Integrates frodokem Dec 2020 update (#869)

* Integrated frodokem Dec 2020 fix.

* Updated frodokem commit URL in doc

docs/algorithms/kem/frodokem.md

@@ -11,7 +11,7 @@ Implementation
 --------------
 
 - **Source of implementation**: https://github.com/Microsoft/PQCrypto-LWEKE
-- **Implementation version**: https://github.com/microsoft/PQCrypto-LWEKE/commit/6a82d4d2b6bc32eeac3ad4f9c178c48072b506b3
+- **Implementation version**: https://github.com/microsoft/PQCrypto-LWEKE/commit/669522db63850fa64d1a24a47e138e80a59349db
 - **License**: MIT License
 - **Constant-time**: Yes
 - **Optimizations**: Portable C with optional use of AVX2 and AESNI instructions (selected at compile-time, enabled by default if available)

src/kem/frodokem/external/util.c

@@ -116,7 +116,7 @@ int8_t ct_verify(const uint16_t *a, const uint16_t *b, size_t len)
         r |= a[i] ^ b[i];
     }
 
-    r = (-(int16_t)r) >> (8*sizeof(uint16_t)-1);
+    r = (-(int16_t)(r >> 1) | -(int16_t)(r & 1)) >> (8*sizeof(uint16_t)-1);
     return (int8_t)r;
 }
 

src/kem/frodokem/kem_frodokem1344aes.c

@@ -13,7 +13,7 @@ OQS_KEM *OQS_KEM_frodokem_1344_aes_new() {
 		return NULL;
 	}
 	kem->method_name = OQS_KEM_alg_frodokem_1344_aes;
-	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/d5bbd0417ba111b08a959c0042a1dcc65fb14a89";
+	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/669522db63850fa64d1a24a47e138e80a59349db";
 
 	kem->claimed_nist_level = 5;
 	kem->ind_cca = true;

src/kem/frodokem/kem_frodokem1344shake.c

@@ -13,7 +13,7 @@ OQS_KEM *OQS_KEM_frodokem_1344_shake_new() {
 		return NULL;
 	}
 	kem->method_name = OQS_KEM_alg_frodokem_1344_shake;
-	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/d5bbd0417ba111b08a959c0042a1dcc65fb14a89";
+	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/669522db63850fa64d1a24a47e138e80a59349db";
 
 	kem->claimed_nist_level = 5;
 	kem->ind_cca = true;

src/kem/frodokem/kem_frodokem640aes.c

@@ -13,7 +13,7 @@ OQS_KEM *OQS_KEM_frodokem_640_aes_new() {
 		return NULL;
 	}
 	kem->method_name = OQS_KEM_alg_frodokem_640_aes;
-	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/d5bbd0417ba111b08a959c0042a1dcc65fb14a89";
+	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/669522db63850fa64d1a24a47e138e80a59349db";
 
 	kem->claimed_nist_level = 1;
 	kem->ind_cca = true;

src/kem/frodokem/kem_frodokem640shake.c

@@ -13,7 +13,7 @@ OQS_KEM *OQS_KEM_frodokem_640_shake_new() {
 		return NULL;
 	}
 	kem->method_name = OQS_KEM_alg_frodokem_640_shake;
-	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/d5bbd0417ba111b08a959c0042a1dcc65fb14a89";
+	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/669522db63850fa64d1a24a47e138e80a59349db";
 
 	kem->claimed_nist_level = 1;
 	kem->ind_cca = true;

src/kem/frodokem/kem_frodokem976aes.c

@@ -13,7 +13,7 @@ OQS_KEM *OQS_KEM_frodokem_976_aes_new() {
 		return NULL;
 	}
 	kem->method_name = OQS_KEM_alg_frodokem_976_aes;
-	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/d5bbd0417ba111b08a959c0042a1dcc65fb14a89";
+	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/669522db63850fa64d1a24a47e138e80a59349db";
 
 	kem->claimed_nist_level = 3;
 	kem->ind_cca = true;

src/kem/frodokem/kem_frodokem976shake.c

@@ -13,7 +13,7 @@ OQS_KEM *OQS_KEM_frodokem_976_shake_new() {
 		return NULL;
 	}
 	kem->method_name = OQS_KEM_alg_frodokem_976_shake;
-	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/d5bbd0417ba111b08a959c0042a1dcc65fb14a89";
+	kem->alg_version = "https://github.com/Microsoft/PQCrypto-LWEKE/commit/669522db63850fa64d1a24a47e138e80a59349db";
 
 	kem->claimed_nist_level = 3;
 	kem->ind_cca = true;