1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
/* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0"
*
* Written by Nir Drucker and Shay Gueron
* AWS Cryptographic Algorithms Group.
* (ndrucker@amazon.com, gueron@amazon.com)
*/
#pragma once
#include "aes_ctr_prf.h"
#include "pq-crypto/s2n_pq_random.h"
#include "utils/s2n_result.h"
#include "utilities.h"
typedef enum
{
NO_RESTRICTION = 0,
MUST_BE_ODD = 1
} must_be_odd_t;
_INLINE_ ret_t
get_seeds(OUT seeds_t *seeds)
{
if(s2n_result_is_ok(s2n_get_random_bytes(seeds->seed[0].raw, sizeof(seeds_t))))
{
return SUCCESS;
}
else
{
BIKE_ERROR(E_FAIL_TO_GET_SEED);
}
}
// Return's an array of r pseudorandom bits
// No restrictions exist for the top or bottom bits -
// in case an odd number is required then set must_be_odd=1
// Uses the provided prf context
ret_t
sample_uniform_r_bits_with_fixed_prf_context(OUT r_t *r,
IN OUT
aes_ctr_prf_state_t *prf_state,
IN must_be_odd_t must_be_odd);
// Return's an array of r pseudorandom bits
// No restrictions exist for the top or bottom bits -
// in case an odd number is required then set must_be_odd=1
_INLINE_ ret_t
sample_uniform_r_bits(OUT r_t *r,
IN const seed_t * seed,
IN const must_be_odd_t must_be_odd)
{
// For the seedexpander
DEFER_CLEANUP(aes_ctr_prf_state_t prf_state = {0}, aes_ctr_prf_state_cleanup);
POSIX_GUARD(init_aes_ctr_prf_state(&prf_state, MAX_AES_INVOKATION, seed));
POSIX_GUARD(sample_uniform_r_bits_with_fixed_prf_context(r, &prf_state, must_be_odd));
return SUCCESS;
}
// Generate a pseudorandom r of length len with a set weight
// Using the pseudorandom ctx supplied
// Outputs also a compressed (not ordered) list of indices
ret_t
generate_sparse_rep(OUT uint64_t *a,
OUT idx_t wlist[],
IN uint32_t weight,
IN uint32_t len,
IN uint32_t padded_len,
IN OUT aes_ctr_prf_state_t *prf_state);
EXTERNC void
secure_set_bits(IN OUT uint64_t *a,
IN const idx_t wlist[],
IN uint32_t a_len,
IN uint32_t weight);
|