CR fixes

aws · Dec 4, 2024 · f4cc0fe · f4cc0fe
1 parent 69e15e7
commit f4cc0fe
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 52 deletions.
diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.c b/crypto/dilithium/pqcrystals_dilithium_ref_common/poly.c
@@ -355,7 +355,7 @@ void poly_uniform(poly *a,
   stream128_state state;
 
   stream128_init(&state, seed, nonce);
-  stream128_squeezeblocks(buf, POLY_UNIFORM_NBLOCKS, &state);
+  SHAKE_Final(buf, &state,POLY_UNIFORM_NBLOCKS * SHAKE128_BLOCKSIZE);
 
   ctr = rej_uniform(a->coeffs, N, buf, buflen);
 
@@ -364,7 +364,7 @@ void poly_uniform(poly *a,
     for(i = 0; i < off; ++i)
       buf[i] = buf[buflen - off + i];
 
-    stream128_squeezeblocks(buf + off, 1, &state);
+    SHAKE_Final(buf + off, &state,POLY_UNIFORM_NBLOCKS * SHAKE128_BLOCKSIZE);
     buflen = STREAM128_BLOCKBYTES + off;
     ctr += rej_uniform(a->coeffs + ctr, N - ctr, buf, buflen);
   }
@@ -454,12 +454,12 @@ void poly_uniform_eta(ml_dsa_params *params,
   stream256_state state;
 
   stream256_init(&state, seed, nonce);
-  stream256_squeezeblocks(buf, DILITHIUM_POLY_UNIFORM_ETA_NBLOCKS_MAX, &state);
+  SHAKE_Final(buf, &state, DILITHIUM_POLY_UNIFORM_ETA_NBLOCKS_MAX * SHAKE256_BLOCKSIZE);
 
   ctr = rej_eta(params, a->coeffs, N, buf, buflen);
 
   while(ctr < N) {
-    stream256_squeezeblocks(buf, 1, &state);
+    SHAKE_Final(buf, &state, SHAKE256_BLOCKSIZE);
     ctr += rej_eta(params, a->coeffs + ctr, N - ctr, buf, STREAM256_BLOCKBYTES);
   }
 }
@@ -486,7 +486,7 @@ void poly_uniform_gamma1(ml_dsa_params *params,
   stream256_state state;
 
   stream256_init(&state, seed, nonce);
-  stream256_squeezeblocks(buf, POLY_UNIFORM_GAMMA1_NBLOCKS, &state);
+  SHAKE_Final(buf, &state, POLY_UNIFORM_GAMMA1_NBLOCKS * SHAKE256_BLOCKSIZE);
   polyz_unpack(params, a, buf);
 }
 
@@ -509,7 +509,7 @@ void poly_challenge(ml_dsa_params *params, poly *c, const uint8_t *seed) {
 
   SHAKE_Init(&state, SHAKE256_BLOCKSIZE);
   SHA3_Update(&state, seed, params->c_tilde_bytes);
-  dilithium_shake256_squeeze(&state, buf, 1);
+  SHAKE_Final(buf, &state, SHAKE256_BLOCKSIZE);
 
   signs = 0;
   for(i = 0; i < 8; ++i)
@@ -521,7 +521,7 @@ void poly_challenge(ml_dsa_params *params, poly *c, const uint8_t *seed) {
   for(i = N-params->tau; i < N; ++i) {
     do {
       if(pos >= SHAKE256_RATE) {
-        dilithium_shake256_squeeze(&state, buf, 1);
+        SHAKE_Final(buf, &state, SHAKE256_BLOCKSIZE);
         pos = 0;
       }
 

diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/symmetric-shake.c b/crypto/dilithium/pqcrystals_dilithium_ref_common/symmetric-shake.c
@@ -47,41 +47,3 @@ void dilithium_shake256_stream_init(KECCAK1600_CTX *ctx, const uint8_t seed[CRHB
   SHA3_Update(ctx, seed, CRHBYTES);
   SHA3_Update(ctx, t, 2);
 }
-
-/*************************************************
-* Name:        dilithium_shake128_squeeze
-*
-* Description: Squeeze step of SHAKE128 XOF. Squeezes full blocks of
-*              SHAKE128_RATE bytes each. Can be called multiple times
-*              to keep squeezing. Assumes new block has not yet been
-*              started.
-*
-* Arguments:   - uint8_t *out: pointer to output blocks
-*              - size_t nblocks: number of blocks to be squeezed (written to output)
-*              - KECCAK1600_CTX *ctx: pointer to input/output Keccak state
-**************************************************/
-void dilithium_shake128_squeeze(KECCAK1600_CTX *ctx, uint8_t *out, int nblocks)
-{
-  // Return code checks can be omitted
-  // SHAKE_Final always returns 1
-  SHAKE_Final(out, ctx, nblocks * SHAKE128_BLOCKSIZE);
-}
-
-/*************************************************
-* Name:        dilithium_shake256_squeeze
-*
-* Description: Squeeze step of SHAKE128 XOF. Squeezes full blocks of
-*              SHAKE128_RATE bytes each. Can be called multiple times
-*              to keep squeezing. Assumes new block has not yet been
-*              started.
-*
-* Arguments:   - uint8_t *out: pointer to output blocks
-*              - size_t nblocks: number of blocks to be squeezed (written to output)
-*              - KECCAK1600_CTX *ctx: pointer to input/output Keccak state
-**************************************************/
-void dilithium_shake256_squeeze(KECCAK1600_CTX *ctx, uint8_t *out, int nblocks)
-{
-  // Return code checks can be omitted
-  // SHAKE_Final always returns 1
-  SHAKE_Final(out, ctx, nblocks * SHAKE256_BLOCKSIZE);
-}
diff --git a/crypto/dilithium/pqcrystals_dilithium_ref_common/symmetric.h b/crypto/dilithium/pqcrystals_dilithium_ref_common/symmetric.h
@@ -17,20 +17,13 @@ void dilithium_shake256_stream_init(KECCAK1600_CTX *state,
                                     const uint8_t seed[CRHBYTES],
                                     uint16_t nonce);
 
-void dilithium_shake128_squeeze(KECCAK1600_CTX *ctx, uint8_t *out, int nblocks);
-
-void dilithium_shake256_squeeze(KECCAK1600_CTX *ctx, uint8_t *out, int nblocks);
 
 #define STREAM128_BLOCKBYTES SHAKE128_RATE
 #define STREAM256_BLOCKBYTES SHAKE256_RATE
 
 #define stream128_init(STATE, SEED, NONCE) \
 dilithium_shake128_stream_init(STATE, SEED, NONCE)
-#define stream128_squeezeblocks(OUT, OUTBLOCKS, STATE) \
-dilithium_shake128_squeeze(STATE, OUT, OUTBLOCKS)
 #define stream256_init(STATE, SEED, NONCE) \
 dilithium_shake256_stream_init(STATE, SEED, NONCE)
-#define stream256_squeezeblocks(OUT, OUTBLOCKS, STATE) \
-dilithium_shake256_squeeze(STATE, OUT, OUTBLOCKS)
 
 #endif