Skip to content

Commit 23526f5

Browse files
shibammukherjeeshibammukherjee
committed
fixed faest.c issues
1 parent defc899 commit 23526f5

File tree

1 file changed

+82
-71
lines changed

1 file changed

+82
-71
lines changed

faest.c

Lines changed: 82 additions & 71 deletions
Original file line numberDiff line numberDiff line change
@@ -21,83 +21,87 @@
2121

2222
ATTR_PURE static inline uint8_t* signature_c(uint8_t* base_ptr, unsigned int index,
2323
const faest_paramset_t* params) {
24-
const size_t lambda_bytes = params->faest_param.lambda / 8;
25-
const size_t ell_bytes = params->faest_param.l / 8;
26-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
24+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
25+
const unsigned int ell_bytes = params->faest_param.l / 8;
26+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
2727

2828
return base_ptr + index * ell_hat_bytes;
2929
}
3030

3131
ATTR_PURE static inline uint8_t* signature_u_tilde(uint8_t* base_ptr,
3232
const faest_paramset_t* params) {
33-
const size_t lambda_bytes = params->faest_param.lambda / 8;
34-
const size_t ell_bytes = params->faest_param.l / 8;
35-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
33+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
34+
const unsigned int ell_bytes = params->faest_param.l / 8;
35+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
3636

3737
return base_ptr + (params->faest_param.tau - 1) * ell_hat_bytes;
3838
}
3939

4040
ATTR_PURE static inline uint8_t* signature_d(uint8_t* base_ptr, const faest_paramset_t* params) {
41-
const size_t lambda_bytes = params->faest_param.lambda / 8;
42-
const size_t ell_bytes = params->faest_param.l / 8;
43-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
44-
const size_t utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
41+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
42+
const unsigned int ell_bytes = params->faest_param.l / 8;
43+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
44+
const unsigned int utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
4545

4646
return base_ptr + (params->faest_param.tau - 1) * ell_hat_bytes + utilde_bytes;
4747
}
4848

4949
ATTR_PURE static inline uint8_t* signature_a_tilde(uint8_t* base_ptr,
5050
const faest_paramset_t* params) {
51-
const size_t lambda_bytes = params->faest_param.lambda / 8;
52-
const size_t ell_bytes = params->faest_param.l / 8;
53-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
54-
const size_t utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
51+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
52+
const unsigned int ell_bytes = params->faest_param.l / 8;
53+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
54+
const unsigned int utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
5555

5656
return base_ptr + (params->faest_param.tau - 1) * ell_hat_bytes + utilde_bytes + ell_bytes;
5757
}
5858

5959
ATTR_PURE static inline uint8_t* signature_pdec(uint8_t* base_ptr, unsigned int index,
6060
const faest_paramset_t* params) {
61-
const unsigned int tau0 = params->faest_param.t0;
62-
const size_t lambda_bytes = params->faest_param.lambda / 8;
63-
const size_t ell_bytes = params->faest_param.l / 8;
64-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
65-
const size_t utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
61+
const unsigned int tau0 = params->faest_param.tau0;
62+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
63+
const unsigned int ell_bytes = params->faest_param.l / 8;
64+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
65+
const unsigned int utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
66+
const unsigned int k0 = params->faest_param.k;
67+
const unsigned int k1 = (params->faest_param.tau0 != 0) ? k0 - 1 : k0;
6668

6769
base_ptr +=
6870
(params->faest_param.tau - 1) * ell_hat_bytes + utilde_bytes + ell_bytes + lambda_bytes;
6971
if (index < tau0) {
70-
return base_ptr + index * (params->faest_param.k0 + 2) * lambda_bytes;
72+
return base_ptr + index * (k0 + 2) * lambda_bytes;
7173
} else {
7274
return base_ptr +
73-
((index - tau0) * (params->faest_param.k1 + 2) + tau0 * (params->faest_param.k0 + 2)) *
75+
((index - tau0) * (k1 + 2) + tau0 * (k0 + 2)) *
7476
lambda_bytes;
7577
}
7678
}
7779

7880
ATTR_PURE static inline uint8_t* signature_com(uint8_t* base_ptr, unsigned int index,
7981
const faest_paramset_t* params) {
80-
const unsigned int tau0 = params->faest_param.t0;
81-
const size_t lambda_bytes = params->faest_param.lambda / 8;
82-
const size_t ell_bytes = params->faest_param.l / 8;
83-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
84-
const size_t utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
82+
const unsigned int tau0 = params->faest_param.tau0;
83+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
84+
const unsigned int ell_bytes = params->faest_param.l / 8;
85+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
86+
const unsigned int utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
87+
const unsigned int k0 = params->faest_param.k;
88+
const unsigned int k1 = (params->faest_param.tau0 != 0) ? k0 - 1 : k0;
8589

8690
base_ptr +=
8791
(params->faest_param.tau - 1) * ell_hat_bytes + utilde_bytes + ell_bytes + lambda_bytes;
8892
if (index < tau0) {
8993
return base_ptr +
90-
(index * (params->faest_param.k0 + 2) + params->faest_param.k0) * lambda_bytes;
94+
(index * (k0 + 2) + k0) * lambda_bytes;
9195
} else {
92-
return base_ptr + ((index - tau0) * (params->faest_param.k1 + 2) + params->faest_param.k1 +
93-
tau0 * (params->faest_param.k0 + 2)) *
96+
return base_ptr + ((index - tau0) * (k1 + 2) + k1 +
97+
tau0 * (k0 + 2)) *
9498
lambda_bytes;
9599
}
96100
}
97101

98102
ATTR_PURE static inline uint8_t* signature_chall_3(uint8_t* base_ptr,
99103
const faest_paramset_t* params) {
100-
const size_t lambda_bytes = params->faest_param.lambda / 8;
104+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
101105
return base_ptr + params->faest_param.sig_size - IV_SIZE - lambda_bytes;
102106
}
103107

@@ -109,84 +113,88 @@ ATTR_PURE static inline uint8_t* signature_iv(uint8_t* base_ptr, const faest_par
109113

110114
ATTR_PURE static inline const uint8_t* dsignature_c(const uint8_t* base_ptr, unsigned int index,
111115
const faest_paramset_t* params) {
112-
const size_t lambda_bytes = params->faest_param.lambda / 8;
113-
const size_t ell_bytes = params->faest_param.l / 8;
114-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
116+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
117+
const unsigned int ell_bytes = params->faest_param.l / 8;
118+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
115119

116120
return base_ptr + index * ell_hat_bytes;
117121
}
118122

119123
ATTR_PURE static inline const uint8_t* dsignature_u_tilde(const uint8_t* base_ptr,
120124
const faest_paramset_t* params) {
121-
const size_t lambda_bytes = params->faest_param.lambda / 8;
122-
const size_t ell_bytes = params->faest_param.l / 8;
123-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
125+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
126+
const unsigned int ell_bytes = params->faest_param.l / 8;
127+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
124128

125129
return base_ptr + (params->faest_param.tau - 1) * ell_hat_bytes;
126130
}
127131

128132
ATTR_PURE static inline const uint8_t* dsignature_d(const uint8_t* base_ptr,
129133
const faest_paramset_t* params) {
130-
const size_t lambda_bytes = params->faest_param.lambda / 8;
131-
const size_t ell_bytes = params->faest_param.l / 8;
132-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
133-
const size_t utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
134+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
135+
const unsigned int ell_bytes = params->faest_param.l / 8;
136+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
137+
const unsigned int utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
134138

135139
return base_ptr + (params->faest_param.tau - 1) * ell_hat_bytes + utilde_bytes;
136140
}
137141

138142
ATTR_PURE static inline const uint8_t* dsignature_a_tilde(const uint8_t* base_ptr,
139143
const faest_paramset_t* params) {
140-
const size_t lambda_bytes = params->faest_param.lambda / 8;
141-
const size_t ell_bytes = params->faest_param.l / 8;
142-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
143-
const size_t utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
144+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
145+
const unsigned int ell_bytes = params->faest_param.l / 8;
146+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
147+
const unsigned int utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
144148

145149
return base_ptr + (params->faest_param.tau - 1) * ell_hat_bytes + utilde_bytes + ell_bytes;
146150
}
147151

148152
ATTR_PURE static inline const uint8_t* dsignature_pdec(const uint8_t* base_ptr, unsigned int index,
149153
const faest_paramset_t* params) {
150-
const unsigned int tau0 = params->faest_param.t0;
151-
const size_t lambda_bytes = params->faest_param.lambda / 8;
152-
const size_t ell_bytes = params->faest_param.l / 8;
153-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
154-
const size_t utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
154+
const unsigned int tau0 = params->faest_param.tau0;
155+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
156+
const unsigned int ell_bytes = params->faest_param.l / 8;
157+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
158+
const unsigned int utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
159+
const unsigned int k0 = params->faest_param.k;
160+
const unsigned int k1 = (params->faest_param.tau0 != 0) ? k0 - 1 : k0;
155161

156162
base_ptr +=
157163
(params->faest_param.tau - 1) * ell_hat_bytes + utilde_bytes + ell_bytes + lambda_bytes;
158164
if (index < tau0) {
159-
return base_ptr + index * (params->faest_param.k0 + 2) * lambda_bytes;
165+
return base_ptr + index * (k0 + 2) * lambda_bytes;
160166
} else {
161167
return base_ptr +
162-
((index - tau0) * (params->faest_param.k1 + 2) + tau0 * (params->faest_param.k0 + 2)) *
168+
((index - tau0) * (k1 + 2) + tau0 * (k0 + 2)) *
163169
lambda_bytes;
164170
}
165171
}
166172

167173
ATTR_PURE static inline const uint8_t* dsignature_com(const uint8_t* base_ptr, unsigned int index,
168174
const faest_paramset_t* params) {
169-
const unsigned int tau0 = params->faest_param.t0;
170-
const size_t lambda_bytes = params->faest_param.lambda / 8;
171-
const size_t ell_bytes = params->faest_param.l / 8;
172-
const size_t ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
173-
const size_t utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
175+
const unsigned int tau0 = params->faest_param.tau0;
176+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
177+
const unsigned int ell_bytes = params->faest_param.l / 8;
178+
const unsigned int ell_hat_bytes = ell_bytes + 2 * lambda_bytes + UNIVERSAL_HASH_B;
179+
const unsigned int utilde_bytes = lambda_bytes + UNIVERSAL_HASH_B;
180+
const unsigned int k0 = params->faest_param.k;
181+
const unsigned int k1 = (params->faest_param.tau0 != 0) ? k0 - 1 : k0;
174182

175183
base_ptr +=
176184
(params->faest_param.tau - 1) * ell_hat_bytes + utilde_bytes + ell_bytes + lambda_bytes;
177185
if (index < tau0) {
178186
return base_ptr +
179-
(index * (params->faest_param.k0 + 2) + params->faest_param.k0) * lambda_bytes;
187+
(index * (k0 + 2) + k0) * lambda_bytes;
180188
} else {
181-
return base_ptr + ((index - tau0) * (params->faest_param.k1 + 2) + params->faest_param.k1 +
182-
tau0 * (params->faest_param.k0 + 2)) *
189+
return base_ptr + ((index - tau0) * (k1 + 2) + k1 +
190+
tau0 * (k0 + 2)) *
183191
lambda_bytes;
184192
}
185193
}
186194

187195
ATTR_PURE static inline const uint8_t* dsignature_chall_3(const uint8_t* base_ptr,
188196
const faest_paramset_t* params) {
189-
const size_t lambda_bytes = params->faest_param.lambda / 8;
197+
const unsigned int lambda_bytes = params->faest_param.lambda / 8;
190198
return base_ptr + params->faest_param.sig_size - IV_SIZE - lambda_bytes;
191199
}
192200

@@ -257,8 +265,11 @@ void faest_sign(uint8_t* sig, const uint8_t* msg, size_t msglen, const uint8_t*
257265
const unsigned int lambdaBytes = lambda / 8;
258266
const unsigned int tau = params->faest_param.tau;
259267
const unsigned int tau0 = params->faest_param.tau0;
268+
const unsigned int tau1 = params->faest_param.tau1;
260269
const unsigned int ell_hat = l + lambda * 2 + UNIVERSAL_HASH_B_BITS;
261270
const unsigned int ell_hat_bytes = ell_hat / 8;
271+
const unsigned int k0 = params->faest_param.k;
272+
const unsigned int k1 = (params->faest_param.tau0 != 0) ? k0 - 1 : k0;
262273

263274
// Step: 2
264275
uint8_t mu[MAX_LAMBDA_BYTES * 2];
@@ -287,7 +298,7 @@ void faest_sign(uint8_t* sig, const uint8_t* msg, size_t msglen, const uint8_t*
287298
for (unsigned int i = 1; i < lambda; ++i) {
288299
V[i] = V[0] + i * ell_hat_bytes;
289300
}
290-
vole_commit(rootkey, signature_iv(sig, params), ell_hat, params, hcom, vecCom,
301+
vole_commit(rootkey, signature_iv(sig, params), ell_hat, params, vecCom,
291302
signature_c(sig, 0, params), u, V);
292303

293304
// Step: 4
@@ -347,12 +358,11 @@ void faest_sign(uint8_t* sig, const uint8_t* msg, size_t msglen, const uint8_t*
347358
for (unsigned int i = 0; i < tau; i++) {
348359
// Step 20
349360
uint8_t s_[MAX_DEPTH];
350-
ChalDec(signature_chall_3(sig, params), i, params->faest_param.k0, params->faest_param.t0,
351-
params->faest_param.k1, params->faest_param.t1, s_);
361+
ChalDec(signature_chall_3(sig, params), i, k0, tau0,
362+
k1, tau1, s_);
352363
// Step 21
353-
const unsigned int depth = i < tau0 ? params->faest_param.k0 : params->faest_param.k1;
354-
bavc_open(vecCom[i].k, vecCom[i].com, s_, signature_pdec(sig, i, params),
355-
signature_com(sig, i, params), depth, lambdaBytes);
364+
const unsigned int depth = i < tau0 ? k0 : k1;
365+
bavc_open(vecCom, i, signature_pdec(sig, i, params), params); // TODO: I think this is fine or ?
356366
vec_com_clear(&vecCom[i]);
357367
}
358368
free(vecCom);
@@ -365,12 +375,13 @@ int faest_verify(const uint8_t* msg, size_t msglen, const uint8_t* sig, const ui
365375
const unsigned int lambda = params->faest_param.lambda;
366376
const unsigned int lambdaBytes = lambda / 8;
367377
const unsigned int tau = params->faest_param.tau;
368-
const unsigned int tau0 = params->faest_param.t0;
378+
const unsigned int tau0 = params->faest_param.tau0;
379+
const unsigned int tau1 = params->faest_param.tau1;
369380
const unsigned int ell_hat = l + lambda * 2 + UNIVERSAL_HASH_B_BITS;
370381
const unsigned int ell_hat_bytes = ell_hat / 8;
371382
const unsigned int utilde_bytes = lambdaBytes + UNIVERSAL_HASH_B;
372-
const unsigned int k0 = params->faest_param.k0;
373-
const unsigned int k1 = params->faest_param.k1;
383+
const unsigned int k0 = params->faest_param.k;
384+
const unsigned int k1 = (params->faest_param.tau0 != 0) ? k0 - 1 : k0;
374385

375386
// Step: 3
376387
uint8_t mu[MAX_LAMBDA_BYTES * 2];
@@ -421,8 +432,8 @@ int faest_verify(const uint8_t* msg, size_t msglen, const uint8_t* sig, const ui
421432

422433
// Step 11
423434
uint8_t delta[MAX_DEPTH];
424-
ChalDec(dsignature_chall_3(sig, params), i, params->faest_param.k0, params->faest_param.t0,
425-
params->faest_param.k1, params->faest_param.t1, delta);
435+
ChalDec(dsignature_chall_3(sig, params), i, k0, tau0,
436+
k1, tau1, delta);
426437
// Step 16
427438
for (unsigned int j = 0; j != depth; ++j, ++Dtilde_idx) {
428439
// for scan-build

0 commit comments

Comments
 (0)