ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.])
ARG_DISBL_SET([md5], [disable MD5 software implementation plugin.])
ARG_ENABL_SET([mgf1], [enable the MGF1 software implementation plugin.])
-ARG_ENABL_SET([newhope], [enable New Hope crypto plugin.])
ARG_DISBL_SET([nonce], [disable nonce generation plugin.])
ARG_ENABL_SET([ntru], [enables the NTRU crypto plugin.])
ARG_ENABL_SET([frodo], [enable FrodoKEM Post Quantum Safe plugin.])
ADD_PLUGIN([frodo], [s charon scripts nm cmd])
ADD_PLUGIN([oqs], [s charon scripts nm cmd])
ADD_PLUGIN([drbg], [s charon pki scripts nm cmd])
-ADD_PLUGIN([newhope], [s charon scripts nm cmd])
ADD_PLUGIN([curl], [s charon pki scripts nm cmd])
ADD_PLUGIN([files], [s charon pki scripts nm cmd])
ADD_PLUGIN([winhttp], [s charon pki scripts])
AM_CONDITIONAL(USE_GCM, test x$gcm = xtrue)
AM_CONDITIONAL(USE_AF_ALG, test x$af_alg = xtrue)
AM_CONDITIONAL(USE_NTRU, test x$ntru = xtrue)
-AM_CONDITIONAL(USE_NEWHOPE, test x$newhope = xtrue)
AM_CONDITIONAL(USE_DRBG, test x$drbg = xtrue)
AM_CONDITIONAL(USE_OQS, test x$oqs = xtrue)
AM_CONDITIONAL(USE_FRODO, test x$frodo = xtrue)
AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pki = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue -o x$aikgen = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$svc = xtrue -o x$systemd = xtrue)
AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue)
-AM_CONDITIONAL(USE_LIBNTTFFT, test x$newhope = xtrue)
AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
AM_CONDITIONAL(USE_LIBPTTLS, test x$tnc_tnccs = xtrue)
src/Makefile
src/include/Makefile
src/libstrongswan/Makefile
- src/libstrongswan/math/libnttfft/Makefile
- src/libstrongswan/math/libnttfft/tests/Makefile
src/libstrongswan/plugins/aes/Makefile
src/libstrongswan/plugins/cmac/Makefile
src/libstrongswan/plugins/des/Makefile
src/libstrongswan/plugins/af_alg/Makefile
src/libstrongswan/plugins/drbg/Makefile
src/libstrongswan/plugins/ntru/Makefile
- src/libstrongswan/plugins/newhope/Makefile
- src/libstrongswan/plugins/newhope/tests/Makefile
src/libstrongswan/plugins/frodo/Makefile
src/libstrongswan/plugins/oqs/Makefile
src/libstrongswan/plugins/oqs/tests/Makefile
libs += $(DESTDIR)$(ipseclibdir)/libradius.so
endif
-if USE_LIBNTTFFT
- deps += $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la
- libs += $(DESTDIR)$(ipseclibdir)/libnttfft.so
-endif
-
if USE_LIBPTTLS
deps += $(top_builddir)/src/libpttls/libpttls.la
libs += $(DESTDIR)$(ipseclibdir)/libpttls.so
SUBDIRS = .
endif
-# build libnttfft used by some plugins
-######################################
-
-if USE_LIBNTTFFT
- SUBDIRS += math/libnttfft
-endif
-
# build plugins with their own Makefile
#######################################
endif
endif
-if USE_NEWHOPE
- SUBDIRS += plugins/newhope
-if MONOLITHIC
- libstrongswan_la_LIBADD += plugins/newhope/libstrongswan-newhope.la
-endif
-endif
-
if USE_DRBG
SUBDIRS += plugins/drbg
if MONOLITHIC
SUBDIRS += tests
-if USE_LIBNTTFFT
- SUBDIRS += math/libnttfft/tests
-endif
-
-if USE_NEWHOPE
- SUBDIRS += plugins/newhope/tests
-endif
-
if USE_OQS
SUBDIRS += plugins/oqs/tests
endif
"NTRU_128",
"NTRU_192",
"NTRU_256");
-ENUM_NEXT(key_exchange_method_names, NH_128_BIT, NH_128_BIT, NTRU_256_BIT,
- "NEWHOPE_128");
-ENUM_NEXT(key_exchange_method_names, KE_KYBER_L1, KE_HQC_L5, NH_128_BIT,
+ENUM_NEXT(key_exchange_method_names, KE_KYBER_L1, KE_HQC_L5, NTRU_256_BIT,
"KYBER_L1",
"KYBER_L3",
"KYBER_L5",
"ntru128",
"ntru192",
"ntru256");
-ENUM_NEXT(key_exchange_method_names_short, NH_128_BIT, NH_128_BIT, NTRU_256_BIT,
- "newhope128");
-ENUM_NEXT(key_exchange_method_names_short, KE_KYBER_L1, KE_HQC_L5, NH_128_BIT,
+ENUM_NEXT(key_exchange_method_names_short, KE_KYBER_L1, KE_HQC_L5, NTRU_256_BIT,
"kyber1",
"kyber3",
"kyber5",
case NTRU_128_BIT:
case NTRU_192_BIT:
case NTRU_256_BIT:
- case NH_128_BIT:
case KE_KYBER_L1:
case KE_KYBER_L3:
case KE_KYBER_L5:
NTRU_128_BIT = 1031,
NTRU_192_BIT = 1032,
NTRU_256_BIT = 1033,
- NH_128_BIT = 1040,
/** NIST round 3 KEM candidates, in PRIVATE USE */
KE_KYBER_L1 = 1050,
KE_KYBER_L3 = 1051,
case NTRU_128_BIT:
case NTRU_192_BIT:
case NTRU_256_BIT:
- case NH_128_BIT:
add_algorithm(this, KEY_EXCHANGE_METHOD, group, 0);
break;
default:
ntru128, KEY_EXCHANGE_METHOD, NTRU_128_BIT, 0
ntru192, KEY_EXCHANGE_METHOD, NTRU_192_BIT, 0
ntru256, KEY_EXCHANGE_METHOD, NTRU_256_BIT, 0
-newhope128, KEY_EXCHANGE_METHOD, NH_128_BIT, 0
kyber1, KEY_EXCHANGE_METHOD, KE_KYBER_L1, 0
kyber3, KEY_EXCHANGE_METHOD, KE_KYBER_L3, 0
kyber5, KEY_EXCHANGE_METHOD, KE_KYBER_L5, 0
+++ /dev/null
-AM_CPPFLAGS = \
- -I$(top_srcdir)/src/libstrongswan
-
-AM_CFLAGS = \
- @COVERAGE_CFLAGS@
-
-AM_LDFLAGS = \
- -no-undefined
-
-ipseclib_LTLIBRARIES = libnttfft.la
-
-libnttfft_la_SOURCES = \
- ntt_fft_reduce.h ntt_fft.h ntt_fft.c \
- ntt_fft_params.h ntt_fft_params.c
-
+++ /dev/null
-/*
- * Copyright (C) 2014-2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "ntt_fft.h"
-#include "ntt_fft_reduce.h"
-
-/**
- * Described in header.
- */
-void libnttfft_init(void)
-{
- /* empty */
-}
-
-typedef struct private_ntt_fft_t private_ntt_fft_t;
-
-/**
- * Private data structure for ntt_fft_t object
- */
-struct private_ntt_fft_t {
-
- /**
- * Public interface.
- */
- ntt_fft_t public;
-
- /**
- * FFT parameter set used as constants
- */
- const ntt_fft_params_t *p;
-
-};
-
-METHOD(ntt_fft_t, get_size, uint16_t,
- private_ntt_fft_t *this)
-{
- return this->p->n;
-}
-
-METHOD(ntt_fft_t, get_modulus, uint16_t,
- private_ntt_fft_t *this)
-{
- return this->p->q;
-}
-
-/**
- * Do an FFT butterfly operation
- *
- * x[i1] ---|+|------- x[i1]
- * \/
- * /\ w[iw]
- * x[i2] ---|-|--|*|-- x[i2]
- *
- */
-static void butterfly(private_ntt_fft_t *this, uint32_t *x, int i1,int i2, int iw)
-{
- uint32_t xp, xm;
-
- xp = x[i1] + x[i2];
- xm = x[i1] + (this->p->q - x[i2]);
- if (xp >= this->p->q)
- {
- xp -= this->p->q;
- }
- x[i1] = xp;
- x[i2] = ntt_fft_mreduce(xm * this->p->wr[iw], this->p);
-}
-
-/**
- * Trivial butterfly operation of last FFT stage
- */
-static void butterfly_last(private_ntt_fft_t *this, uint32_t *x, int i1)
-{
- uint32_t xp, xm;
- int i2 = i1 + 1;
-
- xp = x[i1] + x[i2];
- xm = x[i1] + (this->p->q - x[i2]);
- if (xp >= this->p->q)
- {
- xp -= this->p->q;
- }
- if (xm >= this->p->q)
- {
- xm -= this->p->q;
- }
- x[i1] = xp;
- x[i2] = xm;
-}
-
-METHOD(ntt_fft_t, transform, void,
- private_ntt_fft_t *this, uint32_t *a, uint32_t *b, bool inverse)
-{
- int stage, i, j, k, m, n, s, t, iw, i_rev;
- uint32_t tmp;
-
- /* we are going to use the transform size n a lot */
- n = this->p->n;
- s = this->p->s;
-
- if (!inverse)
- {
- /* apply linear phase needed for negative wrapped convolution */
- for (i = 0; i < n; i++)
- {
- b[i] = ntt_fft_mreduce(a[i] * this->p->wf[s*i], this->p);
- }
- }
- else if (a != b)
- {
- /* copy if input and output array are not the same */
- for (i = 0; i < n; i++)
- {
- b[i] = a[i];
- }
- }
-
- m = n;
- k = 1;
-
- for (stage = this->p->stages; stage > 0; stage--)
- {
- m >>= 1;
- t = 0;
-
- for (j = 0; j < k; j++)
- {
- if (stage == 1)
- {
- butterfly_last(this, b, t);
- }
- else
- {
- for (i = 0; i < m; i++)
- {
- iw = s * (inverse ? (n - i * k) : (i * k));
- butterfly(this, b, t + i, t + i + m, iw);
- }
- }
- t += 2*m;
- }
- k <<= 1;
- }
-
- /* Sort output in bit-reverse order */
- for (i = 0; i < n; i++)
- {
- i_rev = this->p->rev[i];
-
- if (i_rev > i)
- {
- tmp = b[i];
- b[i] = b[i_rev];
- b[i_rev] = tmp;
- }
- }
-
- /**
- * Compensate the linear phase needed for negative wrapped convolution
- * and normalize the output array with 1/n mod q after the inverse FFT.
- */
- if (inverse)
- {
- for (i = 0; i < n; i++)
- {
- b[i] = ntt_fft_mreduce(b[i] * this->p->wi[i], this->p);
- }
- }
-}
-
-METHOD(ntt_fft_t, destroy, void,
- private_ntt_fft_t *this)
-{
- free(this);
-}
-
-/**
- * See header.
- */
-ntt_fft_t *ntt_fft_create(const ntt_fft_params_t *params)
-{
- private_ntt_fft_t *this;
-
- INIT(this,
- .public = {
- .get_size = _get_size,
- .get_modulus = _get_modulus,
- .transform = _transform,
- .destroy = _destroy,
- },
- .p = params,
- );
-
- return &this->public;
-}
+++ /dev/null
-/*
- * Copyright (C) 2014 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup ntt_p libnttfft
- *
- * @defgroup ntt_fft ntt_fft
- * @{ @ingroup ntt_p
- */
-
-#ifndef NTT_FFT_H_
-#define NTT_FFT_H_
-
-#include "ntt_fft_params.h"
-
-#include <library.h>
-
-typedef struct ntt_fft_t ntt_fft_t;
-
-/**
- * Implements a Number Theoretic Transform (NTT) via the FFT algorithm
- */
-struct ntt_fft_t {
-
- /**
- * Get the size of the Number Theoretic Transform
- *
- * @result Transform size
- */
- uint16_t (*get_size)(ntt_fft_t *this);
-
- /**
- * Get the prime modulus of the Number Theoretic Transform
- *
- * @result Prime modulus
- */
- uint16_t (*get_modulus)(ntt_fft_t *this);
-
- /**
- * Compute the [inverse] NTT of a polynomial
- *
- * @param a Coefficient of input polynomial
- * @param b Coefficient of output polynomial
- * @param inverse TRUE if the inverse NTT has to be computed
- */
- void (*transform)(ntt_fft_t *this, uint32_t *a, uint32_t *b, bool inverse);
-
- /**
- * Destroy ntt_fft_t object
- */
- void (*destroy)(ntt_fft_t *this);
-};
-
-/**
- * Create a ntt_fft_t object for a given FFT parameter set
- *
- * @param params FFT parameters
- */
-ntt_fft_t *ntt_fft_create(const ntt_fft_params_t *params);
-
-/**
- * Dummy libnttfft initialization function needed for integrity test
- */
-void libnttfft_init(void);
-
-
-#endif /** NTT_FFT_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2014-2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "ntt_fft_params.h"
-
-/**
- * FFT twiddle factors in Montgomery form for q = 12289 and n = 1024
- */
-static const uint16_t wr_12289_1024[] = {
- 4075, 3051, 2031, 1207, 9987, 10092, 2948, 9273, 11973, 9094,
- 3202, 9430, 7377, 5092, 3728, 10626, 4536, 1062, 2882, 6039,
- 975, 10908, 6065, 2249, 11889, 4978, 10431, 7270, 12138, 4890,
- 6119, 4895, 6364, 4611, 4737, 10911, 6212, 9452, 8455, 8758,
- 11316, 1479, 11026, 11847, 2920, 7901, 6190, 8374, 4789, 1170,
- 8174, 7278, 241, 11809, 1058, 2686, 8724, 9650, 5868, 4885,
- 5874, 5179, 7991, 10600, 3262, 81, 3969, 10146, 5594, 3748,
- 11606, 3400, 6843, 3504, 11939, 7428, 7591, 3289, 1404, 7351,
- 3818, 2747, 11713, 8643, 5681, 8011, 11580, 2126, 5862, 4591,
- 3757, 12047, 431, 8830, 2555, 2305, 2344, 4255, 11871, 4096,
-
- 4080, 3296, 1747, 11869, 3998, 11567, 1489, 11516, 11279, 11955,
- 8212, 9140, 5456, 9275, 12071, 1607, 5009, 11950, 7967, 9424,
- 7083, 2975, 10596, 3066, 2766, 355, 5106, 4414, 7373, 4896,
- 6413, 7012, 11785, 12171, 6507, 11618, 3988, 11077, 2057, 2481,
- 10968, 9005, 11130, 4654, 6844, 3553, 2051, 2187, 8851, 3584,
- 3570, 2884, 6137, 5777, 426, 8585, 2839, 3932, 8333, 2780,
- 1041, 1853, 4774, 435, 9026, 12159, 5919, 7384, 5435, 8246,
- 10806, 1067, 3127, 5755, 11637, 4919, 7540, 790, 1843, 4284,
- 1003, 12280, 11848, 2969, 10302, 949, 9634, 5084, 3336, 3707,
- 9597, 3271, 522, 1000, 12133, 4645, 6403, 6522, 64, 3136,
-
- 6196, 8668, 6906, 6591, 3445, 9048, 948, 9585, 2683, 8577,
- 2447, 9302, 1105, 4989, 10970, 9103, 3643, 6461, 9364, 4143,
- 6383, 5542, 1200, 9644, 5574, 2768, 453, 9908, 6221, 9893,
- 5486, 10745, 10367, 4134, 5942, 8511, 11502, 10593, 2919, 7852,
- 3789, 1326, 3529, 875, 6008, 11745, 10211, 8779, 56, 2744,
- 11566, 1440, 9115, 4231, 10695, 7917, 6974, 9923, 6956, 9041,
- 605, 5067, 2503, 12046, 382, 6429, 7796, 1045, 2049, 2089,
- 4049, 1777, 1050, 2294, 1805, 2422, 8077, 2525, 835, 4048,
- 1728, 10938, 7535, 545, 2127, 5911, 6992, 10805, 1018, 726,
- 10996, 10377, 4624, 5374, 5257, 11813, 1254, 1, 49, 2401,
-
- 7048, 1260, 295, 2166, 7822, 2319, 3030, 1002, 12231, 9447,
- 8210, 9042, 654, 7468, 9551, 1017, 677, 8595, 3329, 3364,
- 5079, 3091, 3991, 11224, 9260, 11336, 2459, 9890, 5339, 3542,
- 1512, 354, 5057, 2013, 325, 3636, 6118, 4846, 3963, 9852,
- 3477, 10616, 4046, 1630, 6136, 5728, 10314, 1537, 1579, 3637,
- 6167, 7247, 11011, 11112, 3772, 493, 11868, 3949, 9166, 6730,
- 10256, 10984, 9789, 390, 6821, 2426, 8273, 12129, 4449, 9088,
- 2908, 7313, 1956, 9821, 1958, 9919, 6760, 11726, 9280, 27,
- 1323, 3382, 5961, 9442, 7965, 9326, 2281, 1168, 8076, 2476,
- 10723, 9289, 468, 10643, 5369, 5012, 12097, 2881, 5990, 10863,
-
- 3860, 4805, 1954, 9723, 9445, 8112, 4240, 11136, 4948, 8961,
- 8974, 9611, 3957, 9558, 1360, 5195, 8775, 12149, 5429, 7952,
- 8689, 7935, 7856, 3985, 10930, 7143, 5915, 7188, 8120, 4632,
- 5766, 12176, 6752, 11334, 2361, 5088, 3532, 1022, 922, 8311,
- 1702, 9664, 6554, 1632, 6234, 10530, 12121, 4057, 2169, 7969,
- 9522, 11885, 4782, 827, 3656, 7098, 3710, 9744, 10474, 9377,
- 4780, 729, 11143, 5291, 1190, 9154, 6142, 6022, 142, 6958,
- 9139, 5407, 6874, 5023, 347, 4714, 9784, 145, 7105, 4053,
- 1973, 10654, 5908, 6845, 3602, 4452, 9235, 10111, 3879, 5736,
- 10706, 8456, 8807, 1428, 8527, 12286, 12142, 5086, 3434, 8509,
-
- 11404, 5791, 1112, 5332, 3199, 9283, 174, 8526, 12237, 9741,
- 10327, 2174, 8214, 9238, 10258, 11082, 2302, 2197, 9341, 3016,
- 316, 3195, 9087, 2859, 4912, 7197, 8561, 1663, 7753, 11227,
- 9407, 6250, 11314, 1381, 6224, 10040, 400, 7311, 1858, 5019,
- 151, 7399, 6170, 7394, 5925, 7678, 7552, 1378, 6077, 2837,
- 3834, 3531, 973, 10810, 1263, 442, 9369, 4388, 6099, 3915,
- 7500, 11119, 4115, 5011, 12048, 480, 11231, 9603, 3565, 2639,
- 6421, 7404, 6415, 7110, 4298, 1689, 9027, 12208, 8320, 2143,
- 6695, 8541, 683, 8889, 5446, 8785, 350, 4861, 4698, 9000,
- 10885, 4938, 8471, 9542, 576, 3646, 6608, 4278, 709, 10163,
-
- 6427, 7698, 8532, 242, 11858, 3459, 9734, 9984, 9945, 8034,
- 418, 8193, 8209, 8993, 10542, 420, 8291, 722, 10800, 773,
- 1010, 334, 4077, 3149, 6833, 3014, 218, 10682, 7280, 339,
- 4322, 2865, 5206, 9314, 1693, 9223, 9523, 11934, 7183, 7875,
- 4916, 7393, 5876, 5277, 504, 118, 5782, 671, 8301, 1212,
- 10232, 9808, 1321, 3284, 1159, 7635, 5445, 8736, 10238, 10102,
- 3438, 8705, 8719, 9405, 6152, 6512, 11863, 3704, 9450, 8357,
- 3956, 9509, 11248, 10436, 7515, 11854, 3263, 130, 6370, 4905,
- 6854, 4043, 1483, 11222, 9162, 6534, 652, 7370, 4749, 11499,
- 10446, 8005, 11286, 9, 441, 9320, 1987, 11340, 2655, 7205,
-
- 8953, 8582, 2692, 9018, 11767, 11289, 156, 7644, 5886, 5767,
- 12225, 9153, 6093, 3621, 5383, 5698, 8844, 3241, 11341, 2704,
- 9606, 3712, 9842, 2987, 11184, 7300, 1319, 3186, 8646, 5828,
- 2925, 8146, 5906, 6747, 11089, 2645, 6715, 9521, 11836, 2381,
- 6068, 2396, 6803, 1544, 1922, 8155, 6347, 3778, 787, 1696,
- 9370, 4437, 8500, 10963, 8760, 11414, 6281, 544, 2078, 3510,
- 12233, 9545, 723, 10849, 3174, 8058, 1594, 4372, 5315, 2366,
- 5333, 3248, 11684, 7222, 9786, 243, 11907, 5860, 4493, 11244,
- 10240, 10200, 8240, 10512, 11239, 9995, 10484, 9867, 4212, 9764,
- 11454, 8241, 10561, 1351, 4754, 11744, 10162, 6378, 5297, 1484,
-
- 11271, 11563, 1293, 1912, 7665, 6915, 7032, 476, 11035, 12288,
- 12240, 9888, 5241, 11029, 11994, 10123, 4467, 9970, 9259, 11287,
- 58, 2842, 4079, 3247, 11635, 4821, 2738, 11272, 11612, 3694,
- 8960, 8925, 7210, 9198, 8298, 1065, 3029, 953, 9830, 2399,
- 6950, 8747, 10777, 11935, 7232, 10276, 11964, 8653, 6171, 7443,
- 8326, 2437, 8812, 1673, 8243, 10659, 6153, 6561, 1975, 10752,
- 10710, 8652, 6122, 5042, 1278, 1177, 8517, 11796, 421, 8340,
- 3123, 5559, 2033, 1305, 2500, 11899, 5468, 9863, 4016, 160,
- 7840, 3201, 9381, 4976, 10333, 2468, 10331, 2370, 5529, 563,
- 3009, 12262, 10966, 8907, 6328, 2847, 4324, 2963, 10008, 11121,
-
- 4213, 9813, 1566, 3000, 11821, 1646, 6920, 7277, 192, 9408,
- 6299, 1426, 8429, 7484, 10335, 2566, 2844, 4177, 8049, 1153,
- 7341, 3328, 3315, 2678, 8332, 2731, 10929, 7094, 3514, 140,
- 6860, 4337, 3600, 4354, 4433, 8304, 1359, 5146, 6374, 5101,
- 4169, 7657, 6523, 113, 5537, 955, 9928, 7201, 8757, 11267,
- 11367, 3978, 10587, 2625, 5735, 10657, 6055, 1759, 168, 8232,
- 10120, 4320, 2767, 404, 7507, 11462, 8633, 5191, 8579, 2545,
- 1815, 2912, 7509, 11560, 1146, 6998, 11099, 3135, 6147, 6267,
- 12147, 5331, 3150, 6882, 5415, 7266, 11942, 7575, 2505, 12144,
- 5184, 8236, 10316, 1635, 6381, 5444, 8687, 7837, 3054, 2178,
-
- 8410, 6553, 1583, 3833, 3482, 10861, 3762, 3, 147, 7203,
- 8855, 3780, 885, 6498, 11177, 6957, 9090, 3006, 12115, 3763,
- 52, 2548, 1962, 10115, 4075
-};
-
-/**
- * FFT phase shift in forward transform for q = 12289 and n = 1024
- */
-static const uint16_t wf_12289_1024[] = {
- 3186, 10013, 8646, 11366, 5828, 3929, 2925, 8186, 8146, 7866,
- 5906, 4475, 6747, 10362, 11089, 3889, 2645, 6226, 6715, 10138,
- 9521, 5202, 11836, 9118, 2381, 4378, 6068, 5609, 2396, 4483,
- 6803, 10754, 1544, 10808, 1922, 1165, 8155, 7929, 6347, 7562,
- 3778, 1868, 787, 5509, 1696, 11872, 9370, 4145, 4437, 6481,
- 8500, 10344, 10963, 3007, 8760, 12164, 11414, 6164, 6281, 7100,
- 544, 3808, 2078, 2257, 3510, 12281, 12233, 11897, 9545, 5370,
- 723, 5061, 10849, 2209, 3174, 9929, 8058, 7250, 1594, 11158,
- 4372, 6026, 5315, 338, 2366, 4273, 5333, 464, 3248, 10447,
- 11684, 8054, 7222, 1398, 9786, 7057, 243, 1701, 11907, 9615,
-
- 5860, 4153, 4493, 6873, 11244, 4974, 10240, 10235, 10200, 9955,
- 8240, 8524, 10512, 12139, 11239, 4939, 9995, 8520, 10484, 11943,
- 9867, 7624, 4212, 4906, 9764, 6903, 11454, 6444, 8241, 8531,
- 10561, 193, 1351, 9457, 4754, 8700, 11744, 8474, 10162, 9689,
- 6378, 7779, 5297, 212, 1484, 10388, 11271, 5163, 11563, 7207,
- 1293, 9051, 1912, 1095, 7665, 4499, 6915, 11538, 7032, 68,
- 476, 3332, 11035, 3511, 12288, 12282, 12240, 11946, 9888, 7771,
- 5241, 12109, 11029, 3469, 11994, 10224, 10123, 9416, 4467, 6691,
- 9970, 8345, 9259, 3368, 11287, 5275, 58, 406, 2842, 7605,
- 4079, 3975, 3247, 10440, 11635, 7711, 4821, 9169, 2738, 6877,
-
- 11272, 5170, 11612, 7550, 3694, 1280, 8960, 1275, 8925, 1030,
- 7210, 1314, 9198, 2941, 8298, 8930, 1065, 7455, 3029, 8914,
- 953, 6671, 9830, 7365, 2399, 4504, 6950, 11783, 8747, 12073,
- 10777, 1705, 11935, 9811, 7232, 1468, 10276, 10487, 11964, 10014,
- 8653, 11415, 6171, 6330, 7443, 2945, 8326, 9126, 2437, 4770,
- 8812, 239, 1673, 11711, 8243, 8545, 10659, 879, 6153, 6204,
- 6561, 9060, 1975, 1536, 10752, 1530, 10710, 1236, 8652, 11408,
- 6122, 5987, 5042, 10716, 1278, 8946, 1177, 8239, 8517, 10463,
- 11796, 8838, 421, 2947, 8340, 9224, 3123, 9572, 5559, 2046,
- 2033, 1942, 1305, 9135, 2500, 5211, 11899, 9559, 5468, 1409,
-
- 9863, 7596, 4016, 3534, 160, 1120, 7840, 5724, 3201, 10118,
- 9381, 4222, 4976, 10254, 10333, 10886, 2468, 4987, 10331, 10872,
- 2370, 4301, 5529, 1836, 563, 3941, 3009, 8774, 12262, 12100,
- 10966, 3028, 8907, 904, 6328, 7429, 2847, 7640, 4324, 5690,
- 2963, 8452, 10008, 8611, 11121, 4113, 4213, 4913, 9813, 7246,
- 1566, 10962, 3000, 8711, 11821, 9013, 1646, 11522, 6920, 11573,
- 7277, 1783, 192, 1344, 9408, 4411, 6299, 7226, 1426, 9982,
- 8429, 9847, 7484, 3232, 10335, 10900, 2566, 5673, 2844, 7619,
- 4177, 4661, 8049, 7187, 1153, 8071, 7341, 2231, 3328, 11007,
- 3315, 10916, 2678, 6457, 8332, 9168, 2731, 6828, 10929, 2769,
-
- 7094, 502, 3514, 20, 140, 980, 6860, 11153, 4337, 5781,
- 3600, 622, 4354, 5900, 4433, 6453, 8304, 8972, 1359, 9513,
- 5146, 11444, 6374, 7751, 5101, 11129, 4169, 4605, 7657, 4443,
- 6523, 8794, 113, 791, 5537, 1892, 955, 6685, 9928, 8051,
- 7201, 1251, 8757, 12143, 11267, 5135, 11367, 5835, 3978, 3268,
- 10587, 375, 2625, 6086, 5735, 3278, 10657, 865, 6055, 5518,
- 1759, 24, 168, 1176, 8232, 8468, 10120, 9395, 4320, 5662,
- 2767, 7080, 404, 2828, 7507, 3393, 11462, 6500, 8633, 11275,
- 5191, 11759, 8579, 10897, 2545, 5526, 1815, 416, 2912, 8095,
- 7509, 3407, 11560, 7186, 1146, 8022, 6998, 12119, 11099, 3959,
-
- 3135, 9656, 6147, 6162, 6267, 7002, 12147, 11295, 5331, 450,
- 3150, 9761, 6882, 11307, 5415, 1038, 7266, 1706, 11942, 9860,
- 7575, 3869, 2505, 5246, 12144, 11274, 5184, 11710, 8236, 8496,
- 10316, 10767, 1635, 11445, 6381, 7800, 5444, 1241, 8687, 11653,
- 7837, 5703, 3054, 9089, 2178, 2957, 8410, 9714, 6553, 9004,
- 1583, 11081, 3833, 2253, 3482, 12085, 10861, 2293, 3762, 1756,
- 3, 21, 147, 1029, 7203, 1265, 8855, 540, 3780, 1882,
- 885, 6195, 6498, 8619, 11177, 4505, 6957, 11832, 9090, 2185,
- 3006, 8753, 12115, 11071, 3763, 1763, 52, 364, 2548, 5547,
- 1962, 1445, 10115, 9360, 4075, 3947, 3051, 9068, 2031, 1928,
-
- 1207, 8449, 9987, 8464, 10092, 9199, 2948, 8347, 9273, 3466,
- 11973, 10077, 9094, 2213, 3202, 10125, 9430, 4565, 7377, 2483,
- 5092, 11066, 3728, 1518, 10626, 648, 4536, 7174, 1062, 7434,
- 2882, 7885, 6039, 5406, 975, 6825, 10908, 2622, 6065, 5588,
- 2249, 3454, 11889, 9489, 4978, 10268, 10431, 11572, 7270, 1734,
- 12138, 11232, 4890, 9652, 6119, 5966, 4895, 9687, 6364, 7681,
- 4611, 7699, 4737, 8581, 10911, 2643, 6212, 6617, 9452, 4719,
- 8455, 10029, 8758, 12150, 11316, 5478, 1479, 10353, 11026, 3448,
- 11847, 9195, 2920, 8151, 7901, 6151, 6190, 6463, 8374, 9462,
- 4789, 8945, 1170, 8190, 8174, 8062, 7278, 1790, 241, 1687,
-
- 11809, 8929, 1058, 7406, 2686, 6513, 8724, 11912, 9650, 6105,
- 5868, 4209, 4885, 9617, 5874, 4251, 5179, 11675, 7991, 6781,
- 10600, 466, 3262, 10545, 81, 567, 3969, 3205, 10146, 9577,
- 5594, 2291, 3748, 1658, 11606, 7508, 3400, 11511, 6843, 11034,
- 3504, 12239, 11939, 9839, 7428, 2840, 7591, 3981, 3289, 10734,
- 1404, 9828, 7351, 2301, 3818, 2148, 2747, 6940, 11713, 8257,
- 8643, 11345, 5681, 2900, 8011, 6921, 11580, 7326, 2126, 2593,
- 5862, 4167, 4591, 7559, 3757, 1721, 12047, 10595, 431, 3017,
- 8830, 365, 2555, 5596, 2305, 3846, 2344, 4119, 4255, 5207,
- 11871, 9363, 4096, 4094, 4080, 3982, 3296, 10783, 1747, 12229,
-
- 11869, 9349, 3998, 3408, 11567, 7235, 1489, 10423, 11516, 6878,
- 11279, 5219, 11955, 9951, 8212, 8328, 9140, 2535, 5456, 1325,
- 9275, 3480, 12071, 10763, 1607, 11249, 5009, 10485, 11950, 9916,
- 7967, 6613, 9424, 4523, 7083, 425, 2975, 8536, 10596, 438,
- 3066, 9173, 2766, 7073, 355, 2485, 5106, 11164, 4414, 6320,
- 7373, 2455, 4896, 9694, 6413, 8024, 7012, 12217, 11785, 8761,
- 12171, 11463, 6507, 8682, 11618, 7592, 3988, 3338, 11077, 3805,
- 2057, 2110, 2481, 5078, 10968, 3042, 9005, 1590, 11130, 4176,
- 4654, 8000, 6844, 11041, 3553, 293, 2051, 2068, 2187, 3020,
- 8851, 512, 3584, 510, 3570, 412, 2884, 7899, 6137, 6092,
-
- 5777, 3572, 426, 2982, 8585, 10939, 2839, 7584, 3932, 2946,
- 8333, 9175, 2780, 7171, 1041, 7287, 1853, 682, 4774, 8840,
- 435, 3045, 9026, 1737, 12159, 11379, 5919, 4566, 7384, 2532,
- 5435, 1178, 8246, 8566, 10806, 1908, 1067, 7469, 3127, 9600,
- 5755, 3418, 11637, 7725, 4919, 9855, 7540, 3624, 790, 5530,
- 1843, 612, 4284, 5410, 1003, 7021, 12280, 12226, 11848, 9202,
- 2969, 8494, 10302, 10669, 949, 6643, 9634, 5993, 5084, 11010,
- 3336, 11063, 3707, 1371, 9597, 5734, 3271, 10608, 522, 3654,
- 1000, 7000, 12133, 11197, 4645, 7937, 6403, 7954, 6522, 8787,
- 64, 448, 3136, 9663, 6196, 6505, 8668, 11520, 6906, 11475,
-
- 6591, 9270, 3445, 11826, 9048, 1891, 948, 6636, 9585, 5650,
- 2683, 6492, 8577, 10883, 2447, 4840, 9302, 3669, 1105, 7735,
- 4989, 10345, 10970, 3056
-};
-
-/**
- * FFT phase shift and scaling inverse transform for q = 12289 and n = 1024
- */
-static const uint16_t wi_12289_1024[] = {
- 12277, 5265, 9530, 3117, 5712, 816, 10650, 3277, 9246, 4832,
- 5957, 851, 10655, 10300, 3227, 461, 3577, 511, 73, 1766,
- 5519, 2544, 2119, 7325, 2802, 5667, 11343, 3376, 5749, 6088,
- 7892, 2883, 3923, 2316, 3842, 4060, 580, 3594, 2269, 9102,
- 6567, 9716, 1388, 5465, 7803, 8137, 2918, 3928, 9339, 10112,
- 11978, 10489, 3254, 3976, 568, 8859, 11799, 12219, 12279, 10532,
- 12038, 8742, 4760, 680, 8875, 4779, 7705, 8123, 2916, 10950,
- 6831, 4487, 641, 10625, 5029, 2474, 2109, 5568, 2551, 2120,
- 3814, 4056, 2335, 10867, 3308, 11006, 6839, 977, 10673, 8547,
- 1221, 1930, 7298, 11576, 8676, 2995, 3939, 7585, 11617, 12193,
-
- 5253, 2506, 358, 8829, 6528, 11466, 1638, 234, 1789, 10789,
- 6808, 11506, 8666, 1238, 3688, 4038, 4088, 584, 1839, 7285,
- 8063, 4663, 9444, 10127, 8469, 4721, 2430, 9125, 11837, 1691,
- 10775, 6806, 6239, 6158, 7902, 4640, 4174, 5863, 11371, 3380,
- 3994, 11104, 6853, 979, 3651, 11055, 6846, 978, 7162, 9801,
- 10178, 1454, 7230, 4544, 9427, 8369, 11729, 12209, 10522, 10281,
- 8491, 1213, 5440, 9555, 1365, 195, 3539, 11039, 1577, 5492,
- 11318, 5128, 11266, 3365, 7503, 4583, 7677, 8119, 4671, 5934,
- 7870, 6391, 913, 1886, 2025, 5556, 7816, 11650, 6931, 9768,
- 3151, 9228, 6585, 7963, 11671, 6934, 11524, 6913, 11521, 5157,
-
- 7759, 2864, 9187, 3068, 5705, 815, 1872, 2023, 289, 5308,
- 6025, 7883, 9904, 4926, 7726, 8126, 4672, 2423, 9124, 3059,
- 437, 1818, 7282, 6307, 901, 7151, 11555, 8673, 1239, 177,
- 5292, 756, 108, 1771, 253, 8814, 10037, 4945, 2462, 7374,
- 2809, 5668, 7832, 4630, 2417, 5612, 7824, 8140, 4674, 7690,
- 11632, 8684, 11774, 1682, 5507, 7809, 11649, 10442, 8514, 6483,
- 9704, 6653, 2706, 10920, 1560, 3734, 2289, 327, 7069, 4521,
- 4157, 4105, 2342, 10868, 12086, 12260, 3507, 501, 10605, 1515,
- 1972, 7304, 2799, 3911, 7581, 1083, 7177, 6292, 4410, 630,
- 90, 3524, 2259, 7345, 6316, 6169, 6148, 6145, 4389, 627,
-
- 10623, 12051, 12255, 8773, 6520, 2687, 3895, 2312, 5597, 11333,
- 1619, 5498, 2541, 363, 3563, 509, 7095, 11547, 12183, 3496,
- 2255, 9100, 1300, 7208, 8052, 6417, 7939, 9912, 1416, 5469,
- 6048, 864, 1879, 2024, 9067, 6562, 2693, 7407, 9836, 10183,
- 8477, 1211, 173, 7047, 8029, 1147, 3675, 525, 75, 7033,
- 8027, 8169, 1167, 7189, 1027, 7169, 9802, 6667, 2708, 3898,
- 4068, 9359, 1337, 191, 5294, 6023, 2616, 7396, 11590, 8678,
- 8262, 6447, 921, 10665, 12057, 3478, 4008, 11106, 12120, 3487,
- 9276, 10103, 6710, 11492, 8664, 8260, 1180, 10702, 5040, 720,
- 3614, 5783, 9604, 1372, 196, 28, 4, 10534, 5016, 11250,
-
- 10385, 12017, 8739, 3004, 9207, 6582, 6207, 7909, 4641, 663,
- 7117, 8039, 2904, 3926, 4072, 7604, 6353, 11441, 3390, 5751,
- 11355, 10400, 8508, 2971, 2180, 2067, 5562, 11328, 6885, 11517,
- 6912, 2743, 3903, 11091, 3340, 9255, 10100, 4954, 7730, 6371,
- 9688, 1384, 7220, 2787, 9176, 4822, 4200, 600, 7108, 2771,
- 3907, 9336, 8356, 8216, 8196, 4682, 4180, 9375, 6606, 7966,
- 1138, 10696, 1528, 5485, 11317, 8639, 10012, 6697, 7979, 4651,
- 2420, 7368, 11586, 10433, 3246, 7486, 2825, 10937, 3318, 474,
- 7090, 4524, 5913, 7867, 4635, 9440, 11882, 3453, 5760, 4334,
- 9397, 3098, 10976, 1568, 224, 32, 10538, 3261, 3977, 9346,
-
- 10113, 8467, 11743, 12211, 3500, 500, 1827, 261, 5304, 7780,
- 2867, 10943, 6830, 7998, 11676, 1668, 5505, 2542, 9141, 4817,
- 9466, 6619, 11479, 5151, 4247, 7629, 4601, 5924, 6113, 6140,
- 9655, 6646, 2705, 2142, 306, 7066, 2765, 395, 1812, 3770,
- 11072, 8604, 10007, 11963, 1709, 9022, 4800, 7708, 9879, 6678,
- 954, 5403, 4283, 4123, 589, 8862, 1266, 3692, 2283, 9104,
- 11834, 12224, 7013, 4513, 7667, 6362, 4420, 2387, 341, 7071,
- 9788, 6665, 9730, 1390, 10732, 10311, 1473, 1966, 3792, 7564,
- 11614, 10437, 1491, 213, 1786, 9033, 3046, 9213, 10094, 1442,
- 206, 1785, 255, 1792, 256, 10570, 1510, 7238, 1034, 7170,
-
- 6291, 7921, 11665, 3422, 4000, 2327, 2088, 5565, 795, 10647,
- 1521, 5484, 2539, 7385, 1055, 7173, 8047, 11683, 1669, 1994,
- 3796, 5809, 4341, 9398, 11876, 12230, 10525, 12037, 12253, 3506,
- 4012, 9351, 4847, 2448, 7372, 9831, 3160, 2207, 5582, 2553,
- 7387, 6322, 9681, 1383, 10731, 1533, 219, 5298, 4268, 7632,
- 6357, 9686, 8406, 4712, 9451, 10128, 4958, 5975, 11387, 8649,
- 11769, 6948, 11526, 12180, 1740, 10782, 6807, 2728, 7412, 4570,
- 4164, 4106, 11120, 12122, 8754, 11784, 3439, 5758, 11356, 6889,
- 9762, 11928, 1704, 1999, 10819, 12079, 12259, 7018, 11536, 1648,
- 1991, 2040, 2047, 2048, 10826, 12080, 8748, 8272, 8204, 1172,
-
- 1923, 7297, 2798, 7422, 6327, 4415, 7653, 6360, 11442, 12168,
- 7005, 8023, 9924, 8440, 8228, 2931, 7441, 1063, 3663, 5790,
- 9605, 10150, 1450, 8985, 11817, 10466, 10273, 12001, 3470, 7518,
- 1074, 1909, 7295, 9820, 4914, 702, 5367, 7789, 8135, 9940,
- 1420, 3714, 11064, 12114, 12264, 1752, 5517, 9566, 11900, 1700,
- 3754, 5803, 829, 1874, 7290, 2797, 10933, 5073, 7747, 8129,
- 6428, 6185, 11417, 1631, 233, 5300, 9535, 10140, 11982, 8734,
- 8270, 2937, 10953, 8587, 8249, 2934, 9197, 4825, 5956, 4362,
- 9401, 1343, 3703, 529, 10609, 12049, 6988, 6265, 895, 3639,
- 4031, 4087, 4095, 585, 10617, 8539, 4731, 4187, 9376, 3095,
-
- 9220, 10095, 10220, 1460, 10742, 12068, 1724, 5513, 11321, 6884,
- 2739, 5658, 6075, 4379, 11159, 10372, 8504, 4726, 9453, 3106,
- 7466, 11600, 10435, 8513, 9994, 8450, 9985, 3182, 10988, 8592,
- 2983, 9204, 4826, 2445, 5616, 6069, 867, 3635, 5786, 11360,
- 5134, 2489, 10889, 12089, 1727, 7269, 2794, 9177, 1311, 5454,
- 9557, 6632, 2703, 9164, 10087, 1441, 3717, 531, 3587, 2268,
- 324, 5313, 759, 1864, 5533, 2546, 7386, 9833, 8427, 4715,
- 11207, 1601, 7251, 4547, 11183, 12131, 1733, 10781, 10318, 1474,
- 10744, 5046, 4232, 11138, 10369, 6748, 964, 7160, 4534, 7670,
- 8118, 8182, 4680, 11202, 6867, 981, 8918, 1274, 182, 26,
-
- 7026, 8026, 11680, 12202, 10521, 1503, 7237, 4545, 5916, 9623,
- 8397, 11733, 10454, 3249, 9242, 6587, 941, 1890, 270, 10572,
- 6777, 9746, 6659, 6218, 6155, 6146, 878, 1881, 7291, 11575,
- 12187, 1741, 7271, 8061, 11685, 6936, 4502, 9421, 4857, 4205,
- 7623, 1089, 10689, 1527, 8996, 10063, 11971, 10488, 6765, 2722,
- 3900, 9335, 11867, 6962, 11528, 5158, 4248, 4118, 5855, 2592,
- 5637, 6072, 2623, 7397, 8079, 9932, 4930, 5971, 853, 3633,
- 519, 8852, 11798, 3441, 11025, 1575, 225, 8810, 11792, 12218,
- 3501, 9278, 3081, 9218, 4828, 7712, 8124, 11694, 12204, 3499,
- 4011, 573, 3593, 5780, 7848, 9899, 10192, 1456, 208, 7052,
-
- 2763, 7417, 11593, 10434, 12024, 8740, 11782, 10461, 3250, 5731,
- 7841, 9898, 1414, 202, 3540, 7528, 2831, 2160, 10842, 5060,
- 4234, 4116, 588, 84
-};
-
-/**
- * Bit-reversed indices for n = 1024
- */
-static const uint16_t rev_1024[] = {
- 0, 512, 256, 768, 128, 640, 384, 896, 64, 576,
- 320, 832, 192, 704, 448, 960, 32, 544, 288, 800,
- 160, 672, 416, 928, 96, 608, 352, 864, 224, 736,
- 480, 992, 16, 528, 272, 784, 144, 656, 400, 912,
- 80, 592, 336, 848, 208, 720, 464, 976, 48, 560,
- 304, 816, 176, 688, 432, 944, 112, 624, 368, 880,
- 240, 752, 496, 1008, 8, 520, 264, 776, 136, 648,
- 392, 904, 72, 584, 328, 840, 200, 712, 456, 968,
- 40, 552, 296, 808, 168, 680, 424, 936, 104, 616,
- 360, 872, 232, 744, 488, 1000, 24, 536, 280, 792,
-
- 152, 664, 408, 920, 88, 600, 344, 856, 216, 728,
- 472, 984, 56, 568, 312, 824, 184, 696, 440, 952,
- 120, 632, 376, 888, 248, 760, 504, 1016, 4, 516,
- 260, 772, 132, 644, 388, 900, 68, 580, 324, 836,
- 196, 708, 452, 964, 36, 548, 292, 804, 164, 676,
- 420, 932, 100, 612, 356, 868, 228, 740, 484, 996,
- 20, 532, 276, 788, 148, 660, 404, 916, 84, 596,
- 340, 852, 212, 724, 468, 980, 52, 564, 308, 820,
- 180, 692, 436, 948, 116, 628, 372, 884, 244, 756,
- 500, 1012, 12, 524, 268, 780, 140, 652, 396, 908,
-
- 76, 588, 332, 844, 204, 716, 460, 972, 44, 556,
- 300, 812, 172, 684, 428, 940, 108, 620, 364, 876,
- 236, 748, 492, 1004, 28, 540, 284, 796, 156, 668,
- 412, 924, 92, 604, 348, 860, 220, 732, 476, 988,
- 60, 572, 316, 828, 188, 700, 444, 956, 124, 636,
- 380, 892, 252, 764, 508, 1020, 2, 514, 258, 770,
- 130, 642, 386, 898, 66, 578, 322, 834, 194, 706,
- 450, 962, 34, 546, 290, 802, 162, 674, 418, 930,
- 98, 610, 354, 866, 226, 738, 482, 994, 18, 530,
- 274, 786, 146, 658, 402, 914, 82, 594, 338, 850,
-
- 210, 722, 466, 978, 50, 562, 306, 818, 178, 690,
- 434, 946, 114, 626, 370, 882, 242, 754, 498, 1010,
- 10, 522, 266, 778, 138, 650, 394, 906, 74, 586,
- 330, 842, 202, 714, 458, 970, 42, 554, 298, 810,
- 170, 682, 426, 938, 106, 618, 362, 874, 234, 746,
- 490, 1002, 26, 538, 282, 794, 154, 666, 410, 922,
- 90, 602, 346, 858, 218, 730, 474, 986, 58, 570,
- 314, 826, 186, 698, 442, 954, 122, 634, 378, 890,
- 250, 762, 506, 1018, 6, 518, 262, 774, 134, 646,
- 390, 902, 70, 582, 326, 838, 198, 710, 454, 966,
-
- 38, 550, 294, 806, 166, 678, 422, 934, 102, 614,
- 358, 870, 230, 742, 486, 998, 22, 534, 278, 790,
- 150, 662, 406, 918, 86, 598, 342, 854, 214, 726,
- 470, 982, 54, 566, 310, 822, 182, 694, 438, 950,
- 118, 630, 374, 886, 246, 758, 502, 1014, 14, 526,
- 270, 782, 142, 654, 398, 910, 78, 590, 334, 846,
- 206, 718, 462, 974, 46, 558, 302, 814, 174, 686,
- 430, 942, 110, 622, 366, 878, 238, 750, 494, 1006,
- 30, 542, 286, 798, 158, 670, 414, 926, 94, 606,
- 350, 862, 222, 734, 478, 990, 62, 574, 318, 830,
-
- 190, 702, 446, 958, 126, 638, 382, 894, 254, 766,
- 510, 1022, 1, 513, 257, 769, 129, 641, 385, 897,
- 65, 577, 321, 833, 193, 705, 449, 961, 33, 545,
- 289, 801, 161, 673, 417, 929, 97, 609, 353, 865,
- 225, 737, 481, 993, 17, 529, 273, 785, 145, 657,
- 401, 913, 81, 593, 337, 849, 209, 721, 465, 977,
- 49, 561, 305, 817, 177, 689, 433, 945, 113, 625,
- 369, 881, 241, 753, 497, 1009, 9, 521, 265, 777,
- 137, 649, 393, 905, 73, 585, 329, 841, 201, 713,
- 457, 969, 41, 553, 297, 809, 169, 681, 425, 937,
-
- 105, 617, 361, 873, 233, 745, 489, 1001, 25, 537,
- 281, 793, 153, 665, 409, 921, 89, 601, 345, 857,
- 217, 729, 473, 985, 57, 569, 313, 825, 185, 697,
- 441, 953, 121, 633, 377, 889, 249, 761, 505, 1017,
- 5, 517, 261, 773, 133, 645, 389, 901, 69, 581,
- 325, 837, 197, 709, 453, 965, 37, 549, 293, 805,
- 165, 677, 421, 933, 101, 613, 357, 869, 229, 741,
- 485, 997, 21, 533, 277, 789, 149, 661, 405, 917,
- 85, 597, 341, 853, 213, 725, 469, 981, 53, 565,
- 309, 821, 181, 693, 437, 949, 117, 629, 373, 885,
-
- 245, 757, 501, 1013, 13, 525, 269, 781, 141, 653,
- 397, 909, 77, 589, 333, 845, 205, 717, 461, 973,
- 45, 557, 301, 813, 173, 685, 429, 941, 109, 621,
- 365, 877, 237, 749, 493, 1005, 29, 541, 285, 797,
- 157, 669, 413, 925, 93, 605, 349, 861, 221, 733,
- 477, 989, 61, 573, 317, 829, 189, 701, 445, 957,
- 125, 637, 381, 893, 253, 765, 509, 1021, 3, 515,
- 259, 771, 131, 643, 387, 899, 67, 579, 323, 835,
- 195, 707, 451, 963, 35, 547, 291, 803, 163, 675,
- 419, 931, 99, 611, 355, 867, 227, 739, 483, 995,
-
- 19, 531, 275, 787, 147, 659, 403, 915, 83, 595,
- 339, 851, 211, 723, 467, 979, 51, 563, 307, 819,
- 179, 691, 435, 947, 115, 627, 371, 883, 243, 755,
- 499, 1011, 11, 523, 267, 779, 139, 651, 395, 907,
- 75, 587, 331, 843, 203, 715, 459, 971, 43, 555,
- 299, 811, 171, 683, 427, 939, 107, 619, 363, 875,
- 235, 747, 491, 1003, 27, 539, 283, 795, 155, 667,
- 411, 923, 91, 603, 347, 859, 219, 731, 475, 987,
- 59, 571, 315, 827, 187, 699, 443, 955, 123, 635,
- 379, 891, 251, 763, 507, 1019, 7, 519, 263, 775,
-
- 135, 647, 391, 903, 71, 583, 327, 839, 199, 711,
- 455, 967, 39, 551, 295, 807, 167, 679, 423, 935,
- 103, 615, 359, 871, 231, 743, 487, 999, 23, 535,
- 279, 791, 151, 663, 407, 919, 87, 599, 343, 855,
- 215, 727, 471, 983, 55, 567, 311, 823, 183, 695,
- 439, 951, 119, 631, 375, 887, 247, 759, 503, 1015,
- 15, 527, 271, 783, 143, 655, 399, 911, 79, 591,
- 335, 847, 207, 719, 463, 975, 47, 559, 303, 815,
- 175, 687, 431, 943, 111, 623, 367, 879, 239, 751,
- 495, 1007, 31, 543, 287, 799, 159, 671, 415, 927,
-
- 95, 607, 351, 863, 223, 735, 479, 991, 63, 575,
- 319, 831, 191, 703, 447, 959, 127, 639, 383, 895,
- 255, 767, 511, 1023
-};
-
-const ntt_fft_params_t ntt_fft_12289_1024 = {
- 12289, 12287, 18, 3186, (1<<18)-1, 1024, 12277, 10,
- wr_12289_1024, wf_12289_1024, wi_12289_1024, 1, rev_1024
-};
-
-/**
- * FFT phase shift and scaling inverse transform for q = 12289 and n = 512
- */
-static const uint16_t wi_12289_512[] = {
- 12265, 6771, 11424, 9011, 6203, 11914, 9021, 6454, 7154, 146,
- 11038, 4238, 5604, 10397, 11498, 3495, 7846, 7684, 1160, 4538,
- 845, 2776, 3317, 5836, 6389, 11667, 6508, 1136, 11309, 12269,
- 11787, 9520, 5461, 3121, 5832, 1373, 1282, 10058, 4218, 5102,
- 7628, 4670, 6616, 1389, 9057, 2442, 2307, 5063, 7878, 10945,
- 10506, 716, 767, 3276, 3578, 1327, 5043, 7376, 8176, 3678,
- 3837, 6599, 4649, 4860, 11385, 9261, 189, 3515, 8348, 10453,
- 7988, 1417, 7302, 1403, 2035, 8067, 2171, 6565, 11169, 8755,
- 4693, 10880, 2730, 7078, 3154, 10347, 10243, 2717, 3065, 9342,
- 3451, 1826, 4050, 3343, 1573, 6302, 881, 11053, 10759, 10753,
-
- 3229, 6085, 11410, 3744, 578, 12050, 7519, 3163, 9344, 5959,
- 874, 2275, 1802, 10821, 2478, 10584, 216, 506, 7785, 4924,
- 5618, 3375, 4834, 3359, 9348, 10975, 11259, 11014, 11009, 4739,
- 7119, 5412, 3120, 4578, 1849, 8314, 4684, 11883, 7014, 8921,
- 3944, 5598, 2873, 2065, 8820, 180, 4518, 343, 7, 8778,
- 8957, 12221, 751, 7790, 11194, 3238, 5082, 7126, 1901, 12077,
- 4510, 2600, 3815, 3589, 2832, 12096, 3758, 5845, 5386, 7383,
- 4665, 346, 3769, 7350, 150, 3765, 2334, 2054, 7315, 5416,
- 8136, 2674, 10588, 5232, 10891, 4235, 1842, 11825, 8016, 11951,
- 6263, 1131, 5039, 2360, 10080, 7228, 6919, 392, 8, 10032,
-
- 8481, 5189, 6125, 125, 9282, 1945, 5808, 8144, 417, 6780,
- 10421, 4727, 4360, 11124, 1481, 1535, 7806, 6680, 7911, 3171,
- 7087, 2151, 6063, 8400, 1927, 7814, 4423, 4103, 8360, 923,
- 2276, 3056, 10345, 7735, 3669, 4840, 10883, 6492, 5650, 6636,
- 1891, 11826, 9270, 11475, 11520, 6505, 9663, 448, 8787, 7954,
- 7937, 11197, 7000, 3654, 10608, 5734, 1371, 11063, 11010, 5993,
- 6643, 10669, 8494, 9202, 12226, 7021, 5410, 612, 5530, 3624,
- 9855, 7725, 3418, 9600, 7469, 1908, 8566, 1178, 2532, 4566,
- 11379, 1737, 3045, 8840, 682, 7287, 7171, 9175, 2946, 7584,
- 10939, 2982, 3572, 6092, 7899, 412, 510, 512, 3020, 2068,
-
- 293, 11041, 8000, 4176, 1590, 3042, 5078, 2110, 3805, 3338,
- 7592, 8682, 11463, 8761, 12217, 8024, 9694, 2455, 6320, 11164,
- 2485, 7073, 9173, 438, 8536, 425, 4523, 6613, 9916, 10485,
- 11249, 10763, 3480, 1325, 2535, 8328, 9951, 5219, 6878, 10423,
- 7235, 3408, 9349, 12229, 10783, 3982, 4094, 9363, 5207, 4119,
- 3846, 5596, 365, 3017, 10595, 1721, 7559, 4167, 2593, 7326,
- 6921, 2900, 11345, 8257, 6940, 2148, 2301, 9828, 10734, 3981,
- 2840, 9839, 12239, 11034, 11511, 7508, 1658, 2291, 9577, 3205,
- 567, 10545, 466, 6781, 11675, 4251, 9617, 4209, 6105, 11912,
- 6513, 7406, 8929, 1687, 1790, 8062, 8190, 8945, 9462, 6463,
-
- 6151, 8151, 9195, 3448, 10353, 5478, 12150, 10029, 4719, 6617,
- 2643, 8581, 7699, 7681, 9687, 5966, 9652, 11232, 1734, 11572,
- 10268, 9489, 3454, 5588, 2622, 6825, 5406, 7885, 7434, 7174,
- 648, 1518, 11066, 2483, 4565, 10125, 2213, 10077, 3466, 8347,
- 9199, 8464, 8449, 1928, 9068, 3947, 9360, 1445, 5547, 364,
- 1763, 11071, 8753, 2185, 11832, 4505, 8619, 6195, 1882, 540,
- 1265, 1029, 21, 1756, 2293, 12085, 2253, 11081, 9004, 9714,
- 2957, 9089, 5703, 11653, 1241, 7800, 11445, 10767, 8496, 11710,
- 11274, 5246, 3869, 9860, 1706, 1038, 11307, 9761, 450, 11295,
- 7002, 6162, 9656, 3959, 12119, 8022, 7186, 3407, 8095, 416,
-
- 5526, 10897, 11759, 11275, 6500, 3393, 2828, 7080, 5662, 9395,
- 8468, 1176
-};
-
-/**
- * Bit-reversed indices for n = 512
- */
-static const uint16_t rev_512[] = {
- 0, 256, 128, 384, 64, 320, 192, 448, 32, 288,
- 160, 416, 96, 352, 224, 480, 16, 272, 144, 400,
- 80, 336, 208, 464, 48, 304, 176, 432, 112, 368,
- 240, 496, 8, 264, 136, 392, 72, 328, 200, 456,
- 40, 296, 168, 424, 104, 360, 232, 488, 24, 280,
- 152, 408, 88, 344, 216, 472, 56, 312, 184, 440,
- 120, 376, 248, 504, 4, 260, 132, 388, 68, 324,
- 196, 452, 36, 292, 164, 420, 100, 356, 228, 484,
- 20, 276, 148, 404, 84, 340, 212, 468, 52, 308,
- 180, 436, 116, 372, 244, 500, 12, 268, 140, 396,
-
- 76, 332, 204, 460, 44, 300, 172, 428, 108, 364,
- 236, 492, 28, 284, 156, 412, 92, 348, 220, 476,
- 60, 316, 188, 444, 124, 380, 252, 508, 2, 258,
- 130, 386, 66, 322, 194, 450, 34, 290, 162, 418,
- 98, 354, 226, 482, 18, 274, 146, 402, 82, 338,
- 210, 466, 50, 306, 178, 434, 114, 370, 242, 498,
- 10, 266, 138, 394, 74, 330, 202, 458, 42, 298,
- 170, 426, 106, 362, 234, 490, 26, 282, 154, 410,
- 90, 346, 218, 474, 58, 314, 186, 442, 122, 378,
- 250, 506, 6, 262, 134, 390, 70, 326, 198, 454,
-
- 38, 294, 166, 422, 102, 358, 230, 486, 22, 278,
- 150, 406, 86, 342, 214, 470, 54, 310, 182, 438,
- 118, 374, 246, 502, 14, 270, 142, 398, 78, 334,
- 206, 462, 46, 302, 174, 430, 110, 366, 238, 494,
- 30, 286, 158, 414, 94, 350, 222, 478, 62, 318,
- 190, 446, 126, 382, 254, 510, 1, 257, 129, 385,
- 65, 321, 193, 449, 33, 289, 161, 417, 97, 353,
- 225, 481, 17, 273, 145, 401, 81, 337, 209, 465,
- 49, 305, 177, 433, 113, 369, 241, 497, 9, 265,
- 137, 393, 73, 329, 201, 457, 41, 297, 169, 425,
-
- 105, 361, 233, 489, 25, 281, 153, 409, 89, 345,
- 217, 473, 57, 313, 185, 441, 121, 377, 249, 505,
- 5, 261, 133, 389, 69, 325, 197, 453, 37, 293,
- 165, 421, 101, 357, 229, 485, 21, 277, 149, 405,
- 85, 341, 213, 469, 53, 309, 181, 437, 117, 373,
- 245, 501, 13, 269, 141, 397, 77, 333, 205, 461,
- 45, 301, 173, 429, 109, 365, 237, 493, 29, 285,
- 157, 413, 93, 349, 221, 477, 61, 317, 189, 445,
- 125, 381, 253, 509, 3, 259, 131, 387, 67, 323,
- 195, 451, 35, 291, 163, 419, 99, 355, 227, 483,
-
- 19, 275, 147, 403, 83, 339, 211, 467, 51, 307,
- 179, 435, 115, 371, 243, 499, 11, 267, 139, 395,
- 75, 331, 203, 459, 43, 299, 171, 427, 107, 363,
- 235, 491, 27, 283, 155, 411, 91, 347, 219, 475,
- 59, 315, 187, 443, 123, 379, 251, 507, 7, 263,
- 135, 391, 71, 327, 199, 455, 39, 295, 167, 423,
- 103, 359, 231, 487, 23, 279, 151, 407, 87, 343,
- 215, 471, 55, 311, 183, 439, 119, 375, 247, 503,
- 15, 271, 143, 399, 79, 335, 207, 463, 47, 303,
- 175, 431, 111, 367, 239, 495, 31, 287, 159, 415,
-
- 95, 351, 223, 479, 63, 319, 191, 447, 127, 383,
- 255, 511
-};
-
-const ntt_fft_params_t ntt_fft_12289_512 = {
- 12289, 12287, 18, 3186, (1<<18)-1, 512, 12265, 9,
- wr_12289_1024, wf_12289_1024, wi_12289_512, 2, rev_512
-};
-
-/**
- * FFT twiddle factors in Montgomery form for q = 17 and n = 8
- */
-static const uint16_t wr_17_8[] = { 15, 16, 8, 4, 2, 1, 9, 13, 15 };
-
-/**
- * FFT phase shift in forward transform for q = 17 and n = 8
- */
-static const uint16_t wf_17_8[] = { 4, 12, 2, 6, 1, 3, 9, 10 };
-
-/**
- * FFT phase shift and scaling inverse transform for q = 17 and n = 8
- */
-static const uint16_t wi_17_8[] = { 15, 5, 13, 10, 9, 3, 1, 6 };
-
-/**
- * Bit-reversed indices for n = 8
- */
-static const uint16_t rev_8[] = { 0, 4, 2, 6, 1, 5, 3, 7 };
-
-const ntt_fft_params_t ntt_fft_17_8 = {
- 17, 15, 5, 4, (1<<5)-1, 8, 15, 3, wr_17_8, wf_17_8, wi_17_8, 1, rev_8
-};
+++ /dev/null
-/*
- * Copyright (C) 2014-2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup ntt_fft_params ntt_fft_params
- * @{ @ingroup ntt_p
- */
-
-#ifndef NTT_FFT_PARAMS_H_
-#define NTT_FFT_PARAMS_H_
-
-#include <library.h>
-
-typedef struct ntt_fft_params_t ntt_fft_params_t;
-
-/**
- * Defines the parameters for an NTT computed via the FFT algorithm
- */
-struct ntt_fft_params_t {
-
- /**
- * Prime modulus
- */
- uint16_t q;
-
- /**
- * Inverse of Prime modulus (-q_inv * q mod r = 1)
- */
- uint16_t q_inv;
-
- /**
- * Logarithm of Montgomery radix: log2(r)
- */
- uint16_t rlog;
-
- /**
- * Square of Montgomery radix: r^2 mod q
- */
- const uint32_t r2;
-
- /**
- * Montgomery radix mask: (1<<rlog) - 1
- */
- const uint32_t rmask;
-
- /**
- * Size of the FFT with the condition k * n = q-1
- */
- const uint16_t n;
-
- /**
- * Inverse of n mod q used for normalization of the FFT
- */
- const uint16_t n_inv;
-
- /**
- * Number of FFT stages stages = log2(n)
- */
- const uint16_t stages;
-
- /**
- * FFT twiddle factors (n-th roots of unity) in Montgomery form
- */
- const uint16_t *wr;
-
- /**
- * FFT phase shift (2n-th roots of unity) in forward transform
- */
- const uint16_t *wf;
-
- /**
- * FFT phase shift (2n-th roots of unity) and scaling in inverse transform
- */
- const uint16_t *wi;
-
- /**
- * Subsampling of FFT twiddle factors table
- */
- const uint16_t s;
-
- /**
- * FFT bit reversal
- */
- const uint16_t *rev;
-
-};
-
-/**
- * FFT parameters for q = 12289 and n = 1024
- */
-extern const ntt_fft_params_t ntt_fft_12289_1024;
-
-/**
- * FFT parameters for q = 12289 and n = 512
- */
-extern const ntt_fft_params_t ntt_fft_12289_512;
-
-/**
- * FFT parameters for q = 17 and n = 8
- */
-extern const ntt_fft_params_t ntt_fft_17_8;
-
-#endif /** NTT_FFT_PARAMS_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup ntt_fft ntt_fft
- * @{ @ingroup ntt_p
- */
-
-#ifndef NTT_REDUCE_H_
-#define NTT_REDUCE_H_
-
-#include "ntt_fft_params.h"
-
-/**
- * Montgomery Reduction
- *
- * Montgomery, P. L. Modular multiplication without trial division.
- * Mathematics of Computation 44, 170 (1985), 519–521.
- */
-static inline uint32_t ntt_fft_mreduce(uint32_t x, const ntt_fft_params_t *p)
-{
- uint32_t m, t;
-
- m = (x * p->q_inv) & p->rmask;
- t = (x + m * p->q) >> p->rlog;
-
- return (t < p->q) ? t : t - p->q;
-}
-
-#endif /** NTT_REDUCE_H_ @}*/
+++ /dev/null
-ntt_fft_tests
+++ /dev/null
-TESTS = ntt_fft_tests
-
-check_PROGRAMS = $(TESTS)
-
-ntt_fft_tests_SOURCES = \
- suites/test_ntt_fft.c \
- ntt_fft_tests.h ntt_fft_tests.c
-
-ntt_fft_tests_CFLAGS = \
- -I$(top_srcdir)/src/libstrongswan \
- -I$(top_srcdir)/src/libstrongswan/tests \
- -I$(top_srcdir)/src/libstrongswan/math/libnttfft \
- -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \
- -DPLUGINS=\""${s_plugins}\"" \
- @COVERAGE_CFLAGS@
-
-ntt_fft_tests_LDFLAGS = @COVERAGE_LDFLAGS@
-ntt_fft_tests_LDADD = \
- $(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(top_builddir)/src/libstrongswan/tests/libtest.la \
- ../libnttfft.la
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <test_runner.h>
-
-#include <library.h>
-
-/* declare test suite constructors */
-#define TEST_SUITE(x) test_suite_t* x();
-#include "ntt_fft_tests.h"
-#undef TEST_SUITE
-
-static test_configuration_t tests[] = {
-#define TEST_SUITE(x) \
- { .suite = x, },
-#include "ntt_fft_tests.h"
- { .suite = NULL, }
-};
-
-static bool test_runner_init(bool init)
-{
- if (init)
- {
- char *plugins, *plugindir;
-
- plugins = lib->settings->get_str(lib->settings,
- "tests.load", PLUGINS);
- plugindir = lib->settings->get_str(lib->settings,
- "tests.plugindir", PLUGINDIR);
- plugin_loader_add_plugindirs(plugindir, plugins);
- if (!lib->plugins->load(lib->plugins, plugins))
- {
- return FALSE;
- }
- }
- else
- {
- lib->processor->set_threads(lib->processor, 0);
- lib->processor->cancel(lib->processor);
- lib->plugins->unload(lib->plugins);
- }
- return TRUE;
-}
-
-int main(int argc, char *argv[])
-{
- return test_runner_run("ntt_fft", tests, test_runner_init);
-}
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-TEST_SUITE(ntt_fft_suite_create)
-
+++ /dev/null
-/*
- * Copyright (C) 2014-2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "test_suite.h"
-
-#include <ntt_fft.h>
-#include <ntt_fft_reduce.h>
-
-#include <time.h>
-
-static const ntt_fft_params_t *fft_params[] = {
- &ntt_fft_17_8,
- &ntt_fft_12289_512,
- &ntt_fft_12289_1024
-};
-
-START_TEST(test_ntt_fft_impulse)
-{
- ntt_fft_t *fft;
- uint16_t n = fft_params[_i]->n;
- uint32_t rq = (1 << fft_params[_i]->rlog) % fft_params[_i]->q;
- uint32_t x[n], X[n];
- int i;
-
- for (i = 0; i < n; i++)
- {
- x[i] = 0;
- }
- x[0] = 1;
-
- fft = ntt_fft_create(fft_params[_i]);
- fft->transform(fft, x, X, FALSE);
-
- for (i = 0; i < n; i++)
- {
- ck_assert(X[i] == rq);
- }
- fft->transform(fft, X, x, TRUE);
-
- for (i = 0; i < n; i++)
- {
- ck_assert(x[i] == (i == 0));
- }
- fft->destroy(fft);
-}
-END_TEST
-
-START_TEST(test_ntt_fft_wrap)
-{
- ntt_fft_t *fft;
- uint16_t n = fft_params[_i]->n;
- uint16_t q = fft_params[_i]->q;
- uint32_t x[n],y[n], X[n], Y[n];
- int i, j;
-
- for (i = 0; i < n; i++)
- {
- x[i] = i;
- y[i] = 0;
- }
- fft = ntt_fft_create(fft_params[_i]);
- ck_assert(fft->get_size(fft) == n);
- ck_assert(fft->get_modulus(fft) == q);
- fft->transform(fft, x, X, FALSE);
-
- for (j = 0; j < n; j++)
- {
- y[j] = 1;
- fft->transform(fft, y, Y, FALSE);
-
- for (i = 0; i < n; i++)
- {
- Y[i] = ntt_fft_mreduce(X[i] * Y[i], fft_params[_i]);
- }
- fft->transform(fft, Y, Y, TRUE);
-
- for (i = 0; i < n; i++)
- {
- ck_assert(Y[i] == ( i < j ? q - n - i + j : i - j));
- }
- y[j] = 0;
- }
- fft->destroy(fft);
-}
-END_TEST
-
-START_TEST(test_ntt_fft_speed)
-{
- ntt_fft_t *fft;
- struct timespec start, stop;
- int i, m, count = 10000;
- int n = fft_params[_i]->n;
- uint32_t x[n], X[n];
-
- for (i = 0; i < n; i++)
- {
- x[i] = i;
- }
- fft = ntt_fft_create(fft_params[_i]);
-
- clock_gettime(CLOCK_THREAD_CPUTIME_ID, &start);
- for (m = 0; m < count; m++)
- {
- fft->transform(fft, x, X, FALSE);
- fft->transform(fft, X, x, TRUE);
- }
- clock_gettime(CLOCK_THREAD_CPUTIME_ID, &stop);
-
- DBG0(DBG_LIB, "%d FFT-%d loops in %d ms\n", count, n,
- (stop.tv_nsec - start.tv_nsec) / 1000000 +
- (stop.tv_sec - start.tv_sec) * 1000);
-
- for (i = 0; i < n; i++)
- {
- ck_assert(x[i] == i);
- }
- fft->destroy(fft);
-}
-END_TEST
-
-START_TEST(test_ntt_fft_init)
-{
- libnttfft_init();
-}
-END_TEST
-
-Suite *ntt_fft_suite_create()
-{
- Suite *s;
- TCase *tc;
-
- s = suite_create("ntt_fft");
-
- tc = tcase_create("init");
- tcase_add_test(tc, test_ntt_fft_init);
- suite_add_tcase(s, tc);
-
- tc = tcase_create("impulse");
- tcase_add_loop_test(tc, test_ntt_fft_impulse, 0, countof(fft_params));
- suite_add_tcase(s, tc);
-
- tc = tcase_create("negative_wrap");
- tcase_add_loop_test(tc, test_ntt_fft_wrap, 0, countof(fft_params));
- suite_add_tcase(s, tc);
-
- tc = tcase_create("speed");
- tcase_set_timeout(tc, 10);
- tcase_add_loop_test(tc, test_ntt_fft_speed, 1, countof(fft_params));
- suite_add_tcase(s, tc);
-
- return s;
-}
+++ /dev/null
-AM_CPPFLAGS = \
- -I$(top_srcdir)/src/libstrongswan \
- -I$(top_srcdir)/src/libstrongswan/math/libnttfft
-
-AM_CFLAGS = \
- $(PLUGIN_CFLAGS)
-
-# these files are also used by the tests, we can't directly refer to them
-# because of the subdirectory, which would cause distclean to fail
-noinst_LTLIBRARIES = libnewhope.la
-libnewhope_la_SOURCES = \
- newhope_ke.h newhope_ke.c \
- newhope_noise.h newhope_noise.c \
- newhope_reconciliation.h newhope_reconciliation.c
-
-libnewhope_la_LIBADD = \
- $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la
-
-if MONOLITHIC
-noinst_LTLIBRARIES += libstrongswan-newhope.la
-else
-plugin_LTLIBRARIES = libstrongswan-newhope.la
-endif
-
-libstrongswan_newhope_la_SOURCES = \
- newhope_plugin.h newhope_plugin.c
-
-libstrongswan_newhope_la_LDFLAGS = -module -avoid-version
-
-libstrongswan_newhope_la_LIBADD = libnewhope.la
-
-
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann,
- * and Peter Schwabe.
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "newhope_ke.h"
-#include "newhope_noise.h"
-#include "newhope_reconciliation.h"
-
-#include <ntt_fft.h>
-#include <ntt_fft_reduce.h>
-#include <crypto/key_exchange.h>
-#include <utils/debug.h>
-
-static const int seed_len = 32; /* 256 bits */
-static const int poly_len = 1792; /* size of 1024 packed 14-bit coefficients */
-static const int rec_len = 256; /* size of 1024 packed 2-bit coefficients */
-
-typedef struct private_newhope_ke_t private_newhope_ke_t;
-
-/**
- * Private data of an newhope_ke_t object.
- */
-struct private_newhope_ke_t {
-
- /**
- * Public newhope_ke_t interface.
- */
- newhope_ke_t public;
-
- /**
- * FFT parameter set
- */
- const ntt_fft_params_t *params;
-
- /**
- * Secret noise polynomial s
- */
- uint32_t *s;
-
- /**
- * Output polynomial u = a * NTT(s') + NTT(e')
- */
- uint32_t *u;
-
- /**
- * Error reconciliation help bits
- */
- uint8_t *r;
-
- /**
- * Shared secret
- */
- chunk_t shared_secret;
-
-};
-
-/**
- * Derive 14-bit coefficients of polynomial a from 256 bit random seed
- * using the SHAKE128 extended output function
- */
-static uint32_t* derive_a_poly(private_newhope_ke_t *this, chunk_t seed)
-{
- uint32_t *a;
- uint8_t x[2];
- int i = 0;
- xof_t *xof;
-
- xof = lib->crypto->create_xof(lib->crypto, XOF_SHAKE_128);
- if (!xof)
- {
- DBG1(DBG_LIB, "could not instantiate SHAKE128 XOF");
- return NULL;
- }
-
- if (!xof->set_seed(xof, seed))
- {
- DBG1(DBG_LIB, "could not set seed of SHAKE128 XOF");
- xof->destroy(xof);
- return NULL;
- }
-
- /* allocate dynamic memory for polynomial a */
- a = (uint32_t*)malloc(this->params->n * sizeof(uint32_t));
-
- while (i < this->params->n)
- {
- if (!xof->get_bytes(xof, sizeof(x), x))
- {
- DBG1(DBG_LIB, "could not get bytes from SHAKE128 XOF");
- xof->destroy(xof);
- free(a);
- return NULL;
- }
-
- /*
- * Treat x as a 16 bit unsigned little endian integer
- * and truncate to 14 bits
- */
- a[i] = uletoh16(x) & 0x3fff;
-
- if (a[i] < this->params->q)
- {
- i++;
- }
- }
- xof->destroy(xof);
-
- return a;
-}
-
-/**
- * Pack four 14-bit coefficients into seven consecutive bytes
- *
- * 1 2 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * |L 0 0 0 0 0 0 0|L 1 H 0 0 0 0 0|M 1 1 1 1 1 1 1|L 2 2 2 H 1 1 1|
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * |M 2 2 2 2 2 2 2|L 3 3 3 3 3 H 2|H 3 3 3 3 3 3 3|L 0 0 0 0 0 0 0|
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- */
-static void pack_poly(private_newhope_ke_t *this, uint8_t *x, uint32_t *p)
-{
- int i;
-
- for (i = 0; i < this->params->n; i += 4)
- {
- *x++ = (p[i] & 0xff );
- *x++ = (p[i] >> 8) | (p[i+1] << 6);
- *x++ = (p[i+1] >> 2);
- *x++ = (p[i+1] >> 10) | (p[i+2] << 4);
- *x++ = (p[i+2] >> 4);
- *x++ = (p[i+2] >> 12) | (p[i+3] << 2);
- *x++ = (p[i+3] >> 6);
- }
-}
-
-/**
- * Unpack seven consecutive bytes into four 14-bit coefficients
- */
-static uint32_t* unpack_poly(private_newhope_ke_t * this, uint8_t *x)
-{
- uint32_t *p;
- int i;
-
- p = (uint32_t*)malloc(this->params->n * sizeof(uint32_t));
-
- for (i = 0; i < this->params->n; i += 4)
- {
- p[i] = x[0] | (((uint32_t)x[1] & 0x3f) << 8);
- p[i+1] = (x[1] >> 6) | (((uint32_t)x[2]) << 2)
- | (((uint32_t)x[3] & 0x0f) << 10);
- p[i+2] = (x[3] >> 4) | (((uint32_t)x[4]) << 4)
- | (((uint32_t)x[5] & 0x03) << 12);
- p[i+3] = (x[5] >> 2) | (((uint32_t)x[6]) << 6);
- x += 7;
- }
- for (i = 0; i < this->params->n; i++)
- {
- if (p[i] >= this->params->q)
- {
- DBG1(DBG_LIB, "polynomial coefficient must be smaller than %u",
- this->params->q);
- free(p);
- return NULL;
- }
- }
- return p;
-}
-
-/**
- * Multiply and add polynomials in the frequency domain
- */
-static uint32_t* multiply_add_poly(private_newhope_ke_t *this,
- uint32_t *a, uint32_t *e)
-{
- ntt_fft_t *fft;
- uint32_t *b, t;
- int i;
-
- /* transform s and h to frequency domain */
- fft = ntt_fft_create(this->params);
- fft->transform(fft, this->s, this->s, FALSE);
- fft->transform(fft, e, e, FALSE);
- fft->destroy(fft);
-
- b = (uint32_t*)malloc(this->params->n * sizeof(uint32_t));
-
- /* compute b = a * s + e in the frequency domain */
- for (i = 0; i < this->params->n; i++)
- {
- /* convert a[i] to Montgomery domain */
- t = ntt_fft_mreduce(a[i] * this->params->r2, this->params);
-
- /* compute b[i] = a[i] * s[i] + e[i] in Montgomery domain */
- t = ntt_fft_mreduce(t * this->s[i], this->params) + e[i];
-
- /* exit Montgomery domain before transmitting polynomial b */
- b[i] = ntt_fft_mreduce(t, this->params);
- }
- memwipe(e, this->params->n * sizeof(uint32_t));
-
- return b;
-}
-
-/**
- * Multiply polynomials in the frequency domain and return to time domain
- */
-static uint32_t* multiply_ntt_inv_poly(private_newhope_ke_t *this, uint32_t *b)
-{
- ntt_fft_t *fft;
- uint32_t *v, t;
- int i;
-
- v = (uint32_t*)malloc(this->params->n * sizeof(uint32_t));
-
- for (i = 0; i < this->params->n; i++)
- {
- /* convert b[i] to Montgomery domain */
- t = ntt_fft_mreduce(b[i] * this->params->r2, this->params);
-
- /* compute v[i] = b[i] * s[i] in Montgomery domain */
- v[i] = ntt_fft_mreduce(t * this->s[i], this->params);
- }
-
- /* transform v back to time domain */
- fft = ntt_fft_create(this->params);
- fft->transform(fft, v, v, TRUE);
- fft->destroy(fft);
-
- return v;
-}
-
-/**
- * Pack four 2-bit coefficients into one byte
- */
-static void pack_rec(private_newhope_ke_t *this, uint8_t *x, uint8_t *r)
-{
- int i;
-
- for (i = 0; i < this->params->n; i += 4)
- {
- *x++ = r[i] | r[i+1] << 2 | r[i+2] << 4 | r[i+3] << 6;
- }
-}
-
-static uint8_t* unpack_rec(private_newhope_ke_t *this, uint8_t *x)
-{
- uint8_t *r;
- int i;
-
- r = (uint8_t*)malloc(this->params->n);
-
- for (i = 0; i < this->params->n; i += 4)
- {
- r[i] = (*x) & 0x03;
- r[i+1] = (*x >> 2) & 0x03;
- r[i+2] = (*x >> 4) & 0x03;
- r[i+3] = (*x >> 6) & 0x03;
- x++;
- }
-
- return r;
-}
-
-METHOD(key_exchange_t, get_public_key, bool,
- private_newhope_ke_t *this, chunk_t *value)
-{
- uint16_t n, q;
- int i;
-
- /* Define some often-used constants */
- n = this->params->n;
- q = this->params->q;
-
- /* are we the initiator? */
- if (this->u == NULL)
- {
- rng_t *rng;
- uint32_t *a = NULL, *b = NULL, *e = NULL;
- uint8_t noise_seed_buf[seed_len];
- chunk_t noise_seed = { noise_seed_buf, seed_len};
- chunk_t a_seed;
- newhope_noise_t *noise = NULL;
- bool success = FALSE;
-
- /* allocate space for public output value */
- *value = chunk_alloc(poly_len + seed_len);
- a_seed = chunk_create(value->ptr + poly_len, seed_len);
-
- /* create polynomial a from 256 bit random seed */
- rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
- if (!rng)
- {
- DBG1(DBG_LIB, "could not instantiate random source");
- return FALSE;
- }
- if (!rng->get_bytes(rng, seed_len, a_seed.ptr))
- {
- DBG1(DBG_LIB, "could not generate seed for polynomial a");
- goto end;
- }
-
- a = derive_a_poly(this, a_seed);
- if (a == NULL)
- {
- goto end;
- }
-
- /* generate random seed for the derivation of noise polynomials */
- if (!rng->get_bytes(rng, seed_len, noise_seed.ptr))
- {
- DBG1(DBG_LIB, "could not generate seed for noise polynomials");
- goto end;
- }
-
- /* create noise polynomial generator */
- noise = newhope_noise_create(noise_seed);
- if (!noise)
- {
- goto end;
- }
-
- /* create noise polynomial s from seed with nonce = 0x00 */
- this->s = noise->get_binomial_words(noise, 0x00, n, q);
- if (this->s == NULL)
- {
- goto end;
- }
-
- /* create noise polynomial e from seed with nonce = 0x01 */
- e = noise->get_binomial_words(noise, 0x01, n, q);
- if (e == NULL)
- {
- goto end;
- }
-
- /* compute b = a * NTT(s) + NTT(e) */
- b = multiply_add_poly(this, a, e);
-
- DBG3(DBG_LIB, " i a[i] b[i]");
- for (i = 0; i < n; i++)
- {
- DBG3(DBG_LIB, "%4d %5u %5u", i, a[i], b[i]);
- }
-
- /* pack coefficients of polynomial b */
- pack_poly(this, value->ptr, b);
- success = TRUE;
-
- end:
- rng->destroy(rng);
- DESTROY_IF(noise);
- free(a);
- free(b);
- free(e);
-
- if (!success)
- {
- chunk_free(value);
- }
- return success;
- }
- else
- {
- DBG3(DBG_LIB, " i u[i] r[i]");
- for (i = 0; i < n; i++)
- {
- DBG3(DBG_LIB, "%4d %5u %5u", i, this->u[i], this->r[i]);
- }
-
- /* allocate space for public output value */
- *value = chunk_alloc(poly_len + rec_len);
-
- /* pack coefficients of polynomial u */
- pack_poly(this, value->ptr, this->u);
-
- /* pack coefficients of polynomial r */
- pack_rec(this, value->ptr + poly_len, this->r);
-
- return TRUE;
- }
-}
-
-METHOD(key_exchange_t, get_shared_secret, bool,
- private_newhope_ke_t *this, chunk_t *secret)
-{
- if (this->shared_secret.len == 0)
- {
- *secret = chunk_empty;
- return FALSE;
- }
- *secret = chunk_clone(this->shared_secret);
-
- return TRUE;
-}
-
-METHOD(key_exchange_t, set_public_key, bool,
- private_newhope_ke_t *this, chunk_t value)
-{
- newhope_reconciliation_t * rec;
- uint16_t n, q;
- int i;
-
- /* Define some often-used constants */
- n = this->params->n;
- q = this->params->q;
-
- /* are we the responder? */
- if (this->s == NULL)
- {
- uint32_t *a = NULL, *b = NULL, *e1 = NULL, *e2 = NULL, *v = NULL, t;
- uint8_t *rbits = NULL;
- uint8_t noise_seed_buf[seed_len];
- chunk_t noise_seed = { noise_seed_buf, seed_len };
- chunk_t a_seed;
- newhope_noise_t *noise = NULL;
- rng_t *rng = NULL;
- bool success = FALSE;
-
- if (value.len != poly_len + seed_len)
- {
- DBG1(DBG_LIB, "received %N KE payload of incorrect size",
- key_exchange_method_names, NH_128_BIT);
- return FALSE;
- }
- a_seed = chunk_create(value.ptr + poly_len, seed_len);
-
- a = derive_a_poly(this, a_seed);
- if (a == NULL)
- {
- return FALSE;
- }
-
- b = unpack_poly(this, value.ptr);
- if (b == NULL)
- {
- goto end;
- }
-
- /* debug output of polynomials a and b */
- DBG3(DBG_LIB, " i a[i] b[i]");
- for (i = 0; i < n; i++)
- {
- DBG3(DBG_LIB, "%4d %5u %5u", i, a[i], b[i]);
- }
-
- /* generate random seed for the derivation of noise polynomials */
- rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
- if (!rng)
- {
- DBG1(DBG_LIB, "could not instantiate random source");
- goto end;
- }
- if (!rng->get_bytes(rng, seed_len, noise_seed.ptr))
- {
- DBG1(DBG_LIB, "could not generate seed for noise polynomials");
- goto end;
- }
-
- /* create noise polynomial generator */
- noise = newhope_noise_create(noise_seed);
- if (!noise)
- {
- goto end;
- }
-
- /* create noise polynomial s' from seed with nonce = 0x00 */
- this->s = noise->get_binomial_words(noise, 0x00, n, q);
- if (this->s == NULL)
- {
- goto end;
- }
-
- /* create noise polynomial e' from seed with nonce = 0x01 */
- e1 = noise->get_binomial_words(noise, 0x01, n, q);
- if (e1 == NULL)
- {
- goto end;
- }
-
- /* create noise polynomial e'' from seed with nonce = 0x02 */
- e2 = noise->get_binomial_words(noise, 0x02, n, q);
- if (e2 == NULL)
- {
- goto end;
- }
-
- /* compute u = a * NTT(s') + NTT(e') */
- this->u = multiply_add_poly(this, a, e1);
-
- /* compute v = NTT_inv( b * NTT(s') ) */
- v = multiply_ntt_inv_poly(this, b);
-
- /* compute v = v + e'' */
- for (i = 0; i < n; i++)
- {
- t = v[i] + e2[i];
- v[i] = (t < q) ? t : t - q;
- }
- memwipe(e2, n * sizeof(uint32_t));
-
- /* create uniform noise bytes from seed with nonce = 0x02 */
- rbits = noise->get_uniform_bytes(noise, 0x03, n/(4*8));
-
- rec = newhope_reconciliation_create(n, q);
- this->r = rec->help_reconcile(rec, v, rbits);
- free(rbits);
- this->shared_secret = rec->reconcile(rec, v, this->r);
- rec->destroy(rec);
-
- DBG4(DBG_LIB, "key: %B", &this->shared_secret);
- success = TRUE;
-
- end:
- DESTROY_IF(rng);
- DESTROY_IF(noise);
- free(a);
- free(b);
- free(e1);
- free(e2);
- free(v);
-
- return success;
- }
- else
- {
- uint32_t *v;
-
- if (value.len != poly_len + rec_len)
- {
- DBG1(DBG_LIB, "received %N KE payload of incorrect size",
- key_exchange_method_names, NH_128_BIT);
- return FALSE;
- }
-
- this->u = unpack_poly(this, value.ptr);
- if (this->u == NULL)
- {
- return FALSE;
- }
-
- this->r = unpack_rec(this, value.ptr + poly_len);
- if (this->r == NULL)
- {
- return FALSE;
- }
-
- DBG3(DBG_LIB, " i u[i] r[i]");
- for (i = 0; i < n; i++)
- {
- DBG3(DBG_LIB, "%4d %5u %5u", i, this->u[i], this->r[i]);
- }
-
- /* compute v' = NTT_inv( u * NTT(s) ) */
- v = multiply_ntt_inv_poly(this, this->u);
-
- rec = newhope_reconciliation_create(n, q);
- this->shared_secret = rec->reconcile(rec, v, this->r);
- free(v);
- rec->destroy(rec);
-
- DBG4(DBG_LIB, "key: %B", &this->shared_secret);
-
- return TRUE;
- }
-}
-
-METHOD(key_exchange_t, get_method, key_exchange_method_t,
- private_newhope_ke_t *this)
-{
- return NH_128_BIT;
-}
-
-METHOD(key_exchange_t, destroy, void,
- private_newhope_ke_t *this)
-{
- chunk_clear(&this->shared_secret);
- memwipe(this->s, this->params->n * sizeof(uint32_t));
- free(this->s);
- free(this->u);
- free(this->r);
- free(this);
-}
-
-/*
- * Described in header.
- */
-newhope_ke_t *newhope_ke_create(key_exchange_method_t ke, chunk_t g, chunk_t p)
-{
- private_newhope_ke_t *this;
-
- INIT(this,
- .public = {
- .ke = {
- .get_shared_secret = _get_shared_secret,
- .set_public_key = _set_public_key,
- .get_public_key = _get_public_key,
- .get_method = _get_method,
- .destroy = _destroy,
- },
- },
- .params = &ntt_fft_12289_1024,
-
- );
-
- return &this->public;
-}
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup newhope_ke newhope_ke
- * @{ @ingroup newhope_p
- */
-
-#ifndef NEWHOPE_KE_H_
-#define NEWHOPE_KE_H_
-
-typedef struct newhope_ke_t newhope_ke_t;
-
-#include <library.h>
-
-/**
- * Implementation of a key exchange algorithm using the New Hope algorithm
- */
-struct newhope_ke_t {
-
- /**
- * Implements key_exchange_t interface.
- */
- key_exchange_t ke;
-};
-
-/**
- * Creates a new newhope_ke_t object.
- *
- * @param ke New Hope key exchange number
- * @param g not used
- * @param p not used
- * @return newhope_ke_t object, NULL if not supported
- */
-newhope_ke_t *newhope_ke_create(key_exchange_method_t ke, chunk_t g, chunk_t p);
-
-#endif /** NEWHOPE_KE_H_ @}*/
-
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann,
- * and Peter Schwabe.
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "newhope_noise.h"
-
-typedef struct private_newhope_noise_t private_newhope_noise_t;
-
-static const int seed_len = 32; /* 256 bits */
-static const int nonce_len = 12; /* 96 bits */
-
-/**
- * Private data of an newhope_noise_t object.
- */
-struct private_newhope_noise_t {
-
- /**
- * Public newhope_noise_t interface.
- */
- newhope_noise_t public;
-
- /**
- * 256 bit seed and 96 bit nonce (44 bytes)
- */
- chunk_t seed;
-
- /**
- * ChaCha20 stream
- */
- xof_t *xof;
-
-};
-
-METHOD(newhope_noise_t, get_uniform_bytes, uint8_t*,
- private_newhope_noise_t *this, uint8_t nonce, uint16_t n)
-{
- uint8_t *bytes;
-
- this->seed.ptr[seed_len] = nonce;
- if (!this->xof->set_seed(this->xof, this->seed))
- {
- DBG1(DBG_LIB, "could not set seed of CHACHA20 XOF");
- return NULL;
- }
-
- /* allocate dynamic memory for the noise polynomial */
- bytes = (uint8_t*)malloc(n);
-
- if (!this->xof->get_bytes(this->xof, n, bytes))
- {
- DBG1(DBG_LIB, "could not get bytes from SHAKE128 XOF");
- free(bytes);
- return NULL;
- }
-
- return bytes;
-}
-
-METHOD(newhope_noise_t, get_binomial_words, uint32_t*,
- private_newhope_noise_t *this, uint8_t nonce, uint16_t n, uint16_t q)
-{
- uint32_t *np, a, b, d, t;
- uint8_t x[4];
- int i = 0, j;
-
- this->seed.ptr[seed_len] = nonce;
- if (!this->xof->set_seed(this->xof, this->seed))
- {
- DBG1(DBG_LIB, "could not set seed of CHACHA20 XOF");
- return NULL;
- }
-
- /* allocate dynamic memory for the noise polynomial */
- np = (uint32_t*)malloc(n * sizeof(uint32_t));
-
- for (i = 0; i < n; i++)
- {
- if (!this->xof->get_bytes(this->xof, sizeof(x), x))
- {
- DBG1(DBG_LIB, "could not get bytes from SHAKE128 XOF");
- free(np);
- return NULL;
- }
-
- /* Treat x as a 32 bit unsigned little endian integer */
- t = uletoh32(x);
-
- /* Compute Psi_16 distribution */
- d = 0;
- for (j = 0; j < 8; j++)
- {
- d += (t >> j) & 0x01010101;
- }
- a = ((d >> 8) & 0xff) + (d & 0xff);
- b = ((d >> 16) & 0xff) + (d >> 24);
- np[i] = (a >= b) ? a - b : a + q - b;
- }
-
- return np;
-}
-
-METHOD(newhope_noise_t, destroy, void,
- private_newhope_noise_t *this)
-{
- this->xof->destroy(this->xof);
- chunk_free(&this->seed);
- free(this);
-}
-
-/*
- * Described in header.
- */
-newhope_noise_t *newhope_noise_create(chunk_t seed)
-{
- private_newhope_noise_t *this;
- xof_t *xof;
-
- if (seed.len != seed_len)
- {
- DBG1(DBG_LIB, "seed for ChaCha20 stream must be 256 bits");
- return NULL;
- }
-
- xof = lib->crypto->create_xof(lib->crypto, XOF_CHACHA20);
- if (!xof)
- {
- DBG1(DBG_LIB, "could not instantiate ChaCha20 stream");
- return NULL;
- }
-
- INIT(this,
- .public = {
- .get_uniform_bytes = _get_uniform_bytes,
- .get_binomial_words = _get_binomial_words,
- .destroy = _destroy,
- },
- .xof = xof,
- .seed = chunk_alloc(seed_len + nonce_len),
- );
-
- /* initialize seed for ChaCha 20 stream */
- memcpy(this->seed.ptr, seed.ptr, seed_len);
- memset(this->seed.ptr + seed_len, 0x00, nonce_len);
-
- return &this->public;
-}
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup newhope_noise newhope_noise
- * @{ @ingroup newhope_p
- */
-
-#ifndef NEWHOPE_NOISE_H_
-#define NEWHOPE_NOISE_H_
-
-typedef struct newhope_noise_t newhope_noise_t;
-
-#include <library.h>
-
-/**
- * Generate pseudo random noise using a ChaCha20 stream
- * initialized with a 256 bit seed and an 8 bit nonce
- */
-struct newhope_noise_t {
-
- /**
- * Return n pseudo random bytes with a uniform distribution
- *
- * @param nonce Nonce determining the pseudo random stream
- * @param n Number of pseudo random bytes to be returned
- * @return Return array with n pseudo random bytes
- */
- uint8_t* (*get_uniform_bytes)(newhope_noise_t *this, uint8_t nonce,
- uint16_t n);
-
- /**
- * Return n pseudo random 32-bit words with a Psi16 binomial distribution
- *
- * @param nonce Nonce determining the pseudo random stream
- * @param n Number of pseudo random Psi16 words to be returned
- * @param q Prime number q determining the ring
- * @return Return array with n pseudo random 32 bit words
- */
- uint32_t* (*get_binomial_words)(newhope_noise_t *this, uint8_t nonce,
- uint16_t n, uint16_t q);
-
- /**
- * Destroy a newhope_noise_t object
- */
- void (*destroy)(newhope_noise_t *this);
-};
-
-/**
- * Creates a new newhope_noise_t object.
- *
- * @param seed 256 bit seed (32 byte chunk)
- * @return newhope_noise_t object, NULL if not supported
- */
-newhope_noise_t *newhope_noise_create(chunk_t seed);
-
-#endif /** NEWHOPE_NOISE_H_ @}*/
-
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "newhope_plugin.h"
-#include "newhope_ke.h"
-
-#include <library.h>
-
-typedef struct private_newhope_plugin_t private_newhope_plugin_t;
-
-/**
- * private data of newhope_plugin
- */
-struct private_newhope_plugin_t {
-
- /**
- * public functions
- */
- newhope_plugin_t public;
-};
-
-METHOD(plugin_t, get_name, char*,
- private_newhope_plugin_t *this)
-{
- return "newhope";
-}
-
-METHOD(plugin_t, get_features, int,
- private_newhope_plugin_t *this, plugin_feature_t *features[])
-{
- static plugin_feature_t f[] = {
- PLUGIN_REGISTER(KE, newhope_ke_create),
- PLUGIN_PROVIDE(KE, NH_128_BIT),
- PLUGIN_DEPENDS(XOF, XOF_SHAKE_128),
- PLUGIN_DEPENDS(XOF, XOF_CHACHA20),
- };
- *features = f;
-
- return countof(f);
-}
-
-METHOD(plugin_t, destroy, void,
- private_newhope_plugin_t *this)
-{
- free(this);
-}
-
-/*
- * see header file
- */
-plugin_t *newhope_plugin_create()
-{
- private_newhope_plugin_t *this;
-
- INIT(this,
- .public = {
- .plugin = {
- .get_name = _get_name,
- .get_features = _get_features,
- .destroy = _destroy,
- },
- },
- );
-
- return &this->public.plugin;
-}
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup newhope_p newhope
- * @ingroup plugins
- *
- * @defgroup newhope_plugin newhope_plugin
- * @{ @ingroup newhope_p
- */
-
-#ifndef NEWHOPE_PLUGIN_H_
-#define NEWHOPE_PLUGIN_H_
-
-#include <plugins/plugin.h>
-
-typedef struct newhope_plugin_t newhope_plugin_t;
-
-/**
- * Plugin implementing New Hope-based key exchange
- */
-struct newhope_plugin_t {
-
- /**
- * implements plugin interface
- */
- plugin_t plugin;
-};
-
-#endif /** NEWHOPE_PLUGIN_H_ @}*/
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Based on public domain code by Erdem Alkim, Léo Ducas, Thomas Pöppelmann,
- * and Peter Schwabe.
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- *
- */
-
-#include "newhope_reconciliation.h"
-
-typedef struct private_newhope_reconciliation_t private_newhope_reconciliation_t;
-
-/**
- * Private data of an newhope_reconciliation_t object.
- */
-struct private_newhope_reconciliation_t {
-
- /**
- * Public newhope_reconciliation_t interface.
- */
- newhope_reconciliation_t public;
-
- /**
- * Array sizes
- */
- int n, n4;
-
- /**
- * Multiples of modulus q
- */
- int32_t q, q2, q4, q8, q16;
-};
-
-
-static inline int32_t rec_abs(int32_t v)
-{
- int32_t mask = v >> 31;
-
- return (v ^ mask) - mask;
-}
-
-/**
- * Auxiliary function used by help_reconcile() method
- */
-static int32_t rec_f(private_newhope_reconciliation_t *this,
- int32_t v, uint8_t r, int32_t *v0, int32_t *v1)
-{
- int32_t x, xit, t, b;
-
- x = 8 * v + 2 * r;
-
- /* compute t = x/q */
- b = x * 2730;
- t = b >> 25;
- b = x - t * this->q;
- b = this->q - 1 - b;
- b >>= 31;
- t -= b;
-
- r = t & 0x01;
- xit = (t >> 1);
- *v0 = xit + r ; /* v0 = round(x/(2q)) */
-
- t -= 1;
- r = t & 0x01;
- *v1 = ( t>> 1) + r;
-
- return rec_abs(x - (*v0) * this->q2);
-}
-
-/**
- * Auxiliary function used by reconcile() method
- */
-static int32_t rec_g(private_newhope_reconciliation_t *this, int32_t x)
-{
- int32_t t, r, b;
-
- /* t = x/(4*q) */
- b = x * 2730;
- t = b >> 27;
- b = x - t * this->q4;
- b = this->q4 - 1 - b;
- b >>= 31;
- t -= b;
-
- r = t & 0x01;
- t = (t >> 1) + r; /* t = round(x/(8q)) */
- t *= this->q8;
-
- return abs(t - x);
-}
-
-METHOD(newhope_reconciliation_t, help_reconcile, uint8_t*,
- private_newhope_reconciliation_t *this, uint32_t *v, uint8_t *rbits)
-{
- int32_t v0[4], v1[4], v_tmp[4], k;
- int i, i0, i1, i2, i3, j;
- uint8_t *r, rbit;
-
- /* allocate output vector */
- r = (uint8_t*)malloc(this->n);
-
- for (i = 0; i < this->n4/8; i++)
- {
- for (j = 0; j < 8; j++)
- {
- i0 = 8*i + j;
- i1 = i0 + this->n4;
- i2 = i1 + this->n4;
- i3 = i2 + this->n4;
-
- /* iterate through all 256 random bits */
- rbit = (rbits[i] >> j) & 0x01;
-
- k = rec_f(this, v[i0], rbit, &v0[0], &v1[0]);
- k += rec_f(this, v[i1], rbit, &v0[1], &v1[1]);
- k += rec_f(this, v[i2], rbit, &v0[2], &v1[2]);
- k += rec_f(this, v[i3], rbit, &v0[3], &v1[3]);
-
- k = (this->q2 - 1 - k) >> 31;
-
- v_tmp[0] = ((~k) & v0[0]) ^ (k & v1[0]);
- v_tmp[1] = ((~k) & v0[1]) ^ (k & v1[1]);
- v_tmp[2] = ((~k) & v0[2]) ^ (k & v1[2]);
- v_tmp[3] = ((~k) & v0[3]) ^ (k & v1[3]);
-
- r[i0] = (v_tmp[0] - v_tmp[3]) & 0x03;
- r[i1] = (v_tmp[1] - v_tmp[3]) & 0x03;
- r[i2] = (v_tmp[2] - v_tmp[3]) & 0x03;
- r[i3] = (v_tmp[3] - k + v_tmp[3]) & 0x03;
- }
- }
-
- return r;
-}
-
-METHOD(newhope_reconciliation_t, reconcile, chunk_t,
- private_newhope_reconciliation_t *this, uint32_t *v, uint8_t *r)
-{
- size_t key_len;
- uint8_t *key;
- int32_t tmp[4], t;
- int i, i0, i1, i2, i3, j;
-
- key_len = this->n4 / 8;
- key = (uint8_t*)malloc(key_len);
- memset(key, 0x00, key_len);
-
- for (i = 0; i < key_len; i++)
- {
- for (j = 0; j < 8; j++)
- {
- i0 = 8*i + j;
- i1 = i0 + this->n4;
- i2 = i1 + this->n4;
- i3 = i2 + this->n4;
-
- tmp[0] = this->q16 + 8 * (int32_t)v[i0] -
- this->q * (2*r[i0] + r[i3]);
- tmp[1] = this->q16 + 8 * (int32_t)v[i1] -
- this->q * (2*r[i1] + r[i3]);
- tmp[2] = this->q16 + 8 * (int32_t)v[i2] -
- this->q * (2*r[i2] + r[i3]);
- tmp[3] = this->q16 + 8 * (int32_t)v[i3] -
- this->q * ( r[i3]);
-
- t = rec_g(this, tmp[0]) + rec_g(this, tmp[1]) +
- rec_g(this, tmp[2]) + rec_g(this, tmp[3]) - this->q8;
-
- key[i] |= ((t >> 31) & 0x01) << j;
- }
- }
-
- return chunk_create(key, key_len);
-}
-
-METHOD(newhope_reconciliation_t, destroy, void,
- private_newhope_reconciliation_t *this)
-{
- free(this);
-}
-
-/*
- * Described in header.
- */
-newhope_reconciliation_t *newhope_reconciliation_create(int n, int32_t q)
-{
- private_newhope_reconciliation_t *this;
-
- INIT(this,
- .public = {
- .help_reconcile = _help_reconcile,
- .reconcile = _reconcile,
- .destroy = _destroy,
- },
- .n = n,
- .n4 = n / 4,
- .q = q,
- .q2 = 2 * q,
- .q4 = 4 * q,
- .q8 = 8 * q,
- .q16 = 16 * q,
- );
-
- return &this->public;
-}
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup newhope_reconciliation newhope_reconciliation
- * @{ @ingroup newhope_p
- */
-
-#ifndef NEWHOPE_RECONCILIATION_H_
-#define NEWHOPE_RECONCILIATION_H_
-
-typedef struct newhope_reconciliation_t newhope_reconciliation_t;
-
-#include <library.h>
-
-/**
- * Class assisting the error reconciliation
- * resulting in a key exchange error rate < 2^(-60)
- */
-struct newhope_reconciliation_t {
-
- /**
- * Generate reconciliation polynomial
- *
- * @param v polynomial v
- * @param rbits pseudo random bit array
- * @return return array with reconciliation polynomial
- */
- uint8_t* (*help_reconcile)(newhope_reconciliation_t *this,
- uint32_t *v, uint8_t *rbits);
-
- /**
- * Use reconciliation polynomial r to derive shared secret
- *
- * @param v polynomial v or v'
- * @param r reconciliation polynomial r
- * @return Return shared secret
- */
- chunk_t (*reconcile)(newhope_reconciliation_t *this,
- uint32_t *v, uint8_t *r);
-
- /**
- * Destroy a newhope_reconciliation_t object
- */
- void (*destroy)(newhope_reconciliation_t *this);
-};
-
-/**
- * Creates a new newhope_reconciliation_t object.
- *
- * @param n array size
- * @param q prime modulus
- * @return newhope_reconciliation_t object
- */
-newhope_reconciliation_t *newhope_reconciliation_create(int n, int32_t q);
-
-#endif /** NEWHOPE_RECONCILIATION_H_ @}*/
-
+++ /dev/null
-newhope_tests
+++ /dev/null
-TESTS = newhope_tests
-
-check_PROGRAMS = $(TESTS)
-
-newhope_tests_SOURCES = \
- suites/test_newhope_ke.c \
- suites/test_newhope_noise.c \
- suites/test_newhope_reconciliation.c \
- newhope_tests.h newhope_tests.c
-
-newhope_tests_CFLAGS = \
- -I$(top_srcdir)/src/libstrongswan \
- -I$(top_srcdir)/src/libstrongswan/tests \
- -I$(top_srcdir)/src/libstrongswan/math/libnttfft \
- -I$(top_srcdir)/src/libstrongswan/plugins/newhope \
- -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \
- -DPLUGINS=\""${s_plugins}\"" \
- @COVERAGE_CFLAGS@
-
-newhope_tests_LDFLAGS = @COVERAGE_LDFLAGS@
-newhope_tests_LDADD = \
- $(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(top_builddir)/src/libstrongswan/tests/libtest.la \
- $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la \
- ../libnewhope.la
+++ /dev/null
-/*
- * Copyright (C) 2014 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <test_runner.h>
-
-#include <library.h>
-
-/* declare test suite constructors */
-#define TEST_SUITE(x) test_suite_t* x();
-#include "newhope_tests.h"
-#undef TEST_SUITE
-
-static test_configuration_t tests[] = {
-#define TEST_SUITE(x) \
- { .suite = x, },
-#include "newhope_tests.h"
- { .suite = NULL, }
-};
-
-static bool test_runner_init(bool init)
-{
- if (init)
- {
- char *plugins, *plugindir;
-
- plugins = lib->settings->get_str(lib->settings,
- "tests.load", PLUGINS);
- plugindir = lib->settings->get_str(lib->settings,
- "tests.plugindir", PLUGINDIR);
- plugin_loader_add_plugindirs(plugindir, plugins);
- if (!lib->plugins->load(lib->plugins, plugins))
- {
- return FALSE;
- }
- }
- else
- {
- lib->processor->set_threads(lib->processor, 0);
- lib->processor->cancel(lib->processor);
- lib->plugins->unload(lib->plugins);
- }
- return TRUE;
-}
-
-int main(int argc, char *argv[])
-{
- return test_runner_run("newhope", tests, test_runner_init);
-}
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-TEST_SUITE(newhope_ke_suite_create)
-TEST_SUITE(newhope_noise_suite_create)
-TEST_SUITE(newhope_reconciliation_suite_create)
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "test_suite.h"
-
-#include <newhope_ke.h>
-
-#include <library.h>
-
-#include <time.h>
-
-const int count = 1000;
-
-START_TEST(test_newhope_ke_good)
-{
- chunk_t i_msg, r_msg, i_shared_secret, r_shared_secret;
- key_exchange_t *i_nh, *r_nh;
- struct timespec start, stop;
- int i;
-
- clock_gettime(CLOCK_THREAD_CPUTIME_ID, &start);
-
- for (i = 0; i < count; i++)
- {
- i_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT);
- ck_assert(i_nh != NULL);
- ck_assert(i_nh->get_method(i_nh) == NH_128_BIT);
-
- ck_assert(i_nh->get_public_key(i_nh, &i_msg));
- ck_assert(i_msg.len = 1824);
-
- r_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT);
- ck_assert(r_nh != NULL);
-
- ck_assert(r_nh->set_public_key(r_nh, i_msg));
- ck_assert(r_nh->get_public_key(r_nh, &r_msg));
- ck_assert(r_msg.len == 2048);
-
- ck_assert(r_nh->get_shared_secret(r_nh, &r_shared_secret));
- ck_assert(r_shared_secret.len == 32);
-
- ck_assert(i_nh->set_public_key(i_nh, r_msg));
- ck_assert(i_nh->get_shared_secret(i_nh, &i_shared_secret));
- ck_assert(i_shared_secret.len == 32);
- ck_assert(chunk_equals(i_shared_secret, r_shared_secret));
-
- /* cleanup */
- chunk_clear(&i_shared_secret);
- chunk_clear(&r_shared_secret);
- chunk_free(&i_msg);
- chunk_free(&r_msg);
- i_nh->destroy(i_nh);
- r_nh->destroy(r_nh);
- }
-
- clock_gettime(CLOCK_THREAD_CPUTIME_ID, &stop);
-
- DBG0(DBG_LIB, "%d Newhope DH loops in %d ms\n", count,
- (stop.tv_nsec - start.tv_nsec) / 1000000 +
- (stop.tv_sec - start.tv_sec) * 1000);
-}
-END_TEST
-
-START_TEST(test_newhope_ke_wrong)
-{
- chunk_t i_msg, r_msg, i_shared_secret, r_shared_secret;
- key_exchange_t *i_nh, *r_nh;
-
- i_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT);
- ck_assert(i_nh != NULL);
- ck_assert(i_nh->get_public_key(i_nh, &i_msg));
-
- r_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT);
- ck_assert(r_nh != NULL);
- ck_assert(r_nh->set_public_key(r_nh, i_msg));
- ck_assert(r_nh->get_public_key(r_nh, &r_msg));
-
- /* destroy 1st instance of i_nh */
- i_nh->destroy(i_nh);
- chunk_free(&i_msg);
-
- /* create 2nd instance of i_nh */
- i_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT);
- ck_assert(i_nh != NULL);
- ck_assert(i_nh->get_public_key(i_nh, &i_msg));
- ck_assert(i_nh->set_public_key(i_nh, r_msg));
-
- ck_assert(r_nh->get_shared_secret(r_nh, &r_shared_secret));
- ck_assert(i_nh->get_shared_secret(i_nh, &i_shared_secret));
- ck_assert(!chunk_equals(i_shared_secret, r_shared_secret));
-
- /* cleanup */
- chunk_clear(&i_shared_secret);
- chunk_clear(&r_shared_secret);
- chunk_free(&i_msg);
- chunk_free(&r_msg);
- i_nh->destroy(i_nh);
- r_nh->destroy(r_nh);
-}
-END_TEST
-
-START_TEST(test_newhope_ke_fail_i)
-{
- key_exchange_t *i_nh;
- char buf_ff[2048];
- int i;
-
- chunk_t i_msg;
-
- chunk_t r_msg[] = {
- chunk_empty,
- chunk_from_chars(0x00),
- chunk_create(buf_ff, 2047),
- chunk_create(buf_ff, 2048),
- };
-
- memset(buf_ff, 0xff, sizeof(buf_ff));
-
- for (i = 0; i < countof(r_msg); i++)
- {
- i_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT);
- ck_assert(i_nh != NULL);
- ck_assert(i_nh->get_public_key(i_nh, &i_msg));
- ck_assert(!i_nh->set_public_key(i_nh, r_msg[i]));
- chunk_free(&i_msg);
- i_nh->destroy(i_nh);
- }
-}
-END_TEST
-
-START_TEST(test_newhope_ke_fail_r)
-{
- key_exchange_t *r_nh;
- char buf_ff[1824];
- int i;
-
- chunk_t i_msg[] = {
- chunk_empty,
- chunk_from_chars(0x00),
- chunk_create(buf_ff, 1823),
- chunk_create(buf_ff, 1824),
- };
-
- memset(buf_ff, 0xff, sizeof(buf_ff));
-
- for (i = 0; i < countof(i_msg); i++)
- {
- r_nh = lib->crypto->create_ke(lib->crypto, NH_128_BIT);
- ck_assert(r_nh != NULL);
- ck_assert(!r_nh->set_public_key(r_nh, i_msg[i]));
- r_nh->destroy(r_nh);
- }
-}
-END_TEST
-
-Suite *newhope_ke_suite_create()
-{
- Suite *s;
- TCase *tc;
-
- s = suite_create("newhope_ke");
-
- tc = tcase_create("ke_good");
- test_case_set_timeout(tc, 30);
- tcase_add_test(tc, test_newhope_ke_good);
- suite_add_tcase(s, tc);
-
- tc = tcase_create("ke_wrong");
- tcase_add_test(tc, test_newhope_ke_wrong);
- suite_add_tcase(s, tc);
-
- tc = tcase_create("ke_fail_i");
- tcase_add_test(tc, test_newhope_ke_fail_i);
- suite_add_tcase(s, tc);
-
- tc = tcase_create("ke_fail_r");
- tcase_add_test(tc, test_newhope_ke_fail_r);
- suite_add_tcase(s, tc);
-
- return s;
-}
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "test_suite.h"
-
-#include <newhope_noise.h>
-
-#include <library.h>
-
-static const uint16_t n = 1024;
-static const uint16_t q = 12289;
-
-static const size_t seed_len = 32;
-
-typedef struct {
- uint8_t key;
- uint8_t nonce;
- uint8_t uniform[64];
- uint32_t poly[1024];
-} noise_t;
-
-static noise_t noises[] = {
- { 0x00, 0x00, /* polynomial s */
- { 0x9f, 0x07, 0xe7, 0xbe, 0x55, 0x51, 0x38, 0x7a, 0x98, 0xba,
- 0x97, 0x7c, 0x73, 0x2d, 0x08, 0x0d, 0xcb, 0x0f, 0x29, 0xa0,
- 0x48, 0xe3, 0x65, 0x69, 0x12, 0xc6, 0x53, 0x3e, 0x32, 0xee,
- 0x7a, 0xed, 0x29, 0xb7, 0x21, 0x76, 0x9c, 0xe6, 0x4e, 0x43,
- 0xd5, 0x71, 0x33, 0xb0, 0x74, 0xd8, 0x39, 0xd5, 0x31, 0xed,
- 0x1f, 0x28, 0x51, 0x0a, 0xfb, 0x45, 0xac, 0xe1, 0x0a, 0x1f,
- 0x4b, 0x79, 0x4d, 0x6f },
- { 12286, 12288, 12287, 5, 4, 12288, 12286, 12287, 2, 2,
- 2, 12288, 2, 12284, 1, 12288, 12288, 12288, 6, 12288,
- 0, 4, 1, 12285, 12286, 2, 12284, 12287, 1, 5,
- 5, 12286, 12288, 2, 12286, 0, 3, 1, 0, 2,
- 0, 0, 4, 12283, 12284, 4, 0, 12288, 3, 12288,
- 0, 4, 1, 12288, 12286, 0, 3, 1, 12286, 12287,
- 12285, 3, 2, 3, 12286, 0, 6, 6, 12288, 12284,
- 0, 12282, 1, 0, 4, 1, 0, 3, 2, 2,
- 3, 3, 2, 12288, 3, 1, 12287, 12285, 0, 12288,
- 0, 0, 12288, 12287, 12284, 12286, 0, 12288, 4, 4,
- 12288, 5, 12286, 2, 12288, 5, 1, 12283, 1, 12288,
- 1, 12288, 12287, 12285, 2, 2, 12285, 12284, 0, 12285,
- 12287, 0, 1, 0, 2, 12288, 12288, 12287, 0, 4,
- 12288, 12285, 12288, 0, 2, 1, 12287, 3, 1, 3,
- 5, 12286, 1, 0, 12286, 0, 4, 0, 12288, 1,
- 12288, 4, 5, 12283, 12288, 1, 3, 12283, 12286, 5,
- 1, 12286, 12287, 12286, 0, 12287, 12285, 1, 0, 0,
- 1, 3, 0, 0, 0, 12284, 12286, 2, 4, 12288,
- 6, 1, 2, 12288, 1, 12287, 12286, 12284, 12287, 1,
- 3, 12284, 0, 0, 6, 12286, 7, 5, 2, 3,
- 12285, 12287, 12285, 2, 3, 12283, 2, 12284, 12288, 3,
- 12288, 1, 4, 12287, 2, 12288, 12288, 1, 12286, 12284,
- 2, 1, 5, 12286, 0, 12288, 0, 0, 0, 12287,
- 1, 0, 3, 0, 0, 6, 2, 12283, 1, 3,
- 3, 12284, 3, 1, 12286, 2, 12288, 0, 6, 1,
- 1, 12285, 12287, 12288, 4, 2, 12288, 3, 12286, 12288,
- 12287, 3, 3, 2, 7, 4, 12287, 12286, 12287, 2,
- 2, 12287, 1, 12288, 1, 12287, 12283, 12287, 12288, 1,
- 12283, 0, 12286, 12288, 4, 12287, 12286, 12286, 2, 2,
- 12287, 5, 12288, 4, 0, 12287, 1, 3, 12286, 2,
- 1, 1, 12288, 12287, 5, 12288, 0, 0, 1, 0,
- 12286, 6, 2, 1, 2, 5, 12286, 6, 12286, 12288,
- 0, 12286, 3, 12283, 12288, 12284, 0, 7, 2, 6,
- 1, 12288, 12285, 12284, 1, 0, 0, 2, 12288, 12288,
- 12288, 3, 3, 1, 3, 12286, 4, 3, 12284, 4,
- 1, 12287, 12287, 12285, 0, 12287, 12287, 12287, 12286, 12288,
- 1, 12287, 1, 0, 12288, 2, 0, 4, 0, 12287,
- 12285, 12285, 5, 3, 12282, 0, 12287, 5, 12287, 1,
- 12283, 12288, 12288, 3, 1, 1, 3, 12288, 12283, 5,
- 12288, 12288, 5, 5, 1, 12286, 12286, 12288, 1, 2,
- 1, 3, 12287, 12288, 12284, 12287, 1, 12287, 0, 12286,
- 12285, 1, 12287, 12282, 12286, 12287, 0, 12285, 4, 2,
- 1, 12282, 0, 1, 12288, 12285, 12284, 12286, 12286, 12287,
- 12288, 1, 12288, 4, 12287, 4, 12287, 12287, 0, 1,
- 12287, 3, 1, 12286, 12286, 4, 6, 12288, 1, 12285,
- 12286, 12287, 0, 12287, 12287, 1, 12286, 5, 0, 2,
- 12283, 12284, 1, 12286, 0, 12287, 12286, 12288, 1, 4,
- 4, 12283, 2, 6, 1, 12288, 12286, 2, 7, 2,
- 1, 12288, 5, 12284, 12288, 12288, 1, 7, 3, 12283,
- 1, 12286, 2, 12288, 12287, 1, 12286, 1, 12286, 12288,
- 12287, 3, 2, 2, 0, 12284, 12287, 1, 1, 12284,
- 12286, 1, 2, 1, 0, 12285, 1, 0, 1, 2,
- 2, 4, 12288, 1, 12288, 5, 0, 12287, 12288, 2,
- 0, 12288, 12287, 0, 12288, 12288, 0, 0, 12285, 4,
- 2, 12288, 0, 2, 0, 12288, 1, 3, 12287, 12288,
- 12288, 12288, 12286, 0, 12285, 12286, 12287, 3, 0, 12286,
- 2, 1, 12285, 2, 12288, 0, 5, 0, 1, 12288,
- 12288, 4, 3, 3, 12286, 2, 12288, 4, 12288, 6,
- 2, 12286, 4, 12287, 2, 12287, 0, 12284, 12288, 0,
- 12286, 12288, 3, 4, 12286, 12288, 1, 3, 12286, 3,
- 4, 1, 1, 6, 3, 1, 1, 0, 12288, 4,
- 0, 12288, 0, 0, 0, 12288, 2, 4, 2, 12287,
- 0, 0, 3, 2, 3, 4, 0, 3, 2, 12288,
- 2, 4, 6, 12286, 12284, 12287, 1, 0, 0, 4,
- 1, 3, 12282, 1, 2, 2, 0, 3, 12282, 2,
- 12287, 2, 12288, 4, 12288, 3, 3, 12283, 12288, 12288,
- 12286, 12287, 5, 4, 3, 3, 12288, 12284, 2, 2,
- 0, 12288, 1, 3, 3, 4, 12284, 12288, 0, 1,
- 12284, 0, 12286, 12287, 0, 0, 12287, 0, 1, 6,
- 12288, 1, 12284, 12287, 12282, 12288, 4, 12287, 1, 12286,
- 1, 12286, 12286, 1, 4, 0, 12288, 1, 12288, 1,
- 12285, 3, 1, 0, 1, 0, 12288, 12287, 2, 2,
- 0, 12288, 3, 12284, 2, 12288, 12288, 12288, 12287, 3,
- 3, 0, 12286, 12286, 1, 2, 12286, 12287, 0, 1,
- 12288, 12287, 12287, 12288, 12288, 1, 9, 1, 12288, 12287,
- 2, 1, 1, 0, 12287, 12287, 2, 2, 12288, 12285,
- 1, 12287, 4, 0, 2, 1, 1, 3, 12284, 12286,
- 1, 2, 12288, 12287, 4, 1, 12285, 0, 1, 2,
- 12288, 1, 3, 0, 12286, 0, 12288, 12286, 12287, 12286,
- 1, 12284, 1, 2, 2, 12288, 0, 12288, 1, 12284,
- 2, 3, 12287, 1, 12285, 12288, 0, 1, 12284, 2,
- 12288, 12286, 12286, 3, 12288, 12282, 3, 12287, 12288, 12287,
- 4, 12287, 1, 2, 9, 12283, 12286, 12286, 0, 4,
- 12288, 12288, 4, 0, 1, 1, 2, 12284, 1, 1,
- 0, 12288, 1, 0, 12287, 1, 1, 5, 2, 1,
- 12288, 3, 12287, 5, 4, 1, 4, 12287, 12285, 3,
- 12286, 1, 3, 0, 12287, 0, 12286, 12287, 12287, 12287,
- 3, 2, 12286, 12284, 2, 12288, 1, 1, 12288, 3,
- 1, 3, 12284, 3, 12282, 12288, 3, 0, 2, 12288,
- 0, 5, 0, 2, 0, 12281, 12285, 4, 3, 4,
- 2, 12284, 0, 0, 2, 2, 12287, 12284, 2, 12286,
- 1, 12288, 1, 12286, 12286, 12287, 4, 0, 6, 3,
- 0, 3, 12288, 12288, 12288, 12287, 3, 1, 1, 1,
- 2, 12287, 12284, 3, 12286, 12280, 3, 12284, 12287, 12288,
- 5, 12288, 12284, 2, 12285, 4, 3, 12286, 6, 2,
- 1, 12287, 0, 1, 2, 12286, 1, 0, 12287, 0,
- 1, 1, 12286, 2, 12285, 0, 1, 12288, 0, 1,
- 12288, 1, 12288, 12287, 12287, 12285, 12282, 12288, 2, 12288,
- 2, 12284, 1, 12284, 12287, 12286, 12288, 0, 12288, 1,
- 12283, 12286, 5, 3, 0, 12286, 12286, 3, 1, 0,
- 1, 12288, 12288, 4, 1, 12286, 12287, 12285, 2, 0,
- 2, 12287, 1, 12285, 12288, 12286, 12288, 2, 2, 12285,
- 3, 12286, 12285, 12287 }
- },
- { 0x00, 0x01, /* polynomial e */
- { 0x46, 0xf0, 0xf6, 0xef, 0xee, 0x15, 0xc8, 0xf1, 0xb1, 0x98,
- 0xcb, 0x49, 0xd9, 0x2b, 0x99, 0x08, 0x67, 0x90, 0x51, 0x59,
- 0x44, 0x0c, 0xc7, 0x23, 0x91, 0x6d, 0xc0, 0x01, 0x28, 0x26,
- 0x98, 0x10, 0x39, 0xce, 0x17, 0x66, 0xaa, 0x25, 0x42, 0xb0,
- 0x5d, 0xb3, 0xbd, 0x80, 0x9a, 0xb1, 0x42, 0x48, 0x9d, 0x5d,
- 0xbf, 0xe1, 0x27, 0x3e, 0x73, 0x99, 0x63, 0x7b, 0x4b, 0x32,
- 0x13, 0x76, 0x8a, 0xaa },
- { 12283, 1, 12288, 4, 0, 12285, 5, 1, 1, 2,
- 3, 4, 12288, 0, 3, 1, 1, 0, 12286, 6,
- 1, 0, 1, 0, 4, 2, 12288, 3, 0, 5,
- 1, 5, 2, 12285, 4, 12288, 3, 2, 12288, 2,
- 12288, 12285, 12287, 6, 12282, 1, 12286, 7, 12287, 4,
- 2, 2, 12288, 12285, 0, 2, 0, 12288, 1, 12287,
- 12287, 2, 1, 2, 1, 12285, 12288, 12286, 1, 2,
- 12287, 12288, 12288, 1, 0, 12287, 0, 4, 2, 6,
- 12287, 12285, 12283, 12285, 5, 12283, 12286, 1, 12283, 2,
- 3, 12286, 12285, 2, 5, 12286, 3, 0, 3, 12286,
- 5, 12285, 12287, 12288, 1, 5, 3, 5, 1, 1,
- 1, 12288, 5, 0, 12288, 3, 2, 12288, 12285, 12288,
- 5, 6, 0, 2, 1, 12287, 12288, 12287, 3, 12284,
- 2, 0, 3, 0, 0, 12288, 0, 2, 2, 2,
- 0, 1, 2, 2, 0, 0, 12287, 12285, 0, 4,
- 1, 12283, 3, 5, 12288, 12286, 12287, 6, 2, 0,
- 0, 12287, 2, 2, 12288, 0, 2, 12288, 12287, 12288,
- 12288, 1, 12288, 1, 12288, 2, 4, 2, 1, 1,
- 0, 12287, 3, 2, 6, 2, 1, 12288, 12285, 6,
- 0, 1, 12284, 12287, 12287, 12286, 5, 4, 0, 5,
- 12287, 12286, 12288, 12286, 0, 3, 1, 12287, 12287, 12288,
- 12288, 12286, 1, 0, 3, 12287, 3, 1, 12283, 1,
- 12288, 5, 1, 4, 12286, 12287, 2, 0, 0, 0,
- 12281, 12286, 0, 8, 5, 0, 4, 0, 12287, 5,
- 1, 3, 2, 12286, 12286, 12288, 12285, 12285, 12287, 0,
- 12284, 12287, 1, 0, 2, 1, 12286, 12288, 2, 12285,
- 0, 0, 0, 1, 0, 6, 1, 12288, 12287, 12287,
- 0, 3, 12288, 12288, 12287, 0, 12287, 1, 3, 0,
- 0, 12286, 12286, 4, 4, 12287, 1, 3, 4, 12287,
- 12284, 2, 12288, 12286, 12283, 12285, 1, 3, 1, 12288,
- 0, 3, 3, 12284, 12285, 5, 3, 12288, 3, 4,
- 3, 1, 12288, 0, 12288, 1, 0, 0, 3, 0,
- 3, 2, 12287, 12288, 0, 12288, 0, 2, 12285, 4,
- 0, 12287, 12287, 1, 1, 1, 12287, 12285, 4, 12282,
- 3, 1, 1, 12288, 2, 4, 12285, 12286, 3, 1,
- 0, 12287, 12283, 12285, 2, 5, 1, 1, 12288, 12288,
- 0, 8, 3, 12287, 12285, 12287, 12286, 12284, 1, 12286,
- 1, 12288, 2, 3, 12288, 12288, 2, 12288, 12284, 12285,
- 0, 3, 12288, 12288, 2, 3, 7, 12287, 3, 3,
- 3, 12284, 0, 0, 1, 12283, 5, 0, 1, 12288,
- 3, 12286, 12287, 12286, 0, 0, 12287, 12283, 4, 12283,
- 0, 0, 3, 12285, 5, 12286, 12282, 12288, 1, 12287,
- 12288, 1, 5, 2, 12287, 2, 12288, 7, 12288, 3,
- 5, 1, 0, 12287, 1, 12287, 3, 2, 4, 2,
- 12287, 12286, 12288, 2, 5, 1, 12286, 4, 0, 2,
- 6, 12286, 2, 12286, 3, 12288, 5, 12285, 0, 2,
- 12287, 5, 12286, 12284, 7, 12285, 12286, 12284, 12287, 1,
- 12288, 12284, 12286, 2, 4, 2, 2, 12283, 12286, 2,
- 2, 12283, 1, 12286, 1, 0, 12284, 3, 0, 4,
- 1, 0, 4, 12288, 0, 12287, 12287, 12287, 12286, 12284,
- 12288, 3, 1, 12285, 0, 3, 8, 4, 2, 12288,
- 3, 12287, 12287, 2, 3, 12288, 12286, 2, 12286, 12288,
- 0, 1, 12287, 12285, 0, 12285, 12288, 12287, 1, 12287,
- 0, 12284, 0, 1, 1, 12285, 0, 0, 0, 12287,
- 12287, 3, 0, 4, 12288, 1, 12288, 12285, 12283, 0,
- 12286, 12286, 12285, 12285, 12287, 1, 0, 2, 3, 1,
- 2, 12286, 12288, 3, 12286, 12288, 12288, 6, 2, 2,
- 0, 12288, 2, 5, 12288, 0, 12284, 12282, 12286, 1,
- 12288, 12288, 12286, 12288, 3, 12286, 2, 0, 12283, 0,
- 4, 2, 12288, 0, 12286, 0, 4, 3, 12286, 12287,
- 4, 12288, 3, 2, 12283, 1, 1, 1, 3, 12286,
- 4, 0, 12288, 12285, 12287, 0, 0, 12286, 4, 0,
- 12286, 2, 12288, 12288, 12285, 12283, 5, 3, 12286, 12288,
- 4, 1, 12283, 0, 12288, 0, 12287, 12287, 0, 3,
- 12287, 12287, 2, 2, 3, 0, 1, 4, 12288, 3,
- 3, 0, 12284, 12285, 4, 12288, 1, 12287, 0, 1,
- 12283, 1, 12284, 12287, 12286, 12285, 0, 0, 3, 12285,
- 3, 1, 12288, 12287, 12284, 12282, 5, 3, 3, 2,
- 12285, 4, 12288, 0, 3, 12288, 4, 0, 12283, 12288,
- 2, 12285, 12288, 12282, 0, 2, 12285, 3, 1, 12284,
- 1, 5, 7, 12286, 5, 12285, 1, 2, 0, 4,
- 12283, 12287, 12286, 2, 12280, 12287, 12288, 2, 12285, 12286,
- 2, 1, 2, 1, 2, 2, 3, 3, 0, 0,
- 4, 2, 12288, 12286, 4, 0, 1, 12288, 2, 12287,
- 12288, 12288, 1, 3, 12283, 12288, 1, 12287, 1, 1,
- 3, 12288, 12288, 1, 2, 1, 1, 12283, 7, 12286,
- 12288, 1, 12288, 12287, 12284, 7, 2, 12285, 12286, 0,
- 0, 0, 2, 4, 12288, 0, 12284, 12285, 12286, 2,
- 12284, 2, 4, 6, 3, 12287, 12288, 12285, 1, 2,
- 12286, 0, 0, 12287, 12288, 0, 12286, 2, 1, 1,
- 1, 3, 1, 12285, 4, 0, 12287, 12288, 12287, 0,
- 12288, 12287, 12288, 12287, 12288, 12288, 0, 12287, 12284, 0,
- 12288, 12285, 3, 2, 4, 2, 12284, 3, 1, 3,
- 4, 12288, 12285, 12284, 12287, 1, 4, 0, 2, 12288,
- 4, 12288, 12287, 3, 1, 0, 0, 12284, 12287, 2,
- 4, 12287, 2, 12288, 0, 2, 2, 3, 12287, 12286,
- 8, 12286, 12285, 0, 12285, 2, 3, 5, 12287, 12288,
- 6, 12288, 12284, 0, 0, 3, 1, 2, 12284, 2,
- 1, 3, 2, 0, 0, 12288, 12287, 12288, 1, 12288,
- 4, 3, 12284, 1, 3, 12288, 12283, 12288, 1, 1,
- 2, 1, 1, 3, 1, 12288, 0, 12288, 2, 0,
- 0, 12284, 12283, 3, 12288, 0, 2, 12287, 0, 0,
- 12286, 12286, 0, 0, 2, 4, 12288, 1, 2, 3,
- 2, 12286, 12286, 1, 2, 4, 12288, 12288, 12284, 12287,
- 6, 2, 12288, 12286, 0, 0, 3, 12286, 12288, 12287,
- 12286, 12287, 3, 1, 12286, 0, 4, 3, 12286, 5,
- 2, 1, 12287, 12286, 4, 12287, 0, 5, 12288, 0,
- 12288, 2, 2, 1, 1, 0, 0, 12288, 12288, 12288,
- 0, 0, 12288, 12287, 5, 1, 12288, 1, 10, 1,
- 0, 0, 2, 2, 2, 0, 12288, 4, 2, 12283,
- 3, 1, 1, 12285, 2, 12285, 5, 7, 5, 12288,
- 0, 12287, 5, 1, 12288, 12286, 12287, 0, 0, 0,
- 12287, 1, 3, 12288 }
- },
- { 0x01, 0x00, /* polynomial s' */
- { 0x3a, 0xeb, 0x52, 0x24, 0xec, 0xf8, 0x49, 0x92, 0x9b, 0x9d,
- 0x82, 0x8d, 0xb1, 0xce, 0xd4, 0xdd, 0x83, 0x20, 0x25, 0xe8,
- 0x01, 0x8b, 0x81, 0x60, 0xb8, 0x22, 0x84, 0xf3, 0xc9, 0x49,
- 0xaa, 0x5a, 0x8e, 0xca, 0x00, 0xbb, 0xb4, 0xa7, 0x3b, 0xda,
- 0xd1, 0x92, 0xb5, 0xc4, 0x2f, 0x73, 0xf2, 0xfd, 0x4e, 0x27,
- 0x36, 0x44, 0xc8, 0xb3, 0x61, 0x25, 0xa6, 0x4a, 0xdd, 0xeb,
- 0x00, 0x6c, 0x13, 0xa0 },
- { 5, 4, 4, 12288, 12286, 1, 12287, 12288, 2, 12288,
- 12288, 12287, 2, 2, 12284, 12288, 12288, 3, 2, 3,
- 12287, 2, 2, 0, 0, 2, 5, 12285, 5, 12287,
- 2, 12282, 12286, 2, 1, 2, 1, 1, 12288, 12285,
- 12287, 12286, 2, 0, 0, 12285, 0, 0, 12287, 12286,
- 12285, 12286, 2, 12288, 12288, 0, 1, 2, 12286, 2,
- 1, 0, 0, 2, 1, 12288, 1, 12287, 1, 0,
- 0, 2, 12285, 2, 2, 12288, 12286, 3, 12287, 0,
- 1, 1, 0, 2, 12287, 2, 1, 2, 3, 0,
- 0, 1, 12288, 12288, 2, 12287, 12286, 12286, 6, 12288,
- 0, 0, 4, 0, 12286, 0, 4, 12288, 12288, 5,
- 12287, 12288, 12285, 2, 12285, 12288, 1, 0, 2, 12288,
- 12286, 1, 3, 12285, 2, 2, 1, 1, 12288, 12288,
- 12287, 1, 12288, 3, 0, 12285, 4, 12285, 12287, 2,
- 2, 12287, 12287, 12286, 12288, 12284, 2, 12286, 4, 1,
- 0, 12286, 12284, 3, 12286, 3, 12286, 3, 4, 1,
- 12288, 12282, 2, 2, 12284, 0, 12286, 12283, 3, 0,
- 4, 2, 4, 2, 12285, 10, 12288, 8, 3, 2,
- 2, 0, 1, 0, 0, 12286, 2, 12284, 4, 1,
- 12287, 12287, 1, 1, 12286, 1, 0, 12285, 12288, 12286,
- 12287, 2, 1, 12284, 12288, 12285, 12285, 3, 0, 1,
- 4, 4, 1, 0, 2, 1, 12288, 1, 12287, 0,
- 12286, 4, 2, 3, 3, 12285, 12288, 12288, 5, 2,
- 0, 4, 3, 12287, 12287, 5, 2, 3, 12284, 0,
- 8, 1, 1, 0, 5, 12288, 12288, 12288, 12286, 6,
- 3, 12288, 12286, 12287, 4, 12288, 2, 12288, 12284, 12287,
- 4, 12288, 0, 0, 3, 0, 4, 4, 12287, 0,
- 3, 0, 12285, 12287, 12288, 12288, 0, 0, 12287, 12288,
- 12286, 0, 0, 12285, 12288, 4, 12287, 1, 2, 12288,
- 12285, 5, 4, 12283, 2, 0, 12288, 2, 0, 0,
- 12286, 12284, 3, 3, 3, 12287, 1, 1, 0, 1,
- 3, 12288, 4, 4, 0, 2, 0, 1, 12286, 12284,
- 2, 2, 12287, 3, 2, 12288, 3, 12286, 2, 12286,
- 12288, 4, 3, 12288, 2, 12288, 2, 1, 12288, 12288,
- 7, 12288, 12288, 0, 12288, 1, 12284, 12288, 12288, 12287,
- 12287, 1, 12285, 12287, 12287, 1, 0, 2, 12286, 3,
- 12288, 12288, 12287, 3, 5, 0, 0, 12287, 2, 12287,
- 12288, 8, 12287, 1, 2, 12288, 12284, 3, 0, 12287,
- 12284, 3, 0, 2, 1, 3, 4, 12287, 12286, 12288,
- 12286, 0, 0, 12287, 12285, 0, 12286, 2, 1, 12287,
- 12288, 5, 12287, 12287, 12286, 2, 12283, 0, 0, 12286,
- 2, 12284, 5, 0, 1, 12287, 0, 3, 1, 12285,
- 12288, 0, 3, 12287, 2, 12286, 0, 1, 12288, 1,
- 12284, 12281, 12284, 12288, 12285, 2, 5, 4, 12286, 0,
- 12287, 12288, 12286, 12285, 3, 12282, 1, 12287, 2, 0,
- 6, 12288, 4, 12286, 3, 12288, 12286, 12284, 3, 1,
- 6, 3, 2, 1, 2, 1, 1, 12288, 12287, 1,
- 3, 3, 1, 0, 0, 12288, 3, 12284, 12285, 12284,
- 1, 3, 12286, 0, 1, 12285, 12287, 1, 12285, 2,
- 0, 1, 12287, 1, 4, 3, 1, 12287, 0, 5,
- 1, 12288, 2, 1, 1, 4, 3, 12286, 3, 3,
- 2, 12287, 3, 12286, 0, 12288, 12285, 2, 3, 12286,
- 0, 12287, 5, 4, 1, 1, 12287, 12288, 2, 0,
- 0, 0, 2, 0, 12286, 4, 12288, 12288, 12285, 12286,
- 2, 12288, 12288, 0, 12288, 12286, 12284, 12287, 1, 5,
- 0, 12285, 12287, 2, 4, 3, 12285, 12287, 12288, 0,
- 12288, 12287, 12286, 2, 12288, 12286, 12284, 1, 2, 12287,
- 4, 1, 4, 4, 12284, 2, 0, 12288, 3, 1,
- 0, 4, 1, 6, 0, 12286, 12288, 12287, 12287, 0,
- 12284, 12285, 2, 12286, 1, 0, 3, 12288, 1, 2,
- 12284, 12286, 12285, 12283, 12285, 0, 12285, 2, 0, 2,
- 1, 3, 1, 12286, 12288, 1, 4, 0, 0, 12287,
- 12287, 12286, 0, 1, 12286, 0, 2, 12288, 2, 12287,
- 0, 0, 12286, 12287, 4, 6, 12286, 0, 12288, 0,
- 0, 12287, 2, 3, 4, 1, 3, 12286, 4, 0,
- 12288, 12286, 12287, 12287, 12288, 4, 12285, 1, 12286, 12286,
- 2, 12288, 0, 0, 1, 5, 12285, 1, 12281, 3,
- 12281, 2, 3, 0, 12284, 12288, 5, 0, 0, 12288,
- 0, 0, 12288, 12286, 3, 12287, 0, 2, 12288, 0,
- 3, 12288, 12286, 0, 12286, 12287, 12284, 0, 12286, 1,
- 12287, 12282, 12287, 12288, 0, 5, 12288, 2, 1, 12288,
- 1, 12285, 5, 2, 12286, 12285, 12287, 0, 2, 12288,
- 1, 12288, 1, 12286, 0, 2, 12287, 12287, 6, 12286,
- 12288, 0, 12286, 4, 6, 12287, 12287, 2, 2, 12285,
- 1, 12288, 12285, 12286, 5, 12288, 1, 2, 1, 7,
- 12286, 5, 12288, 12287, 12286, 12284, 1, 2, 12287, 4,
- 1, 1, 0, 1, 2, 12285, 2, 12288, 12284, 1,
- 1, 12287, 12286, 12285, 12287, 1, 12287, 3, 1, 12286,
- 0, 12286, 3, 3, 12288, 2, 12288, 5, 12288, 1,
- 2, 0, 12287, 1, 12287, 7, 2, 3, 0, 12287,
- 2, 12284, 12284, 12281, 12286, 12285, 12287, 12287, 0, 12288,
- 3, 4, 3, 2, 3, 1, 12288, 12286, 0, 12288,
- 12286, 1, 12286, 6, 12287, 1, 6, 5, 3, 1,
- 12286, 2, 1, 3, 1, 12286, 12285, 3, 2, 0,
- 0, 12284, 1, 1, 3, 3, 1, 1, 12288, 0,
- 12284, 1, 12288, 0, 0, 12287, 0, 4, 12285, 0,
- 4, 12283, 1, 1, 0, 12285, 0, 12286, 0, 0,
- 1, 0, 12286, 0, 12288, 3, 4, 0, 2, 1,
- 12287, 2, 12288, 1, 0, 12288, 0, 12288, 6, 12288,
- 12287, 12286, 3, 12284, 0, 12288, 12284, 12286, 12287, 12288,
- 12288, 12288, 4, 0, 2, 6, 12286, 1, 4, 12288,
- 2, 1, 0, 5, 2, 1, 12285, 0, 0, 12285,
- 4, 12286, 5, 1, 3, 2, 12287, 2, 0, 2,
- 7, 12283, 12288, 12288, 3, 0, 3, 12288, 3, 12286,
- 12288, 12287, 12288, 3, 0, 2, 4, 1, 12284, 2,
- 12288, 12286, 12287, 1, 1, 12288, 0, 12288, 12283, 6,
- 2, 1, 12288, 3, 12287, 12288, 1, 1, 12285, 0,
- 12286, 12287, 12288, 1, 2, 12287, 0, 4, 0, 12286,
- 2, 1, 12288, 12285, 12287, 0, 2, 12287, 6, 2,
- 0, 12287, 12288, 2, 12288, 12284, 12288, 12285, 4, 1,
- 12288, 12284, 12287, 4, 12284, 1, 3, 12284, 12282, 0,
- 12286, 12287, 2, 12286, 3, 4, 2, 12288, 3, 3,
- 1, 3, 12287, 12283 }
- },
- { 0x01, 0x01, /* polynomial e' */
- { 0x58, 0xd8, 0x6a, 0xcd, 0xe2, 0x79, 0x61, 0x98, 0xfd, 0xea,
- 0xcf, 0x2a, 0xc0, 0xfd, 0xf0, 0x72, 0x86, 0x32, 0xdc, 0xe9,
- 0xc6, 0x45, 0x81, 0x80, 0x67, 0x06, 0x72, 0x28, 0xa6, 0xfe,
- 0x41, 0x2b, 0x78, 0x88, 0x58, 0x6d, 0x58, 0x47, 0x3e, 0xb7,
- 0x46, 0x60, 0xd8, 0x2f, 0xa0, 0x83, 0xe4, 0xbc, 0x81, 0xdd,
- 0xc6, 0x29, 0x8b, 0xee, 0xf9, 0xec, 0x90, 0x39, 0x9d, 0x46,
- 0xbf, 0x2d, 0x7c, 0xdf },
- { 12287, 3, 3, 1, 12285, 4, 1, 5, 12287, 12285,
- 12285, 12285, 1, 12288, 12287, 12288, 2, 3, 12283, 12288,
- 12285, 0, 0, 12286, 12287, 12288, 12288, 12288, 12288, 1,
- 12288, 2, 2, 5, 5, 0, 12287, 12286, 3, 3,
- 2, 2, 1, 0, 2, 12287, 12285, 3, 1, 3,
- 5, 2, 12287, 12287, 2, 0, 4, 2, 0, 0,
- 1, 5, 12288, 6, 4, 12287, 1, 0, 12283, 0,
- 1, 12286, 2, 0, 2, 1, 12284, 12282, 0, 6,
- 1, 2, 5, 12288, 6, 12288, 12284, 2, 1, 2,
- 12288, 12283, 12288, 3, 12288, 12288, 2, 12286, 12283, 1,
- 12285, 0, 0, 12286, 12288, 12286, 12288, 12286, 4, 0,
- 1, 12285, 3, 1, 2, 12285, 12287, 12284, 12287, 12285,
- 12286, 1, 12288, 3, 5, 5, 3, 12285, 12286, 12288,
- 0, 1, 12287, 12284, 2, 4, 12288, 12287, 0, 12288,
- 12288, 12285, 12288, 12284, 3, 0, 2, 0, 2, 0,
- 1, 1, 1, 12287, 1, 12284, 12285, 0, 12284, 1,
- 12284, 2, 12288, 5, 4, 1, 1, 12284, 1, 3,
- 2, 6, 3, 2, 3, 12284, 0, 0, 4, 2,
- 6, 2, 2, 2, 6, 12288, 0, 1, 12286, 1,
- 5, 1, 12283, 2, 0, 12284, 1, 12286, 4, 1,
- 2, 4, 6, 12288, 12288, 12284, 1, 0, 3, 12286,
- 1, 0, 3, 12288, 12287, 2, 2, 0, 12285, 12286,
- 0, 12288, 4, 2, 12282, 12287, 1, 12288, 12287, 12286,
- 12284, 1, 4, 2, 7, 12288, 12283, 12288, 5, 12288,
- 12288, 12287, 3, 2, 12287, 5, 12287, 12286, 12288, 12287,
- 0, 12282, 12288, 12288, 0, 3, 12287, 2, 12287, 12284,
- 6, 12285, 2, 3, 3, 12284, 2, 4, 12286, 5,
- 0, 2, 12287, 3, 0, 12284, 12286, 0, 2, 12286,
- 12287, 3, 1, 4, 1, 12286, 12288, 1, 2, 0,
- 12285, 12287, 2, 0, 0, 0, 3, 12286, 12287, 2,
- 0, 0, 0, 12286, 4, 1, 12287, 0, 0, 2,
- 5, 0, 12284, 1, 1, 12288, 2, 12286, 12288, 2,
- 2, 12282, 1, 12286, 4, 12286, 3, 12287, 12287, 12286,
- 5, 5, 0, 12288, 3, 12285, 1, 12287, 7, 12286,
- 2, 12287, 1, 12285, 2, 12287, 12288, 0, 4, 12281,
- 0, 12286, 3, 1, 12285, 2, 2, 12285, 5, 0,
- 12285, 2, 12288, 1, 3, 12287, 1, 12288, 1, 5,
- 12287, 1, 0, 3, 2, 12286, 12286, 12288, 3, 0,
- 12287, 12288, 0, 12286, 12285, 0, 12286, 12288, 3, 12287,
- 12288, 2, 6, 0, 2, 12285, 1, 1, 7, 7,
- 12284, 12284, 5, 0, 12288, 12288, 4, 3, 1, 2,
- 12287, 0, 12288, 12284, 2, 5, 1, 2, 0, 12288,
- 1, 12284, 2, 3, 0, 12287, 12285, 2, 12288, 12288,
- 7, 1, 12287, 1, 12286, 2, 3, 4, 12288, 12288,
- 12286, 12286, 3, 12288, 1, 12286, 12286, 0, 12283, 12288,
- 2, 0, 7, 2, 12287, 0, 0, 12286, 4, 1,
- 12288, 12288, 1, 2, 12287, 12282, 3, 5, 0, 12288,
- 12288, 12286, 12286, 12286, 4, 2, 0, 1, 12284, 3,
- 12283, 5, 12287, 2, 2, 12288, 1, 12284, 1, 0,
- 1, 3, 12288, 2, 12287, 1, 12286, 12288, 0, 12287,
- 12288, 2, 2, 12286, 0, 12287, 12288, 12284, 0, 2,
- 2, 2, 1, 3, 12285, 12285, 1, 12285, 2, 6,
- 2, 0, 12288, 0, 0, 3, 2, 12287, 1, 12286,
- 0, 12287, 0, 1, 12285, 12287, 6, 12288, 2, 0,
- 12286, 2, 4, 12288, 2, 5, 12285, 12286, 0, 12284,
- 12288, 3, 3, 3, 12287, 4, 2, 0, 12283, 2,
- 12287, 0, 1, 12287, 2, 12288, 12287, 3, 2, 7,
- 7, 1, 12287, 12288, 2, 6, 1, 3, 2, 0,
- 2, 2, 3, 12288, 3, 4, 2, 0, 5, 12285,
- 3, 12285, 3, 12285, 1, 1, 12287, 12285, 2, 12285,
- 5, 0, 7, 2, 12284, 0, 12285, 7, 1, 12288,
- 12288, 0, 12288, 12287, 5, 0, 2, 0, 2, 12286,
- 1, 12286, 0, 12286, 12285, 4, 12286, 2, 12288, 12287,
- 12287, 1, 12286, 12287, 12287, 12286, 12287, 12288, 6, 5,
- 2, 5, 12283, 12286, 12286, 12288, 1, 0, 3, 12286,
- 5, 0, 12287, 12288, 12288, 12287, 12286, 2, 1, 0,
- 1, 2, 3, 1, 12286, 2, 1, 6, 12288, 1,
- 12286, 1, 12288, 0, 1, 0, 12283, 0, 2, 12288,
- 3, 1, 12287, 12288, 4, 0, 3, 12286, 0, 1,
- 12283, 4, 1, 4, 12287, 5, 0, 12287, 12288, 3,
- 3, 12282, 1, 4, 2, 3, 0, 2, 6, 12282,
- 12285, 12288, 12287, 12288, 2, 12285, 1, 0, 12287, 12288,
- 12286, 0, 0, 4, 12288, 12287, 1, 0, 2, 5,
- 2, 12287, 1, 7, 12284, 0, 12287, 12286, 2, 1,
- 12287, 0, 1, 12284, 12287, 12287, 12285, 12285, 3, 12282,
- 12286, 1, 1, 12288, 12282, 12287, 1, 1, 2, 2,
- 3, 1, 12287, 5, 12282, 0, 0, 12287, 1, 3,
- 12288, 3, 12285, 12286, 2, 0, 12288, 12288, 5, 12285,
- 4, 12288, 12287, 0, 1, 4, 1, 2, 12288, 0,
- 2, 1, 12288, 4, 6, 12288, 1, 12287, 4, 1,
- 12285, 12288, 3, 0, 12288, 12285, 2, 0, 12286, 2,
- 1, 12288, 1, 12288, 12284, 3, 0, 2, 2, 12288,
- 12287, 12286, 4, 12288, 2, 0, 0, 3, 4, 0,
- 12288, 12282, 6, 2, 12283, 12287, 2, 6, 1, 2,
- 12288, 2, 12283, 3, 12287, 3, 4, 0, 0, 12285,
- 0, 12288, 12287, 12284, 12286, 3, 1, 12286, 2, 0,
- 12287, 12286, 12286, 12288, 5, 2, 12288, 12286, 0, 12287,
- 0, 3, 2, 12287, 12286, 0, 1, 12287, 2, 0,
- 12286, 5, 12285, 12288, 12288, 12288, 12286, 4, 1, 12285,
- 12284, 12288, 12286, 1, 1, 12287, 2, 12286, 3, 2,
- 12283, 12283, 4, 2, 12283, 5, 0, 1, 0, 5,
- 12287, 1, 1, 0, 3, 10, 12287, 3, 12288, 12288,
- 12287, 2, 2, 0, 4, 12288, 12283, 12288, 1, 12287,
- 3, 0, 0, 1, 12288, 12284, 0, 12286, 12287, 0,
- 12287, 2, 1, 7, 12288, 12287, 0, 4, 12287, 12286,
- 3, 4, 12287, 12288, 12285, 12287, 12288, 12285, 12286, 7,
- 1, 1, 12288, 3, 12287, 3, 1, 4, 2, 5,
- 12282, 3, 0, 12286, 12288, 0, 12285, 0, 2, 3,
- 0, 12286, 3, 2, 12285, 0, 0, 12287, 1, 0,
- 0, 6, 2, 12287, 12284, 7, 5, 0, 1, 6,
- 2, 4, 1, 12286, 12288, 2, 12287, 3, 4, 12283,
- 0, 12288, 2, 2, 12286, 0, 2, 2, 12288, 12285,
- 12287, 12285, 12288, 0 }
- },
- { 0x01, 0x02, /* polynomial e'' */
- { 0x20, 0x37, 0x77, 0x8a, 0x9c, 0x19, 0xde, 0xf0, 0x65, 0x9e,
- 0x0f, 0xa5, 0xfc, 0x0e, 0x78, 0xfe, 0x55, 0x89, 0xc9, 0x88,
- 0x41, 0xa2, 0x5a, 0x1e, 0xa4, 0x66, 0xcd, 0x3a, 0x29, 0x42,
- 0xd1, 0x25, 0xf2, 0x84, 0xd7, 0xee, 0xd5, 0x53, 0x86, 0x5b,
- 0xa3, 0x93, 0x4e, 0xee, 0xc7, 0x5b, 0xe5, 0x52, 0x68, 0x19,
- 0xdf, 0x63, 0xfb, 0x91, 0x3d, 0xe9, 0x5d, 0xd6, 0xeb, 0x81,
- 0x3d, 0xac, 0xf1, 0xad },
- { 12286, 12286, 1, 12287, 1, 12286, 12287, 12287, 12284, 1,
- 12287, 2, 12284, 0, 2, 12288, 0, 1, 0, 12285,
- 12288, 4, 2, 12287, 12282, 12288, 12285, 12288, 2, 12288,
- 6, 7, 12286, 12286, 1, 4, 12287, 12287, 3, 1,
- 3, 3, 2, 12285, 0, 1, 12288, 1, 1, 12287,
- 0, 0, 1, 0, 12287, 12283, 12283, 12288, 12287, 0,
- 0, 2, 12286, 3, 3, 0, 12286, 12282, 3, 6,
- 3, 3, 12285, 1, 1, 12288, 1, 0, 12288, 0,
- 12287, 4, 1, 0, 12285, 12288, 1, 1, 1, 3,
- 12286, 0, 12288, 0, 12287, 12287, 3, 5, 1, 12287,
- 12287, 0, 0, 0, 12283, 0, 0, 12288, 0, 12287,
- 12286, 12284, 12286, 0, 12286, 3, 5, 12287, 0, 12287,
- 1, 3, 2, 6, 1, 12287, 1, 1, 12285, 4,
- 12282, 12288, 12288, 3, 2, 12287, 3, 3, 12288, 12286,
- 2, 5, 12288, 12287, 12288, 3, 0, 12283, 3, 3,
- 1, 0, 12288, 2, 2, 12287, 12286, 4, 12287, 12288,
- 0, 0, 12286, 1, 4, 4, 12286, 12287, 4, 12288,
- 2, 1, 1, 12288, 12287, 3, 12287, 12286, 12285, 12288,
- 4, 1, 0, 12287, 3, 12286, 12287, 4, 0, 12287,
- 12286, 12287, 3, 1, 1, 12285, 12287, 0, 12285, 2,
- 5, 2, 12285, 3, 2, 12285, 12287, 2, 0, 12288,
- 2, 5, 2, 12283, 1, 1, 0, 12286, 12288, 3,
- 1, 12286, 12283, 0, 1, 2, 2, 1, 12287, 12287,
- 4, 4, 1, 0, 0, 12288, 12287, 12284, 12284, 7,
- 0, 12288, 5, 4, 12288, 12288, 1, 0, 1, 1,
- 2, 12288, 12288, 5, 1, 0, 12287, 3, 3, 0,
- 1, 12288, 12288, 3, 12285, 12288, 3, 5, 4, 1,
- 12285, 12285, 12288, 12285, 12288, 12285, 4, 1, 3, 12285,
- 4, 0, 12288, 12286, 5, 12287, 12285, 12288, 4, 12288,
- 0, 12287, 12286, 0, 12286, 12283, 0, 12287, 12284, 1,
- 12288, 12288, 3, 12286, 1, 2, 12286, 3, 1, 12285,
- 12286, 12285, 0, 12285, 12288, 0, 2, 12283, 0, 1,
- 2, 1, 2, 3, 3, 12285, 0, 0, 0, 12288,
- 12283, 4, 12286, 2, 1, 3, 3, 12284, 2, 4,
- 3, 12286, 12282, 12286, 0, 12286, 12287, 3, 12288, 12288,
- 2, 12287, 12286, 3, 0, 12286, 1, 1, 0, 12287,
- 2, 0, 0, 1, 12286, 1, 0, 12283, 0, 12288,
- 2, 5, 12288, 12287, 2, 1, 12288, 2, 2, 5,
- 2, 12286, 12286, 2, 12284, 12287, 0, 12284, 0, 12284,
- 12286, 12286, 12288, 12287, 12287, 2, 1, 12287, 12287, 1,
- 5, 0, 0, 12288, 2, 12285, 6, 2, 12288, 12288,
- 12286, 2, 12285, 0, 0, 0, 12288, 3, 12286, 1,
- 1, 0, 3, 0, 12286, 12288, 12287, 3, 2, 12287,
- 12288, 1, 12288, 12282, 2, 0, 12288, 12286, 12285, 12281,
- 4, 1, 7, 12283, 12287, 12288, 1, 6, 0, 12288,
- 5, 1, 1, 12286, 12286, 0, 12287, 12285, 12287, 1,
- 12288, 12286, 12286, 12288, 2, 12287, 12287, 12288, 12286, 12288,
- 12282, 12284, 12286, 0, 12285, 12285, 3, 12288, 12287, 12288,
- 2, 0, 2, 0, 12288, 12286, 3, 12288, 12286, 12287,
- 1, 1, 1, 0, 5, 5, 12285, 12288, 3, 12286,
- 1, 2, 12285, 1, 4, 12288, 1, 4, 1, 3,
- 4, 12286, 0, 7, 2, 12288, 2, 12287, 0, 2,
- 12283, 12286, 0, 12288, 12286, 4, 1, 12284, 7, 12285,
- 0, 12284, 12287, 0, 0, 3, 4, 12284, 0, 1,
- 0, 1, 12285, 1, 12286, 12284, 12287, 0, 7, 1,
- 4, 12282, 12288, 0, 2, 12285, 12288, 12287, 12287, 12283,
- 0, 1, 3, 12285, 12286, 3, 12288, 12288, 12284, 12286,
- 12288, 1, 0, 2, 12287, 0, 12286, 4, 12288, 0,
- 12284, 0, 0, 2, 12286, 0, 0, 12286, 12287, 1,
- 12288, 0, 12284, 1, 12288, 12288, 1, 1, 12282, 12284,
- 12288, 12285, 12285, 12288, 1, 12286, 2, 0, 0, 12284,
- 2, 12288, 0, 0, 12285, 0, 3, 0, 0, 12285,
- 12286, 5, 3, 12287, 5, 2, 12287, 0, 1, 12286,
- 12287, 1, 12286, 1, 12288, 0, 0, 12282, 5, 12282,
- 12287, 12288, 12287, 1, 0, 3, 4, 6, 1, 1,
- 12287, 12284, 12286, 12287, 12286, 2, 1, 12288, 3, 0,
- 3, 0, 12286, 1, 0, 12288, 1, 12284, 4, 0,
- 4, 12288, 1, 4, 1, 12286, 4, 0, 2, 1,
- 1, 4, 12287, 2, 1, 12288, 4, 3, 2, 12287,
- 0, 1, 12287, 1, 12285, 12286, 2, 2, 0, 12286,
- 12287, 0, 12288, 12285, 5, 12288, 0, 0, 12288, 3,
- 12288, 0, 4, 0, 12288, 12286, 12287, 0, 0, 2,
- 12283, 0, 12281, 1, 1, 3, 4, 2, 12284, 5,
- 12288, 2, 3, 4, 12287, 3, 12288, 12287, 12288, 2,
- 12286, 2, 0, 12286, 12286, 5, 12288, 2, 12288, 7,
- 12286, 12286, 4, 12288, 12288, 12288, 5, 12287, 7, 12286,
- 12282, 2, 12284, 0, 12288, 0, 2, 12283, 2, 5,
- 4, 1, 12288, 12283, 5, 12288, 12288, 0, 0, 0,
- 6, 1, 12286, 6, 4, 12287, 2, 12288, 12287, 12286,
- 4, 5, 0, 1, 2, 1, 4, 12286, 1, 2,
- 1, 1, 0, 12288, 12282, 1, 1, 3, 12284, 12288,
- 0, 12287, 1, 12286, 12288, 6, 1, 5, 12287, 12285,
- 2, 12288, 12288, 12284, 0, 12287, 2, 3, 5, 1,
- 12286, 1, 12287, 0, 12284, 1, 5, 12283, 1, 1,
- 12287, 12283, 12288, 0, 12287, 3, 0, 12288, 12286, 12287,
- 8, 0, 0, 12288, 1, 3, 2, 3, 12287, 9,
- 2, 3, 4, 12288, 3, 0, 12288, 12283, 0, 0,
- 2, 4, 12287, 2, 12287, 12286, 12287, 2, 12287, 2,
- 3, 1, 3, 1, 0, 1, 1, 5, 3, 12285,
- 1, 12281, 12287, 12286, 1, 4, 12287, 12286, 12285, 4,
- 2, 0, 12288, 12288, 12286, 12287, 12288, 1, 3, 4,
- 0, 1, 12285, 4, 3, 12284, 1, 12288, 12285, 12288,
- 0, 12281, 12288, 12285, 12285, 1, 12284, 12286, 12287, 0,
- 0, 12287, 1, 12282, 4, 4, 12288, 1, 4, 12286,
- 5, 4, 1, 5, 3, 1, 0, 6, 12288, 0,
- 12288, 2, 12286, 12287, 6, 0, 12288, 0, 12287, 1,
- 4, 0, 12282, 4, 1, 12286, 1, 12282, 3, 12285,
- 12283, 12286, 12288, 4, 12284, 12286, 12286, 0, 12286, 0,
- 0, 1, 12286, 1, 1, 4, 12284, 0, 3, 2,
- 12288, 1, 2, 12287, 2, 1, 12288, 0, 1, 2,
- 12286, 0, 6, 12285, 0, 1, 4, 0, 0, 3,
- 2, 12287, 12285, 7, 1, 3, 1, 0, 12286, 12288,
- 0, 12287, 1, 12286 }
- }
-};
-
-START_TEST(test_newhope_noise_uniform)
-{
- newhope_noise_t *noise;
- uint8_t seed_buf[seed_len], *uniform;
- chunk_t seed = { seed_buf, seed_len };
-
- memset(seed_buf, 0x00, seed_len - 1);
- seed_buf[seed_len - 1] = noises[_i].key;
-
- noise = newhope_noise_create(seed);
- ck_assert(noise != NULL);
- uniform = noise->get_uniform_bytes(noise, noises[_i].nonce, 64);
- ck_assert(uniform != NULL);
- ck_assert(memeq(uniform, noises[_i].uniform, 64));
- free(uniform);
- noise->destroy(noise);
-}
-END_TEST
-
-START_TEST(test_newhope_noise_poly)
-{
- newhope_noise_t *noise;
- uint8_t seed_buf[seed_len];
- uint32_t *poly;
- int i;
- chunk_t seed = { seed_buf, seed_len };
-
- memset(seed_buf, 0x00, seed_len - 1);
- seed_buf[seed_len - 1] = noises[_i].key;
-
- noise = newhope_noise_create(seed);
- ck_assert(noise != NULL);
- poly = noise->get_binomial_words(noise, noises[_i].nonce, n, q);
- ck_assert(poly != NULL);
- for (i = 0; i < n; i++)
- {
- ck_assert(poly[i] == noises[_i].poly[i]);
- }
- free(poly);
- noise->destroy(noise);
-}
-END_TEST
-
-static size_t seed_lengths[] = { 0, 1, 31, 33 };
-
-START_TEST(test_newhope_noise_fail)
-{
- newhope_noise_t *noise;
- chunk_t seed;
-
- seed = chunk_alloc(seed_lengths[_i]);
- memset(seed.ptr, 0x00, seed.len);
-
- noise = newhope_noise_create(seed);
- ck_assert(noise == NULL);
- chunk_free(&seed);
-}
-END_TEST
-
-Suite *newhope_noise_suite_create()
-{
- Suite *s;
- TCase *tc;
-
- s = suite_create("newhope_noise");
-
- tc = tcase_create("noise_uniform");
- tcase_add_loop_test(tc, test_newhope_noise_uniform, 0, countof(noises));
- suite_add_tcase(s, tc);
-
- tc = tcase_create("noise_poly");
- tcase_add_loop_test(tc, test_newhope_noise_poly, 0, countof(noises));
- suite_add_tcase(s, tc);
-
- tc = tcase_create("noise_fail");
- tcase_add_loop_test(tc, test_newhope_noise_fail, 0, countof(seed_lengths));
- suite_add_tcase(s, tc);
-
- return s;
-}
+++ /dev/null
-/*
- * Copyright (C) 2016 Andreas Steffen
- *
- * Copyright (C) secunet Security Networks AG
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "test_suite.h"
-
-#include <newhope_reconciliation.h>
-
-#include <library.h>
-
-static const uint16_t n = 1024;
-static const uint16_t q = 12289;
-
-static uint32_t r_v[] = {
- 7832, 2714, 1942, 12135, 6869, 11272, 11601, 1783, 9639, 1465,
- 4603, 8158, 1418, 6162, 3907, 6653, 1091, 3026, 4540, 4797,
- 2751, 29, 768, 5580, 1304, 5262, 1644, 11294, 12257, 10466,
- 170, 8458, 7185, 6850, 8790, 11277, 10980, 5507, 10693, 9766,
- 7230, 3980, 796, 11125, 8042, 9022, 10207, 7577, 5041, 192,
- 10308, 7905, 8520, 3814, 3372, 11772, 11290, 418, 2744, 4782,
- 3072, 10921, 10721, 6100, 1021, 7943, 7426, 2142, 6618, 757,
- 5033, 9336, 9332, 3410, 6613, 11776, 1525, 9567, 5371, 1290,
- 3685, 11054, 11228, 10703, 70, 11215, 8992, 2855, 2962, 10104,
- 10083, 8146, 7599, 3428, 4316, 10056, 1245, 9776, 7867, 1381,
- 6540, 11273, 6626, 3708, 5348, 4521, 3760, 1771, 12037, 2681,
- 3044, 10226, 5133, 5013, 7851, 7187, 1965, 6776, 223, 3003,
- 4800, 10128, 9592, 8917, 10664, 7076, 2081, 5621, 2694, 8245,
- 10979, 929, 10593, 10429, 6890, 6222, 5891, 6633, 12124, 1508,
- 508, 9650, 2480, 10302, 3958, 4519, 5309, 8675, 6963, 5281,
- 8265, 4851, 7173, 2537, 1176, 259, 6422, 6782, 1429, 7231,
- 4948, 8137, 11341, 12090, 5395, 8087, 3098, 6724, 7462, 9973,
- 149, 7331, 562, 9753, 1227, 768, 7520, 12107, 6199, 6503,
- 9876, 306, 3876, 1903, 6306, 10288, 10184, 9401, 68, 5246,
- 630, 10136, 133, 12082, 648, 8537, 3896, 4482, 12011, 5407,
- 5305, 4301, 6551, 714, 5902, 11915, 3121, 5428, 5441, 5140,
- 10139, 2091, 875, 9478, 11576, 8663, 10514, 1018, 8780, 6445,
- 2501, 4204, 1276, 7474, 10594, 3808, 4367, 11469, 4875, 1899,
- 9136, 1507, 6235, 6367, 3851, 7341, 9925, 4629, 9588, 3150,
- 4739, 6109, 4850, 9944, 11565, 4995, 8383, 9623, 6248, 3020,
- 1730, 3368, 3431, 8617, 6478, 7182, 8720, 1927, 6493, 9285,
- 9779, 2800, 3730, 1754, 3772, 3124, 7569, 10008, 9240, 2493,
- 4402, 5851, 2050, 8630, 5054, 8421, 1536, 7671, 5467, 9075,
- 5881, 4355, 4554, 11354, 4048, 10335, 11033, 4252, 2558, 4363,
- 10448, 327, 1675, 4755, 8227, 7705, 398, 10398, 9913, 4129,
- 6571, 10743, 280, 6634, 796, 7264, 3916, 11349, 1415, 1187,
- 692, 9980, 1647, 4267, 1001, 12229, 6040, 268, 1308, 531,
- 3141, 7209, 1941, 4684, 10261, 1415, 8381, 4919, 11450, 1494,
- 8237, 11023, 3380, 4448, 10101, 9232, 11040, 7799, 4958, 741,
- 2234, 10436, 11442, 5073, 2908, 2355, 31, 7222, 5457, 3746,
- 8920, 122, 8960, 5708, 1750, 11161, 4847, 3199, 7954, 2151,
- 9419, 11678, 8997, 12016, 9690, 9605, 10718, 3735, 1617, 9574,
- 10384, 11604, 9311, 687, 7145, 11891, 6529, 5052, 1342, 8735,
- 7644, 6062, 6338, 8563, 2502, 5284, 220, 5224, 3771, 11067,
- 11609, 2972, 3799, 2566, 7488, 6369, 7704, 6095, 3598, 12112,
- 8545, 2026, 746, 3206, 2814, 8740, 1491, 5950, 8413, 4043,
- 12036, 6082, 4131, 1941, 6942, 9396, 11267, 8912, 7344, 10371,
- 9205, 9520, 12038, 4345, 8024, 10999, 8408, 4673, 6682, 8893,
- 8668, 10099, 7658, 11896, 4276, 2042, 10707, 9793, 3152, 11961,
- 3269, 5512, 5736, 5938, 9457, 10439, 10777, 6656, 3174, 9043,
- 6046, 2519, 11912, 5244, 6214, 2071, 11317, 5285, 891, 6184,
- 3819, 1563, 1474, 654, 5147, 2380, 10760, 4816, 3378, 1414,
- 7784, 10067, 1809, 6320, 4789, 9359, 2747, 9424, 9074, 9473,
- 3300, 6244, 104, 7612, 1105, 4276, 573, 1988, 923, 12047,
- 7948, 4860, 3949, 4971, 6956, 2831, 2034, 289, 10946, 6970,
- 3191, 5122, 2175, 1300, 6198, 256, 6433, 11646, 9119, 9723,
- 1046, 5967, 1124, 6449, 2817, 692, 4649, 3089, 5050, 11261,
- 2220, 3052, 12012, 10110, 1394, 2877, 10089, 11696, 4462, 5504,
- 66, 2500, 5384, 7461, 5712, 8649, 9536, 7670, 2385, 3469,
- 782, 2876, 7772, 6118, 142, 5396, 10951, 10556, 3450, 10602,
- 1604, 7909, 3323, 39, 10258, 2262, 7113, 11313, 10203, 10846,
- 9275, 4316, 965, 6006, 4458, 7926, 3171, 1797, 4659, 5336,
- 5543, 250, 9230, 10720, 11970, 4511, 4311, 11763, 1283, 4044,
- 2643, 3744, 4490, 5984, 8868, 8760, 11738, 6037, 9164, 7601,
- 7544, 11117, 7322, 2081, 4034, 10791, 11491, 7027, 1615, 5338,
- 8528, 3424, 2126, 927, 1650, 6068, 3812, 10958, 7574, 11032,
- 6954, 6132, 2598, 9458, 11346, 1974, 3273, 1040, 10331, 8587,
- 11017, 6864, 8246, 5328, 11330, 6779, 8761, 4342, 4595, 8610,
- 161, 4622, 6411, 10708, 7896, 11431, 12097, 9500, 3376, 9561,
- 10730, 2248, 3069, 1434, 8838, 566, 6397, 5881, 4956, 4203,
- 8362, 6047, 3484, 4784, 9901, 8989, 862, 8817, 12186, 9876,
- 9748, 1905, 5696, 9028, 5721, 2940, 10235, 2326, 2134, 6167,
- 1019, 10851, 1253, 5588, 9149, 6532, 3959, 11598, 4068, 3299,
- 8264, 9787, 7089, 2829, 6755, 6156, 455, 5900, 2839, 5921,
- 2140, 7428, 2688, 11175, 9247, 6727, 11711, 1762, 6244, 3336,
- 2308, 9922, 7883, 7007, 10890, 7013, 8452, 2743, 1482, 6927,
- 7846, 6128, 5114, 4868, 7487, 4584, 6785, 460, 6747, 8894,
- 9855, 12242, 3365, 1450, 6614, 3974, 5200, 3247, 2779, 8695,
- 828, 10940, 2304, 376, 3027, 3898, 10351, 1879, 10262, 2512,
- 5487, 4280, 10297, 8480, 9481, 7905, 197, 8361, 4927, 705,
- 9671, 6722, 2589, 8772, 1078, 333, 8696, 6267, 7420, 4471,
- 8994, 5038, 5318, 1846, 2574, 8779, 10724, 825, 7399, 7073,
- 4422, 8385, 5171, 8849, 11344, 10735, 8483, 2241, 11738, 6581,
- 10699, 2777, 6531, 4678, 7608, 10871, 3501, 9239, 7252, 11828,
- 7873, 9606, 4526, 5958, 8505, 11233, 9638, 2421, 5652, 3095,
- 9049, 11347, 6274, 1405, 11114, 11208, 5703, 10774, 3011, 11633,
- 5741, 9601, 5507, 4527, 3501, 5707, 8698, 178, 12091, 325,
- 6056, 635, 3772, 12169, 10509, 6528, 3573, 3675, 3389, 3161,
- 1148, 2687, 3509, 6639, 10452, 11804, 5355, 1085, 9580, 7106,
- 1396, 8279, 4881, 3402, 7803, 8801, 6142, 7623, 4386, 9291,
- 1502, 500, 11809, 6655, 2674, 10061, 1650, 5422, 8936, 10011,
- 1193, 9619, 1435, 8285, 4038, 9984, 9732, 4477, 1251, 7106,
- 7817, 10062, 3378, 5608, 2395, 2563, 1957, 3768, 4160, 7267,
- 11631, 2171, 4771, 6927, 4330, 10482, 6204, 11022, 7895, 1924,
- 3648, 1991, 6628, 10136, 2916, 5416, 7827, 1479, 2312, 9991,
- 7915, 5431, 10911, 10979, 4527, 436, 10521, 5725, 2201, 10198,
- 662, 1691, 8867, 10008, 9359, 5291, 567, 5725, 10329, 4772,
- 2813, 7323, 5646, 1861, 9922, 1831, 9356, 1219, 4107, 9999,
- 4569, 9092, 833, 1602, 4258, 1443, 1484, 4036, 5415, 3767,
- 9992, 412, 9343, 2251, 10513, 9067, 1494, 11893, 744, 1978,
- 11259, 3614, 7459, 5254, 4232, 5148, 4119, 11550, 6425, 4933,
- 4292, 10521, 9657, 9632, 4613, 7738, 5561, 8806, 3501, 3731,
- 11329, 2693, 11581, 6393, 10176, 10773, 1790, 1809, 9186, 12085,
- 5418, 7223, 1077, 1527, 10917, 4236, 7668, 11754, 6655, 7696,
- 1809, 11512, 3618, 5857, 7512, 1044, 7970, 6825, 4897, 2870,
- 126, 8619, 10445, 3883, 4238, 4051, 399, 1580, 9893, 11046,
- 2955, 6520, 5435, 1891, 1254, 12135, 4122, 10512, 11960, 6196,
- 3443, 10118, 1689, 10877
-};
-
-static uint32_t i_v[] = {
- 8355, 2010, 1416, 12110, 6361, 11296, 11668, 1446, 9822, 947,
- 5422, 8211, 1824, 6158, 3458, 6435, 685, 2707, 4804, 4929,
- 3204, 12158, 674, 5703, 1125, 5085, 1358, 10956, 12216, 11164,
- 12112, 8359, 7018, 7038, 9099, 11789, 10574, 5991, 10736, 9335,
- 7898, 4429, 587, 11156, 7912, 9063, 9673, 6792, 5530, 648,
- 10203, 7284, 7935, 4177, 3514, 11488, 10998, 12254, 2913, 4827,
- 2446, 10965, 10718, 5569, 1023, 8150, 7440, 1928, 6384, 802,
- 4726, 9738, 10374, 3842, 6761, 11788, 1133, 9413, 5818, 1099,
- 3710, 11315, 11667, 10285, 12431, 11195, 9193, 2842, 2267, 9902,
- 10076, 7409, 6751, 3748, 4487, 9961, 1547, 10060, 7443, 1276,
- 6827, 10798, 6323, 4038, 5508, 4006, 3300, 1774, 255, 2688,
- 3238, 10275, 4911, 5648, 7842, 7506, 1769, 6425, 195, 3176,
- 4455, 10337, 9451, 8912, 10445, 7646, 2837, 5109, 3033, 8668,
- 10295, 744, 10869, 10204, 6825, 6326, 6299, 7208, 11886, 1246,
- 704, 9626, 2538, 10932, 3903, 4545, 5111, 9006, 6698, 5008,
- 8464, 4679, 7230, 2223, 707, 705, 6592, 6207, 1114, 7645,
- 5374, 7595, 11064, 746, 5585, 8248, 2921, 7004, 6595, 9985,
- 506, 7147, 793, 9605, 596, 962, 8223, 11771, 6438, 6663,
- 9519, 12013, 4302, 2216, 6633, 10351, 10096, 9645, 347, 4601,
- 596, 10448, 12051, 12376, 1544, 8939, 5114, 4052, 11408, 5947,
- 5368, 4270, 6747, 423, 6283, 11211, 2574, 5974, 5533, 5143,
- 9757, 2155, 729, 9776, 11989, 8808, 11057, 1519, 9187, 5996,
- 2966, 3865, 1409, 8023, 10648, 4397, 5082, 10832, 4769, 2068,
- 9226, 1790, 5911, 6534, 3780, 7312, 9388, 5014, 9054, 3445,
- 4659, 6203, 5234, 9490, 11060, 4214, 8978, 9789, 6201, 3088,
- 1988, 3057, 3762, 8725, 7322, 7583, 8233, 1394, 6534, 9221,
- 9736, 2738, 3837, 2595, 4012, 3674, 7505, 10231, 8080, 2402,
- 3977, 5928, 1942, 8421, 5507, 8422, 1238, 6909, 5800, 9613,
- 6083, 4382, 4669, 11670, 4032, 10762, 11623, 4387, 3728, 4656,
- 9701, 722, 1255, 4495, 8158, 7762, 792, 10307, 9813, 3904,
- 6081, 11003, 12045, 6718, 1089, 7327, 4381, 11188, 943, 1740,
- 563, 10251, 756, 5027, 848, 325, 6547, 12288, 1222, 12189,
- 3641, 7314, 2049, 5254, 10043, 1068, 7906, 4741, 11639, 1981,
- 7660, 10911, 2746, 4536, 10068, 9700, 11057, 8114, 5556, 253,
- 2292, 10686, 11848, 5306, 3092, 2570, 12167, 7101, 5245, 3463,
- 8627, 12513, 9010, 5356, 1633, 10462, 4545, 3614, 7245, 1887,
- 9738, 11902, 8716, 12035, 9958, 9421, 11063, 3759, 883, 9754,
- 10730, 11706, 9132, 540, 6726, 11382, 7038, 4407, 1225, 8606,
- 7689, 5894, 6553, 7908, 2454, 4939, 613, 5811, 3580, 11792,
- 11364, 3153, 3698, 2604, 7470, 6053, 7699, 6018, 4289, 11497,
- 8580, 2249, 718, 2444, 2972, 8812, 1710, 6317, 8718, 4194,
- 12288, 5837, 3698, 2216, 7402, 9045, 11194, 8500, 7238, 10686,
- 9409, 9867, 12264, 3859, 7673, 11659, 8496, 4618, 6465, 8811,
- 9114, 10740, 7738, 11850, 4142, 2493, 11136, 9623, 3071, 11701,
- 2925, 5043, 6151, 6221, 9642, 10846, 11145, 6315, 3741, 9123,
- 5131, 2585, 11337, 4786, 5844, 1485, 11505, 5205, 797, 5955,
- 3717, 1756, 1551, 1122, 5057, 2585, 10857, 5129, 3557, 1254,
- 7750, 9688, 2462, 6415, 4345, 9460, 2957, 8793, 9210, 9242,
- 3487, 6506, 11888, 7563, 1078, 4486, 406, 2261, 867, 11965,
- 7979, 4533, 3654, 4747, 6636, 3166, 2114, 380, 9715, 7132,
- 2982, 5024, 1817, 1231, 6210, 12377, 6280, 10882, 9937, 9587,
- 633, 5668, 899, 6176, 2431, 956, 5022, 3094, 4658, 11168,
- 2989, 2654, 11990, 10494, 1691, 3017, 10044, 11882, 4020, 5342,
- 11911, 2426, 5748, 7592, 6340, 9214, 9357, 7169, 2109, 3210,
- 415, 3024, 7791, 5684, 246, 5134, 11335, 10092, 3133, 10427,
- 1502, 7739, 3272, 169, 9521, 2550, 7327, 11309, 10815, 10146,
- 9157, 4579, 1022, 6447, 4233, 8488, 2958, 1715, 4215, 4965,
- 5728, 551, 8942, 10845, 11881, 4472, 4331, 304, 1183, 3798,
- 1968, 3993, 4889, 6145, 8841, 8816, 11283, 6578, 9212, 8161,
- 7003, 11574, 7764, 1678, 4138, 10444, 11880, 7101, 1390, 4743,
- 8320, 3026, 2338, 1203, 1562, 6502, 3103, 10770, 7608, 11097,
- 6745, 6037, 2926, 9489, 10782, 1853, 3482, 524, 11063, 8299,
- 11092, 6838, 7779, 4598, 11245, 7274, 8908, 3886, 4440, 8651,
- 11949, 5344, 6954, 11015, 8333, 11347, 12677, 8716, 3514, 9892,
- 10366, 2029, 2875, 1540, 9013, 250, 6393, 5618, 4565, 3687,
- 8340, 6420, 3632, 5032, 9408, 9738, 961, 8653, 12315, 10459,
- 9883, 2074, 5357, 9341, 4850, 2514, 9746, 2605, 2394, 5928,
- 808, 10443, 1589, 5673, 9176, 6593, 3404, 12254, 4230, 3630,
- 7958, 10065, 7471, 2432, 6626, 6517, 382, 6131, 2888, 5440,
- 1571, 7341, 2841, 11202, 9462, 7180, 11206, 1433, 6183, 3882,
- 2105, 9906, 8076, 7074, 10572, 7262, 8456, 2979, 1095, 6891,
- 8025, 5914, 5380, 4300, 7363, 4989, 6788, 1043, 6836, 8710,
- 10099, 12310, 3997, 2102, 7002, 4041, 4948, 2601, 2958, 8665,
- 984, 10820, 1940, 541, 3377, 3533, 9357, 2049, 10721, 2732,
- 5355, 4280, 10281, 8056, 9557, 7749, 611, 8255, 4854, 708,
- 9199, 7033, 2582, 8343, 820, 944, 8651, 5547, 7052, 4723,
- 8972, 5594, 5314, 1938, 2539, 8789, 10341, 12368, 7475, 6903,
- 4436, 8346, 5391, 8336, 10864, 10397, 8517, 2078, 12127, 6612,
- 10511, 2970, 6576, 5166, 7744, 10934, 3186, 9515, 6831, 12085,
- 7284, 9791, 4755, 6341, 8713, 11526, 9392, 2122, 5743, 2776,
- 9581, 11396, 7006, 1465, 11235, 10997, 5776, 10401, 2929, 11732,
- 5847, 9512, 6068, 3934, 3730, 5813, 9195, 410, 11698, 896,
- 6321, 1310, 3478, 11649, 10201, 6850, 3612, 3451, 3569, 3266,
- 747, 3151, 3352, 6497, 10445, 11501, 5306, 1026, 9712, 7294,
- 813, 8005, 5090, 2905, 7903, 8358, 6290, 7756, 3955, 9471,
- 1858, 699, 11847, 7292, 2165, 10556, 1038, 5289, 8693, 9698,
- 1702, 10228, 1412, 8681, 3330, 10042, 8888, 4257, 1201, 7422,
- 7956, 10019, 3011, 5956, 2188, 2407, 1986, 3847, 4345, 7427,
- 12091, 1763, 3885, 6731, 4172, 10828, 6129, 10972, 7878, 2189,
- 3988, 2125, 6536, 10663, 3100, 5129, 7656, 1053, 2303, 10149,
- 8087, 5666, 11151, 10962, 4905, 779, 10113, 5451, 1509, 9590,
- 735, 1626, 8419, 10607, 9293, 5778, 907, 5527, 10408, 5454,
- 2266, 7131, 6332, 2055, 10105, 1188, 9842, 2059, 4417, 10026,
- 4339, 9779, 680, 1731, 4958, 1589, 1866, 3797, 5058, 3735,
- 9899, 543, 9330, 2436, 10757, 9010, 1270, 12232, 1122, 2222,
- 10945, 3733, 7454, 5251, 4185, 5118, 4331, 12022, 5900, 4767,
- 4393, 10252, 9957, 9653, 4674, 7705, 5694, 9123, 3882, 3137,
- 11627, 2712, 11985, 6346, 9990, 10760, 1869, 1778, 8899, 12168,
- 5207, 7250, 1088, 1131, 11567, 4337, 8286, 11660, 7152, 8010,
- 2286, 11335, 2984, 5740, 7114, 806, 7579, 7119, 5122, 2917,
- 541, 7913, 10555, 3684, 4720, 3954, 517, 1526, 9712, 10854,
- 1921, 6897, 4704, 2141, 1602, 11880, 4548, 10569, 11521, 6408,
- 3609, 9752, 1960, 10934
-};
-
-static uint8_t rbits[] = {
- 0x3f, 0xff, 0xaf, 0x0f, 0x6b, 0xb2, 0xb8, 0x46, 0x53, 0x44,
- 0x95, 0x98, 0x0a, 0x85, 0x0c, 0xfc, 0xc4, 0x86, 0xcc, 0x69,
- 0xc6, 0xd9, 0xfa, 0xee, 0x19, 0xa6, 0x34, 0x0f, 0x35, 0xc4,
- 0xdc, 0x08
-};
-
-static uint8_t r_ref[] = {
- 0, 3, 3, 1, 1, 1, 0, 1, 0, 3, 2, 0, 1, 1, 3, 0, 2, 1, 0, 3,
- 2, 1, 2, 3, 3, 0, 2, 0, 1, 3, 3, 2, 3, 3, 0, 3, 0, 2, 2, 0,
- 1, 1, 2, 0, 1, 1, 2, 1, 3, 0, 0, 3, 1, 1, 0, 0, 0, 2, 0, 1,
- 0, 2, 3, 1, 3, 0, 3, 1, 0, 0, 2, 1, 3, 3, 1, 3, 2, 1, 0, 2,
- 0, 0, 3, 3, 0, 1, 2, 2, 0, 1, 0, 3, 2, 2, 1, 1, 3, 0, 3, 3,
- 2, 2, 0, 2, 1, 0, 0, 0, 3, 0, 3, 1, 2, 1, 1, 0, 3, 3, 2, 1,
- 3, 3, 2, 2, 1, 3, 0, 0, 2, 2, 3, 1, 1, 2, 2, 2, 0, 2, 0, 2,
- 0, 0, 1, 2, 2, 2, 3, 1, 2, 0, 3, 0, 1, 3, 2, 3, 3, 1, 1, 2,
- 0, 0, 2, 1, 2, 2, 0, 2, 2, 2, 2, 1, 1, 3, 1, 3, 3, 1, 2, 2,
- 3, 0, 1, 0, 0, 2, 2, 1, 3, 2, 2, 2, 3, 1, 1, 0, 0, 3, 2, 3,
- 0, 0, 3, 3, 2, 2, 2, 2, 1, 1, 0, 1, 2, 1, 3, 2, 0, 3, 0, 2,
- 3, 3, 3, 3, 2, 3, 3, 3, 3, 2, 1, 0, 2, 3, 2, 1, 2, 0, 3, 0,
- 2, 2, 1, 1, 2, 1, 2, 0, 1, 2, 1, 3, 0, 0, 2, 3, 0, 3, 1, 0,
- 2, 2, 2, 1, 2, 0, 3, 1, 0, 0, 3, 0, 2, 3, 1, 0, 2, 3, 3, 0,
- 0, 0, 3, 0, 2, 3, 2, 0, 2, 2, 1, 0, 1, 2, 1, 3, 3, 3, 1, 2,
- 1, 2, 3, 1, 1, 2, 2, 0, 3, 0, 3, 3, 1, 3, 3, 3, 1, 3, 0, 3,
- 0, 0, 1, 2, 1, 0, 3, 0, 0, 2, 1, 3, 3, 3, 1, 1, 2, 3, 1, 0,
- 1, 1, 3, 3, 0, 3, 1, 3, 1, 2, 2, 2, 1, 3, 1, 2, 1, 3, 0, 1,
- 2, 2, 2, 3, 3, 2, 2, 3, 1, 2, 2, 1, 2, 1, 0, 0, 0, 1, 3, 2,
- 0, 3, 1, 1, 2, 1, 3, 2, 3, 2, 0, 1, 0, 1, 3, 0, 2, 3, 1, 3,
- 0, 1, 1, 3, 1, 1, 1, 0, 2, 3, 2, 1, 2, 0, 3, 3, 2, 0, 1, 0,
- 3, 3, 3, 1, 2, 2, 1, 0, 3, 3, 0, 2, 3, 1, 1, 1, 3, 3, 1, 3,
- 3, 0, 1, 0, 2, 0, 1, 1, 0, 0, 3, 2, 2, 3, 0, 2, 2, 0, 1, 1,
- 1, 3, 1, 1, 1, 0, 1, 2, 3, 2, 2, 3, 1, 1, 3, 3, 3, 1, 2, 0,
- 0, 0, 2, 2, 2, 3, 2, 0, 0, 1, 3, 0, 0, 0, 2, 0, 1, 0, 3, 0,
- 3, 1, 0, 1, 1, 1, 2, 2, 2, 0, 0, 2, 2, 0, 3, 1, 0, 2, 2, 0,
- 2, 0, 0, 1, 1, 0, 1, 2, 3, 2, 3, 2, 3, 3, 3, 0, 2, 1, 2, 2,
- 1, 0, 1, 1, 1, 2, 1, 3, 2, 0, 3, 3, 0, 0, 1, 1, 1, 2, 2, 2,
- 0, 1, 1, 2, 0, 2, 0, 1, 2, 0, 1, 3, 2, 2, 3, 0, 0, 1, 1, 2,
- 3, 1, 2, 0, 3, 0, 2, 1, 0, 0, 0, 1, 1, 1, 1, 3, 0, 0, 0, 3,
- 2, 3, 2, 1, 0, 3, 1, 1, 1, 1, 3, 0, 0, 1, 1, 1, 0, 3, 2, 2,
- 3, 1, 1, 3, 0, 1, 1, 3, 0, 3, 2, 2, 0, 3, 1, 3, 1, 0, 0, 1,
- 1, 0, 0, 1, 0, 3, 2, 2, 0, 1, 3, 0, 1, 3, 3, 2, 1, 3, 1, 1,
- 3, 3, 2, 1, 1, 3, 1, 0, 2, 1, 1, 3, 3, 3, 1, 3, 1, 3, 0, 1,
- 2, 2, 0, 3, 3, 2, 1, 1, 1, 3, 0, 2, 0, 3, 3, 1, 2, 3, 1, 3,
- 0, 0, 0, 1, 3, 3, 0, 2, 3, 0, 1, 3, 0, 0, 3, 0, 2, 2, 3, 3,
- 3, 3, 2, 1, 0, 3, 1, 1, 1, 2, 2, 0, 3, 2, 0, 2, 2, 3, 1, 0,
- 3, 3, 1, 2, 3, 0, 1, 1, 0, 3, 3, 1, 1, 3, 0, 2, 1, 2, 2, 2,
- 2, 3, 2, 3, 0, 0, 3, 1, 1, 0, 3, 2, 3, 2, 3, 3, 2, 2, 3, 1,
- 3, 2, 1, 0, 1, 0, 2, 2, 1, 3, 1, 2, 3, 3, 1, 3, 2, 1, 3, 2,
- 2, 3, 1, 1, 3, 3, 3, 3, 2, 0, 0, 3, 3, 3, 2, 3, 2, 0, 3, 0,
- 3, 1, 2, 0, 3, 0, 2, 2, 2, 3, 1, 2, 2, 1, 3, 3, 0, 1, 3, 0,
- 0, 1, 3, 2, 1, 1, 0, 1, 3, 3, 1, 1, 0, 1, 2, 2, 2, 0, 2, 3,
- 1, 2, 1, 1, 3, 2, 3, 3, 1, 0, 1, 3, 2, 3, 2, 2, 1, 2, 3, 1,
- 3, 2, 3, 1, 3, 3, 0, 3, 1, 1, 3, 2, 1, 2, 2, 0, 1, 1, 2, 3,
- 1, 3, 0, 0, 3, 0, 3, 0, 1, 2, 0, 2, 2, 3, 2, 0, 0, 0, 3, 0,
- 2, 0, 0, 2, 2, 2, 3, 1, 3, 2, 3, 2, 0, 1, 2, 1, 1, 3, 0, 3,
- 2, 0, 2, 2, 3, 2, 1, 0, 1, 1, 0, 2, 0, 3, 2, 0, 2, 3, 1, 3,
- 2, 2, 2, 2, 3, 1, 0, 2, 3, 3, 3, 2, 0, 0, 3, 3, 1, 2, 2, 3,
- 0, 1, 1, 1, 3, 2, 1, 0, 0, 1, 2, 3, 3, 0, 1, 1, 1, 1, 0, 1,
- 0, 2, 3, 3, 3, 3, 0, 2, 3, 0, 1, 0, 0, 1, 1, 3, 2, 2, 0, 0,
- 2, 2, 1, 3
-};
-
-static chunk_t shared_secret = chunk_from_chars(
- 0x14, 0x22, 0x06, 0xe3, 0x48, 0xf3, 0xfa, 0xfc, 0x21, 0x0d,
- 0x5d, 0x51, 0x19, 0x7f, 0x16, 0x4e, 0xe6, 0xd3, 0x10, 0xa9,
- 0xf5, 0xab, 0xfc, 0x96, 0x11, 0x1b, 0xc3, 0x4a, 0x89, 0xf9,
- 0x66, 0x55
-);
-
-START_TEST(test_newhope_rec_good)
-{
- newhope_reconciliation_t *rec;
- chunk_t i_shared_secret, r_shared_secret;
- uint8_t *r;
-
- rec = newhope_reconciliation_create(n, q);
- ck_assert(rec != NULL);
-
- r = rec->help_reconcile(rec, r_v, rbits);
- ck_assert(memeq(r, r_ref, n));
-
- r_shared_secret = rec->reconcile(rec, r_v, r);
- ck_assert(chunk_equals(r_shared_secret, shared_secret));
-
- i_shared_secret = rec->reconcile(rec, i_v, r);
- ck_assert(chunk_equals(i_shared_secret, shared_secret));
-
- /* cleanup */
- rec->destroy(rec);
- chunk_free(&i_shared_secret);
- chunk_free(&r_shared_secret);
- free(r);
-}
-END_TEST
-
-Suite *newhope_reconciliation_suite_create()
-{
- Suite *s;
- TCase *tc;
-
- s = suite_create("newhope_reconciliation");
-
- tc = tcase_create("rec_good");
- tcase_add_test(tc, test_newhope_rec_good);
- suite_add_tcase(s, tc);
-
- return s;
-}
--enable-ntru \
--enable-lookip \
--enable-sha3 \
- --enable-newhope \
--enable-frodo \
--enable-systemd \
--enable-counters \
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
+ load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
}
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
+ load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
}
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
+ load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
integrity_test = yes
}
charon-systemd {
- load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
+ load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
}
}
charon-systemd {
- load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
+ load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
}
}
charon-systemd {
- load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
+ load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
integrity_test = yes
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = random drbg nonce aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru newhope pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown
+ load = random drbg nonce aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown
}
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = random drbg nonce aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru newhope pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown
+ load = random drbg nonce aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown
}
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = random drbg nonce test-vectors aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru newhope pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown
+ load = random drbg nonce test-vectors aes des sha1 sha2 sha3 md5 chapoly mgf1 curve25519 ntru pem pkcs1 pkcs8 gmp x509 curl revocation hmac kdf xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown
integrity_test = yes
crypto_test {
}
charon-systemd {
- load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
+ load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
}
}
charon-systemd {
- load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
+ load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
}
}
charon-systemd {
- load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
+ load = random drbg nonce test-vectors aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
integrity_test = yes
}
charon-systemd {
- load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp newhope mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
+ load = random drbg nonce aes des md5 sha1 sha2 sha3 chapoly pem pkcs1 pkcs8 curve25519 gmp mgf1 ntru x509 curl revocation hmac kdf xcbc ctr ccm gcm vici kernel-netlink socket-default updown
}
projects / thirdparty / strongswan.git / commitdiff
