aboutsummaryrefslogtreecommitdiffstats
path: root/contrib/restricted/aws/s2n/pq-crypto/bike_r1/sampling.c
diff options
context:
space:
mode:
authororivej <orivej@yandex-team.ru>2022-02-10 16:44:49 +0300
committerDaniil Cherednik <dcherednik@yandex-team.ru>2022-02-10 16:44:49 +0300
commit718c552901d703c502ccbefdfc3c9028d608b947 (patch)
tree46534a98bbefcd7b1f3faa5b52c138ab27db75b7 /contrib/restricted/aws/s2n/pq-crypto/bike_r1/sampling.c
parente9656aae26e0358d5378e5b63dcac5c8dbe0e4d0 (diff)
downloadydb-718c552901d703c502ccbefdfc3c9028d608b947.tar.gz
Restoring authorship annotation for <orivej@yandex-team.ru>. Commit 1 of 2.
Diffstat (limited to 'contrib/restricted/aws/s2n/pq-crypto/bike_r1/sampling.c')
-rw-r--r--contrib/restricted/aws/s2n/pq-crypto/bike_r1/sampling.c236
1 files changed, 118 insertions, 118 deletions
diff --git a/contrib/restricted/aws/s2n/pq-crypto/bike_r1/sampling.c b/contrib/restricted/aws/s2n/pq-crypto/bike_r1/sampling.c
index 3686338fad..1efde4ddd1 100644
--- a/contrib/restricted/aws/s2n/pq-crypto/bike_r1/sampling.c
+++ b/contrib/restricted/aws/s2n/pq-crypto/bike_r1/sampling.c
@@ -1,118 +1,118 @@
-/* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
- * SPDX-License-Identifier: Apache-2.0"
- *
- * Written by Nir Drucker and Shay Gueron
- * AWS Cryptographic Algorithms Group.
- * (ndrucker@amazon.com, gueron@amazon.com)
- */
-
-#include "sampling.h"
-#include <assert.h>
-#include <string.h>
-
-_INLINE_ ret_t
-get_rand_mod_len(OUT uint32_t * rand_pos,
- IN const uint32_t len,
- IN OUT aes_ctr_prf_state_t *prf_state)
-{
- const uint64_t mask = MASK(bit_scan_reverse(len));
-
- do
- {
- // Generate 128bit of random numbers
- GUARD(aes_ctr_prf((uint8_t *)rand_pos, prf_state, sizeof(*rand_pos)));
-
- // Mask only relevant bits
- (*rand_pos) &= mask;
-
- // Break if a number smaller than len is found
- if((*rand_pos) < len)
- {
- break;
- }
-
- } while(1);
-
- return SUCCESS;
-}
-
-_INLINE_ void
-make_odd_weight(IN OUT r_t *r)
-{
- if(((r_bits_vector_weight(r) % 2) == 1))
- {
- // Already odd
- return;
- }
-
- r->raw[0] ^= 1;
-}
-
-// IN: must_be_odd - 1 true, 0 not
-ret_t
-sample_uniform_r_bits_with_fixed_prf_context(OUT r_t *r,
- IN OUT
- aes_ctr_prf_state_t *prf_state,
- IN const must_be_odd_t must_be_odd)
-{
- // Generate random data
- GUARD(aes_ctr_prf(r->raw, prf_state, R_SIZE));
-
- // Mask upper bits of the MSByte
- r->raw[R_SIZE - 1] &= MASK(R_BITS + 8 - (R_SIZE * 8));
-
- if(must_be_odd == MUST_BE_ODD)
- {
- make_odd_weight(r);
- }
-
- return SUCCESS;
-}
-
-_INLINE_ int
-is_new(IN const idx_t wlist[], IN const uint32_t ctr)
-{
- for(uint32_t i = 0; i < ctr; i++)
- {
- if(wlist[i] == wlist[ctr])
- {
- return 0;
- }
- }
-
- return 1;
-}
-
-// Assumption 1) paddded_len % 64 = 0!
-// Assumption 2) a is a len bits array. It is padded to be a padded_len
-// bytes array. The padded area may be modified and should
-// be ignored outside the function scope.
-ret_t
-generate_sparse_rep(OUT uint64_t * a,
- OUT idx_t wlist[],
- IN const uint32_t weight,
- IN const uint32_t len,
- IN const uint32_t padded_len,
- IN OUT aes_ctr_prf_state_t *prf_state)
-{
- assert(padded_len % 64 == 0);
- // Bits comparison
- assert((padded_len * 8) >= len);
-
- uint64_t ctr = 0;
-
- // Generate weight rand numbers
- do
- {
- GUARD(get_rand_mod_len(&wlist[ctr], len, prf_state));
- ctr += is_new(wlist, ctr);
- } while(ctr < weight);
-
- // Initialize to zero
- memset(a, 0, (len + 7) >> 3);
-
- // Assign values to "a"
- secure_set_bits(a, wlist, padded_len, weight);
-
- return SUCCESS;
-}
+/* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0"
+ *
+ * Written by Nir Drucker and Shay Gueron
+ * AWS Cryptographic Algorithms Group.
+ * (ndrucker@amazon.com, gueron@amazon.com)
+ */
+
+#include "sampling.h"
+#include <assert.h>
+#include <string.h>
+
+_INLINE_ ret_t
+get_rand_mod_len(OUT uint32_t * rand_pos,
+ IN const uint32_t len,
+ IN OUT aes_ctr_prf_state_t *prf_state)
+{
+ const uint64_t mask = MASK(bit_scan_reverse(len));
+
+ do
+ {
+ // Generate 128bit of random numbers
+ GUARD(aes_ctr_prf((uint8_t *)rand_pos, prf_state, sizeof(*rand_pos)));
+
+ // Mask only relevant bits
+ (*rand_pos) &= mask;
+
+ // Break if a number smaller than len is found
+ if((*rand_pos) < len)
+ {
+ break;
+ }
+
+ } while(1);
+
+ return SUCCESS;
+}
+
+_INLINE_ void
+make_odd_weight(IN OUT r_t *r)
+{
+ if(((r_bits_vector_weight(r) % 2) == 1))
+ {
+ // Already odd
+ return;
+ }
+
+ r->raw[0] ^= 1;
+}
+
+// IN: must_be_odd - 1 true, 0 not
+ret_t
+sample_uniform_r_bits_with_fixed_prf_context(OUT r_t *r,
+ IN OUT
+ aes_ctr_prf_state_t *prf_state,
+ IN const must_be_odd_t must_be_odd)
+{
+ // Generate random data
+ GUARD(aes_ctr_prf(r->raw, prf_state, R_SIZE));
+
+ // Mask upper bits of the MSByte
+ r->raw[R_SIZE - 1] &= MASK(R_BITS + 8 - (R_SIZE * 8));
+
+ if(must_be_odd == MUST_BE_ODD)
+ {
+ make_odd_weight(r);
+ }
+
+ return SUCCESS;
+}
+
+_INLINE_ int
+is_new(IN const idx_t wlist[], IN const uint32_t ctr)
+{
+ for(uint32_t i = 0; i < ctr; i++)
+ {
+ if(wlist[i] == wlist[ctr])
+ {
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
+// Assumption 1) paddded_len % 64 = 0!
+// Assumption 2) a is a len bits array. It is padded to be a padded_len
+// bytes array. The padded area may be modified and should
+// be ignored outside the function scope.
+ret_t
+generate_sparse_rep(OUT uint64_t * a,
+ OUT idx_t wlist[],
+ IN const uint32_t weight,
+ IN const uint32_t len,
+ IN const uint32_t padded_len,
+ IN OUT aes_ctr_prf_state_t *prf_state)
+{
+ assert(padded_len % 64 == 0);
+ // Bits comparison
+ assert((padded_len * 8) >= len);
+
+ uint64_t ctr = 0;
+
+ // Generate weight rand numbers
+ do
+ {
+ GUARD(get_rand_mod_len(&wlist[ctr], len, prf_state));
+ ctr += is_new(wlist, ctr);
+ } while(ctr < weight);
+
+ // Initialize to zero
+ memset(a, 0, (len + 7) >> 3);
+
+ // Assign values to "a"
+ secure_set_bits(a, wlist, padded_len, weight);
+
+ return SUCCESS;
+}