jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Fix windows build and package installation

master
Johan Pascal 5 years ago
committed by Johan Pascal
parent
a5c33de79b
commit
aa9c5c9b7e
15 changed files with 102 additions and 76 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +18
    -19
      CMakeLists.txt
  2. +12
    -10
      cmake/DecafConfig.cmake.in
  3. +7
    -6
      src/CMakeLists.txt
  4. +4
    -0
      src/include/word.h
  5. +2
    -2
      src/p25519/arch_32/f_impl.c
  6. +2
    -2
      src/p448/arch_32/f_impl.c
  7. +2
    -2
      src/per_curve/decaf.tmpl.c
  8. +4
    -4
      src/per_curve/elligator.tmpl.c
  9. +14
    -14
      src/per_curve/scalar.tmpl.c
  10. +8
    -8
      src/per_field/f_generic.tmpl.c
  11. +19
    -2
      src/public_include/decaf/common.h
  12. +2
    -2
      src/sha512.c
  13. +3
    -3
      src/shake.c
  14. +4
    -1
      src/spongerng.c
  15. +1
    -1
      test/shakesum.c

+ 18
- 19
CMakeLists.txt View File

@@ -15,7 +15,7 @@ find_package( PythonInterp 2.7 REQUIRED )
option(ENABLE_SHARED "Build shared library." ON) option(ENABLE_SHARED "Build shared library." ON)
option(ENABLE_STATIC "Build static library." ON) option(ENABLE_STATIC "Build static library." ON)
option(ENABLE_STRICT "Build with strict compile options." YES) option(ENABLE_STRICT "Build with strict compile options." YES)
option(ENABLE_TESTS "Enable compilation of tests." YES)
option(ENABLE_TESTS "Enable compilation of tests." OFF)
option(GENERATED_SOURCE_PATH "Where the generated source code is stored, default in the building tree" OFF) option(GENERATED_SOURCE_PATH "Where the generated source code is stored, default in the building tree" OFF)


if (GENERATED_SOURCE_PATH) if (GENERATED_SOURCE_PATH)
@@ -23,7 +23,7 @@ if (GENERATED_SOURCE_PATH)
else() else()
set(GSOURCE_PATH ${PROJECT_BINARY_DIR}/src/GENERATED) set(GSOURCE_PATH ${PROJECT_BINARY_DIR}/src/GENERATED)
endif() endif()
message("Generated source code will be in ${GSOURCE_PATH}")
message("Generated source code in ${GSOURCE_PATH}")


if(NOT CPACK_GENERATOR AND NOT CMAKE_INSTALL_RPATH AND CMAKE_INSTALL_PREFIX) if(NOT CPACK_GENERATOR AND NOT CMAKE_INSTALL_RPATH AND CMAKE_INSTALL_PREFIX)
set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR}) set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR})
@@ -49,40 +49,39 @@ if(MSVC)
set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} /WX") set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} /WX")
endif() endif()
else() else()
set(STRICT_OPTIONS_CXX "${STRICT_OPTIONS_CXX} -std=c++11 -O2 ")
set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Wall -Wuninitialized -Wno-deprecated-declarations -Wno-missing-field-initializers ")
set(STRICT_OPTIONS_C "${STRICT_OPTIONS_C} -std=c99 -O2 -Wstrict-prototypes -Wno-error=strict-prototypes -ffunction-sections -fdata-sections -fvisibility=hidden -fomit-frame-pointer ")
if(CMAKE_C_COMPILER_ID STREQUAL "Clang")
set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Qunused-arguments -Wno-array-bounds ")
endif()
if(APPLE)
set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Wno-error=unknown-warning-option -Qunused-arguments -Wno-tautological-compare -Wno-unused-function -Wno-array-bounds ")
set(STRICT_OPTIONS_CXX "${STRICT_OPTIONS_CXX} -stdlib=libc++ ")
set(STRICT_OPTIONS_CXX "${STRICT_OPTIONS_CXX} -std=c++11 -O2")
set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Wall -Wuninitialized -Wno-deprecated-declarations -Wno-missing-field-initializers")
set(STRICT_OPTIONS_C "${STRICT_OPTIONS_C} -std=c99 -O2 -Wstrict-prototypes -Wno-error=strict-prototypes -fvisibility=hidden")
if(CMAKE_C_COMPILER_ID MATCHES "Clang")
set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Wno-error=unknown-warning-option -Qunused-arguments -Wno-tautological-compare")
set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Wno-unused-function -Wno-array-bounds -Wno-pass-failed -Wno-error=sizeof-array-div")
endif() endif()
if(ENABLE_STRICT) if(ENABLE_STRICT)
set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Werror -Wextra -Wno-unused-parameter -fno-strict-aliasing ")
set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Werror -Wextra -Wno-unused-parameter -fno-strict-aliasing")
endif() endif()
endif() endif()


set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${STRICT_OPTIONS_C}")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${STRICT_OPTIONS_CXX}")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${STRICT_OPTIONS_C} ${STRICT_OPTIONS_CPP}")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${STRICT_OPTIONS_CXX} ${STRICT_OPTIONS_CPP}")


add_subdirectory(src) add_subdirectory(src)


if(ENABLE_TESTS) if(ENABLE_TESTS)
enable_testing()
enable_testing()
add_subdirectory(test) add_subdirectory(test)
endif() endif()


include(CMakePackageConfigHelpers) include(CMakePackageConfigHelpers)
set(ConfigPackageLocation share/decaf/cmake)
export(EXPORT ${EXPORT_TARGETS_NAME}Targets export(EXPORT ${EXPORT_TARGETS_NAME}Targets
FILE "${CMAKE_CURRENT_BINARY_DIR}/DecafTargets.cmake" FILE "${CMAKE_CURRENT_BINARY_DIR}/DecafTargets.cmake"
) )
configure_file(cmake/DecafConfig.cmake.in
configure_package_config_file(cmake/DecafConfig.cmake.in
"${CMAKE_CURRENT_BINARY_DIR}/DecafConfig.cmake" "${CMAKE_CURRENT_BINARY_DIR}/DecafConfig.cmake"
@ONLY
INSTALL_DESTINATION ${ConfigPackageLocation}
NO_SET_AND_CHECK_MACRO
) )
set(ConfigPackageLocation share/decaf/cmake)
install(EXPORT ${EXPORT_TARGETS_NAME}Targets install(EXPORT ${EXPORT_TARGETS_NAME}Targets
FILE DecafTargets.cmake FILE DecafTargets.cmake
DESTINATION ${ConfigPackageLocation} DESTINATION ${ConfigPackageLocation}
@@ -109,7 +108,7 @@ set(CPACK_PACKAGE_NAME "decaf")
set(CPACK_PACKAGE_VERSION ${PROJECT_VERSION}) set(CPACK_PACKAGE_VERSION ${PROJECT_VERSION})
set(CPACK_SOURCE_GENERATOR "TGZ") set(CPACK_SOURCE_GENERATOR "TGZ")
set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}") set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}")
set(CPACK_SOURCE_IGNORE_FILES
set(CPACK_SOURCE_IGnore_FILES
"^${CMAKE_BINARY_DIR}" "^${CMAKE_BINARY_DIR}"
"/\\\\..+" "/\\\\..+"
) )


+ 12
- 10
cmake/DecafConfig.cmake.in View File

@@ -28,23 +28,25 @@
# DECAF_LIBRARIES - The libraries needed to use decaf # DECAF_LIBRARIES - The libraries needed to use decaf
# DECAF_CPPFLAGS - The compilation flags needed to use decaf # DECAF_CPPFLAGS - The compilation flags needed to use decaf


@PACKAGE_INIT@

include("${CMAKE_CURRENT_LIST_DIR}/DecafTargets.cmake")


if(@ENABLE_SHARED@) if(@ENABLE_SHARED@)
set(DECAF_TARGETNAME decaf) set(DECAF_TARGETNAME decaf)
set(DECAF_LIBRARIES ${DECAF_TARGETNAME})
else() else()
set(DECAF_TARGETNAME decaf-static) set(DECAF_TARGETNAME decaf-static)
if(TARGET ${DECAF_TARGETNAME})
get_target_property(DECAF_LIBRARIES ${DECAF_TARGETNAME} LOCATION)
get_target_property(DECAF_LINK_LIBRARIES ${DECAF_TARGETNAME} INTERFACE_LINK_LIBRARIES)
if(DECAF_LINK_LIBRARIES)
list(APPEND DECAF_LIBRARIES ${DECAF_LINK_LIBRARIES})
endif()
endif()
endif() endif()

get_target_property(DECAF_INCLUDE_DIRS ${DECAF_TARGETNAME} INTERFACE_INCLUDE_DIRECTORIES) get_target_property(DECAF_INCLUDE_DIRS ${DECAF_TARGETNAME} INTERFACE_INCLUDE_DIRECTORIES)
list(INSERT DECAF_INCLUDE_DIRS 0 "@CMAKE_INSTALL_FULL_INCLUDEDIR@")
list(REMOVE_DUPLICATES DECAF_INCLUDE_DIRS)

if(TARGET ${DECAF_TARGETNAME})
get_target_property(DECAF_LIBRARIES ${DECAF_TARGETNAME} LOCATION)
get_target_property(DECAF_LINK_LIBRARIES ${DECAF_TARGETNAME} INTERFACE_LINK_LIBRARIES)
if(DECAF_LINK_LIBRARIES)
list(APPEND DECAF_LIBRARIES ${DECAF_LINK_LIBRARIES})
endif()
endif()


set(DECAF_CPPFLAGS @DECAF_CPPFLAGS@) set(DECAF_CPPFLAGS @DECAF_CPPFLAGS@)
set(DECAF_FOUND 1) set(DECAF_FOUND 1)

+ 7
- 6
src/CMakeLists.txt View File

@@ -5,6 +5,10 @@
# #
############################################################################ ############################################################################


if(MSVC)
add_definitions(-D_CRT_SECURE_NO_WARNINGS)
endif()

set(DECAF_HEADER_FILES set(DECAF_HEADER_FILES
include/constant_time.h include/constant_time.h
include/field.h include/field.h
@@ -79,21 +83,18 @@ if(ENABLE_STATIC)
add_library(decaf-static STATIC ${DECAF_HEADER_FILES} ${DECAF_SOURCE_FILES_C} ${DECAF_SOURCE_FILES_CXX} $<TARGET_OBJECTS:p25519> $<TARGET_OBJECTS:p448> $<TARGET_OBJECTS:CURVE25519> $<TARGET_OBJECTS:CURVE448>) add_library(decaf-static STATIC ${DECAF_HEADER_FILES} ${DECAF_SOURCE_FILES_C} ${DECAF_SOURCE_FILES_CXX} $<TARGET_OBJECTS:p25519> $<TARGET_OBJECTS:p448> $<TARGET_OBJECTS:CURVE25519> $<TARGET_OBJECTS:CURVE448>)
add_dependencies(decaf-static generatedCode) add_dependencies(decaf-static generatedCode)
set_target_properties(decaf-static PROPERTIES OUTPUT_NAME decaf) set_target_properties(decaf-static PROPERTIES OUTPUT_NAME decaf)
target_include_directories(decaf-static PUBLIC)
target_include_directories(decaf-static INTERFACE $<INSTALL_INTERFACE:include/decaf>)
target_link_libraries(decaf-static INTERFACE) target_link_libraries(decaf-static INTERFACE)
endif() endif()
if(ENABLE_SHARED) if(ENABLE_SHARED)
add_library(decaf SHARED ${DECAF_HEADER_FILES} ${DECAF_SOURCE_FILES_C} ${DECAF_SOURCE_FILES_CXX} $<TARGET_OBJECTS:p25519> $<TARGET_OBJECTS:p448> $<TARGET_OBJECTS:CURVE25519> $<TARGET_OBJECTS:CURVE448>) add_library(decaf SHARED ${DECAF_HEADER_FILES} ${DECAF_SOURCE_FILES_C} ${DECAF_SOURCE_FILES_CXX} $<TARGET_OBJECTS:p25519> $<TARGET_OBJECTS:p448> $<TARGET_OBJECTS:CURVE25519> $<TARGET_OBJECTS:CURVE448>)
add_dependencies(decaf generatedCode) add_dependencies(decaf generatedCode)
if(APPLE)
set_target_properties(decaf PROPERTIES LINK_FLAGS "-stdlib=libc++")
endif()
set_target_properties(decaf PROPERTIES VERSION ${DECAF_SO_VERSION}) set_target_properties(decaf PROPERTIES VERSION ${DECAF_SO_VERSION})
target_include_directories(decaf PUBLIC)
target_include_directories(decaf INTERFACE $<INSTALL_INTERFACE:include/decaf>)
target_link_libraries(decaf PRIVATE) target_link_libraries(decaf PRIVATE)
if(MSVC) if(MSVC)
if(CMAKE_BUILD_TYPE STREQUAL "Debug" OR CMAKE_BUILD_TYPE STREQUAL "RelWithDebInfo") if(CMAKE_BUILD_TYPE STREQUAL "Debug" OR CMAKE_BUILD_TYPE STREQUAL "RelWithDebInfo")
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_BUILD_TYPE}/decaf.pdb
install(FILES $<TARGET_PDB_FILE:decaf>
DESTINATION ${CMAKE_INSTALL_BINDIR} DESTINATION ${CMAKE_INSTALL_BINDIR}
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
) )


+ 4
- 0
src/include/word.h View File

@@ -50,12 +50,16 @@ extern int posix_memalign(void **, size_t, size_t);


#if (ARCH_WORD_BITS == 64) #if (ARCH_WORD_BITS == 64)
typedef uint64_t word_t, mask_t; typedef uint64_t word_t, mask_t;
static const mask_t DECAF_MASK_ALL_SET = (mask_t)0xFFFFFFFFFFFFFFFF;
static const mask_t DECAF_MASK_ALL_UNSET = (mask_t)0x0;
typedef __uint128_t dword_t; typedef __uint128_t dword_t;
typedef int32_t hsword_t; typedef int32_t hsword_t;
typedef int64_t sword_t; typedef int64_t sword_t;
typedef __int128_t dsword_t; typedef __int128_t dsword_t;
#elif (ARCH_WORD_BITS == 32) #elif (ARCH_WORD_BITS == 32)
typedef uint32_t word_t, mask_t; typedef uint32_t word_t, mask_t;
static const mask_t DECAF_MASK_ALL_SET = (mask_t)0xFFFFFFFF;
static const mask_t DECAF_MASK_ALL_UNSET = (mask_t)0x0;
typedef uint64_t dword_t; typedef uint64_t dword_t;
typedef int16_t hsword_t; typedef int16_t hsword_t;
typedef int32_t sword_t; typedef int32_t sword_t;


+ 2
- 2
src/p25519/arch_32/f_impl.c View File

@@ -48,7 +48,7 @@ void gf_mul (gf_s *__restrict__ cs, const gf as, const gf bs) {
accum >>= 26; accum >>= 26;
assert(accum < masko); assert(accum < masko);
c[1] += accum;
c[1] += (uint32_t)accum;
} }


void gf_mulw_unsigned (gf_s *__restrict__ cs, const gf as, uint32_t b) { void gf_mulw_unsigned (gf_s *__restrict__ cs, const gf as, uint32_t b) {
@@ -80,7 +80,7 @@ void gf_mulw_unsigned (gf_s *__restrict__ cs, const gf as, uint32_t b) {
accum >>= 26; accum >>= 26;
assert(accum < masko); assert(accum < masko);
c[1] += accum;
c[1] += (uint32_t)accum;
} }


void gf_sqr (gf_s *__restrict__ cs, const gf as) { void gf_sqr (gf_s *__restrict__ cs, const gf as) {


+ 2
- 2
src/p448/arch_32/f_impl.c View File

@@ -88,11 +88,11 @@ void gf_mulw_unsigned (gf_s *__restrict__ cs, const gf as, uint32_t b) {


accum0 += accum8 + c[8]; accum0 += accum8 + c[8];
c[8] = accum0 & mask; c[8] = accum0 & mask;
c[9] += accum0 >> 28;
c[9] += (uint32_t)(accum0 >> 28);


accum8 += c[0]; accum8 += c[0];
c[0] = accum8 & mask; c[0] = accum8 & mask;
c[1] += accum8 >> 28;
c[1] += (uint32_t)(accum8 >> 28);
} }


void gf_sqr (gf_s *__restrict__ cs, const gf as) { void gf_sqr (gf_s *__restrict__ cs, const gf as) {


+ 2
- 2
src/per_curve/decaf.tmpl.c View File

@@ -1273,7 +1273,7 @@ decaf_error_t decaf_x$(gf_shortname) (
else if (t == X_PRIVATE_BITS-1) sb = -1; else if (t == X_PRIVATE_BITS-1) sb = -1;
mask_t k_t = (sb>>(t%8)) & 1; mask_t k_t = (sb>>(t%8)) & 1;
k_t = -k_t; /* set to all 0s or all 1s */
k_t = k_t?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET; /* set to all 0s or all 1s */
swap ^= k_t; swap ^= k_t;
gf_cond_swap(x2,x3,swap); gf_cond_swap(x2,x3,swap);
@@ -1394,7 +1394,7 @@ void decaf_x$(gf_shortname)_derive_public_key (
memcpy(scalar2,scalar,sizeof(scalar2)); memcpy(scalar2,scalar,sizeof(scalar2));
scalar2[0] &= -(uint8_t)COFACTOR; scalar2[0] &= -(uint8_t)COFACTOR;
scalar2[X_PRIVATE_BYTES-1] &= ~(-1u<<((X_PRIVATE_BITS+7)%8));
scalar2[X_PRIVATE_BYTES-1] &= ~(0xFF<<((X_PRIVATE_BITS+7)%8));
scalar2[X_PRIVATE_BYTES-1] |= 1<<((X_PRIVATE_BITS+7)%8); scalar2[X_PRIVATE_BYTES-1] |= 1<<((X_PRIVATE_BITS+7)%8);
scalar_t the_scalar; scalar_t the_scalar;


+ 4
- 4
src/per_curve/elligator.tmpl.c View File

@@ -109,13 +109,13 @@ API_NS(invert_elligator_nonuniform) (
uint32_t hint_ uint32_t hint_
) { ) {
mask_t hint = hint_; mask_t hint = hint_;
mask_t sgn_s = -(hint & 1),
sgn_altx = -(hint>>1 & 1),
sgn_r0 = -(hint>>2 & 1),
mask_t sgn_s = ((hint & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET),
sgn_altx = ((hint>>1 & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET),
sgn_r0 = ((hint>>2 & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET),
/* FUTURE MAGIC: eventually if there's a curve which needs sgn_ed_T but not sgn_r0, /* FUTURE MAGIC: eventually if there's a curve which needs sgn_ed_T but not sgn_r0,
* change this mask extraction. * change this mask extraction.
*/ */
sgn_ed_T = -(hint>>3 & 1);
sgn_ed_T = ((hint>>3 & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET);
gf a,b,c; gf a,b,c;
API_NS(deisogenize)(a,b,c,p,sgn_s,sgn_altx,sgn_ed_T); API_NS(deisogenize)(a,b,c,p,sgn_s,sgn_altx,sgn_ed_T);


+ 14
- 14
src/per_curve/scalar.tmpl.c View File

@@ -37,15 +37,15 @@ static DECAF_NOINLINE void sc_subx(
unsigned int i; unsigned int i;
for (i=0; i<SCALAR_LIMBS; i++) { for (i=0; i<SCALAR_LIMBS; i++) {
chain = (chain + accum[i]) - sub->limb[i]; chain = (chain + accum[i]) - sub->limb[i];
out->limb[i] = chain;
out->limb[i] = (decaf_word_t)chain;
chain >>= WBITS; chain >>= WBITS;
} }
decaf_word_t borrow = chain+extra; /* = 0 or -1 */
decaf_word_t borrow = (decaf_word_t)chain+extra; /* = 0 or -1 */
chain = 0; chain = 0;
for (i=0; i<SCALAR_LIMBS; i++) { for (i=0; i<SCALAR_LIMBS; i++) {
chain = (chain + out->limb[i]) + (p->limb[i] & borrow); chain = (chain + out->limb[i]) + (p->limb[i] & borrow);
out->limb[i] = chain;
out->limb[i] = (decaf_word_t)chain;
chain >>= WBITS; chain >>= WBITS;
} }
} }
@@ -66,22 +66,22 @@ static DECAF_NOINLINE void sc_montmul (
decaf_dword_t chain = 0; decaf_dword_t chain = 0;
for (j=0; j<SCALAR_LIMBS; j++) { for (j=0; j<SCALAR_LIMBS; j++) {
chain += ((decaf_dword_t)mand)*mier[j] + accum[j]; chain += ((decaf_dword_t)mand)*mier[j] + accum[j];
accum[j] = chain;
accum[j] = (decaf_word_t)chain;
chain >>= WBITS; chain >>= WBITS;
} }
accum[j] = chain;
accum[j] = (decaf_word_t)chain;
mand = accum[0] * MONTGOMERY_FACTOR; mand = accum[0] * MONTGOMERY_FACTOR;
chain = 0; chain = 0;
mier = sc_p->limb; mier = sc_p->limb;
for (j=0; j<SCALAR_LIMBS; j++) { for (j=0; j<SCALAR_LIMBS; j++) {
chain += (decaf_dword_t)mand*mier[j] + accum[j]; chain += (decaf_dword_t)mand*mier[j] + accum[j];
if (j) accum[j-1] = chain;
if (j) accum[j-1] = (decaf_word_t)chain;
chain >>= WBITS; chain >>= WBITS;
} }
chain += accum[j]; chain += accum[j];
chain += hi_carry; chain += hi_carry;
accum[j-1] = chain;
accum[j-1] = (decaf_word_t)chain;
hi_carry = chain >> WBITS; hi_carry = chain >> WBITS;
} }
@@ -179,10 +179,10 @@ void API_NS(scalar_add) (
unsigned int i; unsigned int i;
for (i=0; i<SCALAR_LIMBS; i++) { for (i=0; i<SCALAR_LIMBS; i++) {
chain = (chain + a->limb[i]) + b->limb[i]; chain = (chain + a->limb[i]) + b->limb[i];
out->limb[i] = chain;
out->limb[i] = (decaf_word_t)chain;
chain >>= WBITS; chain >>= WBITS;
} }
sc_subx(out, out->limb, sc_p, sc_p, chain);
sc_subx(out, out->limb, sc_p, sc_p, (decaf_word_t)chain);
} }


void void
@@ -193,7 +193,7 @@ API_NS(scalar_set_unsigned) (
memset(out,0,sizeof(scalar_t)); memset(out,0,sizeof(scalar_t));
unsigned int i = 0; unsigned int i = 0;
for (; i<sizeof(uint64_t)/sizeof(decaf_word_t); i++) { for (; i<sizeof(uint64_t)/sizeof(decaf_word_t); i++) {
out->limb[i] = w;
out->limb[i] = (decaf_word_t)w;
#if DECAF_WORD_BITS < 64 #if DECAF_WORD_BITS < 64
w >>= 8*sizeof(decaf_word_t); w >>= 8*sizeof(decaf_word_t);
#endif #endif
@@ -242,7 +242,7 @@ decaf_error_t API_NS(scalar_decode)(
API_NS(scalar_mul)(s,s,API_NS(scalar_one)); /* ham-handed reduce */ API_NS(scalar_mul)(s,s,API_NS(scalar_one)); /* ham-handed reduce */
return decaf_succeed_if(~word_is_zero(accum));
return decaf_succeed_if(~word_is_zero((decaf_word_t)accum));
} }


void API_NS(scalar_destroy) ( void API_NS(scalar_destroy) (
@@ -314,17 +314,17 @@ void API_NS(scalar_halve) (
scalar_t out, scalar_t out,
const scalar_t a const scalar_t a
) { ) {
decaf_word_t mask = -(a->limb[0] & 1);
decaf_word_t mask = (a->limb[0] & 1)?DECAF_WORD_ALL_SET:DECAF_WORD_ALL_UNSET;
decaf_dword_t chain = 0; decaf_dword_t chain = 0;
unsigned int i; unsigned int i;
for (i=0; i<SCALAR_LIMBS; i++) { for (i=0; i<SCALAR_LIMBS; i++) {
chain = (chain + a->limb[i]) + (sc_p->limb[i] & mask); chain = (chain + a->limb[i]) + (sc_p->limb[i] & mask);
out->limb[i] = chain;
out->limb[i] = (decaf_word_t)chain;
chain >>= DECAF_WORD_BITS; chain >>= DECAF_WORD_BITS;
} }
for (i=0; i<SCALAR_LIMBS-1; i++) { for (i=0; i<SCALAR_LIMBS-1; i++) {
out->limb[i] = out->limb[i]>>1 | out->limb[i+1]<<(WBITS-1); out->limb[i] = out->limb[i]>>1 | out->limb[i+1]<<(WBITS-1);
} }
out->limb[i] = out->limb[i]>>1 | chain<<(WBITS-1);
out->limb[i] = out->limb[i]>>1 | (decaf_word_t)(chain<<(WBITS-1));
} }



+ 8
- 8
src/per_field/f_generic.tmpl.c View File

@@ -26,7 +26,7 @@ void gf_serialize (uint8_t serial[SER_BYTES], const gf x) {
fill += LIMB_PLACE_VALUE(LIMBPERM(j)); fill += LIMB_PLACE_VALUE(LIMBPERM(j));
j++; j++;
} }
serial[i] = buffer;
serial[i] = (uint8_t)buffer;
fill -= 8; fill -= 8;
buffer >>= 8; buffer >>= 8;
} }
@@ -37,7 +37,7 @@ mask_t gf_lobit(const gf x) {
gf y; gf y;
gf_copy(y,x); gf_copy(y,x);
gf_strong_reduce(y); gf_strong_reduce(y);
return -(y->limb[0]&1);
return (y->limb[0]&1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET;
} }


/** Deserialize from wire format; return -1 on success and 0 on failure. */ /** Deserialize from wire format; return -1 on success and 0 on failure. */
@@ -46,19 +46,19 @@ mask_t gf_deserialize (gf x, const uint8_t serial[SER_BYTES], uint8_t hi_nmask)
dword_t buffer = 0; dword_t buffer = 0;
dsword_t scarry = 0; dsword_t scarry = 0;
UNROLL for (unsigned int i=0; i<NLIMBS; i++) { UNROLL for (unsigned int i=0; i<NLIMBS; i++) {
UNROLL while (fill < LIMB_PLACE_VALUE(LIMBPERM(i)) && j < SER_BYTES) {
UNROLL while (fill < (unsigned int)(LIMB_PLACE_VALUE(LIMBPERM(i))) && j < SER_BYTES) {
uint8_t sj = serial[j]; uint8_t sj = serial[j];
if (j==SER_BYTES-1) sj &= ~hi_nmask; if (j==SER_BYTES-1) sj &= ~hi_nmask;
buffer |= ((dword_t)sj) << fill; buffer |= ((dword_t)sj) << fill;
fill += 8; fill += 8;
j++; j++;
} }
x->limb[LIMBPERM(i)] = (i<NLIMBS-1) ? buffer & LIMB_MASK(LIMBPERM(i)) : buffer;
x->limb[LIMBPERM(i)] = (word_t)((i<NLIMBS-1) ? buffer & LIMB_MASK(LIMBPERM(i)) : buffer);
fill -= LIMB_PLACE_VALUE(LIMBPERM(i)); fill -= LIMB_PLACE_VALUE(LIMBPERM(i));
buffer >>= LIMB_PLACE_VALUE(LIMBPERM(i)); buffer >>= LIMB_PLACE_VALUE(LIMBPERM(i));
scarry = (scarry + x->limb[LIMBPERM(i)] - MODULUS->limb[LIMBPERM(i)]) >> (8*sizeof(word_t)); scarry = (scarry + x->limb[LIMBPERM(i)] - MODULUS->limb[LIMBPERM(i)]) >> (8*sizeof(word_t));
} }
return word_is_zero(buffer) & ~word_is_zero(scarry);
return word_is_zero((word_t)buffer) & ~word_is_zero((word_t)scarry);
} }


/** Reduce to canonical form. */ /** Reduce to canonical form. */
@@ -80,9 +80,9 @@ void gf_strong_reduce (gf a) {
* common case: it was < p, so now scarry = -1 and this = x - p + 2^255 * common case: it was < p, so now scarry = -1 and this = x - p + 2^255
* so let's add back in p. will carry back off the top for 2^255. * so let's add back in p. will carry back off the top for 2^255.
*/ */
assert(word_is_zero(scarry) | word_is_zero(scarry+1));
assert(word_is_zero((word_t)scarry) | word_is_zero((word_t)scarry+1));


word_t scarry_0 = scarry;
word_t scarry_0 = (word_t)scarry;
dword_t carry = 0; dword_t carry = 0;


/* add it back */ /* add it back */
@@ -92,7 +92,7 @@ void gf_strong_reduce (gf a) {
carry >>= LIMB_PLACE_VALUE(LIMBPERM(i)); carry >>= LIMB_PLACE_VALUE(LIMBPERM(i));
} }


assert(word_is_zero(carry + scarry_0));
assert(word_is_zero((word_t)(carry) + scarry_0));
} }


/** Subtract two gf elements d=a-b */ /** Subtract two gf elements d=a-b */


+ 19
- 2
src/public_include/decaf/common.h View File

@@ -93,8 +93,25 @@ typedef int64_t decaf_dsword_t; /**< Signed double-word size for internal co
#error "Only supporting DECAF_WORD_BITS = 32 or 64 for now" #error "Only supporting DECAF_WORD_BITS = 32 or 64 for now"
#endif #endif
/** DECAF_TRUE = -1 so that DECAF_TRUE & x = x */
static const decaf_bool_t DECAF_TRUE = -(decaf_bool_t)1;
/* MSCV compiler doesn't like the trick to have -1 assigned to an unsigned int to
* set it to all ones, so do it openly */
#if DECAF_WORD_BITS == 64
/** DECAF_TRUE = all ones so that DECAF_TRUE & x = x */
static const decaf_bool_t DECAF_TRUE = (decaf_bool_t)0xFFFFFFFFFFFFFFFF;
/** DECAF_WORD_ALL_SET : all ones */
static const decaf_word_t DECAF_WORD_ALL_SET = (decaf_word_t)0xFFFFFFFFFFFFFFFF;
/** DECAF_WORD_ALL_UNSET : all zeros */
static const decaf_word_t DECAF_WORD_ALL_UNSET = (decaf_word_t)0x0;
#elif DECAF_WORD_BITS == 32 /**< The number of bits in a word */
/** DECAF_TRUE = all ones so that DECAF_TRUE & x = x */
static const decaf_bool_t DECAF_TRUE = (decaf_bool_t)0xFFFFFFFF;
/** DECAF_WORD_ALL_SET : all ones */
static const decaf_word_t DECAF_WORD_ALL_SET = (decaf_word_t)0xFFFFFFFF;
/** DECAF_WORD_ALL_UNSET : all zeros */
static const decaf_word_t DECAF_WORD_ALL_UNSET = (decaf_word_t)0x0;
#else
#error "Only supporting DECAF_WORD_BITS = 32 or 64 for now"
#endif


/** DECAF_FALSE = 0 so that DECAF_FALSE & x = 0 */ /** DECAF_FALSE = 0 so that DECAF_FALSE & x = 0 */
static const decaf_bool_t DECAF_FALSE = 0; static const decaf_bool_t DECAF_FALSE = 0;


+ 2
- 2
src/sha512.c View File

@@ -243,11 +243,11 @@ void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) {
} }
for (size_t i=0; i<8; i++) for (size_t i=0; i<8; i++)
ctx->block[120 + i] = bp >> (56 - 8*i);
ctx->block[120 + i] = (uint8_t)(bp >> (56 - 8*i));
hashblock(ctx); hashblock(ctx);
for (size_t i=0; i<length; i++) { for (size_t i=0; i<length; i++) {
out[i] = ctx->state[i/8] >> (56 - 8*(i%8));
out[i] = (uint8_t)(ctx->state[i/8] >> (56 - 8*(i%8)));
} }
decaf_sha512_init(ctx); decaf_sha512_init(ctx);


+ 3
- 3
src/shake.c View File

@@ -98,7 +98,7 @@ decaf_error_t decaf_sha3_update (
uint8_t* state = &decaf_sponge->state->b[decaf_sponge->params->position]; uint8_t* state = &decaf_sponge->state->b[decaf_sponge->params->position];
if (cando > len) { if (cando > len) {
for (i = 0; i < len; i += 1) state[i] ^= in[i]; for (i = 0; i < len; i += 1) state[i] ^= in[i];
decaf_sponge->params->position += len;
decaf_sponge->params->position += (uint8_t)len;
break; break;
} else { } else {
for (i = 0; i < cando; i += 1) state[i] ^= in[i]; for (i = 0; i < cando; i += 1) state[i] ^= in[i];
@@ -121,7 +121,7 @@ decaf_error_t decaf_sha3_output (
if (decaf_sponge->params->max_out != 0xFF) { if (decaf_sponge->params->max_out != 0xFF) {
if (decaf_sponge->params->remaining >= len) { if (decaf_sponge->params->remaining >= len) {
decaf_sponge->params->remaining -= len;
decaf_sponge->params->remaining -= (uint8_t)len;
} else { } else {
decaf_sponge->params->remaining = 0; decaf_sponge->params->remaining = 0;
ret = DECAF_FAILURE; ret = DECAF_FAILURE;
@@ -148,7 +148,7 @@ decaf_error_t decaf_sha3_output (
uint8_t* state = &decaf_sponge->state->b[decaf_sponge->params->position]; uint8_t* state = &decaf_sponge->state->b[decaf_sponge->params->position];
if (cando > len) { if (cando > len) {
memcpy(out, state, len); memcpy(out, state, len);
decaf_sponge->params->position += len;
decaf_sponge->params->position += (uint8_t)len;
return ret; return ret;
} else { } else {
memcpy(out, state, cando); memcpy(out, state, cando);


+ 4
- 1
src/spongerng.c View File

@@ -25,6 +25,9 @@
#if defined(_MSC_VER) #if defined(_MSC_VER)
# include <io.h> # include <io.h>
#include <BaseTsd.h> #include <BaseTsd.h>
#define open _open
#define read _read
#define close _close
typedef SSIZE_T ssize_t; typedef SSIZE_T ssize_t;
#else #else
# include <unistd.h> # include <unistd.h>
@@ -110,7 +113,7 @@ void decaf_spongerng_next (
uint8_t lenx[8]; uint8_t lenx[8];
size_t len1 = len; size_t len1 = len;
for (unsigned i=0; i<sizeof(lenx); i++) { for (unsigned i=0; i<sizeof(lenx); i++) {
lenx[i] = len1;
lenx[i] = (uint8_t)len1;
len1 >>= 8; len1 >>= 8;
} }
decaf_sha3_update(prng->sponge,lenx,sizeof(lenx)); decaf_sha3_update(prng->sponge,lenx,sizeof(lenx));


+ 1
- 1
test/shakesum.c View File

@@ -20,7 +20,7 @@ typedef SSIZE_T ssize_t;
#include <decaf/shake.h> #include <decaf/shake.h>
#include <decaf/sha512.h> #include <decaf/sha512.h>


static void usage() {
static void usage(void) {
fprintf( fprintf(
stderr, stderr,
"decaf_shakesum [shake256|shake128|sha3-224|sha3-384|sha3-512|sha512] < infile > outfile\n" "decaf_shakesum [shake256|shake128|sha3-224|sha3-384|sha3-512|sha512] < infile > outfile\n"


Write Preview
Loading…
Cancel
Save