diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/ntt.c b/crypto/dilithium/pqcrystals_dilithium_ref_common/ntt.c index 76abf2e24b..074a8cda84 100644 --- a/crypto/dilithium/pqcrystals_dilithium_ref_common/ntt.c +++ b/crypto/dilithium/pqcrystals_dilithium_ref_common/ntt.c @@ -39,7 +39,7 @@ static const int32_t zetas[ML_DSA_N] = { }; /************************************************* -* Name: ntt +* Name: ml_dsa_ntt * * Description: FIPS 204: Algorithm 41. * Forward NTT, in-place. No modular reduction is performed after @@ -47,7 +47,7 @@ static const int32_t zetas[ML_DSA_N] = { * * Arguments: - uint32_t p[N]: input/output coefficient array **************************************************/ -void ntt(int32_t a[ML_DSA_N]) { +void ml_dsa_ntt(int32_t a[ML_DSA_N]) { unsigned int len, start, j, k; int32_t zeta, t; diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/ntt.h b/crypto/dilithium/pqcrystals_dilithium_ref_common/ntt.h index 96b3b017de..2dd56181a8 100644 --- a/crypto/dilithium/pqcrystals_dilithium_ref_common/ntt.h +++ b/crypto/dilithium/pqcrystals_dilithium_ref_common/ntt.h @@ -4,7 +4,7 @@ #include #include "params.h" -void ntt(int32_t a[ML_DSA_N]); +void ml_dsa_ntt(int32_t a[ML_DSA_N]); void invntt_tomont(int32_t a[ML_DSA_N]); diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/params.h b/crypto/dilithium/pqcrystals_dilithium_ref_common/params.h index 29bc7c3715..0b72e1ff3d 100644 --- a/crypto/dilithium/pqcrystals_dilithium_ref_common/params.h +++ b/crypto/dilithium/pqcrystals_dilithium_ref_common/params.h @@ -12,7 +12,6 @@ #define ML_DSA_N 256 #define ML_DSA_Q 8380417 #define ML_DSA_D 13 -#define ML_DSA_ROOT_OF_UNITY 1753 #define POLYT1_PACKEDBYTES 320 #define POLYT0_PACKEDBYTES 416 diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.c b/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.c index c0e0279305..d04405187f 100644 --- a/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.c +++ b/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.c @@ -7,14 +7,14 @@ #include "../../fipsmodule/sha/internal.h" /************************************************* -* Name: poly_reduce +* Name: ml_dsa_poly_reduce * * Description: Inplace reduction of all coefficients of polynomial to * representative in [-6283009,6283007]. * * Arguments: - poly *a: pointer to input/output polynomial **************************************************/ -void poly_reduce(poly *a) { +void ml_dsa_poly_reduce(poly *a) { unsigned int i; for(i = 0; i < ML_DSA_N; ++i) { a->coeffs[i] = reduce32(a->coeffs[i]); @@ -37,7 +37,7 @@ void poly_caddq(poly *a) { } /************************************************* -* Name: poly_add +* Name: ml_dsa_poly_add * * Description: Add polynomials. No modular reduction is performed. * @@ -45,7 +45,7 @@ void poly_caddq(poly *a) { * - const poly *a: pointer to first summand * - const poly *b: pointer to second summand **************************************************/ -void poly_add(poly *c, const poly *a, const poly *b) { +void ml_dsa_poly_add(poly *c, const poly *a, const poly *b) { unsigned int i; for(i = 0; i < ML_DSA_N; ++i) { c->coeffs[i] = a->coeffs[i] + b->coeffs[i]; @@ -53,7 +53,7 @@ void poly_add(poly *c, const poly *a, const poly *b) { } /************************************************* -* Name: poly_sub +* Name: ml_dsa_poly_sub * * Description: Subtract polynomials. No modular reduction is * performed. @@ -63,7 +63,7 @@ void poly_add(poly *c, const poly *a, const poly *b) { * - const poly *b: pointer to second input polynomial to be * subtraced from first input polynomial **************************************************/ -void poly_sub(poly *c, const poly *a, const poly *b) { +void ml_dsa_poly_sub(poly *c, const poly *a, const poly *b) { unsigned int i; for(i = 0; i < ML_DSA_N; ++i) { c->coeffs[i] = a->coeffs[i] - b->coeffs[i]; @@ -86,19 +86,19 @@ void poly_shiftl(poly *a) { } /************************************************* -* Name: poly_ntt +* Name: ml_dsa_poly_ntt * * Description: Inplace forward NTT. Coefficients can grow by * 8*Q in absolute value. * * Arguments: - poly *a: pointer to input/output polynomial **************************************************/ -void poly_ntt(poly *a) { - ntt(a->coeffs); +void ml_dsa_poly_ntt(poly *a) { + ml_dsa_ntt(a->coeffs); } /************************************************* -* Name: poly_invntt_tomont +* Name: ml_dsa_poly_invntt_tomont * * Description: Inplace inverse NTT and multiplication by 2^{32}. * Input coefficients need to be less than Q in absolute @@ -106,7 +106,7 @@ void poly_ntt(poly *a) { * * Arguments: - poly *a: pointer to input/output polynomial **************************************************/ -void poly_invntt_tomont(poly *a) { +void ml_dsa_poly_invntt_tomont(poly *a) { invntt_tomont(a->coeffs); } diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.h b/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.h index 5dbf25a20a..540e538d9e 100644 --- a/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.h +++ b/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.h @@ -8,19 +8,19 @@ typedef struct { int32_t coeffs[ML_DSA_N]; } poly; -void poly_reduce(poly *a); +void ml_dsa_poly_reduce(poly *a); void poly_caddq(poly *a); -void poly_add(poly *c, const poly *a, const poly *b); +void ml_dsa_poly_add(poly *c, const poly *a, const poly *b); -void poly_sub(poly *c, const poly *a, const poly *b); +void ml_dsa_poly_sub(poly *c, const poly *a, const poly *b); void poly_shiftl(poly *a); -void poly_ntt(poly *a); +void ml_dsa_poly_ntt(poly *a); -void poly_invntt_tomont(poly *a); +void ml_dsa_poly_invntt_tomont(poly *a); void poly_pointwise_montgomery(poly *c, const poly *a, const poly *b); diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/polyvec.c b/crypto/dilithium/pqcrystals_dilithium_ref_common/polyvec.c index ddf6072813..cb62a13352 100644 --- a/crypto/dilithium/pqcrystals_dilithium_ref_common/polyvec.c +++ b/crypto/dilithium/pqcrystals_dilithium_ref_common/polyvec.c @@ -106,7 +106,7 @@ void polyvecl_uniform_gamma1(ml_dsa_params *params, void polyvecl_reduce(ml_dsa_params *params, polyvecl *v) { unsigned int i; for(i = 0; i < params->l; ++i) { - poly_reduce(&v->vec[i]); + ml_dsa_poly_reduce(&v->vec[i]); } } @@ -127,7 +127,7 @@ void polyvecl_add(ml_dsa_params *params, const polyvecl *v) { unsigned int i; for(i = 0; i < params->l; ++i) { - poly_add(&w->vec[i], &u->vec[i], &v->vec[i]); + ml_dsa_poly_add(&w->vec[i], &u->vec[i], &v->vec[i]); } } @@ -143,7 +143,7 @@ void polyvecl_add(ml_dsa_params *params, void polyvecl_ntt(ml_dsa_params *params, polyvecl *v) { unsigned int i; for(i = 0; i < params->l; ++i) { - poly_ntt(&v->vec[i]); + ml_dsa_poly_ntt(&v->vec[i]); } } @@ -160,7 +160,7 @@ void polyvecl_ntt(ml_dsa_params *params, polyvecl *v) { void polyvecl_invntt_tomont(ml_dsa_params *params, polyvecl *v) { unsigned int i; for(i = 0; i < params->l; ++i) { - poly_invntt_tomont(&v->vec[i]); + ml_dsa_poly_invntt_tomont(&v->vec[i]); } } @@ -208,7 +208,7 @@ void polyvecl_pointwise_acc_montgomery(ml_dsa_params *params, poly_pointwise_montgomery(w, &u->vec[0], &v->vec[0]); for(i = 1; i < params->l; ++i) { poly_pointwise_montgomery(&t, &u->vec[i], &v->vec[i]); - poly_add(w, w, &t); + ml_dsa_poly_add(w, w, &t); } } @@ -273,7 +273,7 @@ void polyveck_uniform_eta(ml_dsa_params *params, void polyveck_reduce(ml_dsa_params *params, polyveck *v) { unsigned int i; for(i = 0; i < params->k; ++i) { - poly_reduce(&v->vec[i]); + ml_dsa_poly_reduce(&v->vec[i]); } } @@ -310,7 +310,7 @@ void polyveck_add(ml_dsa_params *params, const polyveck *v) { unsigned int i; for(i = 0; i < params->k; ++i) { - poly_add(&w->vec[i], &u->vec[i], &v->vec[i]); + ml_dsa_poly_add(&w->vec[i], &u->vec[i], &v->vec[i]); } } @@ -332,7 +332,7 @@ void polyveck_sub(ml_dsa_params *params, const polyveck *v) { unsigned int i; for(i = 0; i < params->k; ++i) { - poly_sub(&w->vec[i], &u->vec[i], &v->vec[i]); + ml_dsa_poly_sub(&w->vec[i], &u->vec[i], &v->vec[i]); } } @@ -364,7 +364,7 @@ void polyveck_shiftl(ml_dsa_params *params, polyveck *v) { void polyveck_ntt(ml_dsa_params *params, polyveck *v) { unsigned int i; for(i = 0; i < params->k; ++i) { - poly_ntt(&v->vec[i]); + ml_dsa_poly_ntt(&v->vec[i]); } } @@ -381,7 +381,7 @@ void polyveck_ntt(ml_dsa_params *params, polyveck *v) { void polyveck_invntt_tomont(ml_dsa_params *params, polyveck *v) { unsigned int i; for(i = 0; i < params->k; ++i) { - poly_invntt_tomont(&v->vec[i]); + ml_dsa_poly_invntt_tomont(&v->vec[i]); } } diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/sign.c b/crypto/dilithium/pqcrystals_dilithium_ref_common/sign.c index 3b5b2d20df..701eab489a 100644 --- a/crypto/dilithium/pqcrystals_dilithium_ref_common/sign.c +++ b/crypto/dilithium/pqcrystals_dilithium_ref_common/sign.c @@ -195,7 +195,7 @@ int crypto_sign_signature_internal(ml_dsa_params *params, SHA3_Update(&state, sig, params->k * params->poly_w1_packed_bytes); SHAKE_Final(sig, &state, params->c_tilde_bytes); poly_challenge(params, &cp, sig); - poly_ntt(&cp); + ml_dsa_poly_ntt(&cp); /* FIPS 204: line 20 Compute z, reject if it reveals secret */ polyvecl_pointwise_poly_montgomery(params, &z, &cp, &s1); @@ -407,7 +407,7 @@ int crypto_sign_verify_internal(ml_dsa_params *params, polyvecl_ntt(params, &z); polyvec_matrix_pointwise_montgomery(params, &w1, mat, &z); - poly_ntt(&cp); + ml_dsa_poly_ntt(&cp); polyveck_shiftl(params, &t1); polyveck_ntt(params, &t1); polyveck_pointwise_poly_montgomery(params, &t1, &cp, &t1);