Address comments

Signed-off-by: Duc Tri Nguyen <[email protected]>
pq-code-package · Jun 18, 2024 · 020f0a8 · 020f0a8
1 parent ed33c87
commit 020f0a8
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 6 deletions.
diff --git a/fips202/fips202x4.c b/fips202/fips202x4.c
@@ -1,6 +1,6 @@
 // SPDX-License-Identifier: Apache-2.0
 #include <string.h>
-#include "fips202x.h"
+#include "fips202x4.h"
 #include "fips202.h"
 #include "keccakf1600.h"
 

diff --git a/mlkem/indcpa.c b/mlkem/indcpa.c
@@ -9,7 +9,7 @@
 #include "ntt.h"
 #include "symmetric.h"
 #include "randombytes.h"
-#include "fips202x.h"
+#include "fips202x4.h"
 #include "fips202.h"
 
 /*************************************************
@@ -170,16 +170,18 @@ void gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed)
 {
     unsigned int ctr, i, j;
     unsigned int buflen;
-    uint8_t bufx[KECCAK_WAY][GEN_MATRIX_NBLOCKS *XOF_BLOCKBYTES + 2];
+    uint8_t bufx[KECCAK_WAY][GEN_MATRIX_NBLOCKS * XOF_BLOCKBYTES];
     uint8_t *buf = NULL;
     int16_t *vec = NULL;
     uint8_t x, y;
     xof_state state;
 
     keccakx4_state statex;
-    uint8_t seedxy[KECCAK_WAY][KYBER_SYMBYTES + 2];
+    // The input data to each Keccak lane.
+    // Original size; KYBER_SYMBYTES + 2, we add padding to make align load/store.
+    uint8_t seedxy[KECCAK_WAY][KYBER_SYMBYTES + 16];
 
-    for (i = 0; i < (KYBER_K *KYBER_K / KECCAK_WAY) *KECCAK_WAY; i += KECCAK_WAY)
+    for (i = 0; i < (KYBER_K * KYBER_K / KECCAK_WAY) * KECCAK_WAY; i += KECCAK_WAY)
     {
         for (j = 0; j < KECCAK_WAY; j++)
         {
@@ -212,6 +214,7 @@ void gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed)
 
             while (ctr < KYBER_N )
             {
+                // We extract the single lane state to compute 1-way Keccak
                 uint64_t *ctx = keccakx_get_lane_state(&statex, j);
                 keccak_squeezeblocks(buf, 1, ctx, SHAKE128_RATE);
                 buflen = XOF_BLOCKBYTES;
@@ -221,7 +224,7 @@ void gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed)
     }
 
     // For left over vector, we use single keccak.
-    for (; i < KYBER_K *KYBER_K; i++)
+    for (; i < KYBER_K * KYBER_K; i++)
     {
         x = i / KYBER_K;
         y = i % KYBER_K;