#include <openssl/hrss.h>
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <openssl/bn.h>
#include <openssl/cpu.h>
#include <openssl/hmac.h>
#include <openssl/mem.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
#include "../internal.h"
#include "internal.h"

Include dependency graph for hrss.c:

Classes
struct	poly

struct	poly3_span

struct	POLY_MUL_SCRATCH

struct	private_key

struct	public_key

Macros
#define	COEFFICIENTS_PER_VEC (sizeof(vec_t) / sizeof(uint16_t))

#define	POLY_BYTES 1138

#define	Q 8192

#define	RESTRICT restrict

#define	VECS_PER_POLY ((N + COEFFICIENTS_PER_VEC - 1) / COEFFICIENTS_PER_VEC)

Functions
static crypto_word_t	final_bit_to_all (crypto_word_t v)

static OPENSSL_UNUSED void	hexdump (const void *void_in, size_t len)

int	HRSS_decap (uint8_t out_shared_key[HRSS_KEY_BYTES], const struct HRSS_private_key in_priv, const uint8_t ciphertext, size_t ciphertext_len)

int	HRSS_encap (uint8_t out_ciphertext[POLY_BYTES], uint8_t out_shared_key[32], const struct HRSS_public_key *in_pub, const uint8_t in[HRSS_SAMPLE_BYTES+HRSS_SAMPLE_BYTES])

int	HRSS_generate_key (struct HRSS_public_key out_pub, struct HRSS_private_key out_priv, const uint8_t in[HRSS_SAMPLE_BYTES+HRSS_SAMPLE_BYTES+32])

void	HRSS_marshal_public_key (uint8_t out[HRSS_PUBLIC_KEY_BYTES], const struct HRSS_public_key *in_pub)

int	HRSS_parse_public_key (struct HRSS_public_key *out, const uint8_t in[HRSS_PUBLIC_KEY_BYTES])

void	HRSS_poly3_invert (struct poly3 out, const struct poly3 in)

void	HRSS_poly3_mul (struct poly3 out, const struct poly3 x, const struct poly3 *y)

static crypto_word_t	lsb_to_all (crypto_word_t v)

static void *	malloc_align32 (void **out_ptr, size_t size)

static uint16_t	mod3 (int16_t a)

static uint16_t	mod3_from_modQ (uint16_t v)

static void	poly2_clear_top_bits (struct poly2 *p)

static void	poly2_cswap (struct poly2 a, struct poly2 b, crypto_word_t swap)

static void	poly2_fmadd (struct poly2 out, const struct poly2 in, crypto_word_t m)

static void	poly2_from_poly (struct poly2 out, const struct poly in)

static void	poly2_lshift1 (struct poly2 *p)

static void	poly2_mod_phiN (struct poly2 *p)

static void	poly2_reverse_700 (struct poly2 out, const struct poly2 in)

static void	poly2_rshift1 (struct poly2 *p)

static int	poly2_top_bits_are_clear (const struct poly2 *p)

static void	poly2_zero (struct poly2 *p)

static void	poly3_cswap (struct poly3 a, struct poly3 b, crypto_word_t swap)

static void	poly3_fmsub (struct poly3 RESTRICT out, const struct poly3 RESTRICT in, crypto_word_t ms, crypto_word_t ma)

static void	poly3_from_poly (struct poly3 out, const struct poly in)

static crypto_word_t	poly3_from_poly_checked (struct poly3 out, const struct poly in)

static void	poly3_lshift1 (struct poly3 *p)

static void	poly3_mod_phiN (struct poly3 *p)

static void	poly3_mul_aux (const struct poly3_span out, const struct poly3_span scratch, const struct poly3_span a, const struct poly3_span b, size_t n)

static void	poly3_mul_const (struct poly3 *p, crypto_word_t ms, crypto_word_t ma)

static OPENSSL_UNUSED void	poly3_print (const struct poly3 *in)

static void	poly3_reverse_700 (struct poly3 out, const struct poly3 in)

static void	poly3_rshift1 (struct poly3 *p)

static void	poly3_span_add (const struct poly3_span out, const struct poly3_span a, const struct poly3_span *b, size_t n)

static void	poly3_span_sub (const struct poly3_span a, const struct poly3_span b, size_t n)

static OPENSSL_UNUSED int	poly3_top_bits_are_clear (const struct poly3 *p)

static void	poly3_word_add (crypto_word_t out_s, crypto_word_t out_a, const crypto_word_t s1, const crypto_word_t a1, const crypto_word_t s2, const crypto_word_t a2)

static void	poly3_word_mul (crypto_word_t out_s, crypto_word_t out_a, const crypto_word_t s1, const crypto_word_t a1, const crypto_word_t s2, const crypto_word_t a2)

static void	poly3_word_sub (crypto_word_t out_s, crypto_word_t out_a, const crypto_word_t s1, const crypto_word_t a1, const crypto_word_t s2, const crypto_word_t a2)

static void	poly3_zero (struct poly3 *p)

static void	poly_clamp (struct poly *p)

static void	poly_from_poly2 (struct poly out, const struct poly2 in)

static void	poly_from_poly3 (struct poly out, const struct poly3 in)

static void	poly_invert (struct POLY_MUL_SCRATCH scratch, struct poly out, const struct poly *in)

static void	poly_invert_mod2 (struct poly out, const struct poly in)

static void	poly_lift (struct poly out, const struct poly a)

static void	poly_marshal (uint8_t out[POLY_BYTES], const struct poly *in)

static void	poly_marshal_mod3 (uint8_t out[HRSS_POLY3_BYTES], const struct poly *in)

static void	poly_mod_phiN (struct poly *p)

static void	poly_mul (struct POLY_MUL_SCRATCH scratch, struct poly r, const struct poly a, const struct poly b)

static void	poly_mul_novec (struct POLY_MUL_SCRATCH scratch, struct poly out, const struct poly x, const struct poly y)

static void	poly_mul_novec_aux (uint16_t out, uint16_t scratch, const uint16_t a, const uint16_t b, size_t n)

static void	poly_mul_x_minus_1 (struct poly *p)

static OPENSSL_UNUSED void	poly_print (const struct poly *p)

static void	poly_short_sample (struct poly *out, const uint8_t in[HRSS_SAMPLE_BYTES])

static void	poly_short_sample_plus (struct poly *out, const uint8_t in[HRSS_SAMPLE_BYTES])

static int	poly_unmarshal (struct poly *out, const uint8_t in[POLY_BYTES])

static struct private_key *	private_key_from_external (struct HRSS_private_key *ext)

static struct public_key *	public_key_from_external (struct HRSS_public_key *ext)

static crypto_word_t	word_reverse (crypto_word_t in)

Variables
static const char	kSharedKey [] = "shared key"

Macro Definition Documentation

◆ COEFFICIENTS_PER_VEC

#define COEFFICIENTS_PER_VEC (sizeof(vec_t) / sizeof(uint16_t))

Definition at line 908 of file hrss.c.

◆ POLY_BYTES

#define POLY_BYTES 1138

Definition at line 1607 of file hrss.c.

◆ Q

#define Q 8192

Definition at line 904 of file hrss.c.

◆ RESTRICT

#define RESTRICT restrict

Definition at line 31 of file hrss.c.

◆ VECS_PER_POLY

#define VECS_PER_POLY ((N + COEFFICIENTS_PER_VEC - 1) / COEFFICIENTS_PER_VEC)

Definition at line 909 of file hrss.c.

Function Documentation

◆ final_bit_to_all()

static crypto_word_t final_bit_to_all ( crypto_word_t v )

static

Definition at line 552 of file hrss.c.

◆ hexdump()

static OPENSSL_UNUSED void hexdump	(	const void *	void_in,
		size_t	len
	)

static

Definition at line 304 of file hrss.c.

◆ HRSS_decap()

int HRSS_decap	(	uint8_t	out_shared_key[HRSS_KEY_BYTES],
		const struct HRSS_private_key *	in_priv,
		const uint8_t *	ciphertext,
		size_t	ciphertext_len
	)

Definition at line 2042 of file hrss.c.

◆ HRSS_encap()

int HRSS_encap	(	uint8_t	out_ciphertext[POLY_BYTES],
		uint8_t	out_shared_key[32],
		const struct HRSS_public_key *	in_pub,
		const uint8_t	in[HRSS_SAMPLE_BYTES+HRSS_SAMPLE_BYTES]
	)

Definition at line 1991 of file hrss.c.

◆ HRSS_generate_key()

int HRSS_generate_key	(	struct HRSS_public_key *	out_pub,
		struct HRSS_private_key *	out_priv,
		const uint8_t	in[HRSS_SAMPLE_BYTES+HRSS_SAMPLE_BYTES+32]
	)

Definition at line 1933 of file hrss.c.

◆ HRSS_marshal_public_key()

void HRSS_marshal_public_key	(	uint8_t	out[HRSS_PUBLIC_KEY_BYTES],
		const struct HRSS_public_key *	in_pub
	)

Definition at line 2183 of file hrss.c.

◆ HRSS_parse_public_key()

int HRSS_parse_public_key	(	struct HRSS_public_key *	out,
		const uint8_t	in[HRSS_PUBLIC_KEY_BYTES]
	)

Definition at line 2190 of file hrss.c.

◆ HRSS_poly3_invert()

void HRSS_poly3_invert	(	struct poly3 *	out,
		const struct poly3 *	in
	)

Definition at line 844 of file hrss.c.

◆ HRSS_poly3_mul()

void HRSS_poly3_mul	(	struct poly3 *	out,
		const struct poly3 *	x,
		const struct poly3 *	y
	)

Definition at line 710 of file hrss.c.

◆ lsb_to_all()

static crypto_word_t lsb_to_all ( crypto_word_t v )

static

Definition at line 347 of file hrss.c.

◆ malloc_align32()

static void* malloc_align32	(	void **	out_ptr,
		size_t	size
	)

static

Definition at line 1922 of file hrss.c.

◆ mod3()

static uint16_t mod3 ( int16_t a )

static

Definition at line 1394 of file hrss.c.

◆ mod3_from_modQ()

static uint16_t mod3_from_modQ ( uint16_t v )

static

Definition at line 1697 of file hrss.c.

◆ poly2_clear_top_bits()

static void poly2_clear_top_bits ( struct poly2 * p )

static

Definition at line 418 of file hrss.c.

◆ poly2_cswap()

static void poly2_cswap	(	struct poly2 *	a,
		struct poly2 *	b,
		crypto_word_t	swap
	)

static

Definition at line 377 of file hrss.c.

◆ poly2_fmadd()

static void poly2_fmadd	(	struct poly2 *	out,
		const struct poly2 *	in,
		crypto_word_t	m
	)

static

Definition at line 387 of file hrss.c.

◆ poly2_from_poly()

static void poly2_from_poly	(	struct poly2 *	out,
		const struct poly *	in
	)

static

Definition at line 1371 of file hrss.c.

◆ poly2_lshift1()

static void poly2_lshift1 ( struct poly2 * p )

static

Definition at line 395 of file hrss.c.

◆ poly2_mod_phiN()

static void poly2_mod_phiN ( struct poly2 * p )

static

Definition at line 350 of file hrss.c.

◆ poly2_reverse_700()

static void poly2_reverse_700	(	struct poly2 *	out,
		const struct poly2 *	in
	)

static

Definition at line 362 of file hrss.c.

◆ poly2_rshift1()

static void poly2_rshift1 ( struct poly2 * p )

static

Definition at line 406 of file hrss.c.

◆ poly2_top_bits_are_clear()

static int poly2_top_bits_are_clear ( const struct poly2 * p )

static

Definition at line 424 of file hrss.c.

◆ poly2_zero()

static void poly2_zero ( struct poly2 * p )

static

Definition at line 312 of file hrss.c.

◆ poly3_cswap()

static void poly3_cswap	(	struct poly3 *	a,
		struct poly3 *	b,
		crypto_word_t	swap
	)

static

Definition at line 578 of file hrss.c.

◆ poly3_fmsub()

static void poly3_fmsub	(	struct poly3 *RESTRICT	out,
		const struct poly3 *RESTRICT	in,
		crypto_word_t	ms,
		crypto_word_t	ma
	)

static

Definition at line 539 of file hrss.c.

◆ poly3_from_poly()

static void poly3_from_poly	(	struct poly3 *	out,
		const struct poly *	in
	)

static

Definition at line 1403 of file hrss.c.

◆ poly3_from_poly_checked()

static crypto_word_t poly3_from_poly_checked	(	struct poly3 *	out,
		const struct poly *	in
	)

static

Definition at line 1441 of file hrss.c.

◆ poly3_lshift1()

static void poly3_lshift1 ( struct poly3 * p )

static

Definition at line 583 of file hrss.c.

◆ poly3_mod_phiN()

static void poly3_mod_phiN ( struct poly3 * p )

static

Definition at line 563 of file hrss.c.

◆ poly3_mul_aux()

static void poly3_mul_aux	(	const struct poly3_span *	out,
		const struct poly3_span *	scratch,
		const struct poly3_span *	a,
		const struct poly3_span *	b,
		size_t	n
	)

static

Definition at line 622 of file hrss.c.

◆ poly3_mul_const()

static void poly3_mul_const	(	struct poly3 *	p,
		crypto_word_t	ms,
		crypto_word_t	ma
	)

static

Definition at line 528 of file hrss.c.

◆ poly3_print()

static OPENSSL_UNUSED void poly3_print ( const struct poly3 * in )

static

Definition at line 466 of file hrss.c.

◆ poly3_reverse_700()

static void poly3_reverse_700	(	struct poly3 *	out,
		const struct poly3 *	in
	)

static

Definition at line 496 of file hrss.c.

◆ poly3_rshift1()

static void poly3_rshift1 ( struct poly3 * p )

static

Definition at line 588 of file hrss.c.

◆ poly3_span_add()

static void poly3_span_add	(	const struct poly3_span *	out,
		const struct poly3_span *	a,
		const struct poly3_span *	b,
		size_t	n
	)

static

Definition at line 601 of file hrss.c.

◆ poly3_span_sub()

static void poly3_span_sub	(	const struct poly3_span *	a,
		const struct poly3_span *	b,
		size_t	n
	)

static

Definition at line 610 of file hrss.c.

◆ poly3_top_bits_are_clear()

static OPENSSL_UNUSED int poly3_top_bits_are_clear ( const struct poly3 * p )

static

Definition at line 558 of file hrss.c.

◆ poly3_word_add()

static void poly3_word_add	(	crypto_word_t *	out_s,
		crypto_word_t *	out_a,
		const crypto_word_t	s1,
		const crypto_word_t	a1,
		const crypto_word_t	s2,
		const crypto_word_t	a2
	)

static

Definition at line 510 of file hrss.c.

◆ poly3_word_mul()

static void poly3_word_mul	(	crypto_word_t *	out_s,
		crypto_word_t *	out_a,
		const crypto_word_t	s1,
		const crypto_word_t	a1,
		const crypto_word_t	s2,
		const crypto_word_t	a2
	)

static

Definition at line 502 of file hrss.c.

◆ poly3_word_sub()

static void poly3_word_sub	(	crypto_word_t *	out_s,
		crypto_word_t *	out_a,
		const crypto_word_t	s1,
		const crypto_word_t	a1,
		const crypto_word_t	s2,
		const crypto_word_t	a2
	)

static

Definition at line 519 of file hrss.c.

◆ poly3_zero()

static void poly3_zero ( struct poly3 * p )

static

Definition at line 489 of file hrss.c.

◆ poly_clamp()

static void poly_clamp ( struct poly * p )

static

Definition at line 1360 of file hrss.c.

◆ poly_from_poly2()

static void poly_from_poly2	(	struct poly *	out,
		const struct poly2 *	in
	)

static

Definition at line 1484 of file hrss.c.

◆ poly_from_poly3()

static void poly_from_poly3	(	struct poly *	out,
		const struct poly3 *	in
	)

static

Definition at line 1502 of file hrss.c.

◆ poly_invert()

static void poly_invert	(	struct POLY_MUL_SCRATCH *	scratch,
		struct poly *	out,
		const struct poly *	in
	)

static

Definition at line 1580 of file hrss.c.

◆ poly_invert_mod2()

static void poly_invert_mod2	(	struct poly *	out,
		const struct poly *	in
	)

static

Definition at line 1532 of file hrss.c.

◆ poly_lift()

static void poly_lift	(	struct poly *	out,
		const struct poly *	a
	)

static

Definition at line 1767 of file hrss.c.

◆ poly_marshal()

static void poly_marshal	(	uint8_t	out[POLY_BYTES],
		const struct poly *	in
	)

static

Definition at line 1610 of file hrss.c.

◆ poly_marshal_mod3()

static void poly_marshal_mod3	(	uint8_t	out[HRSS_POLY3_BYTES],
		const struct poly *	in
	)

static

Definition at line 1705 of file hrss.c.

◆ poly_mod_phiN()

static void poly_mod_phiN ( struct poly * p )

static

Definition at line 1351 of file hrss.c.

◆ poly_mul()

static void poly_mul	(	struct POLY_MUL_SCRATCH *	scratch,
		struct poly *	r,
		const struct poly *	a,
		const struct poly *	b
	)

static

Definition at line 1317 of file hrss.c.

◆ poly_mul_novec()

static void poly_mul_novec	(	struct POLY_MUL_SCRATCH *	scratch,
		struct poly *	out,
		const struct poly *	x,
		const struct poly *	y
	)

static

Definition at line 1305 of file hrss.c.

◆ poly_mul_novec_aux()

static void poly_mul_novec_aux	(	uint16_t *	out,
		uint16_t *	scratch,
		const uint16_t *	a,
		const uint16_t *	b,
		size_t	n
	)

static

Definition at line 1252 of file hrss.c.

◆ poly_mul_x_minus_1()

static void poly_mul_x_minus_1 ( struct poly * p )

static

Definition at line 1339 of file hrss.c.

◆ poly_print()

static OPENSSL_UNUSED void poly_print ( const struct poly * p )

static

Definition at line 932 of file hrss.c.

◆ poly_short_sample()

static void poly_short_sample	(	struct poly *	out,
		const uint8_t	in[HRSS_SAMPLE_BYTES]
	)

static

Definition at line 1731 of file hrss.c.

◆ poly_short_sample_plus()

static void poly_short_sample_plus	(	struct poly *	out,
		const uint8_t	in[HRSS_SAMPLE_BYTES]
	)

static

Definition at line 1746 of file hrss.c.

◆ poly_unmarshal()

static int poly_unmarshal	(	struct poly *	out,
		const uint8_t	in[POLY_BYTES]
	)

static

Definition at line 1646 of file hrss.c.

◆ private_key_from_external()

static struct private_key* private_key_from_external ( struct HRSS_private_key * ext )

static

Definition at line 1910 of file hrss.c.

◆ public_key_from_external()

static struct public_key* public_key_from_external ( struct HRSS_public_key * ext )

static

Definition at line 1898 of file hrss.c.

◆ word_reverse()

static crypto_word_t word_reverse ( crypto_word_t in )

static

Definition at line 317 of file hrss.c.

Variable Documentation

◆ kSharedKey

const char kSharedKey[] = "shared key"

static

Definition at line 1989 of file hrss.c.

Classes

Macros

Functions

Variables

Macro Definition Documentation

◆ COEFFICIENTS_PER_VEC

◆ POLY_BYTES

◆ Q

◆ RESTRICT

◆ VECS_PER_POLY

Function Documentation

◆ final_bit_to_all()

◆ hexdump()

◆ HRSS_decap()

◆ HRSS_encap()

◆ HRSS_generate_key()

◆ HRSS_marshal_public_key()

◆ HRSS_parse_public_key()

◆ HRSS_poly3_invert()

◆ HRSS_poly3_mul()

◆ lsb_to_all()

◆ malloc_align32()

◆ mod3()

◆ mod3_from_modQ()

◆ poly2_clear_top_bits()

◆ poly2_cswap()

◆ poly2_fmadd()

◆ poly2_from_poly()

◆ poly2_lshift1()

◆ poly2_mod_phiN()

◆ poly2_reverse_700()

◆ poly2_rshift1()

◆ poly2_top_bits_are_clear()

◆ poly2_zero()

◆ poly3_cswap()

◆ poly3_fmsub()

◆ poly3_from_poly()

◆ poly3_from_poly_checked()

◆ poly3_lshift1()

◆ poly3_mod_phiN()

◆ poly3_mul_aux()

◆ poly3_mul_const()

◆ poly3_print()

◆ poly3_reverse_700()

◆ poly3_rshift1()

◆ poly3_span_add()

◆ poly3_span_sub()

◆ poly3_top_bits_are_clear()

◆ poly3_word_add()

◆ poly3_word_mul()

◆ poly3_word_sub()

◆ poly3_zero()

◆ poly_clamp()

◆ poly_from_poly2()

◆ poly_from_poly3()

◆ poly_invert()

◆ poly_invert_mod2()

◆ poly_lift()

◆ poly_marshal()

◆ poly_marshal_mod3()

◆ poly_mod_phiN()

◆ poly_mul()

◆ poly_mul_novec()

◆ poly_mul_novec_aux()

◆ poly_mul_x_minus_1()

◆ poly_print()

◆ poly_short_sample()

◆ poly_short_sample_plus()

◆ poly_unmarshal()

◆ private_key_from_external()

◆ public_key_from_external()

◆ word_reverse()

Variable Documentation

◆ kSharedKey