A_cols(p)-1 ; c+=16) @@ -235,8 +254,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk) { } int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; unsigned char tenc[M_BYTES_MAX], t[M_MAX]; // no secret data unsigned char y[M_MAX]; // secret data @@ -264,6 +283,9 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, const int param_v_bytes = PARAM_v_bytes(p); const int param_r_bytes = PARAM_r_bytes(p); const int param_P1_bytes = PARAM_P1_bytes(p); +#ifdef TARGET_BIG_ENDIAN + const int param_P2_bytes = PARAM_P2_bytes(p); +#endif const int param_sig_bytes = PARAM_sig_bytes(p); const int param_A_cols = PARAM_A_cols(p); const int param_digest_bytes = PARAM_digest_bytes(p); @@ -286,11 +308,11 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, alignas (32) uint64_t Mtmp[K_MAX * O_MAX * M_MAX / 16] = {0}; #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - L[i] = BSWAP32(L[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + L[i] = BSWAP64(L[i]); } #endif @@ -377,13 +399,13 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, } int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk) { + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *csk) { int ret = MAYO_OK; const int param_sig_bytes = PARAM_sig_bytes(p); - unsigned long long siglen = param_sig_bytes; + size_t siglen = param_sig_bytes; ret = mayo_sign_signature(p, sm, &siglen, m, mlen, csk); - if (ret != MAYO_OK || siglen != (unsigned long long) param_sig_bytes) + if (ret != MAYO_OK || siglen != (size_t) param_sig_bytes) goto err; memmove(sm + param_sig_bytes, m, mlen); @@ -393,10 +415,10 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, } int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk) { + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk) { const int param_sig_bytes = PARAM_sig_bytes(p); - if (smlen < (unsigned long long)param_sig_bytes) { + if (smlen < (size_t)param_sig_bytes) { return MAYO_ERR; } int result = mayo_verify(p, sm + param_sig_bytes, smlen - param_sig_bytes, sm, @@ -535,8 +557,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, uint64_t *P2 = P + (param_P1_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -549,8 +571,8 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, memcpy(sk->o, S + param_pk_seed_bytes, param_O_bytes); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 4; ++i) { - P[i] = BSWAP32(P[i]); + for (int i = 0; i < (param_P1_bytes + param_P2_bytes) / 8; ++i) { + P[i] = BSWAP64(P[i]); } #endif @@ -560,7 +582,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, } int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *cpk) { unsigned char tEnc[M_BYTES_MAX]; unsigned char t[M_MAX]; @@ -594,14 +616,14 @@ int mayo_verify(const mayo_params_t *p, const unsigned char *m, uint64_t *P3 = P2 + (param_P2_bytes / 8); #ifdef TARGET_BIG_ENDIAN - for (int i = 0; i < param_P1_bytes / 4; ++i) { - P1[i] = BSWAP32(P1[i]); + for (int i = 0; i < param_P1_bytes / 8; ++i) { + P1[i] = BSWAP64(P1[i]); } - for (int i = 0; i < param_P2_bytes / 4; ++i) { - P2[i] = BSWAP32(P2[i]); + for (int i = 0; i < param_P2_bytes / 8; ++i) { + P2[i] = BSWAP64(P2[i]); } - for (int i = 0; i < param_P3_bytes / 4; ++i) { - P3[i] = BSWAP32(P3[i]); + for (int i = 0; i < param_P3_bytes / 8; ++i) { + P3[i] = BSWAP64(P3[i]); } #endif diff --git a/src/sig/mayo/pqmayo_mayo_3_opt/mayo.h b/src/sig/mayo/pqmayo_mayo_3_opt/mayo.h index cf630e56d2..1a86bb8c76 100644 --- a/src/sig/mayo/pqmayo_mayo_3_opt/mayo.h +++ b/src/sig/mayo/pqmayo_mayo_3_opt/mayo.h @@ -4,6 +4,7 @@ #define MAYO_H #include +#include #define F_TAIL_LEN 5 #define F_TAIL_64 \ @@ -321,8 +322,8 @@ int mayo_keypair(const mayo_params_t *p, unsigned char *pk, unsigned char *sk); #define mayo_sign_signature MAYO_NAMESPACE(mayo_sign_signature) int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, - unsigned long long *siglen, const unsigned char *m, - unsigned long long mlen, const unsigned char *csk); + size_t *siglen, const unsigned char *m, + size_t mlen, const unsigned char *csk); /** * MAYO signature generation. @@ -341,8 +342,8 @@ int mayo_sign_signature(const mayo_params_t *p, unsigned char *sig, */ #define mayo_sign MAYO_NAMESPACE(mayo_sign) int mayo_sign(const mayo_params_t *p, unsigned char *sm, - unsigned long long *smlen, const unsigned char *m, - unsigned long long mlen, const unsigned char *sk); + size_t *smlen, const unsigned char *m, + size_t mlen, const unsigned char *sk); /** * Mayo open signature. @@ -361,8 +362,8 @@ int mayo_sign(const mayo_params_t *p, unsigned char *sm, */ #define mayo_open MAYO_NAMESPACE(mayo_open) int mayo_open(const mayo_params_t *p, unsigned char *m, - unsigned long long *mlen, const unsigned char *sm, - unsigned long long smlen, const unsigned char *pk); + size_t *mlen, const unsigned char *sm, + size_t smlen, const unsigned char *pk); /** * Mayo compact keypair generation. @@ -427,7 +428,7 @@ int mayo_expand_sk(const mayo_params_t *p, const unsigned char *csk, */ #define mayo_verify MAYO_NAMESPACE(mayo_verify) int mayo_verify(const mayo_params_t *p, const unsigned char *m, - unsigned long long mlen, const unsigned char *sig, + size_t mlen, const unsigned char *sig, const unsigned char *pk); #endif diff --git a/src/sig/mayo/pqmayo_mayo_3_opt/mem.h b/src/sig/mayo/pqmayo_mayo_3_opt/mem.h index 797cd5130c..e699202b2d 100644 --- a/src/sig/mayo/pqmayo_mayo_3_opt/mem.h +++ b/src/sig/mayo/pqmayo_mayo_3_opt/mem.h @@ -7,8 +7,10 @@ #if defined(__GNUC__) || defined(__clang__) #define BSWAP32(i) __builtin_bswap32((i)) +#define BSWAP64(i) __builtin_bswap64((i)) #else #define BSWAP32(i) ((((i) >> 24) & 0xff) | (((i) >> 8) & 0xff00) | (((i) & 0xff00) << 8) | ((i) << 24)) +#define BSWAP64(i) ((BSWAP32((i) >> 32) & 0xffffffff) | (BSWAP32(i) << 32)) #endif // a > b -> b - a is negative