Code review of NewHope wrapper.

2025-12-06 00:01:28 -05:00 · 2016-10-17 21:07:39 -04:00 · 2016-10-17 21:07:39 -04:00 · 62f630ff15
commit 62f630ff15
parent c6a9fae2ac
3 changed files with 21 additions and 15 deletions
--- a/6
+++ b/6
@ -51,11 +51,9 @@ $(KEX_RLWE_BCNS15_OBJS): $(KEX_RLWE_BCNS15_HEADERS)

 # KEX_NEWHOPE

-KEX_RLWE_NEWHOPE_OBJS := $(addprefix objs/kex_rlwe_newhope/, \
-  kex_rlwe_newhope.o)
+KEX_RLWE_NEWHOPE_OBJS := $(addprefix objs/kex_rlwe_newhope/, kex_rlwe_newhope.o)

-KEX_RLWE_NEWHOPE_HEADERS := $(addprefix src/kex_rlwe_newhope/, \
-  kex_rlwe_newhope.h)
+KEX_RLWE_NEWHOPE_HEADERS := $(addprefix src/kex_rlwe_newhope/, kex_rlwe_newhope.h fips202.c newhope.c params.h poly.c precomp.c)

 $(KEX_RLWE_NEWHOPE_OBJS): $(KEX_RLWE_NEWHOPE_HEADERS)

--- a/src/kex_rlwe_newhope/fips202.c
+++ b/src/kex_rlwe_newhope/fips202.c
@ -371,7 +371,7 @@ static void keccak_squeezeblocks(unsigned char *h, unsigned long long int nblock
 	}
 }

-void shake128_absorb(uint64_t *s, const unsigned char *input, unsigned int inputByteLen) {
+static void shake128_absorb(uint64_t *s, const unsigned char *input, unsigned int inputByteLen) {
 	keccak_absorb(s, SHAKE128_RATE, input, inputByteLen, 0x1F);
 }

--- a/src/kex_rlwe_newhope/kex_rlwe_newhope.c
+++ b/src/kex_rlwe_newhope/kex_rlwe_newhope.c
@ -18,6 +18,9 @@ OQS_KEX *OQS_KEX_rlwe_newhope_new(OQS_RAND *rand) {
 	k->method_name = strdup("RLWE NewHope");
 	k->estimated_classical_security = 229; // http://eprint.iacr.org/2015/1092.pdf Table 1 NewHope dual known classical
 	k->estimated_quantum_security = 206; // http://eprint.iacr.org/2015/1092.pdf Table 1 NewHope dual known quantum
+	k->seed = NULL;
+	k->seed_len = 0;
+	k->named_parameters = 0;
 	k->rand = rand;
 	k->params = NULL;
 	k->alice_0 = &OQS_KEX_rlwe_newhope_alice_0;
@ -32,9 +35,6 @@ int OQS_KEX_rlwe_newhope_alice_0(UNUSED OQS_KEX *k, void **alice_priv, uint8_t *

 	int ret;

-	*alice_priv = NULL;
-	*alice_msg = NULL;
-
 	/* allocate public/private key pair */
 	*alice_msg = malloc(NEWHOPE_SENDABYTES);
 	if (*alice_msg == NULL) goto err;
@ -51,7 +51,10 @@ int OQS_KEX_rlwe_newhope_alice_0(UNUSED OQS_KEX *k, void **alice_priv, uint8_t *
 err:
 	ret = 0;
 	free(*alice_msg);
+	*alice_msg = NULL;
 	free(*alice_priv);
+	*alice_priv = NULL;
+
 cleanup:

 	return ret;
@ -62,9 +65,6 @@ int OQS_KEX_rlwe_newhope_bob(UNUSED OQS_KEX *k, const uint8_t *alice_msg, const

 	int ret;

-	*bob_msg = NULL;
-	*key = NULL;
-
 	if (alice_msg_len != NEWHOPE_SENDABYTES) goto err;

 	/* allocate message and session key */
@ -84,7 +84,10 @@ int OQS_KEX_rlwe_newhope_bob(UNUSED OQS_KEX *k, const uint8_t *alice_msg, const
 err:
 	ret = 0;
 	free(*bob_msg);
+	*bob_msg = NULL;
 	free(*key);
+	*key = NULL;
+
 cleanup:

 	return ret;
@ -95,8 +98,6 @@ int OQS_KEX_rlwe_newhope_alice_1(UNUSED OQS_KEX *k, const void *alice_priv, cons

 	int ret;

-	*key = NULL;
-
 	if (bob_msg_len != NEWHOPE_SENDBBYTES) goto err;

 	/* allocate session key */
@ -113,6 +114,8 @@ int OQS_KEX_rlwe_newhope_alice_1(UNUSED OQS_KEX *k, const void *alice_priv, cons
 err:
 	ret = 0;
 	free(*key);
+	*key = NULL;
+
 cleanup:

 	return ret;
@ -120,10 +123,15 @@ cleanup:
 }

 void OQS_KEX_rlwe_newhope_alice_priv_free(UNUSED OQS_KEX *k, void *alice_priv) {
-	free(alice_priv);
+	if (alice_priv) {
+		free(alice_priv);
+	}
 }

 void OQS_KEX_rlwe_newhope_free(OQS_KEX *k) {
-	if (k) free(k->method_name);
+	if (k) {
+		free(k->method_name);
+		k->method_name = NULL;
+	}
 	free(k);
 }