sharpetronics/liboqs
1
0
Fork 0
mirror of https://github.com/open-quantum-safe/liboqs.git synced 2025-11-22 00:09:23 -05:00
Code Issues Projects Releases Wiki Activity

Kyber/Dilithium copy_from_upstream (#1088)

Browse Source 
* Kyber/Dilithium copy_from_upstream

* Updated algorithm docs
This commit is contained in:
Basil Hess 2021-09-13 21:07:25 +02:00 committed by GitHub
parent 86bfbf4a76
commit 75b648e9f6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
52 changed files with 217 additions and 323 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
docs/algorithms/kem/kyber.md
View File

@ -6,7 +6,7 @@
- **Auxiliary submitters**: Roberto Avanzi, Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Gregor Seiler, Damien Stehlé.
- **Authors' website**: https://pq-crystals.org/
- **Specification version**: NIST Round 3 submission.
- **Implementation source**: https://github.com/pq-crystals/kyber/commit/8e9308bd with copy_from_upstream patches
- **Implementation source**: https://github.com/pq-crystals/kyber/commit/faf5c3fe33e0b61c7c8a7888dd862bf5def17ad2 with copy_from_upstream patches
- **Implementation license (SPDX-Identifier)**: CC0-1.0.
## Parameter set summary
@ -25,7 +25,7 @@
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -33,10 +33,10 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Kyber512-90s implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,BMI2,POPCNT | True | True | False |
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:--------------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | SSE2,POPCNT,BMI2,SSSE3,AVX2,AES | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -45,16 +45,16 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Kyber768-90s implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,BMI2,POPCNT | True | True | False |
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:--------------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | SSE2,POPCNT,BMI2,SSSE3,AVX2,AES | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -63,16 +63,16 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,BMI2,POPCNT | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,BMI2 | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
## Kyber1024-90s implementation characteristics
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,BMI2,POPCNT | True | True | False |
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:--------------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | SSE2,POPCNT,BMI2,SSSE3,AVX2,AES | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

34
docs/algorithms/kem/kyber.yml
View File

@ -17,8 +17,8 @@ website: https://pq-crystals.org/
nist-round: 3
spec-version: NIST Round 3 submission
spdx-license-identifier: CC0-1.0
upstream: https://github.com/pq-crystals/kyber/commit/8e9308bd with copy_from_upstream
patches
upstream: https://github.com/pq-crystals/kyber/commit/faf5c3fe33e0b61c7c8a7888dd862bf5def17ad2
with copy_from_upstream patches
parameter-sets:
- name: Kyber512
claimed-nist-level: 1
@ -44,8 +44,8 @@ parameter-sets:
- Darwin
required_flags:
- avx2
- bmi2
- popcnt
- bmi2
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
@ -75,10 +75,12 @@ parameter-sets:
- Linux
- Darwin
required_flags:
- aes
- avx2
- bmi2
- sse2
- popcnt
- bmi2
- ssse3
- avx2
- aes
common-crypto:
- AES: pqcrystals-kyber_common_aes
- SHA3: liboqs
@ -109,8 +111,8 @@ parameter-sets:
- Darwin
required_flags:
- avx2
- bmi2
- popcnt
- bmi2
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
@ -140,10 +142,12 @@ parameter-sets:
- Linux
- Darwin
required_flags:
- aes
- avx2
- bmi2
- sse2
- popcnt
- bmi2
- ssse3
- avx2
- aes
common-crypto:
- AES: pqcrystals-kyber_common_aes
- SHA3: liboqs
@ -174,8 +178,8 @@ parameter-sets:
- Darwin
required_flags:
- avx2
- bmi2
- popcnt
- bmi2
common-crypto:
- SHA3: liboqs
no-secret-dependent-branching-claimed: true
@ -205,10 +209,12 @@ parameter-sets:
- Linux
- Darwin
required_flags:
- aes
- avx2
- bmi2
- sse2
- popcnt
- bmi2
- ssse3
- avx2
- aes
common-crypto:
- AES: pqcrystals-kyber_common_aes
- SHA3: liboqs

14
docs/algorithms/sig/dilithium.md
View File

@ -6,7 +6,7 @@
- **Auxiliary submitters**: Shi Bai, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Peter Schwabe, Gregor Seiler, Damien Stehlé.
- **Authors' website**: https://pq-crystals.org/dilithium/
- **Specification version**: 3.1.
- **Implementation source**: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409
- **Implementation source**: https://github.com/pq-crystals/dilithium/commit/61b51a71701b8ae9f546a1e5d220e1950ed20d06 with copy_from_upstream patches
- **Implementation license (SPDX-Identifier)**: CC0-1.0.
## Parameter set summary
@ -25,7 +25,7 @@
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,SSE2,SSSE3 | True | True | False |
| avx2 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -36,7 +36,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,SSE2,SSSE3 | True | True | False |
| avx2 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -45,7 +45,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AVX2,POPCNT,SSE2,SSSE3 | True | True | False |
| avx2 | x86\_64 | Darwin,Linux | AVX2,POPCNT | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -54,7 +54,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:---------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,POPCNT,SSE2,SSSE3 | True | True | False |
| avx2 | x86\_64 | Darwin,Linux | SSE2,POPCNT,SSSE3,AVX2,AES | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -63,7 +63,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:---------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,POPCNT,SSE2,SSSE3 | True | True | False |
| avx2 | x86\_64 | Darwin,Linux | SSE2,POPCNT,SSSE3,AVX2,AES | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.
@ -72,7 +72,7 @@ Are implementations chosen based on runtime CPU feature detection? **Yes**.
| Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
|:------------------------:|:----------------------------|:--------------------------------|:---------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
| ref | All | All | None | True | True | False |
| avx2 | x86\_64 | Linux,Darwin | AES,AVX2,POPCNT,SSE2,SSSE3 | True | True | False |
| avx2 | x86\_64 | Darwin,Linux | SSE2,POPCNT,SSSE3,AVX2,AES | True | True | False |
Are implementations chosen based on runtime CPU feature detection? **Yes**.

39
docs/algorithms/sig/dilithium.yml
View File

@ -15,7 +15,8 @@ website: https://pq-crystals.org/dilithium/
nist-round: 3
spec-version: 3.1
spdx-license-identifier: CC0-1.0
upstream: https://github.com/pq-crystals/dilithium/commit/d9c885d3f2e11c05529eeeb7d70d808c972b8409
upstream: https://github.com/pq-crystals/dilithium/commit/61b51a71701b8ae9f546a1e5d220e1950ed20d06
with copy_from_upstream patches
parameter-sets:
- name: Dilithium2
claimed-nist-level: 2
@ -37,13 +38,11 @@ parameter-sets:
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
- Linux
required_flags:
- avx2
- popcnt
- sse2
- ssse3
common-crypto:
- AES: pqcrystals
- SHA3: liboqs
@ -70,13 +69,11 @@ parameter-sets:
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
- Linux
required_flags:
- avx2
- popcnt
- sse2
- ssse3
common-crypto:
- AES: pqcrystals
- SHA3: liboqs
@ -103,13 +100,11 @@ parameter-sets:
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
- Linux
required_flags:
- avx2
- popcnt
- sse2
- ssse3
common-crypto:
- AES: pqcrystals
- SHA3: liboqs
@ -136,14 +131,14 @@ parameter-sets:
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
- Linux
required_flags:
- aes
- avx2
- popcnt
- sse2
- popcnt
- ssse3
- avx2
- aes
common-crypto:
- AES: pqcrystals
- SHA3: liboqs
@ -170,14 +165,14 @@ parameter-sets:
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
- Linux
required_flags:
- aes
- avx2
- popcnt
- sse2
- popcnt
- ssse3
- avx2
- aes
common-crypto:
- AES: pqcrystals
- SHA3: liboqs
@ -204,14 +199,14 @@ parameter-sets:
supported-platforms:
- architecture: x86_64
operating_systems:
- Linux
- Darwin
- Linux
required_flags:
- aes
- avx2
- popcnt
- sse2
- popcnt
- ssse3
- avx2
- aes
common-crypto:
- AES: pqcrystals
- SHA3: liboqs

4
scripts/copy_from_upstream/copy_from_upstream.yml
View File

@ -13,7 +13,7 @@ upstreams:
name: pqcrystals-kyber
git_url: https://github.com/pq-crystals/kyber.git
git_branch: master
git_commit: fd83229e9dcc7c235a5ea8bb320d1fbade812452
git_commit: faf5c3fe33e0b61c7c8a7888dd862bf5def17ad2
kem_meta_path: '{pretty_name_full}_META.yml'
common_meta_path: 'Common_META.yml'
kem_scheme_path: '.'
@ -22,7 +22,7 @@ upstreams:
name: pqcrystals-dilithium
git_url: https://github.com/pq-crystals/dilithium.git
git_branch: master
git_commit: 9dddb2a0537734e749ec2c8d4f952cb90cd9e67b
git_commit: 61b51a71701b8ae9f546a1e5d220e1950ed20d06
sig_meta_path: '{pretty_name_full}_META.yml'
common_meta_path: 'Common_META.yml'
sig_scheme_path: '.'

6
src/kem/kyber/pqcrystals-kyber_common_ref/aes256ctr.c
View File

@ -483,7 +483,7 @@ static void inc4_be(uint32_t *x)
*x = br_swap32(*x);
}
static void aes_ctr4x(uint8_t out[64], uint32_t ivw[16], uint64_t sk_exp[64])
static void aes_ctr4x(uint8_t out[64], uint32_t ivw[16], uint64_t sk_exp[120])
{
uint32_t w[16];
uint64_t q[8];
@ -554,7 +554,7 @@ static void br_aes_ct64_ctr_run(uint64_t sk_exp[120], const uint8_t *iv, uint32_
}
}
void aes256ctr_prf(uint8_t *out, size_t outlen, const uint8_t *key, const uint8_t *nonce)
void aes256ctr_prf(uint8_t *out, size_t outlen, const uint8_t key[32], const uint8_t nonce[12])
{
uint64_t sk_exp[120];
@ -562,7 +562,7 @@ void aes256ctr_prf(uint8_t *out, size_t outlen, const uint8_t *key, const uint8_
br_aes_ct64_ctr_run(sk_exp, nonce, 0, out, outlen);
}
void aes256ctr_init(aes256ctr_ctx *s, const uint8_t *key, const uint8_t *nonce)
void aes256ctr_init(aes256ctr_ctx *s, const uint8_t key[32], const uint8_t nonce[12])
{
br_aes_ct64_ctr_init(s->sk_exp, key);

16
src/kem/kyber/pqcrystals-kyber_kyber1024-90s_avx2/kem.c
View File

@ -21,8 +21,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
indcpa_keypair(pk, sk);
memcpy(sk+KYBER_INDCPA_SECRETKEYBYTES, pk, KYBER_INDCPA_PUBLICKEYBYTES);
@ -47,9 +47,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -90,9 +90,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
int fail;
uint8_t buf[2*KYBER_SYMBYTES];

4
src/kem/kyber/pqcrystals-kyber_kyber1024-90s_avx2/poly.h
View File

@ -34,7 +34,7 @@ void poly_getnoise_eta1_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,
@ -46,7 +46,7 @@ void poly_getnoise_eta1122_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,

16
src/kem/kyber/pqcrystals-kyber_kyber1024-90s_ref/kem.c
View File

@ -20,8 +20,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
size_t i;
indcpa_keypair(pk, sk);
@ -48,9 +48,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -91,9 +91,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
size_t i;
int fail;

16
src/kem/kyber/pqcrystals-kyber_kyber1024_avx2/kem.c
View File

@ -21,8 +21,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
indcpa_keypair(pk, sk);
memcpy(sk+KYBER_INDCPA_SECRETKEYBYTES, pk, KYBER_INDCPA_PUBLICKEYBYTES);
@ -47,9 +47,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -90,9 +90,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
int fail;
uint8_t buf[2*KYBER_SYMBYTES];

4
src/kem/kyber/pqcrystals-kyber_kyber1024_avx2/poly.h
View File

@ -34,7 +34,7 @@ void poly_getnoise_eta1_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,
@ -46,7 +46,7 @@ void poly_getnoise_eta1122_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,

16
src/kem/kyber/pqcrystals-kyber_kyber1024_ref/kem.c
View File

@ -20,8 +20,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
size_t i;
indcpa_keypair(pk, sk);
@ -48,9 +48,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -91,9 +91,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
size_t i;
int fail;

16
src/kem/kyber/pqcrystals-kyber_kyber512-90s_avx2/kem.c
View File

@ -21,8 +21,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
indcpa_keypair(pk, sk);
memcpy(sk+KYBER_INDCPA_SECRETKEYBYTES, pk, KYBER_INDCPA_PUBLICKEYBYTES);
@ -47,9 +47,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -90,9 +90,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
int fail;
uint8_t buf[2*KYBER_SYMBYTES];

4
src/kem/kyber/pqcrystals-kyber_kyber512-90s_avx2/poly.h
View File

@ -34,7 +34,7 @@ void poly_getnoise_eta1_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,
@ -46,7 +46,7 @@ void poly_getnoise_eta1122_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,

16
src/kem/kyber/pqcrystals-kyber_kyber512-90s_ref/kem.c
View File

@ -20,8 +20,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
size_t i;
indcpa_keypair(pk, sk);
@ -48,9 +48,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -91,9 +91,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
size_t i;
int fail;

16
src/kem/kyber/pqcrystals-kyber_kyber512_avx2/kem.c
View File

@ -21,8 +21,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
indcpa_keypair(pk, sk);
memcpy(sk+KYBER_INDCPA_SECRETKEYBYTES, pk, KYBER_INDCPA_PUBLICKEYBYTES);
@ -47,9 +47,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -90,9 +90,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
int fail;
uint8_t buf[2*KYBER_SYMBYTES];

4
src/kem/kyber/pqcrystals-kyber_kyber512_avx2/poly.h
View File

@ -34,7 +34,7 @@ void poly_getnoise_eta1_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,
@ -46,7 +46,7 @@ void poly_getnoise_eta1122_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,

16
src/kem/kyber/pqcrystals-kyber_kyber512_ref/kem.c
View File

@ -20,8 +20,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
size_t i;
indcpa_keypair(pk, sk);
@ -48,9 +48,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -91,9 +91,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
size_t i;
int fail;

16
src/kem/kyber/pqcrystals-kyber_kyber768-90s_avx2/kem.c
View File

@ -21,8 +21,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
indcpa_keypair(pk, sk);
memcpy(sk+KYBER_INDCPA_SECRETKEYBYTES, pk, KYBER_INDCPA_PUBLICKEYBYTES);
@ -47,9 +47,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -90,9 +90,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
int fail;
uint8_t buf[2*KYBER_SYMBYTES];

4
src/kem/kyber/pqcrystals-kyber_kyber768-90s_avx2/poly.h
View File

@ -34,7 +34,7 @@ void poly_getnoise_eta1_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,
@ -46,7 +46,7 @@ void poly_getnoise_eta1122_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,

16
src/kem/kyber/pqcrystals-kyber_kyber768-90s_ref/kem.c
View File

@ -20,8 +20,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
size_t i;
indcpa_keypair(pk, sk);
@ -48,9 +48,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -91,9 +91,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
size_t i;
int fail;

16
src/kem/kyber/pqcrystals-kyber_kyber768_avx2/kem.c
View File

@ -21,8 +21,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
indcpa_keypair(pk, sk);
memcpy(sk+KYBER_INDCPA_SECRETKEYBYTES, pk, KYBER_INDCPA_PUBLICKEYBYTES);
@ -47,9 +47,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -90,9 +90,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
int fail;
uint8_t buf[2*KYBER_SYMBYTES];

4
src/kem/kyber/pqcrystals-kyber_kyber768_avx2/poly.h
View File

@ -34,7 +34,7 @@ void poly_getnoise_eta1_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,
@ -46,7 +46,7 @@ void poly_getnoise_eta1122_4x(poly *r0,
poly *r1,
poly *r2,
poly *r3,
const uint8_t *seed,
const uint8_t seed[32],
uint8_t nonce0,
uint8_t nonce1,
uint8_t nonce2,

16
src/kem/kyber/pqcrystals-kyber_kyber768_ref/kem.c
View File

@ -20,8 +20,8 @@
*
* Returns 0 (success)
**************************************************/
int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_keypair(uint8_t *pk,
uint8_t *sk)
{
size_t i;
indcpa_keypair(pk, sk);
@ -48,9 +48,9 @@ int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
*
* Returns 0 (success)
**************************************************/
int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
uint8_t ss[KYBER_SSBYTES],
const uint8_t pk[KYBER_PUBLICKEYBYTES])
int crypto_kem_enc(uint8_t *ct,
uint8_t *ss,
const uint8_t *pk)
{
uint8_t buf[2*KYBER_SYMBYTES];
/* Will contain key, coins */
@ -91,9 +91,9 @@ int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
*
* On failure, ss will contain a pseudo-random value.
**************************************************/
int crypto_kem_dec(uint8_t ss[KYBER_SSBYTES],
const uint8_t ct[KYBER_CIPHERTEXTBYTES],
const uint8_t sk[KYBER_SECRETKEYBYTES])
int crypto_kem_dec(uint8_t *ss,
const uint8_t *ct,
const uint8_t *sk)
{
size_t i;
int fail;

24
src/sig/dilithium/pqcrystals-dilithium_common_aes/aes256ctr.c
View File

@ -119,27 +119,3 @@ void aes256ctr_squeezeblocks(uint8_t *out,
out += 64;
}
}
void aes256ctr_prf(uint8_t *out,
size_t outlen,
const uint8_t seed[32],
uint64_t nonce)
{
unsigned int i;
uint8_t buf[64];
aes256ctr_ctx state;
aes256ctr_init(&state, seed, nonce);
while(outlen >= 64) {
aesni_encrypt4(out, &state.n, state.rkeys);
outlen -= 64;
out += 64;
}
if(outlen) {
aesni_encrypt4(buf, &state.n, state.rkeys);
for(i=0;i<outlen;i++)
out[i] = buf[i];
}
}

6
src/sig/dilithium/pqcrystals-dilithium_common_aes/aes256ctr.h
View File

@ -24,10 +24,4 @@ void aes256ctr_squeezeblocks(uint8_t *out,
size_t nblocks,
aes256ctr_ctx *state);
#define aes256ctr_prf AES256CTR_NAMESPACE(prf)
void aes256ctr_prf(uint8_t *out,
size_t outlen,
const uint8_t key[32],
uint64_t nonce);
#endif

39
src/sig/dilithium/pqcrystals-dilithium_common_ref/aes256ctr.c
View File

@ -483,7 +483,7 @@ static void inc4_be(uint32_t *x)
*x = br_swap32(*x);
}
static void aes_ctr4x(uint8_t out[64], uint32_t ivw[16], uint64_t sk_exp[64])
static void aes_ctr4x(uint8_t out[64], uint32_t ivw[16], uint64_t sk_exp[120])
{
uint32_t w[16];
uint64_t q[8];
@ -527,42 +527,7 @@ static void br_aes_ct64_ctr_init(uint64_t sk_exp[120], const uint8_t *key)
br_aes_ct64_skey_expand(sk_exp, skey);
}
static void br_aes_ct64_ctr_run(uint64_t sk_exp[120], const uint8_t *iv, uint32_t cc, uint8_t *data, size_t len)
{
uint32_t ivw[16];
size_t i;
br_range_dec32le(ivw, 3, iv);
memcpy(ivw + 4, ivw, 3 * sizeof(uint32_t));
memcpy(ivw + 8, ivw, 3 * sizeof(uint32_t));
memcpy(ivw + 12, ivw, 3 * sizeof(uint32_t));
ivw[ 3] = br_swap32(cc);
ivw[ 7] = br_swap32(cc + 1);
ivw[11] = br_swap32(cc + 2);
ivw[15] = br_swap32(cc + 3);
while (len > 64) {
aes_ctr4x(data, ivw, sk_exp);
data += 64;
len -= 64;
}
if(len > 0) {
uint8_t tmp[64];
aes_ctr4x(tmp, ivw, sk_exp);
for(i=0;i<len;i++)
data[i] = tmp[i];
}
}
void aes256ctr_prf(uint8_t *out, size_t outlen, const uint8_t *key, const uint8_t *nonce)
{
uint64_t sk_exp[120];
br_aes_ct64_ctr_init(sk_exp, key);
br_aes_ct64_ctr_run(sk_exp, nonce, 0, out, outlen);
}
void aes256ctr_init(aes256ctr_ctx *s, const uint8_t *key, const uint8_t *nonce)
void aes256ctr_init(aes256ctr_ctx *s, const uint8_t key[32], const uint8_t nonce[12])
{
br_aes_ct64_ctr_init(s->sk_exp, key);

6
src/sig/dilithium/pqcrystals-dilithium_common_ref/aes256ctr.h
View File

@ -13,12 +13,6 @@ typedef struct {
uint32_t ivw[16];
} aes256ctr_ctx;
#define aes256ctr_prf AES256CTR_NAMESPACE(prf)
void aes256ctr_prf(uint8_t *out,
size_t outlen,
const uint8_t key[32],
const uint8_t nonce[12]);
#define aes256ctr_init AES256CTR_NAMESPACE(init)
void aes256ctr_init(aes256ctr_ctx *state,
const uint8_t key[32],

6
src/sig/dilithium/pqcrystals-dilithium_dilithium2-aes_avx2/aes256ctr.h
View File

@ -24,10 +24,4 @@ void aes256ctr_squeezeblocks(uint8_t *out,
size_t nblocks,
aes256ctr_ctx *state);
#define aes256ctr_prf AES256CTR_NAMESPACE(prf)
void aes256ctr_prf(uint8_t *out,
size_t outlen,
const uint8_t key[32],
uint64_t nonce);
#endif

8
src/sig/dilithium/pqcrystals-dilithium_dilithium2-aes_avx2/poly.c
View File

@ -1021,7 +1021,7 @@ void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly * restrict a) {
* - const uint8_t *a: byte array with bit-packed polynomial
**************************************************/
#if GAMMA1 == (1 << 17)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1, 9, 8, 7,-1, 7, 6, 5,-1, 5, 4, 3,-1, 3, 2, 1,
@ -1045,7 +1045,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
}
#elif GAMMA1 == (1 << 19)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1,11,10, 9,-1, 9, 8, 7,-1, 6, 5, 4,-1, 4, 3, 2,
@ -1080,7 +1080,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
* - const poly *a: pointer to input polynomial
**************************************************/
#if GAMMA2 == (Q-1)/88
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0,f1,f2,f3;
const __m256i shift1 = _mm256_set1_epi16((64 << 8) + 1);
@ -1111,7 +1111,7 @@ void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
}
#elif GAMMA2 == (Q-1)/32
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0, f1, f2, f3, f4, f5, f6, f7;
const __m256i shift = _mm256_set1_epi16((16 << 8) + 1);

4
src/sig/dilithium/pqcrystals-dilithium_dilithium2-aes_avx2/poly.h
View File

@ -106,9 +106,9 @@ void polyt0_unpack(poly *r, const uint8_t a[POLYT0_PACKEDBYTES]);
#define polyz_pack DILITHIUM_NAMESPACE(polyz_pack)
void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly *a);
#define polyz_unpack DILITHIUM_NAMESPACE(polyz_unpack)
void polyz_unpack(poly *r, const uint8_t a[POLYZ_PACKEDBYTES+14]);
void polyz_unpack(poly *r, const uint8_t *a);
#define polyw1_pack DILITHIUM_NAMESPACE(polyw1_pack)
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly *a);
void polyw1_pack(uint8_t *r, const poly *a);
#endif

2
src/sig/dilithium/pqcrystals-dilithium_dilithium2-aes_avx2/rejsample.h
View File

@ -22,7 +22,7 @@ extern const uint8_t idxlut[256][8];
unsigned int rej_uniform_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN+8]);
#define rej_eta_avx DILITHIUM_NAMESPACE(rej_eta_avx)
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN]);
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_ETA_BUFLEN]);
#endif

6
src/sig/dilithium/pqcrystals-dilithium_dilithium2-aes_ref/aes256ctr.h
View File

@ -13,12 +13,6 @@ typedef struct {
uint32_t ivw[16];
} aes256ctr_ctx;
#define aes256ctr_prf AES256CTR_NAMESPACE(prf)
void aes256ctr_prf(uint8_t *out,
size_t outlen,
const uint8_t key[32],
const uint8_t nonce[12]);
#define aes256ctr_init AES256CTR_NAMESPACE(init)
void aes256ctr_init(aes256ctr_ctx *state,
const uint8_t key[32],

8
src/sig/dilithium/pqcrystals-dilithium_dilithium2_avx2/poly.c
View File

@ -1021,7 +1021,7 @@ void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly * restrict a) {
* - const uint8_t *a: byte array with bit-packed polynomial
**************************************************/
#if GAMMA1 == (1 << 17)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1, 9, 8, 7,-1, 7, 6, 5,-1, 5, 4, 3,-1, 3, 2, 1,
@ -1045,7 +1045,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
}
#elif GAMMA1 == (1 << 19)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1,11,10, 9,-1, 9, 8, 7,-1, 6, 5, 4,-1, 4, 3, 2,
@ -1080,7 +1080,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
* - const poly *a: pointer to input polynomial
**************************************************/
#if GAMMA2 == (Q-1)/88
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0,f1,f2,f3;
const __m256i shift1 = _mm256_set1_epi16((64 << 8) + 1);
@ -1111,7 +1111,7 @@ void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
}
#elif GAMMA2 == (Q-1)/32
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0, f1, f2, f3, f4, f5, f6, f7;
const __m256i shift = _mm256_set1_epi16((16 << 8) + 1);

4
src/sig/dilithium/pqcrystals-dilithium_dilithium2_avx2/poly.h
View File

@ -106,9 +106,9 @@ void polyt0_unpack(poly *r, const uint8_t a[POLYT0_PACKEDBYTES]);
#define polyz_pack DILITHIUM_NAMESPACE(polyz_pack)
void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly *a);
#define polyz_unpack DILITHIUM_NAMESPACE(polyz_unpack)
void polyz_unpack(poly *r, const uint8_t a[POLYZ_PACKEDBYTES+14]);
void polyz_unpack(poly *r, const uint8_t *a);
#define polyw1_pack DILITHIUM_NAMESPACE(polyw1_pack)
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly *a);
void polyw1_pack(uint8_t *r, const poly *a);
#endif

2
src/sig/dilithium/pqcrystals-dilithium_dilithium2_avx2/rejsample.h
View File

@ -22,7 +22,7 @@ extern const uint8_t idxlut[256][8];
unsigned int rej_uniform_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN+8]);
#define rej_eta_avx DILITHIUM_NAMESPACE(rej_eta_avx)
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN]);
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_ETA_BUFLEN]);
#endif

6
src/sig/dilithium/pqcrystals-dilithium_dilithium3-aes_avx2/aes256ctr.h
View File

@ -24,10 +24,4 @@ void aes256ctr_squeezeblocks(uint8_t *out,
size_t nblocks,
aes256ctr_ctx *state);
#define aes256ctr_prf AES256CTR_NAMESPACE(prf)
void aes256ctr_prf(uint8_t *out,
size_t outlen,
const uint8_t key[32],
uint64_t nonce);
#endif

8
src/sig/dilithium/pqcrystals-dilithium_dilithium3-aes_avx2/poly.c
View File

@ -1021,7 +1021,7 @@ void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly * restrict a) {
* - const uint8_t *a: byte array with bit-packed polynomial
**************************************************/
#if GAMMA1 == (1 << 17)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1, 9, 8, 7,-1, 7, 6, 5,-1, 5, 4, 3,-1, 3, 2, 1,
@ -1045,7 +1045,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
}
#elif GAMMA1 == (1 << 19)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1,11,10, 9,-1, 9, 8, 7,-1, 6, 5, 4,-1, 4, 3, 2,
@ -1080,7 +1080,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
* - const poly *a: pointer to input polynomial
**************************************************/
#if GAMMA2 == (Q-1)/88
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0,f1,f2,f3;
const __m256i shift1 = _mm256_set1_epi16((64 << 8) + 1);
@ -1111,7 +1111,7 @@ void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
}
#elif GAMMA2 == (Q-1)/32
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0, f1, f2, f3, f4, f5, f6, f7;
const __m256i shift = _mm256_set1_epi16((16 << 8) + 1);

4
src/sig/dilithium/pqcrystals-dilithium_dilithium3-aes_avx2/poly.h
View File

@ -106,9 +106,9 @@ void polyt0_unpack(poly *r, const uint8_t a[POLYT0_PACKEDBYTES]);
#define polyz_pack DILITHIUM_NAMESPACE(polyz_pack)
void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly *a);
#define polyz_unpack DILITHIUM_NAMESPACE(polyz_unpack)
void polyz_unpack(poly *r, const uint8_t a[POLYZ_PACKEDBYTES+14]);
void polyz_unpack(poly *r, const uint8_t *a);
#define polyw1_pack DILITHIUM_NAMESPACE(polyw1_pack)
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly *a);
void polyw1_pack(uint8_t *r, const poly *a);
#endif

2
src/sig/dilithium/pqcrystals-dilithium_dilithium3-aes_avx2/rejsample.h
View File

@ -22,7 +22,7 @@ extern const uint8_t idxlut[256][8];
unsigned int rej_uniform_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN+8]);
#define rej_eta_avx DILITHIUM_NAMESPACE(rej_eta_avx)
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN]);
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_ETA_BUFLEN]);
#endif

6
src/sig/dilithium/pqcrystals-dilithium_dilithium3-aes_ref/aes256ctr.h
View File

@ -13,12 +13,6 @@ typedef struct {
uint32_t ivw[16];
} aes256ctr_ctx;
#define aes256ctr_prf AES256CTR_NAMESPACE(prf)
void aes256ctr_prf(uint8_t *out,
size_t outlen,
const uint8_t key[32],
const uint8_t nonce[12]);
#define aes256ctr_init AES256CTR_NAMESPACE(init)
void aes256ctr_init(aes256ctr_ctx *state,
const uint8_t key[32],

8
src/sig/dilithium/pqcrystals-dilithium_dilithium3_avx2/poly.c
View File

@ -1021,7 +1021,7 @@ void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly * restrict a) {
* - const uint8_t *a: byte array with bit-packed polynomial
**************************************************/
#if GAMMA1 == (1 << 17)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1, 9, 8, 7,-1, 7, 6, 5,-1, 5, 4, 3,-1, 3, 2, 1,
@ -1045,7 +1045,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
}
#elif GAMMA1 == (1 << 19)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1,11,10, 9,-1, 9, 8, 7,-1, 6, 5, 4,-1, 4, 3, 2,
@ -1080,7 +1080,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
* - const poly *a: pointer to input polynomial
**************************************************/
#if GAMMA2 == (Q-1)/88
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0,f1,f2,f3;
const __m256i shift1 = _mm256_set1_epi16((64 << 8) + 1);
@ -1111,7 +1111,7 @@ void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
}
#elif GAMMA2 == (Q-1)/32
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0, f1, f2, f3, f4, f5, f6, f7;
const __m256i shift = _mm256_set1_epi16((16 << 8) + 1);

4
src/sig/dilithium/pqcrystals-dilithium_dilithium3_avx2/poly.h
View File

@ -106,9 +106,9 @@ void polyt0_unpack(poly *r, const uint8_t a[POLYT0_PACKEDBYTES]);
#define polyz_pack DILITHIUM_NAMESPACE(polyz_pack)
void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly *a);
#define polyz_unpack DILITHIUM_NAMESPACE(polyz_unpack)
void polyz_unpack(poly *r, const uint8_t a[POLYZ_PACKEDBYTES+14]);
void polyz_unpack(poly *r, const uint8_t *a);
#define polyw1_pack DILITHIUM_NAMESPACE(polyw1_pack)
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly *a);
void polyw1_pack(uint8_t *r, const poly *a);
#endif

2
src/sig/dilithium/pqcrystals-dilithium_dilithium3_avx2/rejsample.h
View File

@ -22,7 +22,7 @@ extern const uint8_t idxlut[256][8];
unsigned int rej_uniform_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN+8]);
#define rej_eta_avx DILITHIUM_NAMESPACE(rej_eta_avx)
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN]);
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_ETA_BUFLEN]);
#endif

6
src/sig/dilithium/pqcrystals-dilithium_dilithium_5-aes_avx2/aes256ctr.h
View File

@ -24,10 +24,4 @@ void aes256ctr_squeezeblocks(uint8_t *out,
size_t nblocks,
aes256ctr_ctx *state);
#define aes256ctr_prf AES256CTR_NAMESPACE(prf)
void aes256ctr_prf(uint8_t *out,
size_t outlen,
const uint8_t key[32],
uint64_t nonce);
#endif

8
src/sig/dilithium/pqcrystals-dilithium_dilithium_5-aes_avx2/poly.c
View File

@ -1021,7 +1021,7 @@ void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly * restrict a) {
* - const uint8_t *a: byte array with bit-packed polynomial
**************************************************/
#if GAMMA1 == (1 << 17)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1, 9, 8, 7,-1, 7, 6, 5,-1, 5, 4, 3,-1, 3, 2, 1,
@ -1045,7 +1045,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
}
#elif GAMMA1 == (1 << 19)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1,11,10, 9,-1, 9, 8, 7,-1, 6, 5, 4,-1, 4, 3, 2,
@ -1080,7 +1080,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
* - const poly *a: pointer to input polynomial
**************************************************/
#if GAMMA2 == (Q-1)/88
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0,f1,f2,f3;
const __m256i shift1 = _mm256_set1_epi16((64 << 8) + 1);
@ -1111,7 +1111,7 @@ void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
}
#elif GAMMA2 == (Q-1)/32
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0, f1, f2, f3, f4, f5, f6, f7;
const __m256i shift = _mm256_set1_epi16((16 << 8) + 1);

4
src/sig/dilithium/pqcrystals-dilithium_dilithium_5-aes_avx2/poly.h
View File

@ -106,9 +106,9 @@ void polyt0_unpack(poly *r, const uint8_t a[POLYT0_PACKEDBYTES]);
#define polyz_pack DILITHIUM_NAMESPACE(polyz_pack)
void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly *a);
#define polyz_unpack DILITHIUM_NAMESPACE(polyz_unpack)
void polyz_unpack(poly *r, const uint8_t a[POLYZ_PACKEDBYTES+14]);
void polyz_unpack(poly *r, const uint8_t *a);
#define polyw1_pack DILITHIUM_NAMESPACE(polyw1_pack)
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly *a);
void polyw1_pack(uint8_t *r, const poly *a);
#endif

2
src/sig/dilithium/pqcrystals-dilithium_dilithium_5-aes_avx2/rejsample.h
View File

@ -22,7 +22,7 @@ extern const uint8_t idxlut[256][8];
unsigned int rej_uniform_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN+8]);
#define rej_eta_avx DILITHIUM_NAMESPACE(rej_eta_avx)
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN]);
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_ETA_BUFLEN]);
#endif

6
src/sig/dilithium/pqcrystals-dilithium_dilithium_5-aes_ref/aes256ctr.h
View File

@ -13,12 +13,6 @@ typedef struct {
uint32_t ivw[16];
} aes256ctr_ctx;
#define aes256ctr_prf AES256CTR_NAMESPACE(prf)
void aes256ctr_prf(uint8_t *out,
size_t outlen,
const uint8_t key[32],
const uint8_t nonce[12]);
#define aes256ctr_init AES256CTR_NAMESPACE(init)
void aes256ctr_init(aes256ctr_ctx *state,
const uint8_t key[32],

8
src/sig/dilithium/pqcrystals-dilithium_dilithium_5_avx2/poly.c
View File

@ -1021,7 +1021,7 @@ void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly * restrict a) {
* - const uint8_t *a: byte array with bit-packed polynomial
**************************************************/
#if GAMMA1 == (1 << 17)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1, 9, 8, 7,-1, 7, 6, 5,-1, 5, 4, 3,-1, 3, 2, 1,
@ -1045,7 +1045,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+14]) {
}
#elif GAMMA1 == (1 << 19)
void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
void polyz_unpack(poly * restrict r, const uint8_t *a) {
unsigned int i;
__m256i f;
const __m256i shufbidx = _mm256_set_epi8(-1,11,10, 9,-1, 9, 8, 7,-1, 6, 5, 4,-1, 4, 3, 2,
@ -1080,7 +1080,7 @@ void polyz_unpack(poly * restrict r, const uint8_t a[POLYZ_PACKEDBYTES+12]) {
* - const poly *a: pointer to input polynomial
**************************************************/
#if GAMMA2 == (Q-1)/88
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0,f1,f2,f3;
const __m256i shift1 = _mm256_set1_epi16((64 << 8) + 1);
@ -1111,7 +1111,7 @@ void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly * restrict a) {
}
#elif GAMMA2 == (Q-1)/32
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES], const poly * restrict a) {
void polyw1_pack(uint8_t *r, const poly * restrict a) {
unsigned int i;
__m256i f0, f1, f2, f3, f4, f5, f6, f7;
const __m256i shift = _mm256_set1_epi16((16 << 8) + 1);

4
src/sig/dilithium/pqcrystals-dilithium_dilithium_5_avx2/poly.h
View File

@ -106,9 +106,9 @@ void polyt0_unpack(poly *r, const uint8_t a[POLYT0_PACKEDBYTES]);
#define polyz_pack DILITHIUM_NAMESPACE(polyz_pack)
void polyz_pack(uint8_t r[POLYZ_PACKEDBYTES], const poly *a);
#define polyz_unpack DILITHIUM_NAMESPACE(polyz_unpack)
void polyz_unpack(poly *r, const uint8_t a[POLYZ_PACKEDBYTES+14]);
void polyz_unpack(poly *r, const uint8_t *a);
#define polyw1_pack DILITHIUM_NAMESPACE(polyw1_pack)
void polyw1_pack(uint8_t r[POLYW1_PACKEDBYTES+8], const poly *a);
void polyw1_pack(uint8_t *r, const poly *a);
#endif

2
src/sig/dilithium/pqcrystals-dilithium_dilithium_5_avx2/rejsample.h
View File

@ -22,7 +22,7 @@ extern const uint8_t idxlut[256][8];
unsigned int rej_uniform_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN+8]);
#define rej_eta_avx DILITHIUM_NAMESPACE(rej_eta_avx)
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_BUFLEN]);
unsigned int rej_eta_avx(int32_t *r, const uint8_t buf[REJ_UNIFORM_ETA_BUFLEN]);
#endif