| version 1.1, 2019/01/21 10:20:12 |
version 1.2, 2019/01/21 22:18:24 |
|
|
| #include <string.h> |
#include <string.h> |
| #include "crypto_api.h" |
#include "crypto_api.h" |
| |
|
| /* from supercop-20181216/crypto_sort/int32/portable3/int32_minmax.inc */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.h */ |
| #define int32_MINMAX(a,b) \ |
#ifndef int32_sort_h |
| do { \ |
#define int32_sort_h |
| int32 ab = b ^ a; \ |
|
| int32 c = b - a; \ |
|
| c ^= ab & (c ^ b); \ |
|
| c >>= 31; \ |
|
| c &= ab; \ |
|
| a ^= c; \ |
|
| b ^= c; \ |
|
| } while(0) |
|
| |
|
| /* from supercop-20181216/crypto_sort/int32/portable3/sort.c */ |
|
| #define int32 crypto_int32 |
|
| |
|
| |
static void int32_sort(crypto_int32 *,int); |
| |
|
| static void crypto_sort_int32(void *array,long long n) |
#endif |
| |
|
| |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/int32_sort.c */ |
| |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
| |
static void minmax(crypto_int32 *x,crypto_int32 *y) |
| { |
{ |
| long long top,p,q,r,i; |
crypto_uint32 xi = *x; |
| int32 *x = array; |
crypto_uint32 yi = *y; |
| |
crypto_uint32 xy = xi ^ yi; |
| |
crypto_uint32 c = yi - xi; |
| |
c ^= xy & (c ^ yi); |
| |
c >>= 31; |
| |
c = -c; |
| |
c &= xy; |
| |
*x = xi ^ c; |
| |
*y = yi ^ c; |
| |
} |
| |
|
| |
static void int32_sort(crypto_int32 *x,int n) |
| |
{ |
| |
int top,p,q,i; |
| |
|
| if (n < 2) return; |
if (n < 2) return; |
| top = 1; |
top = 1; |
| while (top < n - top) top += top; |
while (top < n - top) top += top; |
|
|
| for (p = top;p > 0;p >>= 1) { |
for (p = top;p > 0;p >>= 1) { |
| for (i = 0;i < n - p;++i) |
for (i = 0;i < n - p;++i) |
| if (!(i & p)) |
if (!(i & p)) |
| int32_MINMAX(x[i],x[i+p]); |
minmax(x + i,x + i + p); |
| i = 0; |
for (q = top;q > p;q >>= 1) |
| for (q = top;q > p;q >>= 1) { |
for (i = 0;i < n - q;++i) |
| for (;i < n - q;++i) { |
if (!(i & p)) |
| if (!(i & p)) { |
minmax(x + i + p,x + i + q); |
| int32 a = x[i + p]; |
|
| for (r = q;r > p;r >>= 1) |
|
| int32_MINMAX(a,x[i+r]); |
|
| x[i + p] = a; |
|
| } |
|
| } |
|
| } |
|
| } |
} |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/small.h */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.h */ |
| #ifndef small_h |
#ifndef small_h |
| #define small_h |
#define small_h |
| |
|
|
|
| |
|
| #endif |
#endif |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/mod3.h */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/mod3.h */ |
| #ifndef mod3_h |
#ifndef mod3_h |
| #define mod3_h |
#define mod3_h |
| |
|
|
|
| |
|
| #endif |
#endif |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/modq.h */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/modq.h */ |
| #ifndef modq_h |
#ifndef modq_h |
| #define modq_h |
#define modq_h |
| |
|
|
|
| |
|
| #endif |
#endif |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/params.h */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/params.h */ |
| #ifndef params_h |
#ifndef params_h |
| #define params_h |
#define params_h |
| |
|
|
|
| |
|
| #endif |
#endif |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/r3.h */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3.h */ |
| #ifndef r3_h |
#ifndef r3_h |
| #define r3_h |
#define r3_h |
| |
|
|
|
| |
|
| #endif |
#endif |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/rq.h */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.h */ |
| #ifndef rq_h |
#ifndef rq_h |
| #define rq_h |
#define rq_h |
| |
|
|
|
| |
|
| #endif |
#endif |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/swap.h */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.h */ |
| #ifndef swap_h |
#ifndef swap_h |
| #define swap_h |
#define swap_h |
| |
|
|
|
| |
|
| #endif |
#endif |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/dec.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/dec.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| #ifdef KAT |
#ifdef KAT |
|
|
| return result; |
return result; |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/enc.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/enc.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| #ifdef KAT |
#ifdef KAT |
|
|
| return 0; |
return 0; |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/keypair.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/keypair.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| return 0; |
return 0; |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/r3_mult.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_mult.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| h[i] = fg[i]; |
h[i] = fg[i]; |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/r3_recip.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/r3_recip.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| return smaller_mask_r3_recip(0,d); |
return smaller_mask_r3_recip(0,d); |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/randomsmall.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomsmall.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| } |
} |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/randomweightw.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/randomweightw.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| for (i = 0;i < p;++i) r[i] = small_random32(); |
for (i = 0;i < p;++i) r[i] = small_random32(); |
| for (i = 0;i < w;++i) r[i] &= -2; |
for (i = 0;i < w;++i) r[i] &= -2; |
| for (i = w;i < p;++i) r[i] = (r[i] & -3) | 1; |
for (i = w;i < p;++i) r[i] = (r[i] & -3) | 1; |
| crypto_sort_int32(r,p); |
int32_sort(r,p); |
| for (i = 0;i < p;++i) f[i] = ((small) (r[i] & 3)) - 1; |
for (i = 0;i < p;++i) f[i] = ((small) (r[i] & 3)) - 1; |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/rq.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| *f++ = modq_freeze(c0 + q - qshift); |
*f++ = modq_freeze(c0 + q - qshift); |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/rq_mult.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_mult.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| h[i] = fg[i]; |
h[i] = fg[i]; |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/rq_recip3.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_recip3.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| return smaller_mask_rq_recip3(0,d); |
return smaller_mask_rq_recip3(0,d); |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/rq_round3.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_round3.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| h[i] = ((21846 * (f[i] + 2295) + 32768) >> 16) * 3 - 2295; |
h[i] = ((21846 * (f[i] + 2295) + 32768) >> 16) * 3 - 2295; |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/rq_rounded.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/rq_rounded.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| *f++ = modq_freeze(f1 * 3 + q - qshift); |
*f++ = modq_freeze(f1 * 3 + q - qshift); |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/small.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/small.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
|
|
| *f++ = ((small) (c0 & 3)) - 1; |
*f++ = ((small) (c0 & 3)) - 1; |
| } |
} |
| |
|
| /* from supercop-20181216/crypto_kem/sntrup4591761/ref/swap.c */ |
/* from libpqcrypto-20180314/crypto_kem/sntrup4591761/ref/swap.c */ |
| /* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
/* See https://ntruprime.cr.yp.to/software.html for detailed documentation. */ |
| |
|
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to sntrup4591761.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh