From 9e15107838b8b4948673df7ee42cfb9311d688af Mon Sep 17 00:00:00 2001 From: Songling Han Date: Sat, 21 Sep 2024 08:46:12 +0000 Subject: [PATCH] include openssl/crypto.h and resolve conflict varible for ntru Signed-off-by: Songling Han --- src/common/common.h | 24 +------------ .../crypto_core_invsntrup761.c | 26 +++++++------- .../crypto_core_weightsntrup761.c | 4 +-- .../crypto_core_wforcesntrup761.c | 2 +- .../ntruprime/pqclean_sntrup761_avx2/kem.c | 34 +++++++++--------- .../ntruprime/pqclean_sntrup761_avx2/params.h | 2 +- .../crypto_core_inv3sntrup761.c | 36 +++++++++---------- .../crypto_core_invsntrup761.c | 36 +++++++++---------- .../crypto_core_mult3sntrup761.c | 24 ++++++------- .../crypto_core_multsntrup761.c | 22 ++++++------ .../crypto_core_weightsntrup761.c | 2 +- .../crypto_core_wforcesntrup761.c | 4 +-- .../ntruprime/pqclean_sntrup761_clean/kem.c | 34 +++++++++--------- .../pqclean_sntrup761_clean/params.h | 2 +- 14 files changed, 115 insertions(+), 137 deletions(-) diff --git a/src/common/common.h b/src/common/common.h index 58f9575f2a..36c8752599 100644 --- a/src/common/common.h +++ b/src/common/common.h @@ -28,30 +28,8 @@ extern "C" { * standard C library functions otherwise. */ #if defined(OQS_USE_OPENSSL) -#ifndef OPENSSL_malloc -# define OPENSSL_malloc(num) \ - CRYPTO_malloc(num, __FILE__, __LINE__) -#endif - -#ifndef OPENSSL_zalloc -# define OPENSSL_zalloc(num) \ - CRYPTO_zalloc(num, __FILE__, __LINE__) -#endif - -#ifndef OPENSSL_free -# define OPENSSL_free(addr) \ - CRYPTO_free(addr, __FILE__, __LINE__) -#endif - -#ifndef OPENSSL_strdup -# define OPENSSL_strdup(str) \ - CRYPTO_strdup(str, __FILE__, __LINE__) -#endif +#include -extern void *CRYPTO_malloc(size_t num, const char *file, int line); -extern void *CRYPTO_zalloc(size_t num, const char *file, int line); -extern void CRYPTO_free(void *str, const char *file, int line); -extern char *CRYPTO_strdup(const char *str, const char *file, int line); /** * Allocates memory of a given size. * @param size The size of the memory to be allocated in bytes. diff --git a/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_invsntrup761.c b/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_invsntrup761.c index e27bedfb7a..712fb77564 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_invsntrup761.c +++ b/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_invsntrup761.c @@ -129,7 +129,7 @@ static inline void vectormodq_xswapeliminate(Fq *f, Fq *g, int len, const Fq f0, int PQCLEAN_SNTRUP761_AVX2_crypto_core_invsntrup761(unsigned char *outbytes, const unsigned char *inbytes) { small *in = (void *) inbytes; int loop; - Fq out[p], f[ppad], g[ppad], v[ppad], r[ppad]; + Fq out[p_param], f[ppad], g[ppad], v[ppad], r[ppad]; Fq f0, g0; Fq scale; int i; @@ -142,14 +142,14 @@ int PQCLEAN_SNTRUP761_AVX2_crypto_core_invsntrup761(unsigned char *outbytes, con f[i] = 0; } f[0] = 1; - f[p - 1] = -1; - f[p] = -1; + f[p_param - 1] = -1; + f[p_param] = -1; /* generalization: initialize f to reversal of any deg-p polynomial m */ - for (i = 0; i < p; ++i) { - g[i] = in[p - 1 - i]; + for (i = 0; i < p_param; ++i) { + g[i] = in[p_param - 1 - i]; } - for (i = p; i < ppad; ++i) { + for (i = p_param; i < ppad; ++i) { g[i] = 0; } @@ -162,7 +162,7 @@ int PQCLEAN_SNTRUP761_AVX2_crypto_core_invsntrup761(unsigned char *outbytes, con v[i] = 0; } - for (loop = 0; loop < p; ++loop) { + for (loop = 0; loop < p_param; ++loop) { g0 = Fq_freeze(g[0]); f0 = f[0]; if (q > 5167) { @@ -180,11 +180,11 @@ int PQCLEAN_SNTRUP761_AVX2_crypto_core_invsntrup761(unsigned char *outbytes, con f[0] = f0; - vectormodq_swapeliminate(f + 1, g + 1, p, f0, g0, swap); + vectormodq_swapeliminate(f + 1, g + 1, p_param, f0, g0, swap); vectormodq_xswapeliminate(v, r, loop + 1, f0, g0, swap); } - for (loop = p - 1; loop > 0; --loop) { + for (loop = p_param - 1; loop > 0; --loop) { g0 = Fq_freeze(g[0]); f0 = f[0]; if (q > 5167) { @@ -203,15 +203,15 @@ int PQCLEAN_SNTRUP761_AVX2_crypto_core_invsntrup761(unsigned char *outbytes, con f[0] = f0; vectormodq_swapeliminate(f + 1, g + 1, loop, f0, g0, swap); - vectormodq_xswapeliminate(v, r, p, f0, g0, swap); + vectormodq_xswapeliminate(v, r, p_param, f0, g0, swap); } scale = Fq_recip(Fq_freeze(f[0])); - for (i = 0; i < p; ++i) { - out[i] = Fq_bigfreeze(scale * (int32)Fq_freeze(v[p - i])); + for (i = 0; i < p_param; ++i) { + out[i] = Fq_bigfreeze(scale * (int32)Fq_freeze(v[p_param - i])); } crypto_encode_pxint16(outbytes, out); - outbytes[2 * p] = (unsigned char) int16_nonzero_mask((int16) delta); + outbytes[2 * p_param] = (unsigned char) int16_nonzero_mask((int16) delta); return 0; } diff --git a/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_weightsntrup761.c b/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_weightsntrup761.c index 5d1b85e37a..1d44f4cceb 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_weightsntrup761.c +++ b/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_weightsntrup761.c @@ -14,10 +14,10 @@ int PQCLEAN_SNTRUP761_AVX2_crypto_core_weightsntrup761(unsigned char *outbytes, __m256i sum, sumhi; int16 weight; - sum = _mm256_loadu_si256((__m256i *) (in + p - 32)); + sum = _mm256_loadu_si256((__m256i *) (in + p_param - 32)); sum &= endingmask; - for (i = p - 32; i >= 0; i -= 32) { + for (i = p_param - 32; i >= 0; i -= 32) { __m256i bits = _mm256_loadu_si256((__m256i *) in); bits &= _mm256_set1_epi8(1); sum = _mm256_add_epi8(sum, bits); diff --git a/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_wforcesntrup761.c b/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_wforcesntrup761.c index 0dedf0af99..a43eb9f821 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_wforcesntrup761.c +++ b/src/kem/ntruprime/pqclean_sntrup761_avx2/crypto_core_wforcesntrup761.c @@ -40,7 +40,7 @@ int PQCLEAN_SNTRUP761_AVX2_crypto_core_wforcesntrup761(unsigned char *out, const out += i; } - i = p - w - 32; + i = p_param - w - 32; for (;;) { do { __m256i x = _mm256_loadu_si256((__m256i *) in); diff --git a/src/kem/ntruprime/pqclean_sntrup761_avx2/kem.c b/src/kem/ntruprime/pqclean_sntrup761_avx2/kem.c index d0d3ffae97..a7ff6e25bd 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_avx2/kem.c +++ b/src/kem/ntruprime/pqclean_sntrup761_avx2/kem.c @@ -78,37 +78,37 @@ static void Short_random(small *out) { uint32 L[ppadsort]; int i; - randombytes((unsigned char *) L, 4 * p); + randombytes((unsigned char *) L, 4 * p_param); crypto_decode_pxint32(L, (unsigned char *) L); for (i = 0; i < w; ++i) { L[i] = L[i] & (uint32) - 2; } - for (i = w; i < p; ++i) { + for (i = w; i < p_param; ++i) { L[i] = (L[i] & (uint32) - 3) | 1; } - for (i = p; i < ppadsort; ++i) { + for (i = p_param; i < ppadsort; ++i) { L[i] = 0xffffffff; } PQCLEAN_SNTRUP761_AVX2_crypto_sort_uint32(L, ppadsort); - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { out[i] = (small) ((L[i] & 3) - 1); } } static void Small_random(small *out) { - uint32 L[p]; + uint32 L[p_param]; int i; randombytes((unsigned char *) L, sizeof L); crypto_decode_pxint32(L, (unsigned char *) L); - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1); } } /* ----- Streamlined NTRU Prime */ -typedef small Inputs[p]; /* passed by reference */ +typedef small Inputs[p_param]; /* passed by reference */ #define Ciphertexts_bytes Rounded_bytes #define SecretKeys_bytes (2*Small_bytes) #define PublicKeys_bytes Rq_bytes @@ -119,7 +119,7 @@ typedef small Inputs[p]; /* passed by reference */ /* also set x[0]=2, and x[1:1+Hash_bytes] = Hash3(r_enc) */ /* also overwrite x[1+Hash_bytes:1+2*Hash_bytes] */ static void Hide(unsigned char *x, unsigned char *c, unsigned char *r_enc, const Inputs r, const unsigned char *pk, const unsigned char *cache) { - Fq h[p]; + Fq h[p_param]; int i; Small_encode(r_enc + 1, r); @@ -137,14 +137,14 @@ static void Hide(unsigned char *x, unsigned char *c, unsigned char *r_enc, const int PQCLEAN_SNTRUP761_AVX2_crypto_kem_keypair(uint8_t *pk, uint8_t *sk) { - small g[p]; + small g[p_param]; for (;;) { Small_random(g); { - small v[p + 1]; + small v[p_param + 1]; small vp; crypto_core_inv3((unsigned char *) v, (const unsigned char *) g); - vp = v[p]; + vp = v[p_param]; crypto_declassify(&vp, sizeof vp); if (vp == 0) { Small_encode(sk + Small_bytes, v); @@ -153,11 +153,11 @@ int PQCLEAN_SNTRUP761_AVX2_crypto_kem_keypair(uint8_t *pk, uint8_t *sk) { } } { - small f[p]; + small f[p_param]; Short_random(f); Small_encode(sk, f); { - Fq h[p + 1]; + Fq h[p_param + 1]; Rq_recip3(h, f); /* always works */ Rq_mult_small(h, g); Rq_encode(pk, h); @@ -212,17 +212,17 @@ int PQCLEAN_SNTRUP761_AVX2_crypto_kem_dec(uint8_t *k, const uint8_t *c, const ui int mask, i; Inputs r; { - Fq d[p]; + Fq d[p_param]; Rounded_decode(d, c); { - small f[p]; + small f[p_param]; Small_decode(f, sk); Rq_mult_small(d, f); Rq_mult3(d, d); } { - small e[p]; - small v[p]; + small e[p_param]; + small v[p_param]; R3_fromRq(e, d); Small_decode(v, sk + Small_bytes); R3_mult(r, e, v); diff --git a/src/kem/ntruprime/pqclean_sntrup761_avx2/params.h b/src/kem/ntruprime/pqclean_sntrup761_avx2/params.h index 0224bbef70..f924b8e422 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_avx2/params.h +++ b/src/kem/ntruprime/pqclean_sntrup761_avx2/params.h @@ -32,7 +32,7 @@ #define ppad 769 #define endingmask _mm256_set_epi8(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,0) #define crypto_core_weight PQCLEAN_SNTRUP761_AVX2_crypto_core_weightsntrup761 -#define p 761 +#define p_param 761 #define q 4591 #define w 286 diff --git a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_inv3sntrup761.c b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_inv3sntrup761.c index 87f3750a4c..208332315a 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_inv3sntrup761.c +++ b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_inv3sntrup761.c @@ -43,32 +43,32 @@ static small F3_freeze(int16 x) { int PQCLEAN_SNTRUP761_CLEAN_crypto_core_inv3sntrup761(unsigned char *outbytes, const unsigned char *inbytes) { small *out = (void *) outbytes; small *in = (void *) inbytes; - small f[p + 1], g[p + 1], v[p + 1], r[p + 1]; + small f[p_param + 1], g[p_param + 1], v[p_param + 1], r[p_param + 1]; int i, loop, delta; int sign, swap, t; - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { v[i] = 0; } - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { r[i] = 0; } r[0] = 1; - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { f[i] = 0; } f[0] = 1; - f[p - 1] = f[p] = -1; - for (i = 0; i < p; ++i) { + f[p_param - 1] = f[p_param] = -1; + for (i = 0; i < p_param; ++i) { small i1 = in[i] & 1; - g[p - 1 - i] = (small) (i1 - (in[i] & (i1 << 1))); + g[p_param - 1 - i] = (small) (i1 - (in[i] & (i1 << 1))); } - g[p] = 0; + g[p_param] = 0; delta = 1; - for (loop = 0; loop < 2 * p - 1; ++loop) { - for (i = p; i > 0; --i) { + for (loop = 0; loop < 2 * p_param - 1; ++loop) { + for (i = p_param; i > 0; --i) { v[i] = v[i - 1]; } v[0] = 0; @@ -78,7 +78,7 @@ int PQCLEAN_SNTRUP761_CLEAN_crypto_core_inv3sntrup761(unsigned char *outbytes, c delta ^= swap & (delta ^ -delta); delta += 1; - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { t = swap & (f[i] ^ g[i]); f[i] ^= (small) t; g[i] ^= (small) t; @@ -87,24 +87,24 @@ int PQCLEAN_SNTRUP761_CLEAN_crypto_core_inv3sntrup761(unsigned char *outbytes, c r[i] ^= (small) t; } - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { g[i] = F3_freeze((int16) (g[i] + sign * f[i])); } - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { r[i] = F3_freeze((int16) (r[i] + sign * v[i])); } - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { g[i] = g[i + 1]; } - g[p] = (int16) 0; + g[p_param] = (int16) 0; } sign = (int) f[0]; - for (i = 0; i < p; ++i) { - out[i] = (small) (sign * v[p - 1 - i]); + for (i = 0; i < p_param; ++i) { + out[i] = (small) (sign * v[p_param - 1 - i]); } - out[p] = (small) int16_nonzero_mask((int16) delta); + out[p_param] = (small) int16_nonzero_mask((int16) delta); return 0; } diff --git a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_invsntrup761.c b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_invsntrup761.c index f9c8a09572..e86ab7ddac 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_invsntrup761.c +++ b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_invsntrup761.c @@ -62,33 +62,33 @@ static Fq Fq_recip(Fq a1) { /* outbytes[2*p] is 0 if recip succeeded; else -1 */ int PQCLEAN_SNTRUP761_CLEAN_crypto_core_invsntrup761(unsigned char *outbytes, const unsigned char *inbytes) { small *in = (void *) inbytes; - Fq out[p], f[p + 1], g[p + 1], v[p + 1], r[p + 1]; + Fq out[p_param], f[p_param + 1], g[p_param + 1], v[p_param + 1], r[p_param + 1]; int i, loop, delta; int swap, t; int32 f0, g0; Fq scale; - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { v[i] = 0; } - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { r[i] = 0; } r[0] = Fq_recip(3); - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { f[i] = 0; } f[0] = 1; - f[p - 1] = f[p] = -1; - for (i = 0; i < p; ++i) { - g[p - 1 - i] = (Fq) in[i]; + f[p_param - 1] = f[p_param] = -1; + for (i = 0; i < p_param; ++i) { + g[p_param - 1 - i] = (Fq) in[i]; } - g[p] = 0; + g[p_param] = 0; delta = 1; - for (loop = 0; loop < 2 * p - 1; ++loop) { - for (i = p; i > 0; --i) { + for (loop = 0; loop < 2 * p_param - 1; ++loop) { + for (i = p_param; i > 0; --i) { v[i] = v[i - 1]; } v[0] = 0; @@ -97,7 +97,7 @@ int PQCLEAN_SNTRUP761_CLEAN_crypto_core_invsntrup761(unsigned char *outbytes, co delta ^= swap & (delta ^ -delta); delta += 1; - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { t = swap & (f[i] ^ g[i]); f[i] ^= (Fq) t; g[i] ^= (Fq) t; @@ -108,25 +108,25 @@ int PQCLEAN_SNTRUP761_CLEAN_crypto_core_invsntrup761(unsigned char *outbytes, co f0 = f[0]; g0 = g[0]; - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { g[i] = Fq_bigfreeze(f0 * g[i] - g0 * f[i]); } - for (i = 0; i < p + 1; ++i) { + for (i = 0; i < p_param + 1; ++i) { r[i] = Fq_bigfreeze(f0 * r[i] - g0 * v[i]); } - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { g[i] = g[i + 1]; } - g[p] = 0; + g[p_param] = 0; } scale = Fq_recip(f[0]); - for (i = 0; i < p; ++i) { - out[i] = Fq_bigfreeze(scale * (int32)v[p - 1 - i]); + for (i = 0; i < p_param; ++i) { + out[i] = Fq_bigfreeze(scale * (int32)v[p_param - 1 - i]); } crypto_encode_pxint16(outbytes, out); - outbytes[2 * p] = (unsigned char) int16_nonzero_mask((int16) delta); + outbytes[2 * p_param] = (unsigned char) int16_nonzero_mask((int16) delta); return 0; } diff --git a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_mult3sntrup761.c b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_mult3sntrup761.c index b25892b41e..5ca7620d95 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_mult3sntrup761.c +++ b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_mult3sntrup761.c @@ -13,44 +13,44 @@ static small F3_freeze(int16 x) { int PQCLEAN_SNTRUP761_CLEAN_crypto_core_mult3sntrup761(unsigned char *outbytes, const unsigned char *inbytes, const unsigned char *kbytes) { small *h = (void *) outbytes; - small f[p]; - small g[p]; - small fg[p + p - 1]; + small f[p_param]; + small g[p_param]; + small fg[p_param + p_param - 1]; int16 result; int i, j; - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { small fi = (small) inbytes[i]; small fi0 = fi & 1; f[i] = (small) (fi0 - (fi & (fi0 << 1))); } - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { small gi = (small) kbytes[i]; small gi0 = gi & 1; g[i] = (small) (gi0 - (gi & (gi0 << 1))); } - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { result = 0; for (j = 0; j <= i; ++j) { result += (small) (f[j] * g[i - j]); } fg[i] = F3_freeze(result); } - for (i = p; i < p + p - 1; ++i) { + for (i = p_param; i < p_param + p_param - 1; ++i) { result = 0; - for (j = i - p + 1; j < p; ++j) { + for (j = i - p_param + 1; j < p_param; ++j) { result += (small) (f[j] * g[i - j]); } fg[i] = F3_freeze(result); } - for (i = p + p - 2; i >= p; --i) { - fg[i - p] = F3_freeze(fg[i - p] + fg[i]); - fg[i - p + 1] = F3_freeze(fg[i - p + 1] + fg[i]); + for (i = p_param + p_param - 2; i >= p_param; --i) { + fg[i - p_param] = F3_freeze(fg[i - p_param] + fg[i]); + fg[i - p_param + 1] = F3_freeze(fg[i - p_param + 1] + fg[i]); } - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { h[i] = fg[i]; } return 0; diff --git a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_multsntrup761.c b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_multsntrup761.c index 54d3503a00..19ab1ddd3f 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_multsntrup761.c +++ b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_multsntrup761.c @@ -18,41 +18,41 @@ static Fq Fq_freeze(int32 x) { } int PQCLEAN_SNTRUP761_CLEAN_crypto_core_multsntrup761(unsigned char *outbytes, const unsigned char *inbytes, const unsigned char *kbytes) { - Fq f[p]; - small g[p]; - Fq fg[p + p - 1]; + Fq f[p_param]; + small g[p_param]; + Fq fg[p_param + p_param - 1]; int32 result; int i, j; crypto_decode_pxint16(f, inbytes); - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { f[i] = Fq_freeze(f[i]); } - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { small gi = (small) kbytes[i]; small gi0 = gi & 1; g[i] = (small) (gi0 - (gi & (gi0 << 1))); } - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { result = 0; for (j = 0; j <= i; ++j) { result += f[j] * (int32)g[i - j]; } fg[i] = Fq_freeze(result); } - for (i = p; i < p + p - 1; ++i) { + for (i = p_param; i < p_param + p_param - 1; ++i) { result = 0; - for (j = i - p + 1; j < p; ++j) { + for (j = i - p_param + 1; j < p_param; ++j) { result += f[j] * (int32)g[i - j]; } fg[i] = Fq_freeze(result); } - for (i = p + p - 2; i >= p; --i) { - fg[i - p] = Fq_freeze(fg[i - p] + fg[i]); - fg[i - p + 1] = Fq_freeze(fg[i - p + 1] + fg[i]); + for (i = p_param + p_param - 2; i >= p_param; --i) { + fg[i - p_param] = Fq_freeze(fg[i - p_param] + fg[i]); + fg[i - p_param + 1] = Fq_freeze(fg[i - p_param + 1] + fg[i]); } crypto_encode_pxint16(outbytes, fg); diff --git a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_weightsntrup761.c b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_weightsntrup761.c index 3809abf054..a2e43b1194 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_weightsntrup761.c +++ b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_weightsntrup761.c @@ -13,7 +13,7 @@ int PQCLEAN_SNTRUP761_CLEAN_crypto_core_weightsntrup761(unsigned char *outbytes, int16 weight = 0; int i; - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { weight += in[i] & 1; } PQCLEAN_SNTRUP761_CLEAN_crypto_encode_int16(outbytes, &weight); diff --git a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_wforcesntrup761.c b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_wforcesntrup761.c index 01dc9ddd62..68db2dd71f 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_wforcesntrup761.c +++ b/src/kem/ntruprime/pqclean_sntrup761_clean/crypto_core_wforcesntrup761.c @@ -24,7 +24,7 @@ static int Weightw_mask(const small *r) { int weight = 0; int i; - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { weight += r[i] & 1; } return int16_nonzero_mask((int16) (weight - w)); @@ -41,7 +41,7 @@ int PQCLEAN_SNTRUP761_CLEAN_crypto_core_wforcesntrup761(unsigned char *outbytes, for (i = 0; i < w; ++i) { out[i] = (small) (((in[i] ^ 1) & ~mask) ^ 1); } - for (i = w; i < p; ++i) { + for (i = w; i < p_param; ++i) { out[i] = (small) (in[i] & ~mask); } return 0; diff --git a/src/kem/ntruprime/pqclean_sntrup761_clean/kem.c b/src/kem/ntruprime/pqclean_sntrup761_clean/kem.c index 4c1995c7b3..371597427e 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_clean/kem.c +++ b/src/kem/ntruprime/pqclean_sntrup761_clean/kem.c @@ -78,37 +78,37 @@ static void Short_random(small *out) { uint32 L[ppadsort]; int i; - randombytes((unsigned char *) L, 4 * p); + randombytes((unsigned char *) L, 4 * p_param); crypto_decode_pxint32(L, (unsigned char *) L); for (i = 0; i < w; ++i) { L[i] = L[i] & (uint32) - 2; } - for (i = w; i < p; ++i) { + for (i = w; i < p_param; ++i) { L[i] = (L[i] & (uint32) - 3) | 1; } - for (i = p; i < ppadsort; ++i) { + for (i = p_param; i < ppadsort; ++i) { L[i] = 0xffffffff; } PQCLEAN_SNTRUP761_CLEAN_crypto_sort_uint32(L, ppadsort); - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { out[i] = (small) ((L[i] & 3) - 1); } } static void Small_random(small *out) { - uint32 L[p]; + uint32 L[p_param]; int i; randombytes((unsigned char *) L, sizeof L); crypto_decode_pxint32(L, (unsigned char *) L); - for (i = 0; i < p; ++i) { + for (i = 0; i < p_param; ++i) { out[i] = (small) ((((L[i] & 0x3fffffff) * 3) >> 30) - 1); } } /* ----- Streamlined NTRU Prime */ -typedef small Inputs[p]; /* passed by reference */ +typedef small Inputs[p_param]; /* passed by reference */ #define Ciphertexts_bytes Rounded_bytes #define SecretKeys_bytes (2*Small_bytes) #define PublicKeys_bytes Rq_bytes @@ -119,7 +119,7 @@ typedef small Inputs[p]; /* passed by reference */ /* also set x[0]=2, and x[1:1+Hash_bytes] = Hash3(r_enc) */ /* also overwrite x[1+Hash_bytes:1+2*Hash_bytes] */ static void Hide(unsigned char *x, unsigned char *c, unsigned char *r_enc, const Inputs r, const unsigned char *pk, const unsigned char *cache) { - Fq h[p]; + Fq h[p_param]; int i; Small_encode(r_enc + 1, r); @@ -137,14 +137,14 @@ static void Hide(unsigned char *x, unsigned char *c, unsigned char *r_enc, const int PQCLEAN_SNTRUP761_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk) { - small g[p]; + small g[p_param]; for (;;) { Small_random(g); { - small v[p + 1]; + small v[p_param + 1]; small vp; crypto_core_inv3((unsigned char *) v, (const unsigned char *) g); - vp = v[p]; + vp = v[p_param]; crypto_declassify(&vp, sizeof vp); if (vp == 0) { Small_encode(sk + Small_bytes, v); @@ -153,11 +153,11 @@ int PQCLEAN_SNTRUP761_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk) { } } { - small f[p]; + small f[p_param]; Short_random(f); Small_encode(sk, f); { - Fq h[p + 1]; + Fq h[p_param + 1]; Rq_recip3(h, f); /* always works */ Rq_mult_small(h, g); Rq_encode(pk, h); @@ -212,17 +212,17 @@ int PQCLEAN_SNTRUP761_CLEAN_crypto_kem_dec(uint8_t *k, const uint8_t *c, const u int mask, i; Inputs r; { - Fq d[p]; + Fq d[p_param]; Rounded_decode(d, c); { - small f[p]; + small f[p_param]; Small_decode(f, sk); Rq_mult_small(d, f); Rq_mult3(d, d); } { - small e[p]; - small v[p]; + small e[p_param]; + small v[p_param]; R3_fromRq(e, d); Small_decode(v, sk + Small_bytes); R3_mult(r, e, v); diff --git a/src/kem/ntruprime/pqclean_sntrup761_clean/params.h b/src/kem/ntruprime/pqclean_sntrup761_clean/params.h index 4b8adb499c..f8125e52e8 100644 --- a/src/kem/ntruprime/pqclean_sntrup761_clean/params.h +++ b/src/kem/ntruprime/pqclean_sntrup761_clean/params.h @@ -28,7 +28,7 @@ #define q27 29235 /* closest integer to 2^27/q */ #define q18 57 /* closest integer to 2^18/q */ #define q14 4 /* closest integer to 2^14/q */ -#define p 761 +#define p_param 761 #define q 4591 #define w 286