fix more endianness issues, add file creation to copy_from_upstream.py

Signed-off-by: rtjk <[email protected]>

docs/algorithms/sig/cross.md

@@ -7,7 +7,7 @@
 - **Authors' website**: https://www.cross-crypto.com/
 - **Specification version**: 1.2 + Keccak_x4 + PQClean fixes + endianness fix.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/rtjk/CROSS-PQClean/commit/82938638cb6bcb680d9472e544a61be38db806cc
+  - **Source**: https://github.com/rtjk/CROSS-PQClean/commit/d3bf2db85ba4a181418c95171d36afdca0d43464
   - **Implementation license (SPDX-Identifier)**: CC0-1.0
 
 

docs/algorithms/sig/cross.yml

@@ -21,7 +21,7 @@ website: https://www.cross-crypto.com/
 nist-round: 1
 spec-version: 1.2 + Keccak_x4 + PQClean fixes + endianness fix
 primary-upstream:
-  source: https://github.com/rtjk/CROSS-PQClean/commit/82938638cb6bcb680d9472e544a61be38db806cc
+  source: https://github.com/rtjk/CROSS-PQClean/commit/d3bf2db85ba4a181418c95171d36afdca0d43464
   spdx-license-identifier: CC0-1.0
 parameter-sets:
 - name: cross-rsdp-128-balanced

scripts/copy_from_upstream/copy_from_upstream.py

@@ -74,6 +74,8 @@ def generator(destination_file_path, template_filename, delimiter, family, schem
     template = file_get_contents(
         os.path.join(os.environ['LIBOQS_DIR'], 'scripts', 'copy_from_upstream', template_filename))
     f = copy.deepcopy(family)
+    if not os.path.exists(os.path.join(os.environ['LIBOQS_DIR'], destination_file_path)):
+        open(os.path.join(os.environ['LIBOQS_DIR'], destination_file_path), 'a').close()
     contents = file_get_contents(os.path.join(os.environ['LIBOQS_DIR'], destination_file_path))
     if scheme_desired != None:
         f['schemes'] = [x for x in f['schemes'] if x == scheme_desired]

scripts/copy_from_upstream/copy_from_upstream.yml

@@ -66,7 +66,7 @@ upstreams:
     name: upcross
     git_url: https://github.com/rtjk/CROSS-PQClean.git
     git_branch: master
-    git_commit: 82938638cb6bcb680d9472e544a61be38db806cc
+    git_commit: d3bf2db85ba4a181418c95171d36afdca0d43464
     sig_meta_path: 'generate/crypto_sign/{pqclean_scheme}/META.yml'
     sig_scheme_path: 'generate/crypto_sign/{pqclean_scheme}'
 kems:

src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.c

@@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix
 	memset(fixed_weight_string, 1, W);
 	memset(fixed_weight_string + W, 0, T - W);
 
-	uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer;
+	uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer);
 	int bits_in_sub_buf = 64;
 	int pos_in_buf = 8;
 
@@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix
 		/* refill randomness buffer if needed */
 		if (bits_in_sub_buf <= 32) {
 			/* get 32 fresh bits from main buffer with a single load */
-			uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf);
+			uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf));
 			pos_in_buf += 4;
 			sub_buffer |=  ((uint64_t) refresh_buf) << bits_in_sub_buf;
 			bits_in_sub_buf += 32;

src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.h

@@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) {
 #endif
 }
 
+static inline uint16_t to_little_endian16(uint16_t x) {
+	/* When compiling on a big-endian system, swap the bytes */
+#if BIG_ENDIAN_SYSTEM
+	return __builtin_bswap16(x);
+#else
+	return x;
+#endif
+}
+
 /***************** Specialized CSPRNGs for non binary domains *****************/
 
 /* CSPRNG sampling fixed weight strings */

src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.c

@@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi
 	memset(fixed_weight_string, 1, W);
 	memset(fixed_weight_string + W, 0, T - W);
 
-	uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer;
+	uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer);
 	int bits_in_sub_buf = 64;
 	int pos_in_buf = 8;
 
@@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi
 		/* refill randomness buffer if needed */
 		if (bits_in_sub_buf <= 32) {
 			/* get 32 fresh bits from main buffer with a single load */
-			uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf);
+			uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf));
 			pos_in_buf += 4;
 			sub_buffer |=  ((uint64_t) refresh_buf) << bits_in_sub_buf;
 			bits_in_sub_buf += 32;

src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.h

@@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) {
 #endif
 }
 
+static inline uint16_t to_little_endian16(uint16_t x) {
+	/* When compiling on a big-endian system, swap the bytes */
+#if BIG_ENDIAN_SYSTEM
+	return __builtin_bswap16(x);
+#else
+	return x;
+#endif
+}
+
 /***************** Specialized CSPRNGs for non binary domains *****************/
 
 /* CSPRNG sampling fixed weight strings */

src/sig/cross/upcross_cross-rsdp-128-balanced_clean/seedtree.c

@@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_CLEAN_generate_seed_tree_from_root(unsigned ch
 			memcpy(csprng_input,
 			       seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES,
 			       SEED_LENGTH_BYTES);
-			*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx;
+			*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx);
 			/* expand the children (stored contiguously) */
 			initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len);
 			csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES,
@@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP128BALANCED_CLEAN_regenerate_round_seeds(unsigned char
 				memcpy(csprng_input,
 				       seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES,
 				       SEED_LENGTH_BYTES);
-				*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx;
+				*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx);
 				/* expand the children (stored contiguously) */
 				initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len);
 				csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES,

src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.c

@@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w
 	memset(fixed_weight_string, 1, W);
 	memset(fixed_weight_string + W, 0, T - W);
 
-	uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer;
+	uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer);
 	int bits_in_sub_buf = 64;
 	int pos_in_buf = 8;
 
@@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w
 		/* refill randomness buffer if needed */
 		if (bits_in_sub_buf <= 32) {
 			/* get 32 fresh bits from main buffer with a single load */
-			uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf);
+			uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf));
 			pos_in_buf += 4;
 			sub_buffer |=  ((uint64_t) refresh_buf) << bits_in_sub_buf;
 			bits_in_sub_buf += 32;

src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.h

@@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) {
 #endif
 }
 
+static inline uint16_t to_little_endian16(uint16_t x) {
+	/* When compiling on a big-endian system, swap the bytes */
+#if BIG_ENDIAN_SYSTEM
+	return __builtin_bswap16(x);
+#else
+	return x;
+#endif
+}
+
 /***************** Specialized CSPRNGs for non binary domains *****************/
 
 /* CSPRNG sampling fixed weight strings */

src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.c

@@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_
 	memset(fixed_weight_string, 1, W);
 	memset(fixed_weight_string + W, 0, T - W);
 
-	uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer;
+	uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer);
 	int bits_in_sub_buf = 64;
 	int pos_in_buf = 8;
 
@@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_
 		/* refill randomness buffer if needed */
 		if (bits_in_sub_buf <= 32) {
 			/* get 32 fresh bits from main buffer with a single load */
-			uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf);
+			uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf));
 			pos_in_buf += 4;
 			sub_buffer |=  ((uint64_t) refresh_buf) << bits_in_sub_buf;
 			bits_in_sub_buf += 32;

src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.h

@@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) {
 #endif
 }
 
+static inline uint16_t to_little_endian16(uint16_t x) {
+	/* When compiling on a big-endian system, swap the bytes */
+#if BIG_ENDIAN_SYSTEM
+	return __builtin_bswap16(x);
+#else
+	return x;
+#endif
+}
+
 /***************** Specialized CSPRNGs for non binary domains *****************/
 
 /* CSPRNG sampling fixed weight strings */

src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.c

@@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_
 	memset(fixed_weight_string, 1, W);
 	memset(fixed_weight_string + W, 0, T - W);
 
-	uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer;
+	uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer);
 	int bits_in_sub_buf = 64;
 	int pos_in_buf = 8;
 
@@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_
 		/* refill randomness buffer if needed */
 		if (bits_in_sub_buf <= 32) {
 			/* get 32 fresh bits from main buffer with a single load */
-			uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf);
+			uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf));
 			pos_in_buf += 4;
 			sub_buffer |=  ((uint64_t) refresh_buf) << bits_in_sub_buf;
 			bits_in_sub_buf += 32;

src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.h

@@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) {
 #endif
 }
 
+static inline uint16_t to_little_endian16(uint16_t x) {
+	/* When compiling on a big-endian system, swap the bytes */
+#if BIG_ENDIAN_SYSTEM
+	return __builtin_bswap16(x);
+#else
+	return x;
+#endif
+}
+
 /***************** Specialized CSPRNGs for non binary domains *****************/
 
 /* CSPRNG sampling fixed weight strings */

src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.c

@@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed
 	memset(fixed_weight_string, 1, W);
 	memset(fixed_weight_string + W, 0, T - W);
 
-	uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer;
+	uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer);
 	int bits_in_sub_buf = 64;
 	int pos_in_buf = 8;
 
@@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed
 		/* refill randomness buffer if needed */
 		if (bits_in_sub_buf <= 32) {
 			/* get 32 fresh bits from main buffer with a single load */
-			uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf);
+			uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf));
 			pos_in_buf += 4;
 			sub_buffer |=  ((uint64_t) refresh_buf) << bits_in_sub_buf;
 			bits_in_sub_buf += 32;

src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.h

@@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) {
 #endif
 }
 
+static inline uint16_t to_little_endian16(uint16_t x) {
+	/* When compiling on a big-endian system, swap the bytes */
+#if BIG_ENDIAN_SYSTEM
+	return __builtin_bswap16(x);
+#else
+	return x;
+#endif
+}
+
 /***************** Specialized CSPRNGs for non binary domains *****************/
 
 /* CSPRNG sampling fixed weight strings */

src/sig/cross/upcross_cross-rsdp-128-small_clean/seedtree.c

@@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP128SMALL_CLEAN_generate_seed_tree_from_root(unsigned char
 			memcpy(csprng_input,
 			       seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES,
 			       SEED_LENGTH_BYTES);
-			*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx;
+			*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx);
 			/* expand the children (stored contiguously) */
 			initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len);
 			csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES,
@@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP128SMALL_CLEAN_regenerate_round_seeds(unsigned char
 				memcpy(csprng_input,
 				       seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES,
 				       SEED_LENGTH_BYTES);
-				*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx;
+				*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx);
 				/* expand the children (stored contiguously) */
 				initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len);
 				csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES,

src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.c

@@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix
 	memset(fixed_weight_string, 1, W);
 	memset(fixed_weight_string + W, 0, T - W);
 
-	uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer;
+	uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer);
 	int bits_in_sub_buf = 64;
 	int pos_in_buf = 8;
 
@@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix
 		/* refill randomness buffer if needed */
 		if (bits_in_sub_buf <= 32) {
 			/* get 32 fresh bits from main buffer with a single load */
-			uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf);
+			uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf));
 			pos_in_buf += 4;
 			sub_buffer |=  ((uint64_t) refresh_buf) << bits_in_sub_buf;
 			bits_in_sub_buf += 32;

src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.h

@@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) {
 #endif
 }
 
+static inline uint16_t to_little_endian16(uint16_t x) {
+	/* When compiling on a big-endian system, swap the bytes */
+#if BIG_ENDIAN_SYSTEM
+	return __builtin_bswap16(x);
+#else
+	return x;
+#endif
+}
+
 /***************** Specialized CSPRNGs for non binary domains *****************/
 
 /* CSPRNG sampling fixed weight strings */

src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.c

@@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi
 	memset(fixed_weight_string, 1, W);
 	memset(fixed_weight_string + W, 0, T - W);
 
-	uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer;
+	uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer);
 	int bits_in_sub_buf = 64;
 	int pos_in_buf = 8;
 
@@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi
 		/* refill randomness buffer if needed */
 		if (bits_in_sub_buf <= 32) {
 			/* get 32 fresh bits from main buffer with a single load */
-			uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf);
+			uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf));
 			pos_in_buf += 4;
 			sub_buffer |=  ((uint64_t) refresh_buf) << bits_in_sub_buf;
 			bits_in_sub_buf += 32;

src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.h

@@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) {
 #endif
 }
 
+static inline uint16_t to_little_endian16(uint16_t x) {
+	/* When compiling on a big-endian system, swap the bytes */
+#if BIG_ENDIAN_SYSTEM
+	return __builtin_bswap16(x);
+#else
+	return x;
+#endif
+}
+
 /***************** Specialized CSPRNGs for non binary domains *****************/
 
 /* CSPRNG sampling fixed weight strings */

src/sig/cross/upcross_cross-rsdp-192-balanced_clean/seedtree.c

@@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_CLEAN_generate_seed_tree_from_root(unsigned ch
 			memcpy(csprng_input,
 			       seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES,
 			       SEED_LENGTH_BYTES);
-			*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx;
+			*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx);
 			/* expand the children (stored contiguously) */
 			initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len);
 			csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES,
@@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP192BALANCED_CLEAN_regenerate_round_seeds(unsigned char
 				memcpy(csprng_input,
 				       seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES,
 				       SEED_LENGTH_BYTES);
-				*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx;
+				*((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx);
 				/* expand the children (stored contiguously) */
 				initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len);
 				csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES,

src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.c

@@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w
 	memset(fixed_weight_string, 1, W);
 	memset(fixed_weight_string + W, 0, T - W);
 
-	uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer;
+	uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer);
 	int bits_in_sub_buf = 64;
 	int pos_in_buf = 8;
 
@@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w
 		/* refill randomness buffer if needed */
 		if (bits_in_sub_buf <= 32) {
 			/* get 32 fresh bits from main buffer with a single load */
-			uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf);
+			uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf));
 			pos_in_buf += 4;
 			sub_buffer |=  ((uint64_t) refresh_buf) << bits_in_sub_buf;
 			bits_in_sub_buf += 32;

src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.h

@@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) {
 #endif
 }
 
+static inline uint16_t to_little_endian16(uint16_t x) {
+	/* When compiling on a big-endian system, swap the bytes */
+#if BIG_ENDIAN_SYSTEM
+	return __builtin_bswap16(x);
+#else
+	return x;
+#endif
+}
+
 /***************** Specialized CSPRNGs for non binary domains *****************/
 
 /* CSPRNG sampling fixed weight strings */