diff --git a/docs/algorithms/sig/cross.md b/docs/algorithms/sig/cross.md index 8fa97e174..0068e43b4 100644 --- a/docs/algorithms/sig/cross.md +++ b/docs/algorithms/sig/cross.md @@ -7,7 +7,7 @@ - **Authors' website**: https://www.cross-crypto.com/ - **Specification version**: 1.2 + Keccak_x4 + PQClean fixes + endianness fix. - **Primary Source**: - - **Source**: https://github.com/rtjk/CROSS-PQClean/commit/82938638cb6bcb680d9472e544a61be38db806cc + - **Source**: https://github.com/rtjk/CROSS-PQClean/commit/d3bf2db85ba4a181418c95171d36afdca0d43464 - **Implementation license (SPDX-Identifier)**: CC0-1.0 diff --git a/docs/algorithms/sig/cross.yml b/docs/algorithms/sig/cross.yml index 6cbc0d629..e9e8b7155 100644 --- a/docs/algorithms/sig/cross.yml +++ b/docs/algorithms/sig/cross.yml @@ -21,7 +21,7 @@ website: https://www.cross-crypto.com/ nist-round: 1 spec-version: 1.2 + Keccak_x4 + PQClean fixes + endianness fix primary-upstream: - source: https://github.com/rtjk/CROSS-PQClean/commit/82938638cb6bcb680d9472e544a61be38db806cc + source: https://github.com/rtjk/CROSS-PQClean/commit/d3bf2db85ba4a181418c95171d36afdca0d43464 spdx-license-identifier: CC0-1.0 parameter-sets: - name: cross-rsdp-128-balanced diff --git a/scripts/copy_from_upstream/copy_from_upstream.py b/scripts/copy_from_upstream/copy_from_upstream.py index 400ecc57a..c9368f68a 100755 --- a/scripts/copy_from_upstream/copy_from_upstream.py +++ b/scripts/copy_from_upstream/copy_from_upstream.py @@ -74,6 +74,8 @@ def generator(destination_file_path, template_filename, delimiter, family, schem template = file_get_contents( os.path.join(os.environ['LIBOQS_DIR'], 'scripts', 'copy_from_upstream', template_filename)) f = copy.deepcopy(family) + if not os.path.exists(os.path.join(os.environ['LIBOQS_DIR'], destination_file_path)): + open(os.path.join(os.environ['LIBOQS_DIR'], destination_file_path), 'a').close() contents = file_get_contents(os.path.join(os.environ['LIBOQS_DIR'], destination_file_path)) if scheme_desired != None: f['schemes'] = [x for x in f['schemes'] if x == scheme_desired] diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml index cf3ea5596..e3234bde4 100644 --- a/scripts/copy_from_upstream/copy_from_upstream.yml +++ b/scripts/copy_from_upstream/copy_from_upstream.yml @@ -66,7 +66,7 @@ upstreams: name: upcross git_url: https://github.com/rtjk/CROSS-PQClean.git git_branch: master - git_commit: 82938638cb6bcb680d9472e544a61be38db806cc + git_commit: d3bf2db85ba4a181418c95171d36afdca0d43464 sig_meta_path: 'generate/crypto_sign/{pqclean_scheme}/META.yml' sig_scheme_path: 'generate/crypto_sign/{pqclean_scheme}' kems: diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.c index 02011ba99..65a72ad60 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.h index 738ab30fe..3caafcd17 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.c index 56da4e442..f07eb8a2e 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.h index 00999a95e..889f08ad8 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/seedtree.c index 0505c9e97..2f659455e 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_CLEAN_generate_seed_tree_from_root(unsigned ch memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP128BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.c index 382354ea9..070a0240a 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.h index 083c69f43..ebdd0e694 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.c index 342ee105c..4ff830e70 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.h index 9e79d7972..310b45513 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.c index 6fe036b0c..bffadfc98 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.h index d3a025ddc..3e12a5892 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.c index 8b6e0ce13..0bade2e88 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.h index b288b826f..1cd27923a 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-128-small_clean/seedtree.c index 687799392..1efe42a89 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-128-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP128SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP128SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.c index 8a437ddeb..516e8df69 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.h index bd09c81fc..59274da46 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.c index f756088b6..7d138b9ce 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.h index fda519b19..b4b8cce1e 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/seedtree.c index 3cd44db0d..2856b08cd 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_CLEAN_generate_seed_tree_from_root(unsigned ch memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP192BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.c index 7e63c32ae..423c75d70 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.h index 382b892f3..f975fe760 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.c index ef5be3b28..6aa783531 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.h index f4ac46ccf..c6223f476 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.c index 023f3e8ff..0d45f0cfc 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.h index 5dfa722e9..e6c18601d 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.c index c6a697863..c2799bb07 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.h index d6397fe20..912c05202 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-192-small_clean/seedtree.c index 83ff7103a..f33810f23 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-192-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP192SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP192SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.c index 79e49e031..48d0413d2 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.h index b234b8aa8..c49311e1b 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.c index 48685a4ba..f6e2d8671 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.h index 98df725fc..78ed91059 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/seedtree.c index 6d3a0b7b3..390c68be4 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_CLEAN_generate_seed_tree_from_root(unsigned ch memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP256BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.c index d75cce902..035747872 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.h index 180d0f12b..399c36108 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.c index 2d96c4b1f..8bd25d840 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.h index 6ab13a977..a0d7e6a74 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.c index 721307069..3d5537533 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.h index 29890cddf..2ff064a67 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.c index cb9d3374c..26c4c0199 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.h index 489bb060b..944fe6640 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-256-small_clean/seedtree.c index 3775b8281..22b74db18 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-256-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP256SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP256SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.c index 716033a8e..d0e8bec2e 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.h index 06d5689ed..089e13146 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.c index df9686904..137fdd2a6 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.h index 7dd4bca16..ecdaec3da 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/seedtree.c index d754aa434..7da5981e8 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_CLEAN_generate_seed_tree_from_root(unsigned c memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG128BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.c index d731253ae..457f22d4d 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.h index 11d2dff18..aa6deac2f 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.c index cc76df801..01574d761 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.h index 3f8527952..859ff7c92 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.c index 18669cc97..6a6d16cc6 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.h index a4f5332f4..6ce396d19 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.c index ac05031ed..96a2cd354 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.h index 2b42231e7..77ad06c2e 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/seedtree.c index 1e0bf72d8..29447f0c1 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG128SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.c index 13e0bc49a..9d581604c 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.h index 09f9e911c..13ac09234 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.c index 7097b532a..ba745ea00 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.h index e2f423ade..df80a390f 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/seedtree.c index bc6c805b0..e2889ec46 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_CLEAN_generate_seed_tree_from_root(unsigned c memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG192BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.c index b1d2f9a3d..7296364d7 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.h index 3664fdf70..49c81aac9 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.c index eeffb17f6..6aa91b319 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.h index 6b554a94f..fd47ac3c6 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.c index b0cc9fca4..dc118f938 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.h index 75778f98d..972f8385f 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.c index 5af2bcdbf..ed0de2d9b 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.h index ffc040f87..2ea4653cf 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/seedtree.c index 501fd13ac..9d0b6331c 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG192SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.c index cbd590de7..9b0b5f031 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.h index 05dbf36d3..7ffff0f2b 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.c index 8a06687e2..57315f69e 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.h index 825fcd3fb..adc7bba17 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/seedtree.c index e6b46581e..2c778feb8 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_CLEAN_generate_seed_tree_from_root(unsigned c memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG256BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.c index 767af4255..40c986776 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.h index 6d9584b7d..69bb17246 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.c index 5fd3aef68..c5702c853 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.h index 9875d33c4..82d016ac9 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.c index e075a2d72..afcff638f 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.h index eaf2e9ca4..a8fbe6159 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.c index ce0673a45..64ac4b248 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.h index 30a1703f0..a3af40770 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.h @@ -245,6 +245,15 @@ static inline uint32_t to_little_endian32(uint32_t x) { #endif } +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/seedtree.c index 9689b7c0b..5f67c5350 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG256SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES,