diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 000000000..f16d17c0b --- /dev/null +++ b/.travis.yml @@ -0,0 +1,21 @@ +language: c +before_script: + - sudo apt update && sudo apt -y install astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz valgrind +jobs: + include: + - arch: ppc64le # The IBM Power LXD container based build for OSS only + os: linux # required for arch different than amd64 + dist: focal # or bionic | xenial with xenial as default + compiler: gcc + if: NOT branch =~ /^ghactionsonly-/ + script: + - mkdir build && cd build && cmake -GNinja -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_STFL_SIG_KEY_SIG_GEN=ON .. && cmake -LA -N .. && ninja + - cd build & ninja run_tests + - arch: s390x + os: linux + dist: focal + compiler: gcc + if: NOT branch =~ /^ghactionsonly-/ + script: + - mkdir build && cd build && cmake -GNinja -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_STFL_SIG_KEY_SIG_GEN=ON .. && cmake -LA -N .. && ninja + - cd build & ninja run_tests diff --git a/docs/algorithms/sig/cross.md b/docs/algorithms/sig/cross.md index 91de3bb82..0068e43b4 100644 --- a/docs/algorithms/sig/cross.md +++ b/docs/algorithms/sig/cross.md @@ -5,9 +5,9 @@ - **Principal submitters**: Marco Baldi, Alessandro Barenghi, Sebastian Bitzer, Patrick Karl, Felice Manganiello, Alessio Pavoni, Gerardo Pelosi, Paolo Santini, Jonas Schupp, Freeman Slaughter, Antonia Wachter-Zeh, Violetta Weger. - **Auxiliary submitters**: Marco Gianvecchio. - **Authors' website**: https://www.cross-crypto.com/ -- **Specification version**: 1.2 + Keccak_x4 + PQClean fixes. +- **Specification version**: 1.2 + Keccak_x4 + PQClean fixes + endianness fix. - **Primary Source**: - - **Source**: https://github.com/rtjk/CROSS-PQClean/commit/577d7c761c684637923c8648644cf2f4d7b41954 + - **Source**: https://github.com/rtjk/CROSS-PQClean/commit/d3bf2db85ba4a181418c95171d36afdca0d43464 - **Implementation license (SPDX-Identifier)**: CC0-1.0 diff --git a/docs/algorithms/sig/cross.yml b/docs/algorithms/sig/cross.yml index 616da6602..e9e8b7155 100644 --- a/docs/algorithms/sig/cross.yml +++ b/docs/algorithms/sig/cross.yml @@ -19,9 +19,9 @@ crypto-assumption: hardness of the restricted syndrome decoding problem for rand linear codes on a finite field website: https://www.cross-crypto.com/ nist-round: 1 -spec-version: 1.2 + Keccak_x4 + PQClean fixes +spec-version: 1.2 + Keccak_x4 + PQClean fixes + endianness fix primary-upstream: - source: https://github.com/rtjk/CROSS-PQClean/commit/577d7c761c684637923c8648644cf2f4d7b41954 + source: https://github.com/rtjk/CROSS-PQClean/commit/d3bf2db85ba4a181418c95171d36afdca0d43464 spdx-license-identifier: CC0-1.0 parameter-sets: - name: cross-rsdp-128-balanced diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml index 1362a407e..e3234bde4 100644 --- a/scripts/copy_from_upstream/copy_from_upstream.yml +++ b/scripts/copy_from_upstream/copy_from_upstream.yml @@ -66,7 +66,7 @@ upstreams: name: upcross git_url: https://github.com/rtjk/CROSS-PQClean.git git_branch: master - git_commit: 577d7c761c684637923c8648644cf2f4d7b41954 + git_commit: d3bf2db85ba4a181418c95171d36afdca0d43464 sig_meta_path: 'generate/crypto_sign/{pqclean_scheme}/META.yml' sig_scheme_path: 'generate/crypto_sign/{pqclean_scheme}' kems: diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.c index 02011ba99..65a72ad60 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.h index 7892cfde2..3caafcd17 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.c index 56da4e442..f07eb8a2e 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.h index c9c14549f..889f08ad8 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/seedtree.c index 0505c9e97..2f659455e 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-128-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP128BALANCED_CLEAN_generate_seed_tree_from_root(unsigned ch memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP128BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.c index 382354ea9..070a0240a 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.h index 0aae75c2f..ebdd0e694 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-fast_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.c index 342ee105c..4ff830e70 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.h index c0b9a5420..310b45513 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-fast_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.c index 6fe036b0c..bffadfc98 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.h index ddddf21d4..3e12a5892 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-small_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.c index 8b6e0ce13..0bade2e88 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.h index 5acaa2452..1cd27923a 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-128-small_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-128-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-128-small_clean/seedtree.c index 687799392..1efe42a89 100644 --- a/src/sig/cross/upcross_cross-rsdp-128-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-128-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP128SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP128SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.c index 8a437ddeb..516e8df69 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.h index 2bc154c1d..59274da46 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.c index f756088b6..7d138b9ce 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.h index c0c30a66e..b4b8cce1e 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/seedtree.c index 3cd44db0d..2856b08cd 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-192-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP192BALANCED_CLEAN_generate_seed_tree_from_root(unsigned ch memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP192BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.c index 7e63c32ae..423c75d70 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.h index c3bc2489c..f975fe760 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-fast_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.c index ef5be3b28..6aa783531 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.h index 1849cf2b3..c6223f476 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-fast_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.c index 023f3e8ff..0d45f0cfc 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.h index 5071313b9..e6c18601d 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-small_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.c index c6a697863..c2799bb07 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP192SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP192SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.h index 3685f99b8..912c05202 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-192-small_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-192-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-192-small_clean/seedtree.c index 83ff7103a..f33810f23 100644 --- a/src/sig/cross/upcross_cross-rsdp-192-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-192-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP192SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP192SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.c index 79e49e031..48d0413d2 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fix /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.h index 57eb0aadf..c49311e1b 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.c index 48685a4ba..f6e2d8671 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.h index 10e8b10c8..78ed91059 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/seedtree.c index 6d3a0b7b3..390c68be4 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-256-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP256BALANCED_CLEAN_generate_seed_tree_from_root(unsigned ch memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP256BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.c index d75cce902..035747872 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_w /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.h index 89f17f2f1..399c36108 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-fast_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.c index 2d96c4b1f..8bd25d840 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.h index 293874625..a0d7e6a74 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-fast_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.c index 721307069..3d5537533 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.h index c3eaa95c0..2ff064a67 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-small_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.c index cb9d3374c..26c4c0199 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDP256SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDP256SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.h index b55084025..944fe6640 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdp-256-small_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_vec(FZ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdp-256-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdp-256-small_clean/seedtree.c index 3775b8281..22b74db18 100644 --- a/src/sig/cross/upcross_cross-rsdp-256-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdp-256-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDP256SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDP256SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.c index 716033a8e..d0e8bec2e 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.h index e0c67a478..089e13146 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.c index df9686904..137fdd2a6 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.h index 884bfe955..ecdaec3da 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/seedtree.c index d754aa434..7da5981e8 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG128BALANCED_CLEAN_generate_seed_tree_from_root(unsigned c memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG128BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.c index d731253ae..457f22d4d 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.h index 4874b381a..aa6deac2f 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-fast_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.c index cc76df801..01574d761 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.h index 03bbe70fb..859ff7c92 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-fast_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.c index 18669cc97..6a6d16cc6 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.h index 13225a12b..6ce396d19 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.c index ac05031ed..96a2cd354 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.h index 841d87dd5..77ad06c2e 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/seedtree.c index 1e0bf72d8..29447f0c1 100644 --- a/src/sig/cross/upcross_cross-rsdpg-128-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-128-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG128SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG128SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.c index 13e0bc49a..9d581604c 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.h index 42274791e..13ac09234 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.c index 7097b532a..ba745ea00 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.h index f5fb444a4..df80a390f 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/seedtree.c index bc6c805b0..e2889ec46 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG192BALANCED_CLEAN_generate_seed_tree_from_root(unsigned c memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG192BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.c index b1d2f9a3d..7296364d7 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.h index e7dbffc55..49c81aac9 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-fast_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.c index eeffb17f6..6aa91b319 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.h index 194e3fc37..fd47ac3c6 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-fast_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.c index b0cc9fca4..dc118f938 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.h index 75aef4d2c..972f8385f 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.c index 5af2bcdbf..ed0de2d9b 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.h index 96b409f08..2ea4653cf 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/seedtree.c index 501fd13ac..9d0b6331c 100644 --- a/src/sig/cross/upcross_cross-rsdpg-192-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-192-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG192SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG192SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.c index cbd590de7..9b0b5f031 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_AVX2_expand_digest_to_fixed_weight(uint8_t fi /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.h index cde3e4784..7ffff0f2b 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.c index 8a06687e2..57315f69e 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_CLEAN_expand_digest_to_fixed_weight(uint8_t f /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.h index e4cf7194c..adc7bba17 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/seedtree.c index e6b46581e..2c778feb8 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-balanced_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG256BALANCED_CLEAN_generate_seed_tree_from_root(unsigned c memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG256BALANCED_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES, diff --git a/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.c index 767af4255..40c986776 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256FAST_AVX2_expand_digest_to_fixed_weight(uint8_t fixed_ /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.h index c30cc648a..69bb17246 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-fast_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.c index 5fd3aef68..c5702c853 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256FAST_CLEAN_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.h index 95c827533..82d016ac9 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-fast_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.c index e075a2d72..afcff638f 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_AVX2_expand_digest_to_fixed_weight(uint8_t fixed /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.h index e3f83d36d..a8fbe6159 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_avx2/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.c b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.c index ce0673a45..64ac4b248 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.c @@ -47,7 +47,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe memset(fixed_weight_string, 1, W); memset(fixed_weight_string + W, 0, T - W); - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; int pos_in_buf = 8; @@ -56,7 +56,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_CLEAN_expand_digest_to_fixed_weight(uint8_t fixe /* refill randomness buffer if needed */ if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.h b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.h index 1a5748204..a3af40770 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.h +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/csprng_hash.h @@ -214,6 +214,46 @@ FQ_ELEM fq_star_rnd_state(CSPRNG_STATE_T *const csprng_state) { return rnd_value + 1; } /* end fq_star_rnd_state */ +/********************* Endianness detection and handling **********************/ + +#define BIG_ENDIAN_SYSTEM 0 // assume little-endian by default + +/* Check if we are on a big-endian system: + * the __BYTE_ORDER__ macro is defined by the compiler + * recent versions of GCC and Clang define it + * other methods to detect endianness might be needed when using different compilers */ +#if defined(__BYTE_ORDER__)&&(__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) +#undef BIG_ENDIAN_SYSTEM +#define BIG_ENDIAN_SYSTEM 1 +#endif + +static inline uint64_t to_little_endian64(uint64_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap64(x); +#else + return x; +#endif +} + +static inline uint32_t to_little_endian32(uint32_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap32(x); +#else + return x; +#endif +} + +static inline uint16_t to_little_endian16(uint16_t x) { + /* When compiling on a big-endian system, swap the bytes */ +#if BIG_ENDIAN_SYSTEM + return __builtin_bswap16(x); +#else + return x; +#endif +} + /***************** Specialized CSPRNGs for non binary domains *****************/ /* CSPRNG sampling fixed weight strings */ @@ -249,14 +289,14 @@ void CSPRNG_fq_vec(FQ_ELEM res[N], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < N) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -298,14 +338,14 @@ void CSPRNG_fq_vec_beta(FQ_ELEM res[T], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_VEC_BETA, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < T) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -345,7 +385,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FQ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; @@ -353,7 +393,7 @@ void CSPRNG_fq_mat(FQ_ELEM res[K][N - K], while (placed < K * (N - K)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -393,14 +433,14 @@ void CSPRNG_zz_inf_w(FZ_ELEM res[M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_ZZ_INF_W, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; @@ -440,14 +480,14 @@ void CSPRNG_fz_mat(FZ_ELEM res[M][N - M], * in from the left end */ csprng_randombytes(CSPRNG_buffer, BUFSIZE_FZ_MAT, csprng_state); int placed = 0; - uint64_t sub_buffer = *(uint64_t *)CSPRNG_buffer; + uint64_t sub_buffer = to_little_endian64(*(uint64_t *)CSPRNG_buffer); int bits_in_sub_buf = 64; /* position of the next fresh byte in CSPRNG_buffer*/ int pos_in_buf = 8; while (placed < M * (N - M)) { if (bits_in_sub_buf <= 32) { /* get 32 fresh bits from main buffer with a single load */ - uint32_t refresh_buf = *(uint32_t *) (CSPRNG_buffer + pos_in_buf); + uint32_t refresh_buf = to_little_endian32(*(uint32_t *) (CSPRNG_buffer + pos_in_buf)); pos_in_buf += 4; sub_buffer |= ((uint64_t) refresh_buf) << bits_in_sub_buf; bits_in_sub_buf += 32; diff --git a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/seedtree.c b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/seedtree.c index 9689b7c0b..5f67c5350 100644 --- a/src/sig/cross/upcross_cross-rsdpg-256-small_clean/seedtree.c +++ b/src/sig/cross/upcross_cross-rsdpg-256-small_clean/seedtree.c @@ -136,7 +136,7 @@ void PQCLEAN_CROSSRSDPG256SMALL_CLEAN_generate_seed_tree_from_root(unsigned char memcpy(csprng_input, seed_tree + father_node_storage_idx * SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1] ) *SEED_LENGTH_BYTES, @@ -253,7 +253,7 @@ int PQCLEAN_CROSSRSDPG256SMALL_CLEAN_regenerate_round_seeds(unsigned char memcpy(csprng_input, seed_tree + (father_node_storage_idx)*SEED_LENGTH_BYTES, SEED_LENGTH_BYTES); - *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = father_node_idx; + *((uint16_t *)(csprng_input + SALT_LENGTH_BYTES + SEED_LENGTH_BYTES)) = to_little_endian16(father_node_idx); /* expand the children (stored contiguously) */ initialize_csprng(&tree_csprng_state, csprng_input, csprng_input_len); csprng_randombytes(seed_tree + (LEFT_CHILD(father_node_idx) - missing_nodes_before[level + 1])*SEED_LENGTH_BYTES,