diff --git a/.CMake/alg_support.cmake b/.CMake/alg_support.cmake
index 56084ae1d7..10ca1a5ae7 100644
--- a/.CMake/alg_support.cmake
+++ b/.CMake/alg_support.cmake
@@ -462,14 +462,6 @@ endif()
endif()
-option(OQS_ENABLE_SIG_RAINBOW "Enable rainbow algorithm family" ON)
-cmake_dependent_option(OQS_ENABLE_SIG_rainbow_III_classic "" ON "OQS_ENABLE_SIG_RAINBOW" OFF)
-cmake_dependent_option(OQS_ENABLE_SIG_rainbow_III_circumzenithal "" ON "OQS_ENABLE_SIG_RAINBOW" OFF)
-cmake_dependent_option(OQS_ENABLE_SIG_rainbow_III_compressed "" ON "OQS_ENABLE_SIG_RAINBOW" OFF)
-cmake_dependent_option(OQS_ENABLE_SIG_rainbow_V_classic "" ON "OQS_ENABLE_SIG_RAINBOW" OFF)
-cmake_dependent_option(OQS_ENABLE_SIG_rainbow_V_circumzenithal "" ON "OQS_ENABLE_SIG_RAINBOW" OFF)
-cmake_dependent_option(OQS_ENABLE_SIG_rainbow_V_compressed "" ON "OQS_ENABLE_SIG_RAINBOW" OFF)
-
option(OQS_ENABLE_SIG_SPHINCS "Enable sphincs algorithm family" ON)
cmake_dependent_option(OQS_ENABLE_SIG_sphincs_haraka_128f_robust "" ON "OQS_ENABLE_SIG_SPHINCS" OFF)
if(OQS_DIST_X86_64_BUILD OR (OQS_USE_AES_INSTRUCTIONS))
diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml
index 86b50df32a..8fcbc049b1 100644
--- a/.github/workflows/weekly.yml
+++ b/.github/workflows/weekly.yml
@@ -16,12 +16,12 @@ jobs:
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DOQS_OPT_TARGET=generic -DCMAKE_BUILD_TYPE=Debug -DOQS_ENABLE_TEST_CONSTANT_TIME=ON
PYTEST_ARGS: --numprocesses=auto -k 'test_constant_time'
- SKIP_ALGS: 'SPHINCS\+-SHA*,Rainbow-V-Compressed,Classic-McEliece-6(.)*'
+ SKIP_ALGS: 'SPHINCS\+-SHA*,Classic-McEliece-6(.)*'
- name: extensions
container: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DOQS_OPT_TARGET=haswell -DCMAKE_BUILD_TYPE=Debug -DOQS_ENABLE_TEST_CONSTANT_TIME=ON
PYTEST_ARGS: --numprocesses=auto -k 'test_constant_time'
- SKIP_ALGS: 'SPHINCS\+-SHA*,Rainbow-V-Compressed,Classic-McEliece-6(.)*'
+ SKIP_ALGS: 'SPHINCS\+-SHA*,Classic-McEliece-6(.)*'
container:
image: ${{ matrix.container }}
steps:
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 6ddc012e24..c3442c3b84 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -175,9 +175,6 @@ endif()
if(OQS_ENABLE_SIG_FALCON)
set(PUBLIC_HEADERS ${PUBLIC_HEADERS} ${PROJECT_SOURCE_DIR}/src/sig/falcon/sig_falcon.h)
endif()
-if(OQS_ENABLE_SIG_RAINBOW)
- set(PUBLIC_HEADERS ${PUBLIC_HEADERS} ${PROJECT_SOURCE_DIR}/src/sig/rainbow/sig_rainbow.h)
-endif()
if(OQS_ENABLE_SIG_SPHINCS)
set(PUBLIC_HEADERS ${PUBLIC_HEADERS} ${PROJECT_SOURCE_DIR}/src/sig/sphincs/sig_sphincs.h)
endif()
diff --git a/README.md b/README.md
index 19d007bc56..79c18976da 100644
--- a/README.md
+++ b/README.md
@@ -55,7 +55,6 @@ Details on each supported algorithm can be found in the [docs/algorithms](https:
- **CRYSTALS-Dilithium**: Dilithium2, Dilithium3, Dilithium5, Dilithium2-AES, Dilithium3-AES, Dilithium5-AES
- **Falcon**: Falcon-512, Falcon-1024
- **Picnic**: picnic\_L1\_FS, picnic\_L1\_UR, picnic\_L1\_full, picnic\_L3\_FS, picnic\_L3\_UR, picnic\_L3\_full, picnic\_L5\_FS, picnic\_L5\_UR, picnic\_L5\_full, picnic3\_L1, picnic3\_L3, picnic3\_L5
-- **Rainbow**: Rainbow-III-Classic†, Rainbow-III-Circumzenithal†, Rainbow-III-Compressed†, Rainbow-V-Classic†, Rainbow-V-Circumzenithal†, Rainbow-V-Compressed†
- **SPHINCS+-Haraka**: SPHINCS+-Haraka-128f-robust, SPHINCS+-Haraka-128f-simple, SPHINCS+-Haraka-128s-robust, SPHINCS+-Haraka-128s-simple, SPHINCS+-Haraka-192f-robust, SPHINCS+-Haraka-192f-simple, SPHINCS+-Haraka-192s-robust, SPHINCS+-Haraka-192s-simple, SPHINCS+-Haraka-256f-robust, SPHINCS+-Haraka-256f-simple, SPHINCS+-Haraka-256s-robust, SPHINCS+-Haraka-256s-simple
- **SPHINCS+-SHA256**: SPHINCS+-SHA256-128f-robust, SPHINCS+-SHA256-128f-simple, SPHINCS+-SHA256-128s-robust, SPHINCS+-SHA256-128s-simple, SPHINCS+-SHA256-192f-robust, SPHINCS+-SHA256-192f-simple, SPHINCS+-SHA256-192s-robust, SPHINCS+-SHA256-192s-simple, SPHINCS+-SHA256-256f-robust, SPHINCS+-SHA256-256f-simple, SPHINCS+-SHA256-256s-robust, SPHINCS+-SHA256-256s-simple
- **SPHINCS+-SHAKE256**: SPHINCS+-SHAKE256-128f-robust, SPHINCS+-SHAKE256-128f-simple, SPHINCS+-SHAKE256-128s-robust, SPHINCS+-SHAKE256-128s-simple, SPHINCS+-SHAKE256-192f-robust, SPHINCS+-SHAKE256-192f-simple, SPHINCS+-SHAKE256-192s-robust, SPHINCS+-SHAKE256-192s-simple, SPHINCS+-SHAKE256-256f-robust, SPHINCS+-SHAKE256-256f-simple, SPHINCS+-SHAKE256-256s-robust, SPHINCS+-SHAKE256-256s-simple
@@ -172,7 +171,6 @@ liboqs includes some third party libraries or modules that are licensed differen
- `src/kem/ntru/pqclean_*`: public domain
- `src/kem/saber/pqclean_*`: public domain
- `src/sig/dilithium/pqclean_*`: public domain
-- `src/sig/rainbow/pqclean_*`: CC0 (public domain)
- `src/sig/sphincs/pqclean_*`: CC0 (public domain)
## Acknowledgements
diff --git a/appveyor_build.bat b/appveyor_build.bat
index 18b999a7e5..2d3e0a854f 100644
--- a/appveyor_build.bat
+++ b/appveyor_build.bat
@@ -2,19 +2,19 @@
IF %COMPILER%==cygwin (
@echo on
SET "PATH=C:\cywin64\bin;c:\cygwin64;%PATH%"
- c:\cygwin64\bin\bash.exe -lc "setup-x86_64.exe -qnNdO -R C:/cygwin64 -l C:/cygwin/var/cache/setup -P openssl -P libssl-devel -P ninja -P cmake -P gcc && cd ${APPVEYOR_BUILD_FOLDER} && openssl version && cygcheck -c && pwd && mkdir build && cd build && cmake .. -GNinja -DCMAKE_C_COMPILER=gcc -DOQS_DIST_BUILD=ON -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_ENABLE_SIG_RAINBOW=OFF -DBUILD_SHARED_LIBS=%BUILD_SHARED% -DOQS_USE_OPENSSL=%OQS_USE_OPENSSL% && ninja "
+ c:\cygwin64\bin\bash.exe -lc "setup-x86_64.exe -qnNdO -R C:/cygwin64 -l C:/cygwin/var/cache/setup -P openssl -P libssl-devel -P ninja -P cmake -P gcc && cd ${APPVEYOR_BUILD_FOLDER} && openssl version && cygcheck -c && pwd && mkdir build && cd build && cmake .. -GNinja -DCMAKE_C_COMPILER=gcc -DOQS_DIST_BUILD=ON -DOQS_ENABLE_SIG_SPHINCS=OFF -DBUILD_SHARED_LIBS=%BUILD_SHARED% -DOQS_USE_OPENSSL=%OQS_USE_OPENSSL% && ninja "
)
IF %COMPILER%==msys2 (
@echo on
SET "PATH=C:\msys64\mingw64\bin;%PATH%"
- bash -lc "cd ${APPVEYOR_BUILD_FOLDER} && mkdir build && cd build && cmake .. -GNinja -DOQS_DIST_BUILD=ON -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_ENABLE_SIG_RAINBOW=OFF -DOQS_ENABLE_SIG_PICNIC=OFF -DBUILD_SHARED_LIBS=%BUILD_SHARED% -DOQS_USE_OPENSSL=%OQS_USE_OPENSSL% && ninja"
+ bash -lc "cd ${APPVEYOR_BUILD_FOLDER} && mkdir build && cd build && cmake .. -GNinja -DOQS_DIST_BUILD=ON -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_ENABLE_SIG_PICNIC=OFF -DBUILD_SHARED_LIBS=%BUILD_SHARED% -DOQS_USE_OPENSSL=%OQS_USE_OPENSSL% && ninja"
)
IF %COMPILER%==msvc2019 (
@echo on
CALL "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvars64.bat"
mkdir build
cd build
- REM SPHINCS and Rainbow cause a big slowdown in the tests
- cmake .. -GNinja -DOQS_DIST_BUILD=ON -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_ENABLE_SIG_RAINBOW=OFF -DBUILD_SHARED_LIBS=%BUILD_SHARED% -DOQS_USE_OPENSSL=%OQS_USE_OPENSSL%
+ REM SPHINCS causes a big slowdown in the tests
+ cmake .. -GNinja -DOQS_DIST_BUILD=ON -DOQS_ENABLE_SIG_SPHINCS=OFF -DBUILD_SHARED_LIBS=%BUILD_SHARED% -DOQS_USE_OPENSSL=%OQS_USE_OPENSSL%
ninja
)
diff --git a/docs/algorithms/sig/rainbow.md b/docs/algorithms/sig/rainbow.md
deleted file mode 100644
index 5887dc3866..0000000000
--- a/docs/algorithms/sig/rainbow.md
+++ /dev/null
@@ -1,73 +0,0 @@
-# Rainbow
-
-- **Algorithm type**: Digital signature scheme.
-- **Main cryptographic assumption**: multivariable polynomials, unbalanced oil and vinegar.
-- **Principal submitters**: Jintai Ding.
-- **Auxiliary submitters**: Ming-Shing Chen, Matthias Kannwischer, Jacques Patarin, Albrecht Petzoldt, Dieter Schmidt, Bo-Yin Yang.
-- **Authors' website**: https://www.pqcrainbow.org/
-- **Specification version**: NIST Round 3 submission.
-- **Primary Source**:
- - **Source**: https://github.com/PQClean/PQClean/commit/4c9e5a3aa715cc8d1d0e377e4e6e682ebd7602d6
- - **Implementation license (SPDX-Identifier)**: CC0-1.0
-
-
-## Usage advice/warning
-
-[A practical attack against this algorithm has been published and confirmed](https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/KFgw5_qCXiI?pli=1). Thus, caution is advised regarding the use of it. Next steps are tracked under [liboqs issue #1192](https://github.com/open-quantum-safe/liboqs/issues/1192).
-
-## Test limitation
-
-This algorithm is not tested under Windows.
-
-## Parameter set summary
-
-| Parameter set | Security model | Claimed NIST Level | Public key size (bytes) | Secret key size (bytes) | Signature size (bytes) |
-|:--------------------------:|:-----------------|---------------------:|--------------------------:|--------------------------:|-------------------------:|
-| Rainbow-III-Classic | EUF-CMA | 3 | 882080 | 626048 | 164 |
-| Rainbow-III-Circumzenithal | EUF-CMA | 3 | 264608 | 626048 | 164 |
-| Rainbow-III-Compressed | EUF-CMA | 3 | 264608 | 64 | 164 |
-| Rainbow-V-Classic | EUF-CMA | 5 | 1930600 | 1408736 | 212 |
-| Rainbow-V-Circumzenithal | EUF-CMA | 5 | 536136 | 1408736 | 212 |
-| Rainbow-V-Compressed | EUF-CMA | 5 | 536136 | 64 | 212 |
-
-## Rainbow-III-Classic implementation characteristics
-
-| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage?‡ |
-|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:----------------------|
-| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
-
- ‡For an explanation of what this denotes, consult the [Explanation of Terms](#explanation-of-terms) section at the end of this file.
-
-## Rainbow-III-Circumzenithal implementation characteristics
-
-| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
-
-## Rainbow-III-Compressed implementation characteristics
-
-| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
-
-## Rainbow-V-Classic implementation characteristics
-
-| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
-
-## Rainbow-V-Circumzenithal implementation characteristics
-
-| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
-
-## Rainbow-V-Compressed implementation characteristics
-
-| Implementation source | Identifier in upstream | Supported architecture(s) | Supported operating system(s) | CPU extension(s) used | No branching-on-secrets claimed? | No branching-on-secrets checked by valgrind? | Large stack usage? |
-|:---------------------------------:|:-------------------------|:----------------------------|:--------------------------------|:------------------------|:-----------------------------------|:-----------------------------------------------|:---------------------|
-| [Primary Source](#primary-source) | clean | All | All | None | True | True | True |
-
-## Explanation of Terms
-
-- **Large Stack Usage**: Implementations identified as having such may cause failures when running in threads or in constrained environments.
\ No newline at end of file
diff --git a/docs/algorithms/sig/rainbow.yml b/docs/algorithms/sig/rainbow.yml
deleted file mode 100644
index ab6ad6b3ad..0000000000
--- a/docs/algorithms/sig/rainbow.yml
+++ /dev/null
@@ -1,118 +0,0 @@
-name: Rainbow
-type: signature
-principal-submitters:
-- Jintai Ding
-auxiliary-submitters:
-- Ming-Shing Chen
-- Matthias Kannwischer
-- Jacques Patarin
-- Albrecht Petzoldt
-- Dieter Schmidt
-- Bo-Yin Yang
-crypto-assumption: multivariable polynomials, unbalanced oil and vinegar
-website: https://www.pqcrainbow.org/
-nist-round: 3
-spec-version: NIST Round 3 submission
-spdx-license-identifier: CC0-1.0
-primary-upstream:
- source: https://github.com/PQClean/PQClean/commit/4c9e5a3aa715cc8d1d0e377e4e6e682ebd7602d6
- spdx-license-identifier: CC0-1.0
- upstream-ancestors:
- - https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263
-parameter-sets:
-- name: Rainbow-III-Classic
- claimed-nist-level: 3
- claimed-security: EUF-CMA
- length-public-key: 882080
- length-secret-key: 626048
- length-signature: 164
- implementations:
- - upstream: primary-upstream
- upstream-id: clean
- supported-platforms: all
- common-crypto:
- - AES: liboqs
- - SHA2: liboqs
- no-secret-dependent-branching-claimed: true
- no-secret-dependent-branching-checked-by-valgrind: true
- large-stack-usage: true
-- name: Rainbow-III-Circumzenithal
- claimed-nist-level: 3
- claimed-security: EUF-CMA
- length-public-key: 264608
- length-secret-key: 626048
- length-signature: 164
- implementations:
- - upstream: primary-upstream
- upstream-id: clean
- supported-platforms: all
- common-crypto:
- - AES: liboqs
- - SHA2: liboqs
- no-secret-dependent-branching-claimed: true
- no-secret-dependent-branching-checked-by-valgrind: true
- large-stack-usage: true
-- name: Rainbow-III-Compressed
- claimed-nist-level: 3
- claimed-security: EUF-CMA
- length-public-key: 264608
- length-secret-key: 64
- length-signature: 164
- implementations:
- - upstream: primary-upstream
- upstream-id: clean
- supported-platforms: all
- common-crypto:
- - AES: liboqs
- - SHA2: liboqs
- no-secret-dependent-branching-claimed: true
- no-secret-dependent-branching-checked-by-valgrind: true
- large-stack-usage: true
-- name: Rainbow-V-Classic
- claimed-nist-level: 5
- claimed-security: EUF-CMA
- length-public-key: 1930600
- length-secret-key: 1408736
- length-signature: 212
- implementations:
- - upstream: primary-upstream
- upstream-id: clean
- supported-platforms: all
- common-crypto:
- - AES: liboqs
- - SHA2: liboqs
- no-secret-dependent-branching-claimed: true
- no-secret-dependent-branching-checked-by-valgrind: true
- large-stack-usage: true
-- name: Rainbow-V-Circumzenithal
- claimed-nist-level: 5
- claimed-security: EUF-CMA
- length-public-key: 536136
- length-secret-key: 1408736
- length-signature: 212
- implementations:
- - upstream: primary-upstream
- upstream-id: clean
- supported-platforms: all
- common-crypto:
- - AES: liboqs
- - SHA2: liboqs
- no-secret-dependent-branching-claimed: true
- no-secret-dependent-branching-checked-by-valgrind: true
- large-stack-usage: true
-- name: Rainbow-V-Compressed
- claimed-nist-level: 5
- claimed-security: EUF-CMA
- length-public-key: 536136
- length-secret-key: 64
- length-signature: 212
- implementations:
- - upstream: primary-upstream
- upstream-id: clean
- supported-platforms: all
- common-crypto:
- - AES: liboqs
- - SHA2: liboqs
- no-secret-dependent-branching-claimed: true
- no-secret-dependent-branching-checked-by-valgrind: true
- large-stack-usage: true
diff --git a/scripts/copy_from_upstream/copy_from_upstream.py b/scripts/copy_from_upstream/copy_from_upstream.py
index 8fb8b39e27..bf18a60dbd 100755
--- a/scripts/copy_from_upstream/copy_from_upstream.py
+++ b/scripts/copy_from_upstream/copy_from_upstream.py
@@ -618,7 +618,7 @@ def copy_from_upstream():
update_upstream_alg_docs.do_it(os.environ['LIBOQS_DIR'])
- # Not in love with using sub process to call a python script, but this is the easiest solution for
+ # Not in love with using sub process to call a python script, but this is the easiest solution for
# automatically calling this script in its current state.
shell(["python3", "../update_docs_from_yaml.py", "--liboqs-root", "../../"])
diff --git a/scripts/copy_from_upstream/copy_from_upstream.yml b/scripts/copy_from_upstream/copy_from_upstream.yml
index 843f8d24df..0449a7d026 100644
--- a/scripts/copy_from_upstream/copy_from_upstream.yml
+++ b/scripts/copy_from_upstream/copy_from_upstream.yml
@@ -259,41 +259,6 @@ sigs:
pqclean_scheme: falcon-1024
pretty_name_full: Falcon-1024
signed_msg_order: falcon
- -
- name: rainbow
- default_implementation: clean
- upstream_location: pqclean
- schemes:
- -
- scheme: "III_classic"
- pqclean_scheme: rainbowIII-classic
- pretty_name_full: Rainbow-III-Classic
- signed_msg_order: msg_then_sig
- -
- scheme: "III_circumzenithal"
- pqclean_scheme: rainbowIII-circumzenithal
- pretty_name_full: Rainbow-III-Circumzenithal
- signed_msg_order: msg_then_sig
- -
- scheme: "III_compressed"
- pqclean_scheme: rainbowIII-compressed
- pretty_name_full: Rainbow-III-Compressed
- signed_msg_order: msg_then_sig
- -
- scheme: "V_classic"
- pqclean_scheme: rainbowV-classic
- pretty_name_full: Rainbow-V-Classic
- signed_msg_order: msg_then_sig
- -
- scheme: "V_circumzenithal"
- pqclean_scheme: rainbowV-circumzenithal
- pretty_name_full: Rainbow-V-Circumzenithal
- signed_msg_order: msg_then_sig
- -
- scheme: "V_compressed"
- pqclean_scheme: rainbowV-compressed
- pretty_name_full: Rainbow-V-Compressed
- signed_msg_order: msg_then_sig
-
name: sphincs
default_implementation: clean
diff --git a/scripts/copy_from_upstream/update_upstream_alg_docs.py b/scripts/copy_from_upstream/update_upstream_alg_docs.py
index 0e87de4449..ab3f18590e 100755
--- a/scripts/copy_from_upstream/update_upstream_alg_docs.py
+++ b/scripts/copy_from_upstream/update_upstream_alg_docs.py
@@ -114,7 +114,7 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
upstream_base_url = ui['git_url'][:-len(".git")]
# upstream is special: We will take the upstream git commit information
# (possibly with added patch comment) as it is what drove the update
-
+
# Need to check if yml is of old format. If so, update to new format
if 'primary-upstream' not in oqs_yaml:
print("Updating format of {}. Please double check ordering of yaml file".format(scheme['pretty_name_full']))
@@ -168,7 +168,7 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
oqs_scheme_yaml['length-ciphertext'] = rhs_if_not_equal(oqs_scheme_yaml['length-ciphertext'], upstream_yaml['length-ciphertext'], "length-ciphertext")
oqs_scheme_yaml['length-secret-key'] = rhs_if_not_equal(oqs_scheme_yaml['length-secret-key'], upstream_yaml['length-secret-key'], "legnth-secret-key")
oqs_scheme_yaml['length-shared-secret'] = rhs_if_not_equal(oqs_scheme_yaml['length-shared-secret'], upstream_yaml['length-shared-secret'], "length-shared-secret")
-
+
_upstream_yaml = upstream_yaml
for impl_index, impl in enumerate(oqs_scheme_yaml['implementations']):
upstream_yaml = _upstream_yaml
@@ -178,7 +178,7 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
opt_upstream_root = ouis[upstream_name]['upstream_root']
upstream_meta_path = os.path.join(opt_upstream_root, meta_yaml_path_template.format_map(scheme))
upstream_yaml = load_yaml(upstream_meta_path)
-
+
for upstream_impl in upstream_yaml['implementations']:
if impl['upstream-id'] == upstream_impl['name']:
break
@@ -260,7 +260,7 @@ def update_upstream_sig_alg_docs(liboqs_root, sigs, upstream_info, write_changes
upstream_base_url = ui['git_url'][:-len(".git")]
# upstream is special: We will take the upstream git commit information
# (possibly with added patch comment) as it is what drove the update
-
+
# Need to check if yml is of old format. If so, update to new format
if 'primary-upstream' not in oqs_yaml:
print("Updating format of {}. Please double check ordering of yaml file".format(scheme['pretty_name_full']))
@@ -303,7 +303,7 @@ def update_upstream_sig_alg_docs(liboqs_root, sigs, upstream_info, write_changes
# TODO: PQClean and liboqs pretty-naming conventions for the
# following algorithms are out of sync.
- if sig['name'] == 'sphincs' or sig['name'] == 'rainbow':
+ if sig['name'] == 'sphincs':
oqs_scheme_yaml['name'] = rhs_if_not_equal(oqs_scheme_yaml['name'], scheme['pretty_name_full'], "scheme pretty name")
else:
oqs_scheme_yaml['name'] = rhs_if_not_equal(oqs_scheme_yaml['name'], upstream_yaml['name'], "scheme pretty name")
@@ -313,7 +313,7 @@ def update_upstream_sig_alg_docs(liboqs_root, sigs, upstream_info, write_changes
oqs_scheme_yaml['length-public-key'] = rhs_if_not_equal(oqs_scheme_yaml['length-public-key'], upstream_yaml['length-public-key'], "length-public-key")
oqs_scheme_yaml['length-secret-key'] = rhs_if_not_equal(oqs_scheme_yaml['length-secret-key'], upstream_yaml['length-secret-key'], "legnth-secret-key")
oqs_scheme_yaml['length-signature'] = rhs_if_not_equal(oqs_scheme_yaml['length-signature'], upstream_yaml['length-signature'], "length-signature")
-
+
_upstream_yaml = upstream_yaml
for impl_index, impl in enumerate(oqs_scheme_yaml['implementations']):
upstream_yaml = _upstream_yaml
@@ -323,7 +323,7 @@ def update_upstream_sig_alg_docs(liboqs_root, sigs, upstream_info, write_changes
opt_upstream_root = ouis[upstream_name]['upstream_root']
upstream_meta_path = os.path.join(opt_upstream_root, meta_yaml_path_template.format_map(scheme))
upstream_yaml = load_yaml(upstream_meta_path)
-
+
for upstream_impl in upstream_yaml['implementations']:
try:
x = impl['upstream-id']
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index d3645e4088..b72bae9d28 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -54,10 +54,6 @@ if(OQS_ENABLE_SIG_FALCON)
add_subdirectory(sig/falcon)
set(SIG_OBJS ${SIG_OBJS} ${FALCON_OBJS})
endif()
-if(OQS_ENABLE_SIG_RAINBOW)
- add_subdirectory(sig/rainbow)
- set(SIG_OBJS ${SIG_OBJS} ${RAINBOW_OBJS})
-endif()
if(OQS_ENABLE_SIG_SPHINCS)
add_subdirectory(sig/sphincs)
set(SIG_OBJS ${SIG_OBJS} ${SPHINCS_OBJS})
diff --git a/src/oqsconfig.h.cmake b/src/oqsconfig.h.cmake
index 52b5ccac89..1e7b59cda6 100644
--- a/src/oqsconfig.h.cmake
+++ b/src/oqsconfig.h.cmake
@@ -189,14 +189,6 @@
#cmakedefine OQS_ENABLE_SIG_falcon_1024 1
#cmakedefine OQS_ENABLE_SIG_falcon_1024_avx2 1
-#cmakedefine OQS_ENABLE_SIG_RAINBOW 1
-#cmakedefine OQS_ENABLE_SIG_rainbow_III_classic 1
-#cmakedefine OQS_ENABLE_SIG_rainbow_III_circumzenithal 1
-#cmakedefine OQS_ENABLE_SIG_rainbow_III_compressed 1
-#cmakedefine OQS_ENABLE_SIG_rainbow_V_classic 1
-#cmakedefine OQS_ENABLE_SIG_rainbow_V_circumzenithal 1
-#cmakedefine OQS_ENABLE_SIG_rainbow_V_compressed 1
-
#cmakedefine OQS_ENABLE_SIG_SPHINCS 1
#cmakedefine OQS_ENABLE_SIG_sphincs_haraka_128f_robust 1
#cmakedefine OQS_ENABLE_SIG_sphincs_haraka_128f_robust_aesni 1
diff --git a/src/sig/rainbow/CMakeLists.txt b/src/sig/rainbow/CMakeLists.txt
deleted file mode 100644
index 0d28e895d2..0000000000
--- a/src/sig/rainbow/CMakeLists.txt
+++ /dev/null
@@ -1,50 +0,0 @@
-# SPDX-License-Identifier: MIT
-
-# This file was generated by
-# scripts/copy_from_upstream/copy_from_upstream.py
-
-set(_RAINBOW_OBJS "")
-
-if(OQS_ENABLE_SIG_rainbow_III_classic)
- add_library(rainbow_III_classic_clean OBJECT sig_rainbow_III_classic.c pqclean_rainbowIII-classic_clean/blas.c pqclean_rainbowIII-classic_clean/blas_comm.c pqclean_rainbowIII-classic_clean/gf.c pqclean_rainbowIII-classic_clean/parallel_matrix_op.c pqclean_rainbowIII-classic_clean/rainbow.c pqclean_rainbowIII-classic_clean/rainbow_keypair.c pqclean_rainbowIII-classic_clean/rainbow_keypair_computation.c pqclean_rainbowIII-classic_clean/sign.c pqclean_rainbowIII-classic_clean/utils_hash.c pqclean_rainbowIII-classic_clean/utils_prng.c)
- target_include_directories(rainbow_III_classic_clean PRIVATE ${CMAKE_CURRENT_LIST_DIR}/pqclean_rainbowIII-classic_clean)
- target_include_directories(rainbow_III_classic_clean PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims)
- set(_RAINBOW_OBJS ${_RAINBOW_OBJS} $)
-endif()
-
-if(OQS_ENABLE_SIG_rainbow_III_circumzenithal)
- add_library(rainbow_III_circumzenithal_clean OBJECT sig_rainbow_III_circumzenithal.c pqclean_rainbowIII-circumzenithal_clean/blas.c pqclean_rainbowIII-circumzenithal_clean/blas_comm.c pqclean_rainbowIII-circumzenithal_clean/gf.c pqclean_rainbowIII-circumzenithal_clean/parallel_matrix_op.c pqclean_rainbowIII-circumzenithal_clean/rainbow.c pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair.c pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair_computation.c pqclean_rainbowIII-circumzenithal_clean/sign.c pqclean_rainbowIII-circumzenithal_clean/utils_hash.c pqclean_rainbowIII-circumzenithal_clean/utils_prng.c)
- target_include_directories(rainbow_III_circumzenithal_clean PRIVATE ${CMAKE_CURRENT_LIST_DIR}/pqclean_rainbowIII-circumzenithal_clean)
- target_include_directories(rainbow_III_circumzenithal_clean PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims)
- set(_RAINBOW_OBJS ${_RAINBOW_OBJS} $)
-endif()
-
-if(OQS_ENABLE_SIG_rainbow_III_compressed)
- add_library(rainbow_III_compressed_clean OBJECT sig_rainbow_III_compressed.c pqclean_rainbowIII-compressed_clean/blas.c pqclean_rainbowIII-compressed_clean/blas_comm.c pqclean_rainbowIII-compressed_clean/gf.c pqclean_rainbowIII-compressed_clean/parallel_matrix_op.c pqclean_rainbowIII-compressed_clean/rainbow.c pqclean_rainbowIII-compressed_clean/rainbow_keypair.c pqclean_rainbowIII-compressed_clean/rainbow_keypair_computation.c pqclean_rainbowIII-compressed_clean/sign.c pqclean_rainbowIII-compressed_clean/utils_hash.c pqclean_rainbowIII-compressed_clean/utils_prng.c)
- target_include_directories(rainbow_III_compressed_clean PRIVATE ${CMAKE_CURRENT_LIST_DIR}/pqclean_rainbowIII-compressed_clean)
- target_include_directories(rainbow_III_compressed_clean PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims)
- set(_RAINBOW_OBJS ${_RAINBOW_OBJS} $)
-endif()
-
-if(OQS_ENABLE_SIG_rainbow_V_classic)
- add_library(rainbow_V_classic_clean OBJECT sig_rainbow_V_classic.c pqclean_rainbowV-classic_clean/blas.c pqclean_rainbowV-classic_clean/blas_comm.c pqclean_rainbowV-classic_clean/gf.c pqclean_rainbowV-classic_clean/parallel_matrix_op.c pqclean_rainbowV-classic_clean/rainbow.c pqclean_rainbowV-classic_clean/rainbow_keypair.c pqclean_rainbowV-classic_clean/rainbow_keypair_computation.c pqclean_rainbowV-classic_clean/sign.c pqclean_rainbowV-classic_clean/utils_hash.c pqclean_rainbowV-classic_clean/utils_prng.c)
- target_include_directories(rainbow_V_classic_clean PRIVATE ${CMAKE_CURRENT_LIST_DIR}/pqclean_rainbowV-classic_clean)
- target_include_directories(rainbow_V_classic_clean PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims)
- set(_RAINBOW_OBJS ${_RAINBOW_OBJS} $)
-endif()
-
-if(OQS_ENABLE_SIG_rainbow_V_circumzenithal)
- add_library(rainbow_V_circumzenithal_clean OBJECT sig_rainbow_V_circumzenithal.c pqclean_rainbowV-circumzenithal_clean/blas.c pqclean_rainbowV-circumzenithal_clean/blas_comm.c pqclean_rainbowV-circumzenithal_clean/gf.c pqclean_rainbowV-circumzenithal_clean/parallel_matrix_op.c pqclean_rainbowV-circumzenithal_clean/rainbow.c pqclean_rainbowV-circumzenithal_clean/rainbow_keypair.c pqclean_rainbowV-circumzenithal_clean/rainbow_keypair_computation.c pqclean_rainbowV-circumzenithal_clean/sign.c pqclean_rainbowV-circumzenithal_clean/utils_hash.c pqclean_rainbowV-circumzenithal_clean/utils_prng.c)
- target_include_directories(rainbow_V_circumzenithal_clean PRIVATE ${CMAKE_CURRENT_LIST_DIR}/pqclean_rainbowV-circumzenithal_clean)
- target_include_directories(rainbow_V_circumzenithal_clean PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims)
- set(_RAINBOW_OBJS ${_RAINBOW_OBJS} $)
-endif()
-
-if(OQS_ENABLE_SIG_rainbow_V_compressed)
- add_library(rainbow_V_compressed_clean OBJECT sig_rainbow_V_compressed.c pqclean_rainbowV-compressed_clean/blas.c pqclean_rainbowV-compressed_clean/blas_comm.c pqclean_rainbowV-compressed_clean/gf.c pqclean_rainbowV-compressed_clean/parallel_matrix_op.c pqclean_rainbowV-compressed_clean/rainbow.c pqclean_rainbowV-compressed_clean/rainbow_keypair.c pqclean_rainbowV-compressed_clean/rainbow_keypair_computation.c pqclean_rainbowV-compressed_clean/sign.c pqclean_rainbowV-compressed_clean/utils_hash.c pqclean_rainbowV-compressed_clean/utils_prng.c)
- target_include_directories(rainbow_V_compressed_clean PRIVATE ${CMAKE_CURRENT_LIST_DIR}/pqclean_rainbowV-compressed_clean)
- target_include_directories(rainbow_V_compressed_clean PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims)
- set(_RAINBOW_OBJS ${_RAINBOW_OBJS} $)
-endif()
-
-set(RAINBOW_OBJS ${_RAINBOW_OBJS} PARENT_SCOPE)
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/LICENSE b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/LICENSE
deleted file mode 100644
index cb00a6e354..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/LICENSE
+++ /dev/null
@@ -1,8 +0,0 @@
-`Software implementation of Rainbow for NIST R2 submission' by Ming-Shing Chen
-
-To the extent possible under law, the person who associated CC0 with
-`Software implementation of Rainbow for NIST R2 submission' has waived all copyright and related or neighboring rights
-to `Software implementation of Rainbow for NIST R2 submission'.
-
-You should have received a copy of the CC0 legalcode along with this
-work. If not, see .
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/api.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/api.h
deleted file mode 100644
index 25f21f69af..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/api.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_API_H
-#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_API_H
-
-#include
-#include
-
-#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_CRYPTO_SECRETKEYBYTES 626048
-#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_CRYPTO_PUBLICKEYBYTES 264608
-#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_CRYPTO_BYTES 164
-#define PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,32,48) - circumzenithal"
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk);
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
- const uint8_t *m, size_t mlen,
- const uint8_t *sk);
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
- const uint8_t *sm, size_t smlen,
- const uint8_t *pk);
-
-
-#endif
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas.c
deleted file mode 100644
index 858bf3d198..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas.c
+++ /dev/null
@@ -1,31 +0,0 @@
-#include "blas.h"
-#include "gf.h"
-
-#include
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) {
- uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate);
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= (a[i] & pr_u8);
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= a[i];
- }
-}
-
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- a[i] = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a[i], b);
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_c[i] ^= PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a[i], gf256_b);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas.h
deleted file mode 100644
index 7e114ba242..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _BLAS_H_
-#define _BLAS_H_
-/// @file blas.h
-/// @brief Functions for implementing basic linear algebra functions.
-///
-
-#include "rainbow_config.h"
-#include
-#include
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte);
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte);
-
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte);
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte);
-
-
-#endif // _BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas_comm.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas_comm.c
deleted file mode 100644
index e63dc760ee..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas_comm.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/// @file blas_comm.c
-/// @brief The standard implementations for blas_comm.h
-///
-
-#include "blas_comm.h"
-#include "blas.h"
-#include "gf.h"
-#include "rainbow_config.h"
-
-#include
-#include
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- b[i] = 0;
- }
-}
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) {
- return a[i];
-}
-
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) {
- uint8_t r = 0;
- while (_num_byte--) {
- r |= a[0];
- a++;
- }
- return (0 == r);
-}
-
-/// polynomial multplication
-/// School boook
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, _num * 2 - 1);
- for (unsigned int i = 0; i < _num; i++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(c + i, a, b[i], _num);
- }
-}
-
-static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_A_vec_byte);
- for (unsigned int i = 0; i < n_A_width; i++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte);
- matA += n_A_vec_byte;
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) {
- unsigned int n_vec_byte = len_vec;
- for (unsigned int k = 0; k < len_vec; k++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_vec_byte);
- const uint8_t *bk = b + n_vec_byte * k;
- for (unsigned int i = 0; i < len_vec; i++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte);
- }
- c += n_vec_byte;
- }
-}
-
-static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) {
- unsigned int r8 = 1;
-
- for (unsigned int i = 0; i < h; i++) {
- uint8_t *ai = mat + w * i;
- unsigned int skip_len_align4 = i & ((unsigned int)~0x3);
-
- for (unsigned int j = i + 1; j < h; j++) {
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4);
- }
- r8 &= PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_is_nonzero(ai[i]);
- uint8_t pivot = ai[i];
- pivot = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_inv(pivot);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4);
- for (unsigned int j = 0; j < h; j++) {
- if (i == j) {
- continue;
- }
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4);
- }
- }
-
- return r8;
-}
-
-static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- uint8_t mat[64 * 64];
- for (unsigned int i = 0; i < n; i++) {
- memcpy(mat + i * (n + 1), inp_mat + i * n, n);
- mat[i * (n + 1) + n] = c_terms[i];
- }
- unsigned int r8 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(mat, n, n + 1);
- for (unsigned int i = 0; i < n; i++) {
- sol[i] = mat[i * (n + 1) + n];
- }
- return r8;
-}
-
-static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) {
- for (unsigned int i = 0; i < h; i++) {
- for (unsigned int j = 0; j < w2; j++) {
- mat2[i * w2 + j] = mat[i * w + st + j];
- }
- }
-}
-
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) {
- uint8_t *aa = buffer;
- for (unsigned int i = 0; i < H; i++) {
- uint8_t *ai = aa + i * 2 * H;
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(ai, 2 * H);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(ai, a + i * H, H);
- ai[H + i] = 1;
- }
- unsigned int r8 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H);
- gf256mat_submat(inv_a, H, H, aa, 2 * H, H);
- return r8;
-}
-
-
-// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE
-
-#define gf256mat_prod_impl gf256mat_prod_ref
-#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref
-#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b);
-}
-
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) {
- return gf256mat_gauss_elim_impl(mat, h, w);
-}
-
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n);
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas_comm.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas_comm.h
deleted file mode 100644
index 3130149d27..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/blas_comm.h
+++ /dev/null
@@ -1,90 +0,0 @@
-#ifndef _BLAS_COMM_H_
-#define _BLAS_COMM_H_
-/// @file blas_comm.h
-/// @brief Common functions for linear algebra.
-///
-
-#include "rainbow_config.h"
-#include
-
-/// @brief set a vector to 0.
-///
-/// @param[in,out] b - the vector b.
-/// @param[in] _num_byte - number of bytes for the vector b.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte);
-
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i);
-
-/// @brief check if a vector is 0.
-///
-/// @param[in] a - the vector a.
-/// @param[in] _num_byte - number of bytes for the vector a.
-/// @return 1(true) if a is 0. 0(false) else.
-///
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte);
-
-/// @brief polynomial multiplication: c = a*b
-///
-/// @param[out] c - the output polynomial c
-/// @param[in] a - the vector a.
-/// @param[in] b - the vector b.
-/// @param[in] _num - number of elements for the polynomials a and b.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num);
-
-/// @brief matrix-vector multiplication: c = matA * b , in GF(256)
-///
-/// @param[out] c - the output vector c
-/// @param[in] matA - a column-major matrix A.
-/// @param[in] n_A_vec_byte - the size of column vectors in bytes.
-/// @param[in] n_A_width - the width of matrix A.
-/// @param[in] b - the vector b.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b);
-
-/// @brief matrix-matrix multiplication: c = a * b , in GF(256)
-///
-/// @param[out] c - the output matrix c
-/// @param[in] c - a matrix a.
-/// @param[in] b - a matrix b.
-/// @param[in] len_vec - the length of column vectors.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec);
-
-/// @brief Gauss elimination for a matrix, in GF(256)
-///
-/// @param[in,out] mat - the matrix.
-/// @param[in] h - the height of the matrix.
-/// @param[in] w - the width of the matrix.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w);
-
-/// @brief Solving linear equations, in GF(256)
-///
-/// @param[out] sol - the solutions.
-/// @param[in] inp_mat - the matrix parts of input equations.
-/// @param[in] c_terms - the constant terms of the input equations.
-/// @param[in] n - the number of equations.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n);
-
-/// @brief Computing the inverse matrix, in GF(256)
-///
-/// @param[out] inv_a - the output of matrix a.
-/// @param[in] a - a matrix a.
-/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix.
-/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer);
-
-#endif // _BLAS_COMM_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/gf.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/gf.c
deleted file mode 100644
index b93c9a4b9a..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/gf.c
+++ /dev/null
@@ -1,91 +0,0 @@
-#include "gf.h"
-
-//// gf4 := gf2[x]/x^2+x+1
-static inline uint8_t gf4_mul_2(uint8_t a) {
- uint8_t r = (uint8_t)(a << 1);
- r ^= (uint8_t)((a >> 1) * 7);
- return r;
-}
-
-static inline uint8_t gf4_mul(uint8_t a, uint8_t b) {
- uint8_t r = (uint8_t)(a * (b & 1));
- return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1));
-}
-
-static inline uint8_t gf4_squ(uint8_t a) {
- return a ^ (a >> 1);
-}
-
-//// gf16 := gf4[y]/y^2+y+x
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- uint8_t b0 = b & 3;
- uint8_t b1 = (b >> 2);
- uint8_t a0b0 = gf4_mul(a0, b0);
- uint8_t a1b1 = gf4_mul(a1, b1);
- uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x2 = gf4_mul_2(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2);
-}
-
-static inline uint8_t gf16_squ(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- a1 = gf4_squ(a1);
- uint8_t a1squ_x2 = gf4_mul_2(a1);
- return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_is_nonzero(uint8_t a) {
- unsigned int a8 = a;
- unsigned int r = ((unsigned int)0) - a8;
- r >>= 8;
- return r & 1;
-}
-
-static inline uint8_t gf4_mul_3(uint8_t a) {
- uint8_t msk = (uint8_t)((a - 2) >> 1);
- return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1)));
-}
-static inline uint8_t gf16_mul_8(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = a >> 2;
- return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1));
-}
-
-// gf256 := gf16[X]/X^2+X+xy
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- uint8_t b0 = b & 15;
- uint8_t b1 = (b >> 4);
- uint8_t a0b0 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(a0, b0);
- uint8_t a1b1 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(a1, b1);
- uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x8 = gf16_mul_8(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8);
-}
-
-static inline uint8_t gf256_squ(uint8_t a) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- a1 = gf16_squ(a1);
- uint8_t a1squ_x8 = gf16_mul_8(a1);
- return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_inv(uint8_t a) {
- // 128+64+32+16+8+4+2 = 254
- uint8_t a2 = gf256_squ(a);
- uint8_t a4 = gf256_squ(a2);
- uint8_t a8 = gf256_squ(a4);
- uint8_t a4_2 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a4, a2);
- uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a4_2, a8);
- uint8_t a64_ = gf256_squ(a8_4_2);
- a64_ = gf256_squ(a64_);
- a64_ = gf256_squ(a64_);
- uint8_t a64_2 = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a64_, a8_4_2);
- uint8_t a128_ = gf256_squ(a64_2);
- return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(a2, a128_);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/gf.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/gf.h
deleted file mode 100644
index 75e80cc7c1..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/gf.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _GF16_H_
-#define _GF16_H_
-
-#include "rainbow_config.h"
-#include
-
-/// @file gf16.h
-/// @brief Library for arithmetics in GF(16) and GF(256)
-///
-
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b);
-
-
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_is_nonzero(uint8_t a);
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_inv(uint8_t a);
-uint8_t PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256_mul(uint8_t a, uint8_t b);
-
-
-#endif // _GF16_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/parallel_matrix_op.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/parallel_matrix_op.c
deleted file mode 100644
index 50298156c5..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/parallel_matrix_op.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/// @file parallel_matrix_op.c
-/// @brief the standard implementations for functions in parallel_matrix_op.h
-///
-/// the standard implementations for functions in parallel_matrix_op.h
-///
-
-#include "parallel_matrix_op.h"
-#include "blas.h"
-#include "blas_comm.h"
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) {
- return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row;
-}
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix.
-///
-/// @param[in] i_row - the i-th row in a triangle matrix.
-/// @param[in] j_col - the j-th column in a triangle matrix.
-/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) {
- if (i_row > j_col) {
- return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(j_col, i_row, n_var);
- }
- return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i_row, j_col, n_var);
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) {
- unsigned char *runningC = btriC;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < i; j++) {
- unsigned int idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(j, i, Aheight);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch);
- }
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i));
- runningC += size_batch * (Aheight - i);
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (k < i) {
- continue;
- }
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- btriA += (Aheight - i) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i < k) {
- continue;
- }
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i == k) {
- continue;
- }
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Atr_height = Awidth;
- unsigned int Atr_width = Aheight;
- for (unsigned int i = 0; i < Atr_height; i++) {
- for (unsigned int j = 0; j < Atr_width; j++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth);
- }
- bC += size_batch * Bwidth;
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- const unsigned char *bA = bA_to_tr;
- unsigned int Aheight = Awidth_before_tr;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- bA += (Awidth) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) {
- unsigned char tmp[256];
-
- unsigned char _x[256];
- for (unsigned int i = 0; i < dim; i++) {
- _x[i] = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(x, i);
- }
-
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(y, size_batch);
- for (unsigned int i = 0; i < dim; i++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = i; j < dim; j++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch);
- trimat += size_batch;
- }
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch);
- }
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat,
- const unsigned char *x, unsigned dim_x, unsigned size_batch) {
- unsigned char tmp[128];
-
- unsigned char _x[128];
- for (unsigned int i = 0; i < dim_x; i++) {
- _x[i] = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(x, i);
- }
- unsigned char _y[128];
- for (unsigned int i = 0; i < dim_y; i++) {
- _y[i] = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele(y, i);
- }
-
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(z, size_batch);
- for (unsigned int i = 0; i < dim_y; i++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = 0; j < dim_x; j++) {
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch);
- mat += size_batch;
- }
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/parallel_matrix_op.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/parallel_matrix_op.h
deleted file mode 100644
index 9d5767108d..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/parallel_matrix_op.h
+++ /dev/null
@@ -1,260 +0,0 @@
-#ifndef _P_MATRIX_OP_H_
-#define _P_MATRIX_OP_H_
-/// @file parallel_matrix_op.h
-/// @brief Librarys for operations of batched matrixes.
-///
-///
-
-//////////////// Section: triangle matrix <-> rectangle matrix ///////////////////////////////////
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim);
-
-///
-/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix.
-///
-/// @param[out] btriC - the batched upper-trianglized matrix C.
-/// @param[in] bA - a batched retangle matrix A.
-/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch);
-
-//////////////////// Section: matrix multiplications ///////////////////////////////
-
-///
-/// @brief bC += btriA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf16(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-//////////////////// Section: "quadratric" matrix evaluation ///////////////////////////////
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(16)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(256)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(16)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(256)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-#endif // _P_MATRIX_OP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow.c
deleted file mode 100644
index 0f8265cb53..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/// @file rainbow.c
-/// @brief The standard implementations for functions in rainbow.h
-///
-
-#include "blas.h"
-#include "parallel_matrix_op.h"
-#include "rainbow.h"
-#include "rainbow_blas.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "utils_hash.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-#define MAX_ATTEMPT_FRMAT 128
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) {
- uint8_t mat_l1[_O1 * _O1_BYTE];
- uint8_t mat_l2[_O2 * _O2_BYTE];
- uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE];
-
- // setup PRNG
- prng_t prng_sign;
- uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN];
- memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED);
- memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest
- uint8_t prng_seed[_HASH_LEN];
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest )
- for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) {
- prng_preseed[i] ^= prng_preseed[i]; // clean
- }
- for (unsigned int i = 0; i < _HASH_LEN; i++) {
- prng_seed[i] ^= prng_seed[i]; // clean
- }
-
- // roll vinegars.
- uint8_t vinegar[_V1_BYTE];
- unsigned int n_attempt = 0;
- unsigned int l1_succ = 0;
- while (!l1_succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars
- gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1
- l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable
- n_attempt++;
- }
-
- // Given the vinegars, pre-compute variables needed for layer 2
- uint8_t r_l1_F1[_O1_BYTE] = {0};
- uint8_t r_l2_F1[_O2_BYTE] = {0};
- batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE);
- batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE);
- uint8_t mat_l2_F3[_O2 * _O2_BYTE];
- uint8_t mat_l2_F2[_O1 * _O2_BYTE];
- gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar);
- gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar);
-
- // Some local variables.
- uint8_t _z[_PUB_M_BYTE];
- uint8_t y[_PUB_M_BYTE];
- uint8_t *x_v1 = vinegar;
- uint8_t x_o1[_O1_BYTE];
- uint8_t x_o2[_O2_BYTE];
-
- uint8_t digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, _digest, _HASH_LEN);
- uint8_t *salt = digest_salt + _HASH_LEN;
-
- uint8_t temp_o[_MAX_O_BYTE + 32] = {0};
- unsigned int succ = 0;
- while (!succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w
-
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt)
-
- // y = S^-1 * z
- memcpy(y, _z, _PUB_M_BYTE); // identity part of S
- gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(y, temp_o, _O1_BYTE);
-
- // Central Map:
- // layer 1: calculate x_o1
- memcpy(temp_o, r_l1_F1, _O1_BYTE);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y, _O1_BYTE);
- gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o);
-
- // layer 2: calculate x_o2
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE);
- gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2
- batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE);
-
- // generate the linear equations of the 2nd layer
- gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3
- succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer);
- gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs
-
- n_attempt++;
- };
- // w = T^-1 * y
- uint8_t w[_PUB_N_BYTE];
- // identity part of T.
- memcpy(w, x_v1, _V1_BYTE);
- memcpy(w + _V1_BYTE, x_o1, _O1_BYTE);
- memcpy(w + _V2_BYTE, x_o2, _O2_BYTE);
- // Computing the t1 part.
- gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t4 part.
- gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t3 part.
- gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE);
-
- memset(signature, 0, _SIGNATURE_BYTE); // set the output 0
- // clean
- memset(&prng_sign, 0, sizeof(prng_t));
- memset(vinegar, 0, _V1_BYTE);
- memset(r_l1_F1, 0, _O1_BYTE);
- memset(r_l2_F1, 0, _O2_BYTE);
- memset(_z, 0, _PUB_M_BYTE);
- memset(y, 0, _PUB_M_BYTE);
- memset(x_o1, 0, _O1_BYTE);
- memset(x_o2, 0, _O2_BYTE);
- memset(temp_o, 0, sizeof(temp_o));
-
- // return: copy w and salt to the signature.
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- return -1;
- }
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE);
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) {
- unsigned char digest_ck[_PUB_M_BYTE];
- // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials.
- batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE);
-
- unsigned char correct[_PUB_M_BYTE];
- unsigned char digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, digest, _HASH_LEN);
- memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt )
-
- // check consistancy.
- unsigned char cc = 0;
- for (unsigned int i = 0; i < _PUB_M_BYTE; i++) {
- cc |= (digest_ck[i] ^ correct[i]);
- }
- return (0 == cc) ? 0 : -1;
-}
-
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) {
- unsigned char pk[sizeof(pk_t) + 32];
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key.
- return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow.h
deleted file mode 100644
index 95c02d0832..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow.h
+++ /dev/null
@@ -1,42 +0,0 @@
-#ifndef _RAINBOW_H_
-#define _RAINBOW_H_
-/// @file rainbow.h
-/// @brief APIs for rainbow.
-///
-
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-
-#include
-
-///
-/// @brief Signing function for classical secret key.
-///
-/// @param[out] signature - the signature.
-/// @param[in] sk - the secret key.
-/// @param[in] digest - the digest.
-///
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest);
-
-///
-/// @brief Verifying function.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk);
-
-
-///
-/// @brief Verifying function for cyclic public keys.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key of cyclic rainbow.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk);
-
-#endif // _RAINBOW_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_blas.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_blas.h
deleted file mode 100644
index d7275d52be..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_blas.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef _RAINBOW_BLAS_H_
-#define _RAINBOW_BLAS_H_
-/// @file rainbow_blas.h
-/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-///
-/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-
-#include "blas.h"
-#include "blas_comm.h"
-#include "parallel_matrix_op.h"
-#include "rainbow_config.h"
-
-
-#define gfv_get_ele PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_get_ele
-#define gfv_mul_scalar PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_mul_scalar
-#define gfv_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_madd
-
-#define gfmat_prod PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_prod
-#define gfmat_inv PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256mat_inv
-
-#define batch_trimat_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256
-#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256
-#define batch_2trimat_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256
-#define batch_matTr_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256
-#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256
-#define batch_mat_madd PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256
-
-#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256
-#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256
-
-
-#endif // _RAINBOW_BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_config.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_config.h
deleted file mode 100644
index f3cbb700ba..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_config.h
+++ /dev/null
@@ -1,48 +0,0 @@
-#ifndef _H_RAINBOW_CONFIG_H_
-#define _H_RAINBOW_CONFIG_H_
-
-/// @file rainbow_config.h
-/// @brief Defining the parameters of the Rainbow and the corresponding constants.
-///
-
-#define _GFSIZE 256
-#define _V1 68
-#define _O1 32
-#define _O2 48
-#define _MAX_O 48
-#define _HASH_LEN 48
-
-
-#define _V2 ((_V1) + (_O1))
-
-/// size of N, in # of gf elements.
-#define _PUB_N (_V1 + _O1 + _O2)
-
-/// size of M, in # gf elements.
-#define _PUB_M (_O1 + _O2)
-
-/// size of variables, in # bytes.
-
-// GF256
-#define _V1_BYTE (_V1)
-#define _V2_BYTE (_V2)
-#define _O1_BYTE (_O1)
-#define _O2_BYTE (_O2)
-#define _MAX_O_BYTE (_MAX_O)
-#define _PUB_N_BYTE (_PUB_N)
-#define _PUB_M_BYTE (_PUB_M)
-
-
-/// length of seed for public key, in # bytes
-#define LEN_PKSEED 32
-
-/// length of seed for secret key, in # bytes
-#define LEN_SKSEED 32
-
-/// length of salt for a signature, in # bytes
-#define _SALT_BYTE 16
-
-/// length of a signature
-#define _SIGNATURE_BYTE (_PUB_N_BYTE + _SALT_BYTE)
-
-#endif // _H_RAINBOW_CONFIG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair.c
deleted file mode 100644
index 33fd81b284..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair.c
+++ /dev/null
@@ -1,186 +0,0 @@
-/// @file rainbow_keypair.c
-/// @brief implementations of functions in rainbow_keypair.h
-///
-
-#include "rainbow_keypair.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair_computation.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-static
-void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) {
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->s1);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t1);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t4);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t3);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size );
-}
-
-
-static
-unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l1_F1);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l1_F2);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static
-unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l2_F1);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F2);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F3);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F5);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F6);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static void generate_B1_B2(unsigned char *sk, prng_t *prng0) {
- sk += generate_l1_F12(sk, prng0);
- generate_l2_F12356(sk, prng0);
-}
-
-static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) {
- // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2
- unsigned char temp[_V1_BYTE + 32];
- unsigned char *t4 = t2_to_t4;
- for (unsigned int i = 0; i < _O2; i++) { /// t3 width
- gfmat_prod(temp, t1, _V1_BYTE, _O1, t3);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(t4, temp, _V1_BYTE);
- t4 += _V1_BYTE;
- t3 += _O1_BYTE;
- }
-}
-
-static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) {
- unsigned char temp[_O1_BYTE + 32];
- while (n_terms--) {
- gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE);
- l1_polys += _O1_BYTE;
- l2_polys += _O2_BYTE;
- }
-}
-
-/////////////////// Classic //////////////////////////////////
-
-
-///////////////////// Cyclic //////////////////////////////////
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) {
- memcpy(pk->pk_seed, pk_seed, LEN_PKSEED);
- memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);
-
- // prng for sk
- prng_t prng;
- prng_t *prng0 = &prng;
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED);
- generate_S_T(sk->s1, prng0); // S,T: only a part of sk
-
- unsigned char t2[sizeof(sk->t4)];
- memcpy(t2, sk->t4, _V1_BYTE * _O2); // temporarily store t2
- calculate_t4(sk->t4, sk->t1, sk->t3); // t2 <- t4
-
- // prng for pk
- sk_t inst_Qs;
- sk_t *Qs = &inst_Qs;
- prng_t *prng1 = &prng;
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED);
- generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6
- obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1);
- obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1);
- // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6.
-
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T
-
- unsigned char t4[sizeof(sk->t4)];
- memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4
- memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9
- memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4
-
- obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1);
- obsfucate_l1_polys(pk->l1_Q5, Qs->l2_F5, N_TRIANGLE_TERMS(_O1), sk->s1);
- obsfucate_l1_polys(pk->l1_Q6, Qs->l2_F6, _O1 * _O2, sk->s1);
- obsfucate_l1_polys(pk->l1_Q9, pk->l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1);
-
- // clean
- memset(&prng, 0, sizeof(prng_t));
-}
-
-
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) {
- // procedure: cpk_t --> extcpk_t --> pk_t
-
- // convert from cpk_t to extcpk_t
- ext_cpk_t pk;
-
- // setup prng
- prng_t prng0;
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED);
-
- // generating parts of key with prng
- generate_l1_F12(pk.l1_Q1, &prng0);
- // copying parts of key from input. l1_Q3, l1_Q5, l1_Q6, l1_Q9
- memcpy(pk.l1_Q3, cpk->l1_Q3, _O1_BYTE * (_V1 * _O2 + N_TRIANGLE_TERMS(_O1) + _O1 * _O2 + N_TRIANGLE_TERMS(_O2)));
-
- // generating parts of key with prng
- generate_l2_F12356(pk.l2_Q1, &prng0);
- // copying parts of key from input: l2_Q9
- memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
-
- // convert from extcpk_t to pk_t
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_extcpk_to_pk(rpk, &pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair.h
deleted file mode 100644
index c042135cf2..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair.h
+++ /dev/null
@@ -1,94 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_H_
-#define _RAINBOW_KEYPAIR_H_
-/// @file rainbow_keypair.h
-/// @brief Formats of key pairs and functions for generating key pairs.
-/// Formats of key pairs and functions for generating key pairs.
-///
-
-#include "rainbow_config.h"
-
-#define N_TRIANGLE_TERMS(n_var) ((n_var) * ((n_var) + 1) / 2)
-
-/// @brief public key for classic rainbow
-///
-/// public key for classic rainbow
-///
-typedef struct rainbow_publickey {
- unsigned char pk[(_PUB_M_BYTE)*N_TRIANGLE_TERMS(_PUB_N)];
-} pk_t;
-
-/// @brief secret key for classic rainbow
-///
-/// secret key for classic rainbow
-///
-typedef struct rainbow_secretkey {
- ///
- /// seed for generating secret key.
- /// Generating S, T, and F for classic rainbow.
- /// Generating S and T only for cyclic rainbow.
- unsigned char sk_seed[LEN_SKSEED];
-
- unsigned char s1[_O1_BYTE * _O2]; ///< part of S map
- unsigned char t1[_V1_BYTE * _O1]; ///< part of T map
- unsigned char t4[_V1_BYTE * _O2]; ///< part of T map
- unsigned char t3[_O1_BYTE * _O2]; ///< part of T map
-
- unsigned char l1_F1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer1
- unsigned char l1_F2[_O1_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer1
-
- unsigned char l2_F1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer2
- unsigned char l2_F2[_O2_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer2
-
- unsigned char l2_F3[_O2_BYTE * _V1 * _O2]; ///< part of C-map, F3, Layer2
- unsigned char l2_F5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< part of C-map, F5, Layer2
- unsigned char l2_F6[_O2_BYTE * _O1 * _O2]; ///< part of C-map, F6, Layer2
-} sk_t;
-
-/// @brief public key for cyclic rainbow
-///
-/// public key for cyclic rainbow
-///
-typedef struct rainbow_publickey_cyclic {
- unsigned char pk_seed[LEN_PKSEED]; ///< seed for generating l1_Q1,l1_Q2,l2_Q1,l2_Q2,l2_Q3,l2_Q5,l2_Q6
-
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2]; ///< Q3, layer1
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< Q5, layer1
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2]; ///< Q6, layer1
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)]; ///< Q9, layer1
-
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)]; ///< Q9, layer2
-} cpk_t;
-
-/// @brief compressed secret key for cyclic rainbow
-///
-/// compressed secret key for cyclic rainbow
-///
-typedef struct rainbow_secretkey_cyclic {
- unsigned char pk_seed[LEN_PKSEED]; ///< seed for generating a part of public key.
- unsigned char sk_seed[LEN_SKSEED]; ///< seed for generating a part of secret key.
-} csk_t;
-
-
-///
-/// @brief Generate key pairs for cyclic rainbow.
-///
-/// @param[out] pk - the public key.
-/// @param[out] sk - the secret key.
-/// @param[in] pk_seed - seed for generating parts of public key.
-/// @param[in] sk_seed - seed for generating secret key.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed);
-
-
-
-////////////////////////////////////
-
-///
-/// @brief converting formats of public keys : from cyclic version to classic key
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the cyclic public key.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk);
-
-#endif // _RAINBOW_KEYPAIR_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair_computation.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair_computation.c
deleted file mode 100644
index 073aaf1dc3..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair_computation.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/// @file rainbow_keypair_computation.c
-/// @brief Implementations for functions in rainbow_keypair_computation.h
-///
-
-#include "rainbow_keypair_computation.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair.h"
-#include
-#include
-#include
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) {
- const unsigned char *idx_l1 = cpk->l1_Q1;
- const unsigned char *idx_l2 = cpk->l2_Q1;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = i; j < _V1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q2;
- idx_l2 = cpk->l2_Q2;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q3;
- idx_l2 = cpk->l2_Q3;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q5;
- idx_l2 = cpk->l2_Q5;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = i; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q6;
- idx_l2 = cpk->l2_Q6;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q9;
- idx_l2 = cpk->l2_Q9;
- for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) {
- for (unsigned int j = i; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
-}
-
-static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) {
- // Layer 1
- // F_sk.l1_F1s[i] = Q_pk.l1_F1s[i]
- memcpy(Fs->l1_F1, Qs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1));
-
- // F_sk.l1_F2s[i] = ( Q_pk.l1_F1s[i] + Q_pk.l1_F1s[i].transpose() ) * T_sk.t1 + Q_pk.l1_F2s[i]
- memcpy(Fs->l1_F2, Qs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_2trimat_madd(Fs->l1_F2, Qs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE);
-
- /*
- Layer 2
- computations:
-
- F_sk.l2_F1s[i] = Q_pk.l2_F1s[i]
-
- Q1_T1 = Q_pk.l2_F1s[i]*T_sk.t1
- F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1
- F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i]
-
- Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4
- #Q1_Q1T_T4 = Q1_Q1T * t4
- Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3
- F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i]
- F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- + Q_pk.l2_F2s[i].transpose() * t4
- + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i]
-
- */
- memcpy(Fs->l2_F1, Qs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // F_sk.l2_F1s[i] = Q_pk.l2_F1s[i]
-
- // F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1
- // F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i]
- memcpy(Fs->l2_F2, Qs->l2_F2, _O2_BYTE * _V1 * _O1);
- batch_trimat_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q1_T1+ Q2
-
- unsigned char tempQ[_O1 * _O1 * _O2_BYTE + 32];
- memset(tempQ, 0, _O1 * _O1 * _O2_BYTE);
- batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2)
- memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... )
-
- batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1
-
- // Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4
- // Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3
- // F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i]
- memcpy(Fs->l2_F3, Qs->l2_F3, _V1 * _O2 * _O2_BYTE);
- batch_2trimat_madd(Fs->l2_F3, Qs->l2_F1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); // Q1_Q1T_T4
- batch_mat_madd(Fs->l2_F3, Qs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // Q2_T3
-
- // F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- // + Q_pk.l2_F2s[i].transpose() * t4
- // + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i]
- memcpy(Fs->l2_F6, Qs->l2_F6, _O1 * _O2 * _O2_BYTE);
- batch_matTr_madd(Fs->l2_F6, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F3, _O2, _O2_BYTE); // t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- batch_2trimat_madd(Fs->l2_F6, Qs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3
- batch_bmatTr_madd(Fs->l2_F6, Qs->l2_F2, _O1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE);
-}
-
-#define _SIZE_BUFFER_F2 (_O2_BYTE * _V1 * _O2)
-#define _SIZE_BUFFER_F3 (_O2_BYTE * _V1 * _O2)
-static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- // Layer 1: Computing Q5, Q3, Q6, Q9
-
- // Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) )
- const unsigned char *t2 = Ts->t4;
-
- // assuming _O2 >= _O1
-
- unsigned char buffer_F2[_SIZE_BUFFER_F2];
- memcpy(buffer_F2, Fs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_trimat_madd( buffer_F2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2
-
- // assuming _O2 >= _O1
- unsigned char buffer_F3[_SIZE_BUFFER_F3];
- memset(buffer_F3, 0, _O1_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F3, Ts->t1, _V1, _V1_BYTE, _O1, buffer_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) , release buffer_F2
- memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1));
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q5, buffer_F3, _O1, _O1_BYTE); // UT( ... ) // Q5 , release buffer_F3
- /*
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
- Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3
- Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2
- Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) )
- */
- memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2);
- memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2);
- memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2));
-
- batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2
- batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F
- memset(buffer_F3, 0, _O1_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F3, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 )
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q9, buffer_F3, _O2, _O1_BYTE); // Q9 , release buffe
- batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 /
- batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2
- batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6
- /*
- Layer 2
- Computing
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) )
- */
- memcpy(buffer_F3, Fs->l2_F3, _O2_BYTE * _V1 * _O2);
- batch_trimat_madd(buffer_F3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3
- batch_mat_madd(buffer_F3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3
- memset(buffer_F2, 0, _O2_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F2, t2, _V1, _V1_BYTE, _O2, buffer_F3, _O2, _O2_BYTE); // T2tr * ( ..... ) , release buffe
- memcpy(buffer_F3, Fs->l2_F6, _O2_BYTE * _O1 * _O2);
- batch_trimat_madd(buffer_F3, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6
- batch_matTr_madd(buffer_F2, Ts->t3, _O1, _O1_BYTE, _O2, buffer_F3, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... )
- memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l2_Q9, buffer_F2, _O2, _O2_BYTE); // Q9
- memset(buffer_F2, 0, _SIZE_BUFFER_F2);
- memset(buffer_F3, 0, _SIZE_BUFFER_F3);
-}
-
-// Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_
-#define calculate_F_from_Q_impl calculate_F_from_Q_ref
-#define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) {
- calculate_F_from_Q_impl(Fs, Qs, Ts);
-}
-
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair_computation.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair_computation.h
deleted file mode 100644
index bfb862cb46..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/rainbow_keypair_computation.h
+++ /dev/null
@@ -1,71 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_COMP_H_
-#define _RAINBOW_KEYPAIR_COMP_H_
-/// @file rainbow_keypair_computation.h
-/// @brief Functions for calculating pk/sk while generating keys.
-///
-/// Defining an internal structure of public key.
-/// Functions for calculating pk/sk for key generation.
-///
-
-#include "rainbow_keypair.h"
-
-/// @brief The (internal use) public key for rainbow
-///
-/// The (internal use) public key for rainbow. The public
-/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9,
-/// l2_Q1, .... , l2_Q9.
-///
-typedef struct rainbow_extend_publickey {
- unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l1_Q2[_O1_BYTE * _V1 * _O1];
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2];
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2];
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)];
-
- unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l2_Q2[_O2_BYTE * _V1 * _O1];
- unsigned char l2_Q3[_O2_BYTE * _V1 * _O2];
- unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l2_Q6[_O2_BYTE * _O1 * _O2];
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)];
-} ext_cpk_t;
-
-///
-/// @brief converting formats of public keys : from ext_cpk_t version to pk_t
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the internel public key.
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk);
-/////////////////////////////////////////////////
-
-///
-/// @brief Computing public key from secret key
-///
-/// @param[out] Qs - the public key
-/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the secret key: T1, T4, T3
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-
-///
-/// @brief Computing parts of the sk from parts of pk and sk
-///
-/// @param[out] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6
-/// @param[in] Ts - parts of the sk: T1, T4, T3
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts);
-
-///
-/// @brief Computing parts of the pk from the secret key
-///
-/// @param[out] Qs - parts of the pk: l1_Q3, l1_Q5, l2_Q6, l1_Q9, l2_Q9
-/// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the sk: T1, T4, T3
-///
-void PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-#endif // _RAINBOW_KEYPAIR_COMP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/sign.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/sign.c
deleted file mode 100644
index bc108be27c..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/sign.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/// @file sign.c
-/// @brief the implementations for functions in api.h
-///
-///
-
-#include "api.h"
-#include "rainbow.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) {
- unsigned char sk_seed[LEN_SKSEED] = {0};
- randombytes(sk_seed, LEN_SKSEED);
-
- unsigned char pk_seed[LEN_PKSEED] = {0};
- randombytes(pk_seed, LEN_PKSEED);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_generate_keypair_cyclic((cpk_t *)pk, (sk_t *)sk, pk_seed, sk_seed);
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
-
- memcpy(sm, m, mlen);
- smlen[0] = mlen + _SIGNATURE_BYTE;
-
- return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) {
- int rc;
- if (_SIGNATURE_BYTE > smlen) {
- rc = -1;
- } else {
- *mlen = smlen - _SIGNATURE_BYTE;
-
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen);
-
- rc = PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk);
- }
- if (!rc) {
- memmove(m, sm, smlen - _SIGNATURE_BYTE);
- } else { // bad signature
- *mlen = (size_t) -1;
- memset(m, 0, smlen);
- }
- return rc;
-}
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- *siglen = _SIGNATURE_BYTE;
- return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk) {
- if (siglen != _SIGNATURE_BYTE) {
- return -1;
- }
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- return PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_hash.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_hash.c
deleted file mode 100644
index 05d6b572a6..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_hash.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/// @file utils_hash.c
-/// @brief the adapter for SHA2 families.
-///
-///
-
-#include "utils_hash.h"
-#include "rainbow_config.h"
-#include "sha2.h"
-
-static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) {
- sha384(digest, m, mlen);
- return 0;
-}
-
-static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsigned char *hash) {
- if (_HASH_LEN >= n_digest) {
- for (size_t i = 0; i < n_digest; i++) {
- digest[i] = hash[i];
- }
- return 0;
- }
- for (size_t i = 0; i < _HASH_LEN; i++) {
- digest[i] = hash[i];
- }
- n_digest -= _HASH_LEN;
-
- while (_HASH_LEN <= n_digest) {
- h(digest + _HASH_LEN, digest, _HASH_LEN);
-
- n_digest -= _HASH_LEN;
- digest += _HASH_LEN;
- }
- unsigned char temp[_HASH_LEN];
- if (n_digest) {
- h(temp, digest, _HASH_LEN);
- for (size_t i = 0; i < n_digest; i++) {
- digest[_HASH_LEN + i] = temp[i];
- }
- }
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest,
- size_t len_digest,
- const unsigned char *m,
- size_t mlen) {
- unsigned char buf[_HASH_LEN];
- h(buf, m, mlen);
- return expand_hash(digest, len_digest, buf);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_hash.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_hash.h
deleted file mode 100644
index 5a13e3f4cc..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_hash.h
+++ /dev/null
@@ -1,11 +0,0 @@
-#ifndef _UTILS_HASH_H_
-#define _UTILS_HASH_H_
-/// @file utils_hash.h
-/// @brief the interface for adapting hash functions.
-///
-
-#include
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen);
-
-#endif // _UTILS_HASH_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_prng.c b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_prng.c
deleted file mode 100644
index 9a381bcb71..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_prng.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/// @file utils_prng.c
-/// @brief The implementation of PRNG related functions.
-///
-
-#include "utils_prng.h"
-#include "aes.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-static void prng_update(const unsigned char *provided_data,
- unsigned char *Key,
- unsigned char *V) {
- unsigned char temp[48];
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, Key);
- for (int i = 0; i < 3; i++) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (V[j] == 0xff) {
- V[j] = 0x00;
- } else {
- V[j]++;
- break;
- }
- }
- aes256_ecb(temp + 16 * i, V, 1, &ctx);
- }
- if (provided_data != NULL) {
- for (int i = 0; i < 48; i++) {
- temp[i] ^= provided_data[i];
- }
- }
- aes256_ctx_release(&ctx);
- memcpy(Key, temp, 32);
- memcpy(V, temp + 32, 16);
-}
-static void randombytes_init_with_state(prng_t *state,
- unsigned char *entropy_input_48bytes) {
- memset(state->Key, 0x00, 32);
- memset(state->V, 0x00, 16);
- prng_update(entropy_input_48bytes, state->Key, state->V);
-}
-
-static int randombytes_with_state(prng_t *state,
- unsigned char *x,
- size_t xlen) {
-
- unsigned char block[16];
- int i = 0;
-
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, state->Key);
-
- while (xlen > 0) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (state->V[j] == 0xff) {
- state->V[j] = 0x00;
- } else {
- state->V[j]++;
- break;
- }
- }
- aes256_ecb(block, state->V, 1, &ctx);
- if (xlen > 15) {
- memcpy(x + i, block, 16);
- i += 16;
- xlen -= 16;
- } else {
- memcpy(x + i, block, xlen);
- xlen = 0;
- }
- }
- aes256_ctx_release(&ctx);
- prng_update(NULL, state->Key, state->V);
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) {
- unsigned char seed[48];
- if (prng_seedlen >= 48) {
- memcpy(seed, prng_seed, 48);
- } else {
- memcpy(seed, prng_seed, prng_seedlen);
- PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen);
- }
-
- randombytes_init_with_state(ctx, seed);
-
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) {
- return randombytes_with_state(ctx, out, outlen);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_prng.h b/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_prng.h
deleted file mode 100644
index 52cbb4d880..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-circumzenithal_clean/utils_prng.h
+++ /dev/null
@@ -1,18 +0,0 @@
-#ifndef _UTILS_PRNG_H_
-#define _UTILS_PRNG_H_
-/// @file utils_prng.h
-/// @brief the interface for adapting PRNG functions.
-///
-///
-
-#include "randombytes.h"
-
-typedef struct {
- unsigned char Key[32];
- unsigned char V[16];
-} prng_t;
-
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen);
-int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen);
-
-#endif // _UTILS_PRNG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/LICENSE b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/LICENSE
deleted file mode 100644
index cb00a6e354..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/LICENSE
+++ /dev/null
@@ -1,8 +0,0 @@
-`Software implementation of Rainbow for NIST R2 submission' by Ming-Shing Chen
-
-To the extent possible under law, the person who associated CC0 with
-`Software implementation of Rainbow for NIST R2 submission' has waived all copyright and related or neighboring rights
-to `Software implementation of Rainbow for NIST R2 submission'.
-
-You should have received a copy of the CC0 legalcode along with this
-work. If not, see .
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/api.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/api.h
deleted file mode 100644
index 8b4d1661e1..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/api.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef PQCLEAN_RAINBOWIIICLASSIC_CLEAN_API_H
-#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_API_H
-
-#include
-#include
-
-#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 626048
-#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 882080
-#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_BYTES 164
-#define PQCLEAN_RAINBOWIIICLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,32,48) - classic"
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk);
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
- const uint8_t *m, size_t mlen,
- const uint8_t *sk);
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
- const uint8_t *sm, size_t smlen,
- const uint8_t *pk);
-
-
-#endif
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas.c
deleted file mode 100644
index aaaefdf586..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas.c
+++ /dev/null
@@ -1,31 +0,0 @@
-#include "blas.h"
-#include "gf.h"
-
-#include
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) {
- uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate);
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= (a[i] & pr_u8);
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= a[i];
- }
-}
-
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- a[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a[i], b);
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_c[i] ^= PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a[i], gf256_b);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas.h
deleted file mode 100644
index 035cec12d6..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _BLAS_H_
-#define _BLAS_H_
-/// @file blas.h
-/// @brief Functions for implementing basic linear algebra functions.
-///
-
-#include "rainbow_config.h"
-#include
-#include
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte);
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte);
-
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte);
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte);
-
-
-#endif // _BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas_comm.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas_comm.c
deleted file mode 100644
index 77aedcd5b0..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas_comm.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/// @file blas_comm.c
-/// @brief The standard implementations for blas_comm.h
-///
-
-#include "blas_comm.h"
-#include "blas.h"
-#include "gf.h"
-#include "rainbow_config.h"
-
-#include
-#include
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- b[i] = 0;
- }
-}
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) {
- return a[i];
-}
-
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) {
- uint8_t r = 0;
- while (_num_byte--) {
- r |= a[0];
- a++;
- }
- return (0 == r);
-}
-
-/// polynomial multplication
-/// School boook
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1);
- for (unsigned int i = 0; i < _num; i++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(c + i, a, b[i], _num);
- }
-}
-
-static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte);
- for (unsigned int i = 0; i < n_A_width; i++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte);
- matA += n_A_vec_byte;
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) {
- unsigned int n_vec_byte = len_vec;
- for (unsigned int k = 0; k < len_vec; k++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte);
- const uint8_t *bk = b + n_vec_byte * k;
- for (unsigned int i = 0; i < len_vec; i++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte);
- }
- c += n_vec_byte;
- }
-}
-
-static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) {
- unsigned int r8 = 1;
-
- for (unsigned int i = 0; i < h; i++) {
- uint8_t *ai = mat + w * i;
- unsigned int skip_len_align4 = i & ((unsigned int)~0x3);
-
- for (unsigned int j = i + 1; j < h; j++) {
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4);
- }
- r8 &= PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(ai[i]);
- uint8_t pivot = ai[i];
- pivot = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_inv(pivot);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4);
- for (unsigned int j = 0; j < h; j++) {
- if (i == j) {
- continue;
- }
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4);
- }
- }
-
- return r8;
-}
-
-static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- uint8_t mat[64 * 64];
- for (unsigned int i = 0; i < n; i++) {
- memcpy(mat + i * (n + 1), inp_mat + i * n, n);
- mat[i * (n + 1) + n] = c_terms[i];
- }
- unsigned int r8 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1);
- for (unsigned int i = 0; i < n; i++) {
- sol[i] = mat[i * (n + 1) + n];
- }
- return r8;
-}
-
-static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) {
- for (unsigned int i = 0; i < h; i++) {
- for (unsigned int j = 0; j < w2; j++) {
- mat2[i * w2 + j] = mat[i * w + st + j];
- }
- }
-}
-
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) {
- uint8_t *aa = buffer;
- for (unsigned int i = 0; i < H; i++) {
- uint8_t *ai = aa + i * 2 * H;
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(ai, 2 * H);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(ai, a + i * H, H);
- ai[H + i] = 1;
- }
- unsigned int r8 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H);
- gf256mat_submat(inv_a, H, H, aa, 2 * H, H);
- return r8;
-}
-
-
-// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE
-
-#define gf256mat_prod_impl gf256mat_prod_ref
-#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref
-#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b);
-}
-
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) {
- return gf256mat_gauss_elim_impl(mat, h, w);
-}
-
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n);
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas_comm.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas_comm.h
deleted file mode 100644
index c21256e7bd..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/blas_comm.h
+++ /dev/null
@@ -1,90 +0,0 @@
-#ifndef _BLAS_COMM_H_
-#define _BLAS_COMM_H_
-/// @file blas_comm.h
-/// @brief Common functions for linear algebra.
-///
-
-#include "rainbow_config.h"
-#include
-
-/// @brief set a vector to 0.
-///
-/// @param[in,out] b - the vector b.
-/// @param[in] _num_byte - number of bytes for the vector b.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte);
-
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i);
-
-/// @brief check if a vector is 0.
-///
-/// @param[in] a - the vector a.
-/// @param[in] _num_byte - number of bytes for the vector a.
-/// @return 1(true) if a is 0. 0(false) else.
-///
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte);
-
-/// @brief polynomial multiplication: c = a*b
-///
-/// @param[out] c - the output polynomial c
-/// @param[in] a - the vector a.
-/// @param[in] b - the vector b.
-/// @param[in] _num - number of elements for the polynomials a and b.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num);
-
-/// @brief matrix-vector multiplication: c = matA * b , in GF(256)
-///
-/// @param[out] c - the output vector c
-/// @param[in] matA - a column-major matrix A.
-/// @param[in] n_A_vec_byte - the size of column vectors in bytes.
-/// @param[in] n_A_width - the width of matrix A.
-/// @param[in] b - the vector b.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b);
-
-/// @brief matrix-matrix multiplication: c = a * b , in GF(256)
-///
-/// @param[out] c - the output matrix c
-/// @param[in] c - a matrix a.
-/// @param[in] b - a matrix b.
-/// @param[in] len_vec - the length of column vectors.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec);
-
-/// @brief Gauss elimination for a matrix, in GF(256)
-///
-/// @param[in,out] mat - the matrix.
-/// @param[in] h - the height of the matrix.
-/// @param[in] w - the width of the matrix.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w);
-
-/// @brief Solving linear equations, in GF(256)
-///
-/// @param[out] sol - the solutions.
-/// @param[in] inp_mat - the matrix parts of input equations.
-/// @param[in] c_terms - the constant terms of the input equations.
-/// @param[in] n - the number of equations.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n);
-
-/// @brief Computing the inverse matrix, in GF(256)
-///
-/// @param[out] inv_a - the output of matrix a.
-/// @param[in] a - a matrix a.
-/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix.
-/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer);
-
-#endif // _BLAS_COMM_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/gf.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/gf.c
deleted file mode 100644
index b6043f9a63..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/gf.c
+++ /dev/null
@@ -1,91 +0,0 @@
-#include "gf.h"
-
-//// gf4 := gf2[x]/x^2+x+1
-static inline uint8_t gf4_mul_2(uint8_t a) {
- uint8_t r = (uint8_t)(a << 1);
- r ^= (uint8_t)((a >> 1) * 7);
- return r;
-}
-
-static inline uint8_t gf4_mul(uint8_t a, uint8_t b) {
- uint8_t r = (uint8_t)(a * (b & 1));
- return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1));
-}
-
-static inline uint8_t gf4_squ(uint8_t a) {
- return a ^ (a >> 1);
-}
-
-//// gf16 := gf4[y]/y^2+y+x
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- uint8_t b0 = b & 3;
- uint8_t b1 = (b >> 2);
- uint8_t a0b0 = gf4_mul(a0, b0);
- uint8_t a1b1 = gf4_mul(a1, b1);
- uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x2 = gf4_mul_2(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2);
-}
-
-static inline uint8_t gf16_squ(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- a1 = gf4_squ(a1);
- uint8_t a1squ_x2 = gf4_mul_2(a1);
- return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(uint8_t a) {
- unsigned int a8 = a;
- unsigned int r = ((unsigned int)0) - a8;
- r >>= 8;
- return r & 1;
-}
-
-static inline uint8_t gf4_mul_3(uint8_t a) {
- uint8_t msk = (uint8_t)((a - 2) >> 1);
- return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1)));
-}
-static inline uint8_t gf16_mul_8(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = a >> 2;
- return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1));
-}
-
-// gf256 := gf16[X]/X^2+X+xy
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- uint8_t b0 = b & 15;
- uint8_t b1 = (b >> 4);
- uint8_t a0b0 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(a0, b0);
- uint8_t a1b1 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(a1, b1);
- uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x8 = gf16_mul_8(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8);
-}
-
-static inline uint8_t gf256_squ(uint8_t a) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- a1 = gf16_squ(a1);
- uint8_t a1squ_x8 = gf16_mul_8(a1);
- return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_inv(uint8_t a) {
- // 128+64+32+16+8+4+2 = 254
- uint8_t a2 = gf256_squ(a);
- uint8_t a4 = gf256_squ(a2);
- uint8_t a8 = gf256_squ(a4);
- uint8_t a4_2 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a4, a2);
- uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a4_2, a8);
- uint8_t a64_ = gf256_squ(a8_4_2);
- a64_ = gf256_squ(a64_);
- a64_ = gf256_squ(a64_);
- uint8_t a64_2 = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a64_, a8_4_2);
- uint8_t a128_ = gf256_squ(a64_2);
- return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(a2, a128_);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/gf.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/gf.h
deleted file mode 100644
index 021c161d0a..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/gf.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _GF16_H_
-#define _GF16_H_
-
-#include "rainbow_config.h"
-#include
-
-/// @file gf16.h
-/// @brief Library for arithmetics in GF(16) and GF(256)
-///
-
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b);
-
-
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_is_nonzero(uint8_t a);
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_inv(uint8_t a);
-uint8_t PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b);
-
-
-#endif // _GF16_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/parallel_matrix_op.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/parallel_matrix_op.c
deleted file mode 100644
index dae3807d69..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/parallel_matrix_op.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/// @file parallel_matrix_op.c
-/// @brief the standard implementations for functions in parallel_matrix_op.h
-///
-/// the standard implementations for functions in parallel_matrix_op.h
-///
-
-#include "parallel_matrix_op.h"
-#include "blas.h"
-#include "blas_comm.h"
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) {
- return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row;
-}
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix.
-///
-/// @param[in] i_row - the i-th row in a triangle matrix.
-/// @param[in] j_col - the j-th column in a triangle matrix.
-/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) {
- if (i_row > j_col) {
- return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var);
- }
- return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var);
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) {
- unsigned char *runningC = btriC;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < i; j++) {
- unsigned int idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(j, i, Aheight);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch);
- }
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i));
- runningC += size_batch * (Aheight - i);
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (k < i) {
- continue;
- }
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- btriA += (Aheight - i) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i < k) {
- continue;
- }
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i == k) {
- continue;
- }
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Atr_height = Awidth;
- unsigned int Atr_width = Aheight;
- for (unsigned int i = 0; i < Atr_height; i++) {
- for (unsigned int j = 0; j < Atr_width; j++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth);
- }
- bC += size_batch * Bwidth;
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- const unsigned char *bA = bA_to_tr;
- unsigned int Aheight = Awidth_before_tr;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- bA += (Awidth) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) {
- unsigned char tmp[256];
-
- unsigned char _x[256];
- for (unsigned int i = 0; i < dim; i++) {
- _x[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(x, i);
- }
-
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(y, size_batch);
- for (unsigned int i = 0; i < dim; i++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = i; j < dim; j++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch);
- trimat += size_batch;
- }
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch);
- }
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat,
- const unsigned char *x, unsigned dim_x, unsigned size_batch) {
- unsigned char tmp[128];
-
- unsigned char _x[128];
- for (unsigned int i = 0; i < dim_x; i++) {
- _x[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(x, i);
- }
- unsigned char _y[128];
- for (unsigned int i = 0; i < dim_y; i++) {
- _y[i] = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele(y, i);
- }
-
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(z, size_batch);
- for (unsigned int i = 0; i < dim_y; i++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = 0; j < dim_x; j++) {
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch);
- mat += size_batch;
- }
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/parallel_matrix_op.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/parallel_matrix_op.h
deleted file mode 100644
index 96a874c7cc..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/parallel_matrix_op.h
+++ /dev/null
@@ -1,260 +0,0 @@
-#ifndef _P_MATRIX_OP_H_
-#define _P_MATRIX_OP_H_
-/// @file parallel_matrix_op.h
-/// @brief Librarys for operations of batched matrixes.
-///
-///
-
-//////////////// Section: triangle matrix <-> rectangle matrix ///////////////////////////////////
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim);
-
-///
-/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix.
-///
-/// @param[out] btriC - the batched upper-trianglized matrix C.
-/// @param[in] bA - a batched retangle matrix A.
-/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch);
-
-//////////////////// Section: matrix multiplications ///////////////////////////////
-
-///
-/// @brief bC += btriA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-//////////////////// Section: "quadratric" matrix evaluation ///////////////////////////////
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(16)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(256)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(16)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(256)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-#endif // _P_MATRIX_OP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow.c
deleted file mode 100644
index 3d93036fb7..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/// @file rainbow.c
-/// @brief The standard implementations for functions in rainbow.h
-///
-
-#include "blas.h"
-#include "parallel_matrix_op.h"
-#include "rainbow.h"
-#include "rainbow_blas.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "utils_hash.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-#define MAX_ATTEMPT_FRMAT 128
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) {
- uint8_t mat_l1[_O1 * _O1_BYTE];
- uint8_t mat_l2[_O2 * _O2_BYTE];
- uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE];
-
- // setup PRNG
- prng_t prng_sign;
- uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN];
- memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED);
- memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest
- uint8_t prng_seed[_HASH_LEN];
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest )
- for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) {
- prng_preseed[i] ^= prng_preseed[i]; // clean
- }
- for (unsigned int i = 0; i < _HASH_LEN; i++) {
- prng_seed[i] ^= prng_seed[i]; // clean
- }
-
- // roll vinegars.
- uint8_t vinegar[_V1_BYTE];
- unsigned int n_attempt = 0;
- unsigned int l1_succ = 0;
- while (!l1_succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars
- gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1
- l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable
- n_attempt++;
- }
-
- // Given the vinegars, pre-compute variables needed for layer 2
- uint8_t r_l1_F1[_O1_BYTE] = {0};
- uint8_t r_l2_F1[_O2_BYTE] = {0};
- batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE);
- batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE);
- uint8_t mat_l2_F3[_O2 * _O2_BYTE];
- uint8_t mat_l2_F2[_O1 * _O2_BYTE];
- gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar);
- gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar);
-
- // Some local variables.
- uint8_t _z[_PUB_M_BYTE];
- uint8_t y[_PUB_M_BYTE];
- uint8_t *x_v1 = vinegar;
- uint8_t x_o1[_O1_BYTE];
- uint8_t x_o2[_O2_BYTE];
-
- uint8_t digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, _digest, _HASH_LEN);
- uint8_t *salt = digest_salt + _HASH_LEN;
-
- uint8_t temp_o[_MAX_O_BYTE + 32] = {0};
- unsigned int succ = 0;
- while (!succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w
-
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt)
-
- // y = S^-1 * z
- memcpy(y, _z, _PUB_M_BYTE); // identity part of S
- gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE);
-
- // Central Map:
- // layer 1: calculate x_o1
- memcpy(temp_o, r_l1_F1, _O1_BYTE);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE);
- gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o);
-
- // layer 2: calculate x_o2
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE);
- gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2
- batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE);
-
- // generate the linear equations of the 2nd layer
- gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3
- succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer);
- gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs
-
- n_attempt++;
- };
- // w = T^-1 * y
- uint8_t w[_PUB_N_BYTE];
- // identity part of T.
- memcpy(w, x_v1, _V1_BYTE);
- memcpy(w + _V1_BYTE, x_o1, _O1_BYTE);
- memcpy(w + _V2_BYTE, x_o2, _O2_BYTE);
- // Computing the t1 part.
- gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t4 part.
- gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t3 part.
- gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE);
-
- memset(signature, 0, _SIGNATURE_BYTE); // set the output 0
- // clean
- memset(&prng_sign, 0, sizeof(prng_t));
- memset(vinegar, 0, _V1_BYTE);
- memset(r_l1_F1, 0, _O1_BYTE);
- memset(r_l2_F1, 0, _O2_BYTE);
- memset(_z, 0, _PUB_M_BYTE);
- memset(y, 0, _PUB_M_BYTE);
- memset(x_o1, 0, _O1_BYTE);
- memset(x_o2, 0, _O2_BYTE);
- memset(temp_o, 0, sizeof(temp_o));
-
- // return: copy w and salt to the signature.
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- return -1;
- }
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE);
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) {
- unsigned char digest_ck[_PUB_M_BYTE];
- // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials.
- batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE);
-
- unsigned char correct[_PUB_M_BYTE];
- unsigned char digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, digest, _HASH_LEN);
- memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt )
-
- // check consistancy.
- unsigned char cc = 0;
- for (unsigned int i = 0; i < _PUB_M_BYTE; i++) {
- cc |= (digest_ck[i] ^ correct[i]);
- }
- return (0 == cc) ? 0 : -1;
-}
-
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow.h
deleted file mode 100644
index 7d72637df8..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow.h
+++ /dev/null
@@ -1,33 +0,0 @@
-#ifndef _RAINBOW_H_
-#define _RAINBOW_H_
-/// @file rainbow.h
-/// @brief APIs for rainbow.
-///
-
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-
-#include
-
-///
-/// @brief Signing function for classical secret key.
-///
-/// @param[out] signature - the signature.
-/// @param[in] sk - the secret key.
-/// @param[in] digest - the digest.
-///
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest);
-
-///
-/// @brief Verifying function.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk);
-
-
-
-#endif // _RAINBOW_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_blas.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_blas.h
deleted file mode 100644
index c5c5482968..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_blas.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef _RAINBOW_BLAS_H_
-#define _RAINBOW_BLAS_H_
-/// @file rainbow_blas.h
-/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-///
-/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-
-#include "blas.h"
-#include "blas_comm.h"
-#include "parallel_matrix_op.h"
-#include "rainbow_config.h"
-
-
-#define gfv_get_ele PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_get_ele
-#define gfv_mul_scalar PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_mul_scalar
-#define gfv_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_madd
-
-#define gfmat_prod PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_prod
-#define gfmat_inv PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256mat_inv
-
-#define batch_trimat_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimat_madd_gf256
-#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_trimatTr_madd_gf256
-#define batch_2trimat_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_2trimat_madd_gf256
-#define batch_matTr_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_matTr_madd_gf256
-#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_bmatTr_madd_gf256
-#define batch_mat_madd PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_mat_madd_gf256
-
-#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_trimat_eval_gf256
-#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICLASSIC_CLEAN_batch_quad_recmat_eval_gf256
-
-
-#endif // _RAINBOW_BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_config.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_config.h
deleted file mode 100644
index f3cbb700ba..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_config.h
+++ /dev/null
@@ -1,48 +0,0 @@
-#ifndef _H_RAINBOW_CONFIG_H_
-#define _H_RAINBOW_CONFIG_H_
-
-/// @file rainbow_config.h
-/// @brief Defining the parameters of the Rainbow and the corresponding constants.
-///
-
-#define _GFSIZE 256
-#define _V1 68
-#define _O1 32
-#define _O2 48
-#define _MAX_O 48
-#define _HASH_LEN 48
-
-
-#define _V2 ((_V1) + (_O1))
-
-/// size of N, in # of gf elements.
-#define _PUB_N (_V1 + _O1 + _O2)
-
-/// size of M, in # gf elements.
-#define _PUB_M (_O1 + _O2)
-
-/// size of variables, in # bytes.
-
-// GF256
-#define _V1_BYTE (_V1)
-#define _V2_BYTE (_V2)
-#define _O1_BYTE (_O1)
-#define _O2_BYTE (_O2)
-#define _MAX_O_BYTE (_MAX_O)
-#define _PUB_N_BYTE (_PUB_N)
-#define _PUB_M_BYTE (_PUB_M)
-
-
-/// length of seed for public key, in # bytes
-#define LEN_PKSEED 32
-
-/// length of seed for secret key, in # bytes
-#define LEN_SKSEED 32
-
-/// length of salt for a signature, in # bytes
-#define _SALT_BYTE 16
-
-/// length of a signature
-#define _SIGNATURE_BYTE (_PUB_N_BYTE + _SALT_BYTE)
-
-#endif // _H_RAINBOW_CONFIG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair.c
deleted file mode 100644
index 63708a9b87..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/// @file rainbow_keypair.c
-/// @brief implementations of functions in rainbow_keypair.h
-///
-
-#include "rainbow_keypair.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair_computation.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-static
-void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) {
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->s1);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t1);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t4);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t3);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
-}
-
-
-static
-unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l1_F1);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l1_F2);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static
-unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l2_F1);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F2);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F3);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F5);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F6);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static void generate_B1_B2(unsigned char *sk, prng_t *prng0) {
- sk += generate_l1_F12(sk, prng0);
- generate_l2_F12356(sk, prng0);
-}
-
-static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) {
- // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2
- unsigned char temp[_V1_BYTE + 32];
- unsigned char *t4 = t2_to_t4;
- for (unsigned int i = 0; i < _O2; i++) { /// t3 width
- gfmat_prod(temp, t1, _V1_BYTE, _O1, t3);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE);
- t4 += _V1_BYTE;
- t3 += _O1_BYTE;
- }
-}
-
-static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) {
- unsigned char temp[_O1_BYTE + 32];
- while (n_terms--) {
- gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE);
- l1_polys += _O1_BYTE;
- l2_polys += _O2_BYTE;
- }
-}
-
-/////////////////// Classic //////////////////////////////////
-
-static void generate_secretkey(sk_t *sk, const unsigned char *sk_seed) {
- memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);
-
- // set up prng
- prng_t prng0;
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED);
-
- // generating secret key with prng.
- generate_S_T(sk->s1, &prng0);
- generate_B1_B2(sk->l1_F1, &prng0);
-
- // clean prng
- memset(&prng0, 0, sizeof(prng_t));
-}
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) {
- generate_secretkey(sk, sk_seed);
-
- // set up a temporary structure ext_cpk_t for calculating public key.
- ext_cpk_t pk;
-
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format.
- calculate_t4(sk->t4, sk->t1, sk->t3);
-
- obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1);
- obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1);
- obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1);
- obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1);
- obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1);
- obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1);
- // so far, the pk contains the full pk but in ext_cpk_t format.
-
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t.
-}
-
-
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair.h
deleted file mode 100644
index 1812f885a3..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair.h
+++ /dev/null
@@ -1,61 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_H_
-#define _RAINBOW_KEYPAIR_H_
-/// @file rainbow_keypair.h
-/// @brief Formats of key pairs and functions for generating key pairs.
-/// Formats of key pairs and functions for generating key pairs.
-///
-
-#include "rainbow_config.h"
-
-#define N_TRIANGLE_TERMS(n_var) ((n_var) * ((n_var) + 1) / 2)
-
-/// @brief public key for classic rainbow
-///
-/// public key for classic rainbow
-///
-typedef struct rainbow_publickey {
- unsigned char pk[(_PUB_M_BYTE)*N_TRIANGLE_TERMS(_PUB_N)];
-} pk_t;
-
-/// @brief secret key for classic rainbow
-///
-/// secret key for classic rainbow
-///
-typedef struct rainbow_secretkey {
- ///
- /// seed for generating secret key.
- /// Generating S, T, and F for classic rainbow.
- /// Generating S and T only for cyclic rainbow.
- unsigned char sk_seed[LEN_SKSEED];
-
- unsigned char s1[_O1_BYTE * _O2]; ///< part of S map
- unsigned char t1[_V1_BYTE * _O1]; ///< part of T map
- unsigned char t4[_V1_BYTE * _O2]; ///< part of T map
- unsigned char t3[_O1_BYTE * _O2]; ///< part of T map
-
- unsigned char l1_F1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer1
- unsigned char l1_F2[_O1_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer1
-
- unsigned char l2_F1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer2
- unsigned char l2_F2[_O2_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer2
-
- unsigned char l2_F3[_O2_BYTE * _V1 * _O2]; ///< part of C-map, F3, Layer2
- unsigned char l2_F5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< part of C-map, F5, Layer2
- unsigned char l2_F6[_O2_BYTE * _O1 * _O2]; ///< part of C-map, F6, Layer2
-} sk_t;
-
-
-///
-/// @brief Generate key pairs for classic rainbow.
-///
-/// @param[out] pk - the public key.
-/// @param[out] sk - the secret key.
-/// @param[in] sk_seed - seed for generating the secret key.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed);
-
-
-
-
-
-#endif // _RAINBOW_KEYPAIR_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair_computation.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair_computation.c
deleted file mode 100644
index 62367d440e..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair_computation.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/// @file rainbow_keypair_computation.c
-/// @brief Implementations for functions in rainbow_keypair_computation.h
-///
-
-#include "rainbow_keypair_computation.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair.h"
-#include
-#include
-#include
-
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) {
- const unsigned char *idx_l1 = cpk->l1_Q1;
- const unsigned char *idx_l2 = cpk->l2_Q1;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = i; j < _V1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q2;
- idx_l2 = cpk->l2_Q2;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q3;
- idx_l2 = cpk->l2_Q3;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q5;
- idx_l2 = cpk->l2_Q5;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = i; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q6;
- idx_l2 = cpk->l2_Q6;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q9;
- idx_l2 = cpk->l2_Q9;
- for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) {
- for (unsigned int j = i; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
-}
-
-static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- /*
- Layer 1
- Computing :
- Q_pk.l1_F1s[i] = F_sk.l1_F1s[i]
-
- Q_pk.l1_F2s[i] = (F1* T1 + F2) + F1tr * t1
- Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) )
- */
- const unsigned char *t2 = Ts->t4;
-
- memcpy(Qs->l1_Q1, Fs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1));
-
- memcpy(Qs->l1_Q2, Fs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_trimat_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2
-
- memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2);
- memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1));
- memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2);
- memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2));
-
- // l1_Q5 : _O1_BYTE * _O1 * _O1
- // l1_Q9 : _O1_BYTE * _O2 * _O2
- // l2_Q5 : _O2_BYTE * _V1 * _O1
- // l2_Q9 : _O2_BYTE * _V1 * _O2
-
- unsigned char tempQ[_MAX_O_BYTE * _MAX_O * _MAX_O + 32];
-
- memset(tempQ, 0, _O1_BYTE * _O1 * _O1); // l1_Q5
- batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q2, _O1, _O1_BYTE); // t1_tr*(F1*T1 + F2)
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5
-
- batch_trimatTr_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // Q2
- /*
- Computing:
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
- Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3
- Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2
- Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) )
- */
- batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2
- batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F2_T3
-
- memset(tempQ, 0, _O1_BYTE * _O2 * _O2); // l1_Q9
- batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 )
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9
-
- batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3
-
- batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2
- batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6
-
- /*
- layer 2
- Computing:
- Q1 = F1
- Q2 = F1_F1T*T1 + F2
- Q5 = UT( T1tr( F1*T1 + F2 ) + F5 )
- */
- memcpy(Qs->l2_Q1, Fs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1));
-
- memcpy(Qs->l2_Q2, Fs->l2_F2, _O2_BYTE * _V1 * _O1);
- batch_trimat_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F1*T1 + F2
-
- memcpy(Qs->l2_Q5, Fs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1));
- memset(tempQ, 0, _O2_BYTE * _O1 * _O1); // l2_Q5
- batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q2, _O1, _O2_BYTE); // t1_tr*(F1*T1 + F2)
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5
-
- batch_trimatTr_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q2
-
- /*
- Computing:
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
-
- Q3 = F1_F1T*T2 + F2*T3 + F3
- Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) )
- Q6 = T1tr*( F1_F1T*T2 + F2*T3 + F3 ) + F2Tr*T2 + F5_F5T*T3 + F6
- */
- memcpy(Qs->l2_Q3, Fs->l2_F3, _O2_BYTE * _V1 * _O2);
- batch_trimat_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3
- batch_mat_madd(Qs->l2_Q3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3 + F3
-
- memset(tempQ, 0, _O2_BYTE * _O2 * _O2); // l2_Q9
- batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l2_Q3, _O2, _O2_BYTE); // T2tr * ( ..... )
-
- memcpy(Qs->l2_Q6, Fs->l2_F6, _O2_BYTE * _O1 * _O2);
-
- batch_trimat_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6
- batch_matTr_madd(tempQ, Ts->t3, _O1, _O1_BYTE, _O2, Qs->l2_Q6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... )
- memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9
-
- batch_trimatTr_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1_F1T_T2 + F2_T3 + F3 // Q3
-
- batch_bmatTr_madd(Qs->l2_Q6, Fs->l2_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 + F2tr*T2
- batch_trimatTr_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F2tr*T2 + F5_F5T*T3 + F6
- batch_matTr_madd(Qs->l2_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q3, _O2, _O2_BYTE); // Q6
-}
-#define calculate_Q_from_F_impl calculate_Q_from_F_ref
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- calculate_Q_from_F_impl(Qs, Fs, Ts);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair_computation.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair_computation.h
deleted file mode 100644
index c9add890a5..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/rainbow_keypair_computation.h
+++ /dev/null
@@ -1,53 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_COMP_H_
-#define _RAINBOW_KEYPAIR_COMP_H_
-/// @file rainbow_keypair_computation.h
-/// @brief Functions for calculating pk/sk while generating keys.
-///
-/// Defining an internal structure of public key.
-/// Functions for calculating pk/sk for key generation.
-///
-
-#include "rainbow_keypair.h"
-
-/// @brief The (internal use) public key for rainbow
-///
-/// The (internal use) public key for rainbow. The public
-/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9,
-/// l2_Q1, .... , l2_Q9.
-///
-typedef struct rainbow_extend_publickey {
- unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l1_Q2[_O1_BYTE * _V1 * _O1];
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2];
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2];
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)];
-
- unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l2_Q2[_O2_BYTE * _V1 * _O1];
- unsigned char l2_Q3[_O2_BYTE * _V1 * _O2];
- unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l2_Q6[_O2_BYTE * _O1 * _O2];
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)];
-} ext_cpk_t;
-
-///
-/// @brief converting formats of public keys : from ext_cpk_t version to pk_t
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the internel public key.
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk);
-/////////////////////////////////////////////////
-
-///
-/// @brief Computing public key from secret key
-///
-/// @param[out] Qs - the public key
-/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the secret key: T1, T4, T3
-///
-void PQCLEAN_RAINBOWIIICLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-
-#endif // _RAINBOW_KEYPAIR_COMP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/sign.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/sign.c
deleted file mode 100644
index 81e3b0f2f4..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/sign.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/// @file sign.c
-/// @brief the implementations for functions in api.h
-///
-///
-
-#include "api.h"
-#include "rainbow.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) {
- unsigned char sk_seed[LEN_SKSEED] = {0};
- randombytes(sk_seed, LEN_SKSEED);
-
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed);
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
-
- memcpy(sm, m, mlen);
- smlen[0] = mlen + _SIGNATURE_BYTE;
-
- return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) {
- int rc;
- if (_SIGNATURE_BYTE > smlen) {
- rc = -1;
- } else {
- *mlen = smlen - _SIGNATURE_BYTE;
-
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen);
-
- rc = PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk);
- }
- if (!rc) {
- memmove(m, sm, smlen - _SIGNATURE_BYTE);
- } else { // bad signature
- *mlen = (size_t) -1;
- memset(m, 0, smlen);
- }
- return rc;
-}
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- *siglen = _SIGNATURE_BYTE;
- return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk) {
- if (siglen != _SIGNATURE_BYTE) {
- return -1;
- }
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- return PQCLEAN_RAINBOWIIICLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_hash.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_hash.c
deleted file mode 100644
index a00c94e50b..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_hash.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/// @file utils_hash.c
-/// @brief the adapter for SHA2 families.
-///
-///
-
-#include "utils_hash.h"
-#include "rainbow_config.h"
-#include "sha2.h"
-
-static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) {
- sha384(digest, m, mlen);
- return 0;
-}
-
-static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsigned char *hash) {
- if (_HASH_LEN >= n_digest) {
- for (size_t i = 0; i < n_digest; i++) {
- digest[i] = hash[i];
- }
- return 0;
- }
- for (size_t i = 0; i < _HASH_LEN; i++) {
- digest[i] = hash[i];
- }
- n_digest -= _HASH_LEN;
-
- while (_HASH_LEN <= n_digest) {
- h(digest + _HASH_LEN, digest, _HASH_LEN);
-
- n_digest -= _HASH_LEN;
- digest += _HASH_LEN;
- }
- unsigned char temp[_HASH_LEN];
- if (n_digest) {
- h(temp, digest, _HASH_LEN);
- for (size_t i = 0; i < n_digest; i++) {
- digest[_HASH_LEN + i] = temp[i];
- }
- }
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(unsigned char *digest,
- size_t len_digest,
- const unsigned char *m,
- size_t mlen) {
- unsigned char buf[_HASH_LEN];
- h(buf, m, mlen);
- return expand_hash(digest, len_digest, buf);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_hash.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_hash.h
deleted file mode 100644
index a36aa4814b..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_hash.h
+++ /dev/null
@@ -1,11 +0,0 @@
-#ifndef _UTILS_HASH_H_
-#define _UTILS_HASH_H_
-/// @file utils_hash.h
-/// @brief the interface for adapting hash functions.
-///
-
-#include
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen);
-
-#endif // _UTILS_HASH_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_prng.c b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_prng.c
deleted file mode 100644
index 2bfa1b1a15..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_prng.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/// @file utils_prng.c
-/// @brief The implementation of PRNG related functions.
-///
-
-#include "utils_prng.h"
-#include "aes.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-static void prng_update(const unsigned char *provided_data,
- unsigned char *Key,
- unsigned char *V) {
- unsigned char temp[48];
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, Key);
- for (int i = 0; i < 3; i++) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (V[j] == 0xff) {
- V[j] = 0x00;
- } else {
- V[j]++;
- break;
- }
- }
- aes256_ecb(temp + 16 * i, V, 1, &ctx);
- }
- if (provided_data != NULL) {
- for (int i = 0; i < 48; i++) {
- temp[i] ^= provided_data[i];
- }
- }
- aes256_ctx_release(&ctx);
- memcpy(Key, temp, 32);
- memcpy(V, temp + 32, 16);
-}
-static void randombytes_init_with_state(prng_t *state,
- unsigned char *entropy_input_48bytes) {
- memset(state->Key, 0x00, 32);
- memset(state->V, 0x00, 16);
- prng_update(entropy_input_48bytes, state->Key, state->V);
-}
-
-static int randombytes_with_state(prng_t *state,
- unsigned char *x,
- size_t xlen) {
-
- unsigned char block[16];
- int i = 0;
-
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, state->Key);
-
- while (xlen > 0) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (state->V[j] == 0xff) {
- state->V[j] = 0x00;
- } else {
- state->V[j]++;
- break;
- }
- }
- aes256_ecb(block, state->V, 1, &ctx);
- if (xlen > 15) {
- memcpy(x + i, block, 16);
- i += 16;
- xlen -= 16;
- } else {
- memcpy(x + i, block, xlen);
- xlen = 0;
- }
- }
- aes256_ctx_release(&ctx);
- prng_update(NULL, state->Key, state->V);
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) {
- unsigned char seed[48];
- if (prng_seedlen >= 48) {
- memcpy(seed, prng_seed, 48);
- } else {
- memcpy(seed, prng_seed, prng_seedlen);
- PQCLEAN_RAINBOWIIICLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen);
- }
-
- randombytes_init_with_state(ctx, seed);
-
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) {
- return randombytes_with_state(ctx, out, outlen);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_prng.h b/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_prng.h
deleted file mode 100644
index 40214f42f5..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-classic_clean/utils_prng.h
+++ /dev/null
@@ -1,18 +0,0 @@
-#ifndef _UTILS_PRNG_H_
-#define _UTILS_PRNG_H_
-/// @file utils_prng.h
-/// @brief the interface for adapting PRNG functions.
-///
-///
-
-#include "randombytes.h"
-
-typedef struct {
- unsigned char Key[32];
- unsigned char V[16];
-} prng_t;
-
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen);
-int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen);
-
-#endif // _UTILS_PRNG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/LICENSE b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/LICENSE
deleted file mode 100644
index cb00a6e354..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/LICENSE
+++ /dev/null
@@ -1,8 +0,0 @@
-`Software implementation of Rainbow for NIST R2 submission' by Ming-Shing Chen
-
-To the extent possible under law, the person who associated CC0 with
-`Software implementation of Rainbow for NIST R2 submission' has waived all copyright and related or neighboring rights
-to `Software implementation of Rainbow for NIST R2 submission'.
-
-You should have received a copy of the CC0 legalcode along with this
-work. If not, see .
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/api.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/api.h
deleted file mode 100644
index 4c2dd86380..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/api.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_API_H
-#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_API_H
-
-#include
-#include
-
-#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_CRYPTO_SECRETKEYBYTES 64
-#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_CRYPTO_PUBLICKEYBYTES 264608
-#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_CRYPTO_BYTES 164
-#define PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,68,32,48) - compressed"
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk);
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
- const uint8_t *m, size_t mlen,
- const uint8_t *sk);
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
- const uint8_t *sm, size_t smlen,
- const uint8_t *pk);
-
-
-#endif
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas.c
deleted file mode 100644
index 9ee4f0e535..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas.c
+++ /dev/null
@@ -1,31 +0,0 @@
-#include "blas.h"
-#include "gf.h"
-
-#include
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) {
- uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate);
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= (a[i] & pr_u8);
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= a[i];
- }
-}
-
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- a[i] = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a[i], b);
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_c[i] ^= PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a[i], gf256_b);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas.h
deleted file mode 100644
index f0eaf12ff9..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _BLAS_H_
-#define _BLAS_H_
-/// @file blas.h
-/// @brief Functions for implementing basic linear algebra functions.
-///
-
-#include "rainbow_config.h"
-#include
-#include
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte);
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte);
-
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte);
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte);
-
-
-#endif // _BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas_comm.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas_comm.c
deleted file mode 100644
index 7d5e78655f..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas_comm.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/// @file blas_comm.c
-/// @brief The standard implementations for blas_comm.h
-///
-
-#include "blas_comm.h"
-#include "blas.h"
-#include "gf.h"
-#include "rainbow_config.h"
-
-#include
-#include
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- b[i] = 0;
- }
-}
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) {
- return a[i];
-}
-
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) {
- uint8_t r = 0;
- while (_num_byte--) {
- r |= a[0];
- a++;
- }
- return (0 == r);
-}
-
-/// polynomial multplication
-/// School boook
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(c, _num * 2 - 1);
- for (unsigned int i = 0; i < _num; i++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(c + i, a, b[i], _num);
- }
-}
-
-static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(c, n_A_vec_byte);
- for (unsigned int i = 0; i < n_A_width; i++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte);
- matA += n_A_vec_byte;
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) {
- unsigned int n_vec_byte = len_vec;
- for (unsigned int k = 0; k < len_vec; k++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(c, n_vec_byte);
- const uint8_t *bk = b + n_vec_byte * k;
- for (unsigned int i = 0; i < len_vec; i++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte);
- }
- c += n_vec_byte;
- }
-}
-
-static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) {
- unsigned int r8 = 1;
-
- for (unsigned int i = 0; i < h; i++) {
- uint8_t *ai = mat + w * i;
- unsigned int skip_len_align4 = i & ((unsigned int)~0x3);
-
- for (unsigned int j = i + 1; j < h; j++) {
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4);
- }
- r8 &= PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]);
- uint8_t pivot = ai[i];
- pivot = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_inv(pivot);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4);
- for (unsigned int j = 0; j < h; j++) {
- if (i == j) {
- continue;
- }
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4);
- }
- }
-
- return r8;
-}
-
-static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- uint8_t mat[64 * 64];
- for (unsigned int i = 0; i < n; i++) {
- memcpy(mat + i * (n + 1), inp_mat + i * n, n);
- mat[i * (n + 1) + n] = c_terms[i];
- }
- unsigned int r8 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_gauss_elim(mat, n, n + 1);
- for (unsigned int i = 0; i < n; i++) {
- sol[i] = mat[i * (n + 1) + n];
- }
- return r8;
-}
-
-static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) {
- for (unsigned int i = 0; i < h; i++) {
- for (unsigned int j = 0; j < w2; j++) {
- mat2[i * w2 + j] = mat[i * w + st + j];
- }
- }
-}
-
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) {
- uint8_t *aa = buffer;
- for (unsigned int i = 0; i < H; i++) {
- uint8_t *ai = aa + i * 2 * H;
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(ai, 2 * H);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(ai, a + i * H, H);
- ai[H + i] = 1;
- }
- unsigned int r8 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H);
- gf256mat_submat(inv_a, H, H, aa, 2 * H, H);
- return r8;
-}
-
-
-// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE
-
-#define gf256mat_prod_impl gf256mat_prod_ref
-#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref
-#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b);
-}
-
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) {
- return gf256mat_gauss_elim_impl(mat, h, w);
-}
-
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n);
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas_comm.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas_comm.h
deleted file mode 100644
index de5368c3c4..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/blas_comm.h
+++ /dev/null
@@ -1,90 +0,0 @@
-#ifndef _BLAS_COMM_H_
-#define _BLAS_COMM_H_
-/// @file blas_comm.h
-/// @brief Common functions for linear algebra.
-///
-
-#include "rainbow_config.h"
-#include
-
-/// @brief set a vector to 0.
-///
-/// @param[in,out] b - the vector b.
-/// @param[in] _num_byte - number of bytes for the vector b.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte);
-
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i);
-
-/// @brief check if a vector is 0.
-///
-/// @param[in] a - the vector a.
-/// @param[in] _num_byte - number of bytes for the vector a.
-/// @return 1(true) if a is 0. 0(false) else.
-///
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte);
-
-/// @brief polynomial multiplication: c = a*b
-///
-/// @param[out] c - the output polynomial c
-/// @param[in] a - the vector a.
-/// @param[in] b - the vector b.
-/// @param[in] _num - number of elements for the polynomials a and b.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num);
-
-/// @brief matrix-vector multiplication: c = matA * b , in GF(256)
-///
-/// @param[out] c - the output vector c
-/// @param[in] matA - a column-major matrix A.
-/// @param[in] n_A_vec_byte - the size of column vectors in bytes.
-/// @param[in] n_A_width - the width of matrix A.
-/// @param[in] b - the vector b.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b);
-
-/// @brief matrix-matrix multiplication: c = a * b , in GF(256)
-///
-/// @param[out] c - the output matrix c
-/// @param[in] c - a matrix a.
-/// @param[in] b - a matrix b.
-/// @param[in] len_vec - the length of column vectors.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec);
-
-/// @brief Gauss elimination for a matrix, in GF(256)
-///
-/// @param[in,out] mat - the matrix.
-/// @param[in] h - the height of the matrix.
-/// @param[in] w - the width of the matrix.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w);
-
-/// @brief Solving linear equations, in GF(256)
-///
-/// @param[out] sol - the solutions.
-/// @param[in] inp_mat - the matrix parts of input equations.
-/// @param[in] c_terms - the constant terms of the input equations.
-/// @param[in] n - the number of equations.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n);
-
-/// @brief Computing the inverse matrix, in GF(256)
-///
-/// @param[out] inv_a - the output of matrix a.
-/// @param[in] a - a matrix a.
-/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix.
-/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer);
-
-#endif // _BLAS_COMM_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/gf.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/gf.c
deleted file mode 100644
index 5b0967f2fa..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/gf.c
+++ /dev/null
@@ -1,91 +0,0 @@
-#include "gf.h"
-
-//// gf4 := gf2[x]/x^2+x+1
-static inline uint8_t gf4_mul_2(uint8_t a) {
- uint8_t r = (uint8_t)(a << 1);
- r ^= (uint8_t)((a >> 1) * 7);
- return r;
-}
-
-static inline uint8_t gf4_mul(uint8_t a, uint8_t b) {
- uint8_t r = (uint8_t)(a * (b & 1));
- return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1));
-}
-
-static inline uint8_t gf4_squ(uint8_t a) {
- return a ^ (a >> 1);
-}
-
-//// gf16 := gf4[y]/y^2+y+x
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- uint8_t b0 = b & 3;
- uint8_t b1 = (b >> 2);
- uint8_t a0b0 = gf4_mul(a0, b0);
- uint8_t a1b1 = gf4_mul(a1, b1);
- uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x2 = gf4_mul_2(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2);
-}
-
-static inline uint8_t gf16_squ(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- a1 = gf4_squ(a1);
- uint8_t a1squ_x2 = gf4_mul_2(a1);
- return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a) {
- unsigned int a8 = a;
- unsigned int r = ((unsigned int)0) - a8;
- r >>= 8;
- return r & 1;
-}
-
-static inline uint8_t gf4_mul_3(uint8_t a) {
- uint8_t msk = (uint8_t)((a - 2) >> 1);
- return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1)));
-}
-static inline uint8_t gf16_mul_8(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = a >> 2;
- return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1));
-}
-
-// gf256 := gf16[X]/X^2+X+xy
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- uint8_t b0 = b & 15;
- uint8_t b1 = (b >> 4);
- uint8_t a0b0 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(a0, b0);
- uint8_t a1b1 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(a1, b1);
- uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x8 = gf16_mul_8(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8);
-}
-
-static inline uint8_t gf256_squ(uint8_t a) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- a1 = gf16_squ(a1);
- uint8_t a1squ_x8 = gf16_mul_8(a1);
- return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_inv(uint8_t a) {
- // 128+64+32+16+8+4+2 = 254
- uint8_t a2 = gf256_squ(a);
- uint8_t a4 = gf256_squ(a2);
- uint8_t a8 = gf256_squ(a4);
- uint8_t a4_2 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a4, a2);
- uint8_t a8_4_2 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a4_2, a8);
- uint8_t a64_ = gf256_squ(a8_4_2);
- a64_ = gf256_squ(a64_);
- a64_ = gf256_squ(a64_);
- uint8_t a64_2 = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a64_, a8_4_2);
- uint8_t a128_ = gf256_squ(a64_2);
- return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(a2, a128_);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/gf.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/gf.h
deleted file mode 100644
index 1f35c8bbbc..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/gf.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _GF16_H_
-#define _GF16_H_
-
-#include "rainbow_config.h"
-#include
-
-/// @file gf16.h
-/// @brief Library for arithmetics in GF(16) and GF(256)
-///
-
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b);
-
-
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a);
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_inv(uint8_t a);
-uint8_t PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b);
-
-
-#endif // _GF16_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/parallel_matrix_op.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/parallel_matrix_op.c
deleted file mode 100644
index 64d5c33c1a..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/parallel_matrix_op.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/// @file parallel_matrix_op.c
-/// @brief the standard implementations for functions in parallel_matrix_op.h
-///
-/// the standard implementations for functions in parallel_matrix_op.h
-///
-
-#include "parallel_matrix_op.h"
-#include "blas.h"
-#include "blas_comm.h"
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) {
- return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row;
-}
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix.
-///
-/// @param[in] i_row - the i-th row in a triangle matrix.
-/// @param[in] j_col - the j-th column in a triangle matrix.
-/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) {
- if (i_row > j_col) {
- return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(j_col, i_row, n_var);
- }
- return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i_row, j_col, n_var);
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) {
- unsigned char *runningC = btriC;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < i; j++) {
- unsigned int idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(j, i, Aheight);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch);
- }
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i));
- runningC += size_batch * (Aheight - i);
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (k < i) {
- continue;
- }
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- btriA += (Aheight - i) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i < k) {
- continue;
- }
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i == k) {
- continue;
- }
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Atr_height = Awidth;
- unsigned int Atr_width = Aheight;
- for (unsigned int i = 0; i < Atr_height; i++) {
- for (unsigned int j = 0; j < Atr_width; j++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth);
- }
- bC += size_batch * Bwidth;
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- const unsigned char *bA = bA_to_tr;
- unsigned int Aheight = Awidth_before_tr;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- bA += (Awidth) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) {
- unsigned char tmp[256];
-
- unsigned char _x[256];
- for (unsigned int i = 0; i < dim; i++) {
- _x[i] = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(x, i);
- }
-
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(y, size_batch);
- for (unsigned int i = 0; i < dim; i++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = i; j < dim; j++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch);
- trimat += size_batch;
- }
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch);
- }
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat,
- const unsigned char *x, unsigned dim_x, unsigned size_batch) {
- unsigned char tmp[128];
-
- unsigned char _x[128];
- for (unsigned int i = 0; i < dim_x; i++) {
- _x[i] = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(x, i);
- }
- unsigned char _y[128];
- for (unsigned int i = 0; i < dim_y; i++) {
- _y[i] = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele(y, i);
- }
-
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(z, size_batch);
- for (unsigned int i = 0; i < dim_y; i++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = 0; j < dim_x; j++) {
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch);
- mat += size_batch;
- }
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/parallel_matrix_op.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/parallel_matrix_op.h
deleted file mode 100644
index f4a5e3efef..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/parallel_matrix_op.h
+++ /dev/null
@@ -1,260 +0,0 @@
-#ifndef _P_MATRIX_OP_H_
-#define _P_MATRIX_OP_H_
-/// @file parallel_matrix_op.h
-/// @brief Librarys for operations of batched matrixes.
-///
-///
-
-//////////////// Section: triangle matrix <-> rectangle matrix ///////////////////////////////////
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim);
-
-///
-/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix.
-///
-/// @param[out] btriC - the batched upper-trianglized matrix C.
-/// @param[in] bA - a batched retangle matrix A.
-/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch);
-
-//////////////////// Section: matrix multiplications ///////////////////////////////
-
-///
-/// @brief bC += btriA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-//////////////////// Section: "quadratric" matrix evaluation ///////////////////////////////
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(16)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(256)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(16)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(256)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-#endif // _P_MATRIX_OP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow.c
deleted file mode 100644
index b2d2ac83e9..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/// @file rainbow.c
-/// @brief The standard implementations for functions in rainbow.h
-///
-
-#include "blas.h"
-#include "parallel_matrix_op.h"
-#include "rainbow.h"
-#include "rainbow_blas.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "utils_hash.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-#define MAX_ATTEMPT_FRMAT 128
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) {
- uint8_t mat_l1[_O1 * _O1_BYTE];
- uint8_t mat_l2[_O2 * _O2_BYTE];
- uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE];
-
- // setup PRNG
- prng_t prng_sign;
- uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN];
- memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED);
- memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest
- uint8_t prng_seed[_HASH_LEN];
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest )
- for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) {
- prng_preseed[i] ^= prng_preseed[i]; // clean
- }
- for (unsigned int i = 0; i < _HASH_LEN; i++) {
- prng_seed[i] ^= prng_seed[i]; // clean
- }
-
- // roll vinegars.
- uint8_t vinegar[_V1_BYTE];
- unsigned int n_attempt = 0;
- unsigned int l1_succ = 0;
- while (!l1_succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars
- gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1
- l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable
- n_attempt++;
- }
-
- // Given the vinegars, pre-compute variables needed for layer 2
- uint8_t r_l1_F1[_O1_BYTE] = {0};
- uint8_t r_l2_F1[_O2_BYTE] = {0};
- batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE);
- batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE);
- uint8_t mat_l2_F3[_O2 * _O2_BYTE];
- uint8_t mat_l2_F2[_O1 * _O2_BYTE];
- gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar);
- gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar);
-
- // Some local variables.
- uint8_t _z[_PUB_M_BYTE];
- uint8_t y[_PUB_M_BYTE];
- uint8_t *x_v1 = vinegar;
- uint8_t x_o1[_O1_BYTE];
- uint8_t x_o2[_O2_BYTE];
-
- uint8_t digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, _digest, _HASH_LEN);
- uint8_t *salt = digest_salt + _HASH_LEN;
-
- uint8_t temp_o[_MAX_O_BYTE + 32] = {0};
- unsigned int succ = 0;
- while (!succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w
-
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt)
-
- // y = S^-1 * z
- memcpy(y, _z, _PUB_M_BYTE); // identity part of S
- gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(y, temp_o, _O1_BYTE);
-
- // Central Map:
- // layer 1: calculate x_o1
- memcpy(temp_o, r_l1_F1, _O1_BYTE);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(temp_o, y, _O1_BYTE);
- gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o);
-
- // layer 2: calculate x_o2
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE);
- gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2
- batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE);
-
- // generate the linear equations of the 2nd layer
- gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3
- succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer);
- gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs
-
- n_attempt++;
- };
- // w = T^-1 * y
- uint8_t w[_PUB_N_BYTE];
- // identity part of T.
- memcpy(w, x_v1, _V1_BYTE);
- memcpy(w + _V1_BYTE, x_o1, _O1_BYTE);
- memcpy(w + _V2_BYTE, x_o2, _O2_BYTE);
- // Computing the t1 part.
- gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t4 part.
- gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t3 part.
- gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE);
-
- memset(signature, 0, _SIGNATURE_BYTE); // set the output 0
- // clean
- memset(&prng_sign, 0, sizeof(prng_t));
- memset(vinegar, 0, _V1_BYTE);
- memset(r_l1_F1, 0, _O1_BYTE);
- memset(r_l2_F1, 0, _O2_BYTE);
- memset(_z, 0, _PUB_M_BYTE);
- memset(y, 0, _PUB_M_BYTE);
- memset(x_o1, 0, _O1_BYTE);
- memset(x_o2, 0, _O2_BYTE);
- memset(temp_o, 0, sizeof(temp_o));
-
- // return: copy w and salt to the signature.
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- return -1;
- }
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE);
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) {
- unsigned char digest_ck[_PUB_M_BYTE];
- // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials.
- batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE);
-
- unsigned char correct[_PUB_M_BYTE];
- unsigned char digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, digest, _HASH_LEN);
- memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt )
-
- // check consistancy.
- unsigned char cc = 0;
- for (unsigned int i = 0; i < _PUB_M_BYTE; i++) {
- cc |= (digest_ck[i] ^ correct[i]);
- }
- return (0 == cc) ? 0 : -1;
-}
-
-/////////////// cyclic version ///////////////////////////
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *csk, const uint8_t *digest) {
- unsigned char sk[sizeof(sk_t) + 32];
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_secretkey_cyclic((sk_t *)sk, csk->pk_seed, csk->sk_seed); // generating classic secret key.
- return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign(signature, (sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) {
- unsigned char pk[sizeof(pk_t) + 32];
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key.
- return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow.h
deleted file mode 100644
index 954a3a1b21..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow.h
+++ /dev/null
@@ -1,50 +0,0 @@
-#ifndef _RAINBOW_H_
-#define _RAINBOW_H_
-/// @file rainbow.h
-/// @brief APIs for rainbow.
-///
-
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-
-#include
-
-///
-/// @brief Signing function for classical secret key.
-///
-/// @param[out] signature - the signature.
-/// @param[in] sk - the secret key.
-/// @param[in] digest - the digest.
-///
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest);
-
-///
-/// @brief Verifying function.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk);
-
-///
-/// @brief Signing function for compressed secret key of the cyclic rainbow.
-///
-/// @param[out] signature - the signature.
-/// @param[in] sk - the compressed secret key.
-/// @param[in] digest - the digest.
-///
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *sk, const uint8_t *digest);
-
-///
-/// @brief Verifying function for cyclic public keys.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key of cyclic rainbow.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk);
-
-#endif // _RAINBOW_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_blas.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_blas.h
deleted file mode 100644
index cc97b929ae..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_blas.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef _RAINBOW_BLAS_H_
-#define _RAINBOW_BLAS_H_
-/// @file rainbow_blas.h
-/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-///
-/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-
-#include "blas.h"
-#include "blas_comm.h"
-#include "parallel_matrix_op.h"
-#include "rainbow_config.h"
-
-
-#define gfv_get_ele PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_get_ele
-#define gfv_mul_scalar PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_mul_scalar
-#define gfv_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_madd
-
-#define gfmat_prod PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_prod
-#define gfmat_inv PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256mat_inv
-
-#define batch_trimat_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimat_madd_gf256
-#define batch_trimatTr_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_trimatTr_madd_gf256
-#define batch_2trimat_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_2trimat_madd_gf256
-#define batch_matTr_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_matTr_madd_gf256
-#define batch_bmatTr_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_bmatTr_madd_gf256
-#define batch_mat_madd PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_mat_madd_gf256
-
-#define batch_quad_trimat_eval PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256
-#define batch_quad_recmat_eval PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256
-
-
-#endif // _RAINBOW_BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_config.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_config.h
deleted file mode 100644
index f3cbb700ba..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_config.h
+++ /dev/null
@@ -1,48 +0,0 @@
-#ifndef _H_RAINBOW_CONFIG_H_
-#define _H_RAINBOW_CONFIG_H_
-
-/// @file rainbow_config.h
-/// @brief Defining the parameters of the Rainbow and the corresponding constants.
-///
-
-#define _GFSIZE 256
-#define _V1 68
-#define _O1 32
-#define _O2 48
-#define _MAX_O 48
-#define _HASH_LEN 48
-
-
-#define _V2 ((_V1) + (_O1))
-
-/// size of N, in # of gf elements.
-#define _PUB_N (_V1 + _O1 + _O2)
-
-/// size of M, in # gf elements.
-#define _PUB_M (_O1 + _O2)
-
-/// size of variables, in # bytes.
-
-// GF256
-#define _V1_BYTE (_V1)
-#define _V2_BYTE (_V2)
-#define _O1_BYTE (_O1)
-#define _O2_BYTE (_O2)
-#define _MAX_O_BYTE (_MAX_O)
-#define _PUB_N_BYTE (_PUB_N)
-#define _PUB_M_BYTE (_PUB_M)
-
-
-/// length of seed for public key, in # bytes
-#define LEN_PKSEED 32
-
-/// length of seed for secret key, in # bytes
-#define LEN_SKSEED 32
-
-/// length of salt for a signature, in # bytes
-#define _SALT_BYTE 16
-
-/// length of a signature
-#define _SIGNATURE_BYTE (_PUB_N_BYTE + _SALT_BYTE)
-
-#endif // _H_RAINBOW_CONFIG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair.c
deleted file mode 100644
index cdd4f18440..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair.c
+++ /dev/null
@@ -1,217 +0,0 @@
-/// @file rainbow_keypair.c
-/// @brief implementations of functions in rainbow_keypair.h
-///
-
-#include "rainbow_keypair.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair_computation.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-static
-void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) {
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->s1);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t1);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t4);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t3);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size );
-}
-
-
-static
-unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l1_F1);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l1_F2);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static
-unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l2_F1);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F2);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F3);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F5);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F6);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static void generate_B1_B2(unsigned char *sk, prng_t *prng0) {
- sk += generate_l1_F12(sk, prng0);
- generate_l2_F12356(sk, prng0);
-}
-
-static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) {
- // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2
- unsigned char temp[_V1_BYTE + 32];
- unsigned char *t4 = t2_to_t4;
- for (unsigned int i = 0; i < _O2; i++) { /// t3 width
- gfmat_prod(temp, t1, _V1_BYTE, _O1, t3);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(t4, temp, _V1_BYTE);
- t4 += _V1_BYTE;
- t3 += _O1_BYTE;
- }
-}
-
-static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) {
- unsigned char temp[_O1_BYTE + 32];
- while (n_terms--) {
- gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE);
- l1_polys += _O1_BYTE;
- l2_polys += _O2_BYTE;
- }
-}
-
-/////////////////// Classic //////////////////////////////////
-
-
-///////////////////// Cyclic //////////////////////////////////
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) {
- memcpy(pk->pk_seed, pk_seed, LEN_PKSEED);
- memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);
-
- // prng for sk
- prng_t prng;
- prng_t *prng0 = &prng;
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED);
- generate_S_T(sk->s1, prng0); // S,T: only a part of sk
-
- unsigned char t2[sizeof(sk->t4)];
- memcpy(t2, sk->t4, _V1_BYTE * _O2); // temporarily store t2
- calculate_t4(sk->t4, sk->t1, sk->t3); // t2 <- t4
-
- // prng for pk
- sk_t inst_Qs;
- sk_t *Qs = &inst_Qs;
- prng_t *prng1 = &prng;
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED);
- generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6
- obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1);
- obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1);
- // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6.
-
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T
-
- unsigned char t4[sizeof(sk->t4)];
- memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4
- memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9
- memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4
-
- obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1);
- obsfucate_l1_polys(pk->l1_Q5, Qs->l2_F5, N_TRIANGLE_TERMS(_O1), sk->s1);
- obsfucate_l1_polys(pk->l1_Q6, Qs->l2_F6, _O1 * _O2, sk->s1);
- obsfucate_l1_polys(pk->l1_Q9, pk->l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1);
-
- // clean
- memset(&prng, 0, sizeof(prng_t));
-}
-
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *rsk, const unsigned char *pk_seed, const unsigned char *sk_seed) {
- memcpy(rsk->pk_seed, pk_seed, LEN_PKSEED);
- memcpy(rsk->sk_seed, sk_seed, LEN_SKSEED);
- sk_t sk;
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_keypair_cyclic(pk, &sk, pk_seed, sk_seed);
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) {
- memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);
-
- // prng for sk
- prng_t prng0;
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED);
- generate_S_T(sk->s1, &prng0);
- calculate_t4(sk->t4, sk->t1, sk->t3);
-
- // prng for pk
- sk_t inst_Qs;
- sk_t *Qs = &inst_Qs;
- prng_t prng1;
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(&prng1, pk_seed, LEN_PKSEED);
- generate_B1_B2(Qs->l1_F1, &prng1);
-
- obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1);
- obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1);
-
- // calcuate the parts of sk according to pk.
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk);
-
- // clean prng for sk
- memset(&prng0, 0, sizeof(prng_t));
-}
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) {
- // procedure: cpk_t --> extcpk_t --> pk_t
-
- // convert from cpk_t to extcpk_t
- ext_cpk_t pk;
-
- // setup prng
- prng_t prng0;
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED);
-
- // generating parts of key with prng
- generate_l1_F12(pk.l1_Q1, &prng0);
- // copying parts of key from input. l1_Q3, l1_Q5, l1_Q6, l1_Q9
- memcpy(pk.l1_Q3, cpk->l1_Q3, _O1_BYTE * (_V1 * _O2 + N_TRIANGLE_TERMS(_O1) + _O1 * _O2 + N_TRIANGLE_TERMS(_O2)));
-
- // generating parts of key with prng
- generate_l2_F12356(pk.l2_Q1, &prng0);
- // copying parts of key from input: l2_Q9
- memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
-
- // convert from extcpk_t to pk_t
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_extcpk_to_pk(rpk, &pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair.h
deleted file mode 100644
index 59933f32d8..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair.h
+++ /dev/null
@@ -1,111 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_H_
-#define _RAINBOW_KEYPAIR_H_
-/// @file rainbow_keypair.h
-/// @brief Formats of key pairs and functions for generating key pairs.
-/// Formats of key pairs and functions for generating key pairs.
-///
-
-#include "rainbow_config.h"
-
-#define N_TRIANGLE_TERMS(n_var) ((n_var) * ((n_var) + 1) / 2)
-
-/// @brief public key for classic rainbow
-///
-/// public key for classic rainbow
-///
-typedef struct rainbow_publickey {
- unsigned char pk[(_PUB_M_BYTE)*N_TRIANGLE_TERMS(_PUB_N)];
-} pk_t;
-
-/// @brief secret key for classic rainbow
-///
-/// secret key for classic rainbow
-///
-typedef struct rainbow_secretkey {
- ///
- /// seed for generating secret key.
- /// Generating S, T, and F for classic rainbow.
- /// Generating S and T only for cyclic rainbow.
- unsigned char sk_seed[LEN_SKSEED];
-
- unsigned char s1[_O1_BYTE * _O2]; ///< part of S map
- unsigned char t1[_V1_BYTE * _O1]; ///< part of T map
- unsigned char t4[_V1_BYTE * _O2]; ///< part of T map
- unsigned char t3[_O1_BYTE * _O2]; ///< part of T map
-
- unsigned char l1_F1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer1
- unsigned char l1_F2[_O1_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer1
-
- unsigned char l2_F1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer2
- unsigned char l2_F2[_O2_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer2
-
- unsigned char l2_F3[_O2_BYTE * _V1 * _O2]; ///< part of C-map, F3, Layer2
- unsigned char l2_F5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< part of C-map, F5, Layer2
- unsigned char l2_F6[_O2_BYTE * _O1 * _O2]; ///< part of C-map, F6, Layer2
-} sk_t;
-
-/// @brief public key for cyclic rainbow
-///
-/// public key for cyclic rainbow
-///
-typedef struct rainbow_publickey_cyclic {
- unsigned char pk_seed[LEN_PKSEED]; ///< seed for generating l1_Q1,l1_Q2,l2_Q1,l2_Q2,l2_Q3,l2_Q5,l2_Q6
-
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2]; ///< Q3, layer1
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< Q5, layer1
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2]; ///< Q6, layer1
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)]; ///< Q9, layer1
-
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)]; ///< Q9, layer2
-} cpk_t;
-
-/// @brief compressed secret key for cyclic rainbow
-///
-/// compressed secret key for cyclic rainbow
-///
-typedef struct rainbow_secretkey_cyclic {
- unsigned char pk_seed[LEN_PKSEED]; ///< seed for generating a part of public key.
- unsigned char sk_seed[LEN_SKSEED]; ///< seed for generating a part of secret key.
-} csk_t;
-
-
-///
-/// @brief Generate key pairs for cyclic rainbow.
-///
-/// @param[out] pk - the public key.
-/// @param[out] sk - the secret key.
-/// @param[in] pk_seed - seed for generating parts of public key.
-/// @param[in] sk_seed - seed for generating secret key.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed);
-
-///
-/// @brief Generate compressed key pairs for cyclic rainbow.
-///
-/// @param[out] pk - the public key.
-/// @param[out] sk - the compressed secret key.
-/// @param[in] pk_seed - seed for generating parts of the public key.
-/// @param[in] sk_seed - seed for generating the secret key.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed);
-
-///
-/// @brief Generate secret key for cyclic rainbow.
-///
-/// @param[out] sk - the secret key.
-/// @param[in] pk_seed - seed for generating parts of the pbulic key.
-/// @param[in] sk_seed - seed for generating the secret key.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed);
-
-////////////////////////////////////
-
-///
-/// @brief converting formats of public keys : from cyclic version to classic key
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the cyclic public key.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk);
-
-#endif // _RAINBOW_KEYPAIR_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair_computation.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair_computation.c
deleted file mode 100644
index e4c0666ca0..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair_computation.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/// @file rainbow_keypair_computation.c
-/// @brief Implementations for functions in rainbow_keypair_computation.h
-///
-
-#include "rainbow_keypair_computation.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair.h"
-#include
-#include
-#include
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) {
- const unsigned char *idx_l1 = cpk->l1_Q1;
- const unsigned char *idx_l2 = cpk->l2_Q1;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = i; j < _V1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q2;
- idx_l2 = cpk->l2_Q2;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q3;
- idx_l2 = cpk->l2_Q3;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q5;
- idx_l2 = cpk->l2_Q5;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = i; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q6;
- idx_l2 = cpk->l2_Q6;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q9;
- idx_l2 = cpk->l2_Q9;
- for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) {
- for (unsigned int j = i; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
-}
-
-static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) {
- // Layer 1
- // F_sk.l1_F1s[i] = Q_pk.l1_F1s[i]
- memcpy(Fs->l1_F1, Qs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1));
-
- // F_sk.l1_F2s[i] = ( Q_pk.l1_F1s[i] + Q_pk.l1_F1s[i].transpose() ) * T_sk.t1 + Q_pk.l1_F2s[i]
- memcpy(Fs->l1_F2, Qs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_2trimat_madd(Fs->l1_F2, Qs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE);
-
- /*
- Layer 2
- computations:
-
- F_sk.l2_F1s[i] = Q_pk.l2_F1s[i]
-
- Q1_T1 = Q_pk.l2_F1s[i]*T_sk.t1
- F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1
- F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i]
-
- Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4
- #Q1_Q1T_T4 = Q1_Q1T * t4
- Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3
- F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i]
- F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- + Q_pk.l2_F2s[i].transpose() * t4
- + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i]
-
- */
- memcpy(Fs->l2_F1, Qs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // F_sk.l2_F1s[i] = Q_pk.l2_F1s[i]
-
- // F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1
- // F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i]
- memcpy(Fs->l2_F2, Qs->l2_F2, _O2_BYTE * _V1 * _O1);
- batch_trimat_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q1_T1+ Q2
-
- unsigned char tempQ[_O1 * _O1 * _O2_BYTE + 32];
- memset(tempQ, 0, _O1 * _O1 * _O2_BYTE);
- batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2)
- memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... )
-
- batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1
-
- // Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4
- // Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3
- // F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i]
- memcpy(Fs->l2_F3, Qs->l2_F3, _V1 * _O2 * _O2_BYTE);
- batch_2trimat_madd(Fs->l2_F3, Qs->l2_F1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); // Q1_Q1T_T4
- batch_mat_madd(Fs->l2_F3, Qs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // Q2_T3
-
- // F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- // + Q_pk.l2_F2s[i].transpose() * t4
- // + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i]
- memcpy(Fs->l2_F6, Qs->l2_F6, _O1 * _O2 * _O2_BYTE);
- batch_matTr_madd(Fs->l2_F6, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F3, _O2, _O2_BYTE); // t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- batch_2trimat_madd(Fs->l2_F6, Qs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3
- batch_bmatTr_madd(Fs->l2_F6, Qs->l2_F2, _O1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE);
-}
-
-#define _SIZE_BUFFER_F2 (_O2_BYTE * _V1 * _O2)
-#define _SIZE_BUFFER_F3 (_O2_BYTE * _V1 * _O2)
-static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- // Layer 1: Computing Q5, Q3, Q6, Q9
-
- // Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) )
- const unsigned char *t2 = Ts->t4;
-
- // assuming _O2 >= _O1
-
- unsigned char buffer_F2[_SIZE_BUFFER_F2];
- memcpy(buffer_F2, Fs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_trimat_madd( buffer_F2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2
-
- // assuming _O2 >= _O1
- unsigned char buffer_F3[_SIZE_BUFFER_F3];
- memset(buffer_F3, 0, _O1_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F3, Ts->t1, _V1, _V1_BYTE, _O1, buffer_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) , release buffer_F2
- memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1));
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q5, buffer_F3, _O1, _O1_BYTE); // UT( ... ) // Q5 , release buffer_F3
- /*
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
- Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3
- Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2
- Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) )
- */
- memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2);
- memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2);
- memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2));
-
- batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2
- batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F
- memset(buffer_F3, 0, _O1_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F3, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 )
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q9, buffer_F3, _O2, _O1_BYTE); // Q9 , release buffe
- batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 /
- batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2
- batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6
- /*
- Layer 2
- Computing
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) )
- */
- memcpy(buffer_F3, Fs->l2_F3, _O2_BYTE * _V1 * _O2);
- batch_trimat_madd(buffer_F3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3
- batch_mat_madd(buffer_F3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3
- memset(buffer_F2, 0, _O2_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F2, t2, _V1, _V1_BYTE, _O2, buffer_F3, _O2, _O2_BYTE); // T2tr * ( ..... ) , release buffe
- memcpy(buffer_F3, Fs->l2_F6, _O2_BYTE * _O1 * _O2);
- batch_trimat_madd(buffer_F3, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6
- batch_matTr_madd(buffer_F2, Ts->t3, _O1, _O1_BYTE, _O2, buffer_F3, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... )
- memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_UpperTrianglize(Qs->l2_Q9, buffer_F2, _O2, _O2_BYTE); // Q9
- memset(buffer_F2, 0, _SIZE_BUFFER_F2);
- memset(buffer_F3, 0, _SIZE_BUFFER_F3);
-}
-
-// Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_
-#define calculate_F_from_Q_impl calculate_F_from_Q_ref
-#define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) {
- calculate_F_from_Q_impl(Fs, Qs, Ts);
-}
-
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair_computation.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair_computation.h
deleted file mode 100644
index 760a691ea5..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/rainbow_keypair_computation.h
+++ /dev/null
@@ -1,71 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_COMP_H_
-#define _RAINBOW_KEYPAIR_COMP_H_
-/// @file rainbow_keypair_computation.h
-/// @brief Functions for calculating pk/sk while generating keys.
-///
-/// Defining an internal structure of public key.
-/// Functions for calculating pk/sk for key generation.
-///
-
-#include "rainbow_keypair.h"
-
-/// @brief The (internal use) public key for rainbow
-///
-/// The (internal use) public key for rainbow. The public
-/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9,
-/// l2_Q1, .... , l2_Q9.
-///
-typedef struct rainbow_extend_publickey {
- unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l1_Q2[_O1_BYTE * _V1 * _O1];
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2];
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2];
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)];
-
- unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l2_Q2[_O2_BYTE * _V1 * _O1];
- unsigned char l2_Q3[_O2_BYTE * _V1 * _O2];
- unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l2_Q6[_O2_BYTE * _O1 * _O2];
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)];
-} ext_cpk_t;
-
-///
-/// @brief converting formats of public keys : from ext_cpk_t version to pk_t
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the internel public key.
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk);
-/////////////////////////////////////////////////
-
-///
-/// @brief Computing public key from secret key
-///
-/// @param[out] Qs - the public key
-/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the secret key: T1, T4, T3
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-
-///
-/// @brief Computing parts of the sk from parts of pk and sk
-///
-/// @param[out] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6
-/// @param[in] Ts - parts of the sk: T1, T4, T3
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts);
-
-///
-/// @brief Computing parts of the pk from the secret key
-///
-/// @param[out] Qs - parts of the pk: l1_Q3, l1_Q5, l2_Q6, l1_Q9, l2_Q9
-/// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the sk: T1, T4, T3
-///
-void PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-#endif // _RAINBOW_KEYPAIR_COMP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/sign.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/sign.c
deleted file mode 100644
index 59eb89913e..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/sign.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/// @file sign.c
-/// @brief the implementations for functions in api.h
-///
-///
-
-#include "api.h"
-#include "rainbow.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) {
- unsigned char sk_seed[LEN_SKSEED] = {0};
- randombytes(sk_seed, LEN_SKSEED);
-
- unsigned char pk_seed[LEN_PKSEED] = {0};
- randombytes(pk_seed, LEN_PKSEED);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_generate_compact_keypair_cyclic((cpk_t *)pk, (csk_t *)sk, pk_seed, sk_seed);
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
-
- memcpy(sm, m, mlen);
- smlen[0] = mlen + _SIGNATURE_BYTE;
-
- return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign_cyclic(sm + mlen, (const csk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) {
- int rc;
- if (_SIGNATURE_BYTE > smlen) {
- rc = -1;
- } else {
- *mlen = smlen - _SIGNATURE_BYTE;
-
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen);
-
- rc = PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk);
- }
- if (!rc) {
- memmove(m, sm, smlen - _SIGNATURE_BYTE);
- } else { // bad signature
- *mlen = (size_t) -1;
- memset(m, 0, smlen);
- }
- return rc;
-}
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- *siglen = _SIGNATURE_BYTE;
- return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_sign_cyclic(sig, (const csk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk) {
- if (siglen != _SIGNATURE_BYTE) {
- return -1;
- }
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- return PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_hash.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_hash.c
deleted file mode 100644
index 74f5596eda..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_hash.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/// @file utils_hash.c
-/// @brief the adapter for SHA2 families.
-///
-///
-
-#include "utils_hash.h"
-#include "rainbow_config.h"
-#include "sha2.h"
-
-static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) {
- sha384(digest, m, mlen);
- return 0;
-}
-
-static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsigned char *hash) {
- if (_HASH_LEN >= n_digest) {
- for (size_t i = 0; i < n_digest; i++) {
- digest[i] = hash[i];
- }
- return 0;
- }
- for (size_t i = 0; i < _HASH_LEN; i++) {
- digest[i] = hash[i];
- }
- n_digest -= _HASH_LEN;
-
- while (_HASH_LEN <= n_digest) {
- h(digest + _HASH_LEN, digest, _HASH_LEN);
-
- n_digest -= _HASH_LEN;
- digest += _HASH_LEN;
- }
- unsigned char temp[_HASH_LEN];
- if (n_digest) {
- h(temp, digest, _HASH_LEN);
- for (size_t i = 0; i < n_digest; i++) {
- digest[_HASH_LEN + i] = temp[i];
- }
- }
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(unsigned char *digest,
- size_t len_digest,
- const unsigned char *m,
- size_t mlen) {
- unsigned char buf[_HASH_LEN];
- h(buf, m, mlen);
- return expand_hash(digest, len_digest, buf);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_hash.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_hash.h
deleted file mode 100644
index aa12789959..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_hash.h
+++ /dev/null
@@ -1,11 +0,0 @@
-#ifndef _UTILS_HASH_H_
-#define _UTILS_HASH_H_
-/// @file utils_hash.h
-/// @brief the interface for adapting hash functions.
-///
-
-#include
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen);
-
-#endif // _UTILS_HASH_H_
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_prng.c b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_prng.c
deleted file mode 100644
index c865fd1ef6..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_prng.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/// @file utils_prng.c
-/// @brief The implementation of PRNG related functions.
-///
-
-#include "utils_prng.h"
-#include "aes.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-static void prng_update(const unsigned char *provided_data,
- unsigned char *Key,
- unsigned char *V) {
- unsigned char temp[48];
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, Key);
- for (int i = 0; i < 3; i++) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (V[j] == 0xff) {
- V[j] = 0x00;
- } else {
- V[j]++;
- break;
- }
- }
- aes256_ecb(temp + 16 * i, V, 1, &ctx);
- }
- if (provided_data != NULL) {
- for (int i = 0; i < 48; i++) {
- temp[i] ^= provided_data[i];
- }
- }
- aes256_ctx_release(&ctx);
- memcpy(Key, temp, 32);
- memcpy(V, temp + 32, 16);
-}
-static void randombytes_init_with_state(prng_t *state,
- unsigned char *entropy_input_48bytes) {
- memset(state->Key, 0x00, 32);
- memset(state->V, 0x00, 16);
- prng_update(entropy_input_48bytes, state->Key, state->V);
-}
-
-static int randombytes_with_state(prng_t *state,
- unsigned char *x,
- size_t xlen) {
-
- unsigned char block[16];
- int i = 0;
-
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, state->Key);
-
- while (xlen > 0) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (state->V[j] == 0xff) {
- state->V[j] = 0x00;
- } else {
- state->V[j]++;
- break;
- }
- }
- aes256_ecb(block, state->V, 1, &ctx);
- if (xlen > 15) {
- memcpy(x + i, block, 16);
- i += 16;
- xlen -= 16;
- } else {
- memcpy(x + i, block, xlen);
- xlen = 0;
- }
- }
- aes256_ctx_release(&ctx);
- prng_update(NULL, state->Key, state->V);
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) {
- unsigned char seed[48];
- if (prng_seedlen >= 48) {
- memcpy(seed, prng_seed, 48);
- } else {
- memcpy(seed, prng_seed, prng_seedlen);
- PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen);
- }
-
- randombytes_init_with_state(ctx, seed);
-
- return 0;
-}
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) {
- return randombytes_with_state(ctx, out, outlen);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_prng.h b/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_prng.h
deleted file mode 100644
index c7f76c46ec..0000000000
--- a/src/sig/rainbow/pqclean_rainbowIII-compressed_clean/utils_prng.h
+++ /dev/null
@@ -1,18 +0,0 @@
-#ifndef _UTILS_PRNG_H_
-#define _UTILS_PRNG_H_
-/// @file utils_prng.h
-/// @brief the interface for adapting PRNG functions.
-///
-///
-
-#include "randombytes.h"
-
-typedef struct {
- unsigned char Key[32];
- unsigned char V[16];
-} prng_t;
-
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen);
-int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen);
-
-#endif // _UTILS_PRNG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/LICENSE b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/LICENSE
deleted file mode 100644
index cb00a6e354..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/LICENSE
+++ /dev/null
@@ -1,8 +0,0 @@
-`Software implementation of Rainbow for NIST R2 submission' by Ming-Shing Chen
-
-To the extent possible under law, the person who associated CC0 with
-`Software implementation of Rainbow for NIST R2 submission' has waived all copyright and related or neighboring rights
-to `Software implementation of Rainbow for NIST R2 submission'.
-
-You should have received a copy of the CC0 legalcode along with this
-work. If not, see .
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/api.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/api.h
deleted file mode 100644
index f5f49c79d9..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/api.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_API_H
-#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_API_H
-
-#include
-#include
-
-#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_CRYPTO_SECRETKEYBYTES 1408736
-#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_CRYPTO_PUBLICKEYBYTES 536136
-#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_CRYPTO_BYTES 212
-#define PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,96,36,64) - circumzenithal"
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk);
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
- const uint8_t *m, size_t mlen,
- const uint8_t *sk);
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
- const uint8_t *sm, size_t smlen,
- const uint8_t *pk);
-
-
-#endif
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas.c
deleted file mode 100644
index 8a3fa971a7..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas.c
+++ /dev/null
@@ -1,31 +0,0 @@
-#include "blas.h"
-#include "gf.h"
-
-#include
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) {
- uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate);
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= (a[i] & pr_u8);
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= a[i];
- }
-}
-
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- a[i] = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a[i], b);
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_c[i] ^= PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a[i], gf256_b);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas.h
deleted file mode 100644
index dffa9531c1..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _BLAS_H_
-#define _BLAS_H_
-/// @file blas.h
-/// @brief Functions for implementing basic linear algebra functions.
-///
-
-#include "rainbow_config.h"
-#include
-#include
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte);
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte);
-
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte);
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte);
-
-
-#endif // _BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas_comm.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas_comm.c
deleted file mode 100644
index 5cd14d034c..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas_comm.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/// @file blas_comm.c
-/// @brief The standard implementations for blas_comm.h
-///
-
-#include "blas_comm.h"
-#include "blas.h"
-#include "gf.h"
-#include "rainbow_config.h"
-
-#include
-#include
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- b[i] = 0;
- }
-}
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) {
- return a[i];
-}
-
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) {
- uint8_t r = 0;
- while (_num_byte--) {
- r |= a[0];
- a++;
- }
- return (0 == r);
-}
-
-/// polynomial multplication
-/// School boook
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, _num * 2 - 1);
- for (unsigned int i = 0; i < _num; i++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(c + i, a, b[i], _num);
- }
-}
-
-static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_A_vec_byte);
- for (unsigned int i = 0; i < n_A_width; i++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte);
- matA += n_A_vec_byte;
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) {
- unsigned int n_vec_byte = len_vec;
- for (unsigned int k = 0; k < len_vec; k++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(c, n_vec_byte);
- const uint8_t *bk = b + n_vec_byte * k;
- for (unsigned int i = 0; i < len_vec; i++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte);
- }
- c += n_vec_byte;
- }
-}
-
-static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) {
- unsigned int r8 = 1;
-
- for (unsigned int i = 0; i < h; i++) {
- uint8_t *ai = mat + w * i;
- unsigned int skip_len_align4 = i & ((unsigned int)~0x3);
-
- for (unsigned int j = i + 1; j < h; j++) {
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4);
- }
- r8 &= PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_is_nonzero(ai[i]);
- uint8_t pivot = ai[i];
- pivot = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_inv(pivot);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4);
- for (unsigned int j = 0; j < h; j++) {
- if (i == j) {
- continue;
- }
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4);
- }
- }
-
- return r8;
-}
-
-static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- uint8_t mat[64 * 64];
- for (unsigned int i = 0; i < n; i++) {
- memcpy(mat + i * (n + 1), inp_mat + i * n, n);
- mat[i * (n + 1) + n] = c_terms[i];
- }
- unsigned int r8 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(mat, n, n + 1);
- for (unsigned int i = 0; i < n; i++) {
- sol[i] = mat[i * (n + 1) + n];
- }
- return r8;
-}
-
-static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) {
- for (unsigned int i = 0; i < h; i++) {
- for (unsigned int j = 0; j < w2; j++) {
- mat2[i * w2 + j] = mat[i * w + st + j];
- }
- }
-}
-
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) {
- uint8_t *aa = buffer;
- for (unsigned int i = 0; i < H; i++) {
- uint8_t *ai = aa + i * 2 * H;
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(ai, 2 * H);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(ai, a + i * H, H);
- ai[H + i] = 1;
- }
- unsigned int r8 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H);
- gf256mat_submat(inv_a, H, H, aa, 2 * H, H);
- return r8;
-}
-
-
-// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE
-
-#define gf256mat_prod_impl gf256mat_prod_ref
-#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref
-#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b);
-}
-
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) {
- return gf256mat_gauss_elim_impl(mat, h, w);
-}
-
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n);
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas_comm.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas_comm.h
deleted file mode 100644
index 195010ada4..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/blas_comm.h
+++ /dev/null
@@ -1,90 +0,0 @@
-#ifndef _BLAS_COMM_H_
-#define _BLAS_COMM_H_
-/// @file blas_comm.h
-/// @brief Common functions for linear algebra.
-///
-
-#include "rainbow_config.h"
-#include
-
-/// @brief set a vector to 0.
-///
-/// @param[in,out] b - the vector b.
-/// @param[in] _num_byte - number of bytes for the vector b.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte);
-
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i);
-
-/// @brief check if a vector is 0.
-///
-/// @param[in] a - the vector a.
-/// @param[in] _num_byte - number of bytes for the vector a.
-/// @return 1(true) if a is 0. 0(false) else.
-///
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte);
-
-/// @brief polynomial multiplication: c = a*b
-///
-/// @param[out] c - the output polynomial c
-/// @param[in] a - the vector a.
-/// @param[in] b - the vector b.
-/// @param[in] _num - number of elements for the polynomials a and b.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num);
-
-/// @brief matrix-vector multiplication: c = matA * b , in GF(256)
-///
-/// @param[out] c - the output vector c
-/// @param[in] matA - a column-major matrix A.
-/// @param[in] n_A_vec_byte - the size of column vectors in bytes.
-/// @param[in] n_A_width - the width of matrix A.
-/// @param[in] b - the vector b.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b);
-
-/// @brief matrix-matrix multiplication: c = a * b , in GF(256)
-///
-/// @param[out] c - the output matrix c
-/// @param[in] c - a matrix a.
-/// @param[in] b - a matrix b.
-/// @param[in] len_vec - the length of column vectors.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec);
-
-/// @brief Gauss elimination for a matrix, in GF(256)
-///
-/// @param[in,out] mat - the matrix.
-/// @param[in] h - the height of the matrix.
-/// @param[in] w - the width of the matrix.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w);
-
-/// @brief Solving linear equations, in GF(256)
-///
-/// @param[out] sol - the solutions.
-/// @param[in] inp_mat - the matrix parts of input equations.
-/// @param[in] c_terms - the constant terms of the input equations.
-/// @param[in] n - the number of equations.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n);
-
-/// @brief Computing the inverse matrix, in GF(256)
-///
-/// @param[out] inv_a - the output of matrix a.
-/// @param[in] a - a matrix a.
-/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix.
-/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer);
-
-#endif // _BLAS_COMM_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/gf.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/gf.c
deleted file mode 100644
index db52264920..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/gf.c
+++ /dev/null
@@ -1,91 +0,0 @@
-#include "gf.h"
-
-//// gf4 := gf2[x]/x^2+x+1
-static inline uint8_t gf4_mul_2(uint8_t a) {
- uint8_t r = (uint8_t)(a << 1);
- r ^= (uint8_t)((a >> 1) * 7);
- return r;
-}
-
-static inline uint8_t gf4_mul(uint8_t a, uint8_t b) {
- uint8_t r = (uint8_t)(a * (b & 1));
- return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1));
-}
-
-static inline uint8_t gf4_squ(uint8_t a) {
- return a ^ (a >> 1);
-}
-
-//// gf16 := gf4[y]/y^2+y+x
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- uint8_t b0 = b & 3;
- uint8_t b1 = (b >> 2);
- uint8_t a0b0 = gf4_mul(a0, b0);
- uint8_t a1b1 = gf4_mul(a1, b1);
- uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x2 = gf4_mul_2(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2);
-}
-
-static inline uint8_t gf16_squ(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- a1 = gf4_squ(a1);
- uint8_t a1squ_x2 = gf4_mul_2(a1);
- return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_is_nonzero(uint8_t a) {
- unsigned int a8 = a;
- unsigned int r = ((unsigned int)0) - a8;
- r >>= 8;
- return r & 1;
-}
-
-static inline uint8_t gf4_mul_3(uint8_t a) {
- uint8_t msk = (uint8_t)((a - 2) >> 1);
- return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1)));
-}
-static inline uint8_t gf16_mul_8(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = a >> 2;
- return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1));
-}
-
-// gf256 := gf16[X]/X^2+X+xy
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- uint8_t b0 = b & 15;
- uint8_t b1 = (b >> 4);
- uint8_t a0b0 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(a0, b0);
- uint8_t a1b1 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(a1, b1);
- uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x8 = gf16_mul_8(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8);
-}
-
-static inline uint8_t gf256_squ(uint8_t a) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- a1 = gf16_squ(a1);
- uint8_t a1squ_x8 = gf16_mul_8(a1);
- return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_inv(uint8_t a) {
- // 128+64+32+16+8+4+2 = 254
- uint8_t a2 = gf256_squ(a);
- uint8_t a4 = gf256_squ(a2);
- uint8_t a8 = gf256_squ(a4);
- uint8_t a4_2 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a4, a2);
- uint8_t a8_4_2 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a4_2, a8);
- uint8_t a64_ = gf256_squ(a8_4_2);
- a64_ = gf256_squ(a64_);
- a64_ = gf256_squ(a64_);
- uint8_t a64_2 = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a64_, a8_4_2);
- uint8_t a128_ = gf256_squ(a64_2);
- return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(a2, a128_);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/gf.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/gf.h
deleted file mode 100644
index f5247053ca..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/gf.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _GF16_H_
-#define _GF16_H_
-
-#include "rainbow_config.h"
-#include
-
-/// @file gf16.h
-/// @brief Library for arithmetics in GF(16) and GF(256)
-///
-
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf16_mul(uint8_t a, uint8_t b);
-
-
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_is_nonzero(uint8_t a);
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_inv(uint8_t a);
-uint8_t PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256_mul(uint8_t a, uint8_t b);
-
-
-#endif // _GF16_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/parallel_matrix_op.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/parallel_matrix_op.c
deleted file mode 100644
index 2143c47e4a..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/parallel_matrix_op.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/// @file parallel_matrix_op.c
-/// @brief the standard implementations for functions in parallel_matrix_op.h
-///
-/// the standard implementations for functions in parallel_matrix_op.h
-///
-
-#include "parallel_matrix_op.h"
-#include "blas.h"
-#include "blas_comm.h"
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) {
- return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row;
-}
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix.
-///
-/// @param[in] i_row - the i-th row in a triangle matrix.
-/// @param[in] j_col - the j-th column in a triangle matrix.
-/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) {
- if (i_row > j_col) {
- return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(j_col, i_row, n_var);
- }
- return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i_row, j_col, n_var);
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) {
- unsigned char *runningC = btriC;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < i; j++) {
- unsigned int idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(j, i, Aheight);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch);
- }
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i));
- runningC += size_batch * (Aheight - i);
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (k < i) {
- continue;
- }
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- btriA += (Aheight - i) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i < k) {
- continue;
- }
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i == k) {
- continue;
- }
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Atr_height = Awidth;
- unsigned int Atr_width = Aheight;
- for (unsigned int i = 0; i < Atr_height; i++) {
- for (unsigned int j = 0; j < Atr_width; j++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth);
- }
- bC += size_batch * Bwidth;
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- const unsigned char *bA = bA_to_tr;
- unsigned int Aheight = Awidth_before_tr;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- bA += (Awidth) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) {
- unsigned char tmp[256];
-
- unsigned char _x[256];
- for (unsigned int i = 0; i < dim; i++) {
- _x[i] = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(x, i);
- }
-
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(y, size_batch);
- for (unsigned int i = 0; i < dim; i++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = i; j < dim; j++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch);
- trimat += size_batch;
- }
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch);
- }
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat,
- const unsigned char *x, unsigned dim_x, unsigned size_batch) {
- unsigned char tmp[128];
-
- unsigned char _x[128];
- for (unsigned int i = 0; i < dim_x; i++) {
- _x[i] = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(x, i);
- }
- unsigned char _y[128];
- for (unsigned int i = 0; i < dim_y; i++) {
- _y[i] = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele(y, i);
- }
-
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(z, size_batch);
- for (unsigned int i = 0; i < dim_y; i++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = 0; j < dim_x; j++) {
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch);
- mat += size_batch;
- }
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/parallel_matrix_op.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/parallel_matrix_op.h
deleted file mode 100644
index 0220923597..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/parallel_matrix_op.h
+++ /dev/null
@@ -1,260 +0,0 @@
-#ifndef _P_MATRIX_OP_H_
-#define _P_MATRIX_OP_H_
-/// @file parallel_matrix_op.h
-/// @brief Librarys for operations of batched matrixes.
-///
-///
-
-//////////////// Section: triangle matrix <-> rectangle matrix ///////////////////////////////////
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim);
-
-///
-/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix.
-///
-/// @param[out] btriC - the batched upper-trianglized matrix C.
-/// @param[in] bA - a batched retangle matrix A.
-/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch);
-
-//////////////////// Section: matrix multiplications ///////////////////////////////
-
-///
-/// @brief bC += btriA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf16(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-//////////////////// Section: "quadratric" matrix evaluation ///////////////////////////////
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(16)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(256)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(16)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(256)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-#endif // _P_MATRIX_OP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow.c
deleted file mode 100644
index 93ee972613..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/// @file rainbow.c
-/// @brief The standard implementations for functions in rainbow.h
-///
-
-#include "blas.h"
-#include "parallel_matrix_op.h"
-#include "rainbow.h"
-#include "rainbow_blas.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "utils_hash.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-#define MAX_ATTEMPT_FRMAT 128
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) {
- uint8_t mat_l1[_O1 * _O1_BYTE];
- uint8_t mat_l2[_O2 * _O2_BYTE];
- uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE];
-
- // setup PRNG
- prng_t prng_sign;
- uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN];
- memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED);
- memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest
- uint8_t prng_seed[_HASH_LEN];
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest )
- for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) {
- prng_preseed[i] ^= prng_preseed[i]; // clean
- }
- for (unsigned int i = 0; i < _HASH_LEN; i++) {
- prng_seed[i] ^= prng_seed[i]; // clean
- }
-
- // roll vinegars.
- uint8_t vinegar[_V1_BYTE];
- unsigned int n_attempt = 0;
- unsigned int l1_succ = 0;
- while (!l1_succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars
- gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1
- l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable
- n_attempt++;
- }
-
- // Given the vinegars, pre-compute variables needed for layer 2
- uint8_t r_l1_F1[_O1_BYTE] = {0};
- uint8_t r_l2_F1[_O2_BYTE] = {0};
- batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE);
- batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE);
- uint8_t mat_l2_F3[_O2 * _O2_BYTE];
- uint8_t mat_l2_F2[_O1 * _O2_BYTE];
- gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar);
- gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar);
-
- // Some local variables.
- uint8_t _z[_PUB_M_BYTE];
- uint8_t y[_PUB_M_BYTE];
- uint8_t *x_v1 = vinegar;
- uint8_t x_o1[_O1_BYTE];
- uint8_t x_o2[_O2_BYTE];
-
- uint8_t digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, _digest, _HASH_LEN);
- uint8_t *salt = digest_salt + _HASH_LEN;
-
- uint8_t temp_o[_MAX_O_BYTE + 32] = {0};
- unsigned int succ = 0;
- while (!succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w
-
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt)
-
- // y = S^-1 * z
- memcpy(y, _z, _PUB_M_BYTE); // identity part of S
- gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(y, temp_o, _O1_BYTE);
-
- // Central Map:
- // layer 1: calculate x_o1
- memcpy(temp_o, r_l1_F1, _O1_BYTE);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y, _O1_BYTE);
- gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o);
-
- // layer 2: calculate x_o2
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE);
- gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2
- batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE);
-
- // generate the linear equations of the 2nd layer
- gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3
- succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer);
- gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs
-
- n_attempt++;
- };
- // w = T^-1 * y
- uint8_t w[_PUB_N_BYTE];
- // identity part of T.
- memcpy(w, x_v1, _V1_BYTE);
- memcpy(w + _V1_BYTE, x_o1, _O1_BYTE);
- memcpy(w + _V2_BYTE, x_o2, _O2_BYTE);
- // Computing the t1 part.
- gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t4 part.
- gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t3 part.
- gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE);
-
- memset(signature, 0, _SIGNATURE_BYTE); // set the output 0
- // clean
- memset(&prng_sign, 0, sizeof(prng_t));
- memset(vinegar, 0, _V1_BYTE);
- memset(r_l1_F1, 0, _O1_BYTE);
- memset(r_l2_F1, 0, _O2_BYTE);
- memset(_z, 0, _PUB_M_BYTE);
- memset(y, 0, _PUB_M_BYTE);
- memset(x_o1, 0, _O1_BYTE);
- memset(x_o2, 0, _O2_BYTE);
- memset(temp_o, 0, sizeof(temp_o));
-
- // return: copy w and salt to the signature.
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- return -1;
- }
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE);
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) {
- unsigned char digest_ck[_PUB_M_BYTE];
- // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials.
- batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE);
-
- unsigned char correct[_PUB_M_BYTE];
- unsigned char digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, digest, _HASH_LEN);
- memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt )
-
- // check consistancy.
- unsigned char cc = 0;
- for (unsigned int i = 0; i < _PUB_M_BYTE; i++) {
- cc |= (digest_ck[i] ^ correct[i]);
- }
- return (0 == cc) ? 0 : -1;
-}
-
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) {
- unsigned char pk[sizeof(pk_t) + 32];
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key.
- return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow.h
deleted file mode 100644
index 36763f0924..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow.h
+++ /dev/null
@@ -1,42 +0,0 @@
-#ifndef _RAINBOW_H_
-#define _RAINBOW_H_
-/// @file rainbow.h
-/// @brief APIs for rainbow.
-///
-
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-
-#include
-
-///
-/// @brief Signing function for classical secret key.
-///
-/// @param[out] signature - the signature.
-/// @param[in] sk - the secret key.
-/// @param[in] digest - the digest.
-///
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest);
-
-///
-/// @brief Verifying function.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk);
-
-
-///
-/// @brief Verifying function for cyclic public keys.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key of cyclic rainbow.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk);
-
-#endif // _RAINBOW_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_blas.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_blas.h
deleted file mode 100644
index 2d28765c94..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_blas.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef _RAINBOW_BLAS_H_
-#define _RAINBOW_BLAS_H_
-/// @file rainbow_blas.h
-/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-///
-/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-
-#include "blas.h"
-#include "blas_comm.h"
-#include "parallel_matrix_op.h"
-#include "rainbow_config.h"
-
-
-#define gfv_get_ele PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_get_ele
-#define gfv_mul_scalar PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_mul_scalar
-#define gfv_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_madd
-
-#define gfmat_prod PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_prod
-#define gfmat_inv PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256mat_inv
-
-#define batch_trimat_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimat_madd_gf256
-#define batch_trimatTr_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_trimatTr_madd_gf256
-#define batch_2trimat_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_2trimat_madd_gf256
-#define batch_matTr_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_matTr_madd_gf256
-#define batch_bmatTr_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_bmatTr_madd_gf256
-#define batch_mat_madd PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_mat_madd_gf256
-
-#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_trimat_eval_gf256
-#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_batch_quad_recmat_eval_gf256
-
-
-#endif // _RAINBOW_BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_config.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_config.h
deleted file mode 100644
index e668ff3cb0..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_config.h
+++ /dev/null
@@ -1,48 +0,0 @@
-#ifndef _H_RAINBOW_CONFIG_H_
-#define _H_RAINBOW_CONFIG_H_
-
-/// @file rainbow_config.h
-/// @brief Defining the parameters of the Rainbow and the corresponding constants.
-///
-
-#define _GFSIZE 256
-#define _V1 96
-#define _O1 36
-#define _O2 64
-#define _MAX_O 64
-#define _HASH_LEN 64
-
-
-#define _V2 ((_V1) + (_O1))
-
-/// size of N, in # of gf elements.
-#define _PUB_N (_V1 + _O1 + _O2)
-
-/// size of M, in # gf elements.
-#define _PUB_M (_O1 + _O2)
-
-/// size of variables, in # bytes.
-
-// GF256
-#define _V1_BYTE (_V1)
-#define _V2_BYTE (_V2)
-#define _O1_BYTE (_O1)
-#define _O2_BYTE (_O2)
-#define _MAX_O_BYTE (_MAX_O)
-#define _PUB_N_BYTE (_PUB_N)
-#define _PUB_M_BYTE (_PUB_M)
-
-
-/// length of seed for public key, in # bytes
-#define LEN_PKSEED 32
-
-/// length of seed for secret key, in # bytes
-#define LEN_SKSEED 32
-
-/// length of salt for a signature, in # bytes
-#define _SALT_BYTE 16
-
-/// length of a signature
-#define _SIGNATURE_BYTE (_PUB_N_BYTE + _SALT_BYTE)
-
-#endif // _H_RAINBOW_CONFIG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair.c
deleted file mode 100644
index 5ee23bdfa8..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair.c
+++ /dev/null
@@ -1,186 +0,0 @@
-/// @file rainbow_keypair.c
-/// @brief implementations of functions in rainbow_keypair.h
-///
-
-#include "rainbow_keypair.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair_computation.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-static
-void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) {
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->s1);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t1);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t4);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t3);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, s_and_t, size );
-}
-
-
-static
-unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l1_F1);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l1_F2);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static
-unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l2_F1);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F2);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F3);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F5);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F6);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static void generate_B1_B2(unsigned char *sk, prng_t *prng0) {
- sk += generate_l1_F12(sk, prng0);
- generate_l2_F12356(sk, prng0);
-}
-
-static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) {
- // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2
- unsigned char temp[_V1_BYTE + 32];
- unsigned char *t4 = t2_to_t4;
- for (unsigned int i = 0; i < _O2; i++) { /// t3 width
- gfmat_prod(temp, t1, _V1_BYTE, _O1, t3);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(t4, temp, _V1_BYTE);
- t4 += _V1_BYTE;
- t3 += _O1_BYTE;
- }
-}
-
-static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) {
- unsigned char temp[_O1_BYTE + 32];
- while (n_terms--) {
- gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE);
- l1_polys += _O1_BYTE;
- l2_polys += _O2_BYTE;
- }
-}
-
-/////////////////// Classic //////////////////////////////////
-
-
-///////////////////// Cyclic //////////////////////////////////
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) {
- memcpy(pk->pk_seed, pk_seed, LEN_PKSEED);
- memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);
-
- // prng for sk
- prng_t prng;
- prng_t *prng0 = &prng;
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED);
- generate_S_T(sk->s1, prng0); // S,T: only a part of sk
-
- unsigned char t2[sizeof(sk->t4)];
- memcpy(t2, sk->t4, _V1_BYTE * _O2); // temporarily store t2
- calculate_t4(sk->t4, sk->t1, sk->t3); // t2 <- t4
-
- // prng for pk
- sk_t inst_Qs;
- sk_t *Qs = &inst_Qs;
- prng_t *prng1 = &prng;
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED);
- generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6
- obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1);
- obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1);
- // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6.
-
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T
-
- unsigned char t4[sizeof(sk->t4)];
- memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4
- memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9
- memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4
-
- obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1);
- obsfucate_l1_polys(pk->l1_Q5, Qs->l2_F5, N_TRIANGLE_TERMS(_O1), sk->s1);
- obsfucate_l1_polys(pk->l1_Q6, Qs->l2_F6, _O1 * _O2, sk->s1);
- obsfucate_l1_polys(pk->l1_Q9, pk->l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1);
-
- // clean
- memset(&prng, 0, sizeof(prng_t));
-}
-
-
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) {
- // procedure: cpk_t --> extcpk_t --> pk_t
-
- // convert from cpk_t to extcpk_t
- ext_cpk_t pk;
-
- // setup prng
- prng_t prng0;
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED);
-
- // generating parts of key with prng
- generate_l1_F12(pk.l1_Q1, &prng0);
- // copying parts of key from input. l1_Q3, l1_Q5, l1_Q6, l1_Q9
- memcpy(pk.l1_Q3, cpk->l1_Q3, _O1_BYTE * (_V1 * _O2 + N_TRIANGLE_TERMS(_O1) + _O1 * _O2 + N_TRIANGLE_TERMS(_O2)));
-
- // generating parts of key with prng
- generate_l2_F12356(pk.l2_Q1, &prng0);
- // copying parts of key from input: l2_Q9
- memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
-
- // convert from extcpk_t to pk_t
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_extcpk_to_pk(rpk, &pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair.h
deleted file mode 100644
index 16e0e1b946..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair.h
+++ /dev/null
@@ -1,94 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_H_
-#define _RAINBOW_KEYPAIR_H_
-/// @file rainbow_keypair.h
-/// @brief Formats of key pairs and functions for generating key pairs.
-/// Formats of key pairs and functions for generating key pairs.
-///
-
-#include "rainbow_config.h"
-
-#define N_TRIANGLE_TERMS(n_var) ((n_var) * ((n_var) + 1) / 2)
-
-/// @brief public key for classic rainbow
-///
-/// public key for classic rainbow
-///
-typedef struct rainbow_publickey {
- unsigned char pk[(_PUB_M_BYTE)*N_TRIANGLE_TERMS(_PUB_N)];
-} pk_t;
-
-/// @brief secret key for classic rainbow
-///
-/// secret key for classic rainbow
-///
-typedef struct rainbow_secretkey {
- ///
- /// seed for generating secret key.
- /// Generating S, T, and F for classic rainbow.
- /// Generating S and T only for cyclic rainbow.
- unsigned char sk_seed[LEN_SKSEED];
-
- unsigned char s1[_O1_BYTE * _O2]; ///< part of S map
- unsigned char t1[_V1_BYTE * _O1]; ///< part of T map
- unsigned char t4[_V1_BYTE * _O2]; ///< part of T map
- unsigned char t3[_O1_BYTE * _O2]; ///< part of T map
-
- unsigned char l1_F1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer1
- unsigned char l1_F2[_O1_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer1
-
- unsigned char l2_F1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer2
- unsigned char l2_F2[_O2_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer2
-
- unsigned char l2_F3[_O2_BYTE * _V1 * _O2]; ///< part of C-map, F3, Layer2
- unsigned char l2_F5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< part of C-map, F5, Layer2
- unsigned char l2_F6[_O2_BYTE * _O1 * _O2]; ///< part of C-map, F6, Layer2
-} sk_t;
-
-/// @brief public key for cyclic rainbow
-///
-/// public key for cyclic rainbow
-///
-typedef struct rainbow_publickey_cyclic {
- unsigned char pk_seed[LEN_PKSEED]; ///< seed for generating l1_Q1,l1_Q2,l2_Q1,l2_Q2,l2_Q3,l2_Q5,l2_Q6
-
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2]; ///< Q3, layer1
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< Q5, layer1
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2]; ///< Q6, layer1
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)]; ///< Q9, layer1
-
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)]; ///< Q9, layer2
-} cpk_t;
-
-/// @brief compressed secret key for cyclic rainbow
-///
-/// compressed secret key for cyclic rainbow
-///
-typedef struct rainbow_secretkey_cyclic {
- unsigned char pk_seed[LEN_PKSEED]; ///< seed for generating a part of public key.
- unsigned char sk_seed[LEN_SKSEED]; ///< seed for generating a part of secret key.
-} csk_t;
-
-
-///
-/// @brief Generate key pairs for cyclic rainbow.
-///
-/// @param[out] pk - the public key.
-/// @param[out] sk - the secret key.
-/// @param[in] pk_seed - seed for generating parts of public key.
-/// @param[in] sk_seed - seed for generating secret key.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed);
-
-
-
-////////////////////////////////////
-
-///
-/// @brief converting formats of public keys : from cyclic version to classic key
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the cyclic public key.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk);
-
-#endif // _RAINBOW_KEYPAIR_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair_computation.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair_computation.c
deleted file mode 100644
index 21fa58e048..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair_computation.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/// @file rainbow_keypair_computation.c
-/// @brief Implementations for functions in rainbow_keypair_computation.h
-///
-
-#include "rainbow_keypair_computation.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair.h"
-#include
-#include
-#include
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) {
- const unsigned char *idx_l1 = cpk->l1_Q1;
- const unsigned char *idx_l2 = cpk->l2_Q1;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = i; j < _V1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q2;
- idx_l2 = cpk->l2_Q2;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q3;
- idx_l2 = cpk->l2_Q3;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q5;
- idx_l2 = cpk->l2_Q5;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = i; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q6;
- idx_l2 = cpk->l2_Q6;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q9;
- idx_l2 = cpk->l2_Q9;
- for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) {
- for (unsigned int j = i; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
-}
-
-static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) {
- // Layer 1
- // F_sk.l1_F1s[i] = Q_pk.l1_F1s[i]
- memcpy(Fs->l1_F1, Qs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1));
-
- // F_sk.l1_F2s[i] = ( Q_pk.l1_F1s[i] + Q_pk.l1_F1s[i].transpose() ) * T_sk.t1 + Q_pk.l1_F2s[i]
- memcpy(Fs->l1_F2, Qs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_2trimat_madd(Fs->l1_F2, Qs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE);
-
- /*
- Layer 2
- computations:
-
- F_sk.l2_F1s[i] = Q_pk.l2_F1s[i]
-
- Q1_T1 = Q_pk.l2_F1s[i]*T_sk.t1
- F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1
- F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i]
-
- Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4
- #Q1_Q1T_T4 = Q1_Q1T * t4
- Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3
- F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i]
- F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- + Q_pk.l2_F2s[i].transpose() * t4
- + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i]
-
- */
- memcpy(Fs->l2_F1, Qs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // F_sk.l2_F1s[i] = Q_pk.l2_F1s[i]
-
- // F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1
- // F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i]
- memcpy(Fs->l2_F2, Qs->l2_F2, _O2_BYTE * _V1 * _O1);
- batch_trimat_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q1_T1+ Q2
-
- unsigned char tempQ[_O1 * _O1 * _O2_BYTE + 32];
- memset(tempQ, 0, _O1 * _O1 * _O2_BYTE);
- batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2)
- memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... )
-
- batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1
-
- // Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4
- // Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3
- // F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i]
- memcpy(Fs->l2_F3, Qs->l2_F3, _V1 * _O2 * _O2_BYTE);
- batch_2trimat_madd(Fs->l2_F3, Qs->l2_F1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); // Q1_Q1T_T4
- batch_mat_madd(Fs->l2_F3, Qs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // Q2_T3
-
- // F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- // + Q_pk.l2_F2s[i].transpose() * t4
- // + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i]
- memcpy(Fs->l2_F6, Qs->l2_F6, _O1 * _O2 * _O2_BYTE);
- batch_matTr_madd(Fs->l2_F6, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F3, _O2, _O2_BYTE); // t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- batch_2trimat_madd(Fs->l2_F6, Qs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3
- batch_bmatTr_madd(Fs->l2_F6, Qs->l2_F2, _O1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE);
-}
-
-#define _SIZE_BUFFER_F2 (_O2_BYTE * _V1 * _O2)
-#define _SIZE_BUFFER_F3 (_O2_BYTE * _V1 * _O2)
-static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- // Layer 1: Computing Q5, Q3, Q6, Q9
-
- // Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) )
- const unsigned char *t2 = Ts->t4;
-
- // assuming _O2 >= _O1
-
- unsigned char buffer_F2[_SIZE_BUFFER_F2];
- memcpy(buffer_F2, Fs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_trimat_madd( buffer_F2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2
-
- // assuming _O2 >= _O1
- unsigned char buffer_F3[_SIZE_BUFFER_F3];
- memset(buffer_F3, 0, _O1_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F3, Ts->t1, _V1, _V1_BYTE, _O1, buffer_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) , release buffer_F2
- memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1));
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q5, buffer_F3, _O1, _O1_BYTE); // UT( ... ) // Q5 , release buffer_F3
- /*
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
- Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3
- Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2
- Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) )
- */
- memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2);
- memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2);
- memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2));
-
- batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2
- batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F
- memset(buffer_F3, 0, _O1_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F3, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 )
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l1_Q9, buffer_F3, _O2, _O1_BYTE); // Q9 , release buffe
- batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 /
- batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2
- batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6
- /*
- Layer 2
- Computing
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) )
- */
- memcpy(buffer_F3, Fs->l2_F3, _O2_BYTE * _V1 * _O2);
- batch_trimat_madd(buffer_F3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3
- batch_mat_madd(buffer_F3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3
- memset(buffer_F2, 0, _O2_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F2, t2, _V1, _V1_BYTE, _O2, buffer_F3, _O2, _O2_BYTE); // T2tr * ( ..... ) , release buffe
- memcpy(buffer_F3, Fs->l2_F6, _O2_BYTE * _O1 * _O2);
- batch_trimat_madd(buffer_F3, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6
- batch_matTr_madd(buffer_F2, Ts->t3, _O1, _O1_BYTE, _O2, buffer_F3, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... )
- memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_UpperTrianglize(Qs->l2_Q9, buffer_F2, _O2, _O2_BYTE); // Q9
- memset(buffer_F2, 0, _SIZE_BUFFER_F2);
- memset(buffer_F3, 0, _SIZE_BUFFER_F3);
-}
-
-// Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_
-#define calculate_F_from_Q_impl calculate_F_from_Q_ref
-#define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) {
- calculate_F_from_Q_impl(Fs, Qs, Ts);
-}
-
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair_computation.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair_computation.h
deleted file mode 100644
index be9fd685d8..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/rainbow_keypair_computation.h
+++ /dev/null
@@ -1,71 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_COMP_H_
-#define _RAINBOW_KEYPAIR_COMP_H_
-/// @file rainbow_keypair_computation.h
-/// @brief Functions for calculating pk/sk while generating keys.
-///
-/// Defining an internal structure of public key.
-/// Functions for calculating pk/sk for key generation.
-///
-
-#include "rainbow_keypair.h"
-
-/// @brief The (internal use) public key for rainbow
-///
-/// The (internal use) public key for rainbow. The public
-/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9,
-/// l2_Q1, .... , l2_Q9.
-///
-typedef struct rainbow_extend_publickey {
- unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l1_Q2[_O1_BYTE * _V1 * _O1];
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2];
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2];
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)];
-
- unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l2_Q2[_O2_BYTE * _V1 * _O1];
- unsigned char l2_Q3[_O2_BYTE * _V1 * _O2];
- unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l2_Q6[_O2_BYTE * _O1 * _O2];
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)];
-} ext_cpk_t;
-
-///
-/// @brief converting formats of public keys : from ext_cpk_t version to pk_t
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the internel public key.
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk);
-/////////////////////////////////////////////////
-
-///
-/// @brief Computing public key from secret key
-///
-/// @param[out] Qs - the public key
-/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the secret key: T1, T4, T3
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-
-///
-/// @brief Computing parts of the sk from parts of pk and sk
-///
-/// @param[out] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6
-/// @param[in] Ts - parts of the sk: T1, T4, T3
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts);
-
-///
-/// @brief Computing parts of the pk from the secret key
-///
-/// @param[out] Qs - parts of the pk: l1_Q3, l1_Q5, l2_Q6, l1_Q9, l2_Q9
-/// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the sk: T1, T4, T3
-///
-void PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-#endif // _RAINBOW_KEYPAIR_COMP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/sign.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/sign.c
deleted file mode 100644
index 8d14a96662..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/sign.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/// @file sign.c
-/// @brief the implementations for functions in api.h
-///
-///
-
-#include "api.h"
-#include "rainbow.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) {
- unsigned char sk_seed[LEN_SKSEED] = {0};
- randombytes(sk_seed, LEN_SKSEED);
-
- unsigned char pk_seed[LEN_PKSEED] = {0};
- randombytes(pk_seed, LEN_PKSEED);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_generate_keypair_cyclic((cpk_t *)pk, (sk_t *)sk, pk_seed, sk_seed);
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
-
- memcpy(sm, m, mlen);
- smlen[0] = mlen + _SIGNATURE_BYTE;
-
- return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) {
- int rc;
- if (_SIGNATURE_BYTE > smlen) {
- rc = -1;
- } else {
- *mlen = smlen - _SIGNATURE_BYTE;
-
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen);
-
- rc = PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk);
- }
- if (!rc) {
- memmove(m, sm, smlen - _SIGNATURE_BYTE);
- } else { // bad signature
- *mlen = (size_t) -1;
- memset(m, 0, smlen);
- }
- return rc;
-}
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- *siglen = _SIGNATURE_BYTE;
- return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk) {
- if (siglen != _SIGNATURE_BYTE) {
- return -1;
- }
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- return PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_hash.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_hash.c
deleted file mode 100644
index 00082d97d5..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_hash.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/// @file utils_hash.c
-/// @brief the adapter for SHA2 families.
-///
-///
-
-#include "utils_hash.h"
-#include "rainbow_config.h"
-#include "sha2.h"
-
-static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) {
- sha512(digest, m, mlen);
- return 0;
-}
-
-static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsigned char *hash) {
- if (_HASH_LEN >= n_digest) {
- for (size_t i = 0; i < n_digest; i++) {
- digest[i] = hash[i];
- }
- return 0;
- }
- for (size_t i = 0; i < _HASH_LEN; i++) {
- digest[i] = hash[i];
- }
- n_digest -= _HASH_LEN;
-
- while (_HASH_LEN <= n_digest) {
- h(digest + _HASH_LEN, digest, _HASH_LEN);
-
- n_digest -= _HASH_LEN;
- digest += _HASH_LEN;
- }
- unsigned char temp[_HASH_LEN];
- if (n_digest) {
- h(temp, digest, _HASH_LEN);
- for (size_t i = 0; i < n_digest; i++) {
- digest[_HASH_LEN + i] = temp[i];
- }
- }
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest,
- size_t len_digest,
- const unsigned char *m,
- size_t mlen) {
- unsigned char buf[_HASH_LEN];
- h(buf, m, mlen);
- return expand_hash(digest, len_digest, buf);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_hash.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_hash.h
deleted file mode 100644
index df4593d9aa..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_hash.h
+++ /dev/null
@@ -1,11 +0,0 @@
-#ifndef _UTILS_HASH_H_
-#define _UTILS_HASH_H_
-/// @file utils_hash.h
-/// @brief the interface for adapting hash functions.
-///
-
-#include
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen);
-
-#endif // _UTILS_HASH_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_prng.c b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_prng.c
deleted file mode 100644
index 712dc3014a..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_prng.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/// @file utils_prng.c
-/// @brief The implementation of PRNG related functions.
-///
-
-#include "utils_prng.h"
-#include "aes.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-static void prng_update(const unsigned char *provided_data,
- unsigned char *Key,
- unsigned char *V) {
- unsigned char temp[48];
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, Key);
- for (int i = 0; i < 3; i++) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (V[j] == 0xff) {
- V[j] = 0x00;
- } else {
- V[j]++;
- break;
- }
- }
- aes256_ecb(temp + 16 * i, V, 1, &ctx);
- }
- if (provided_data != NULL) {
- for (int i = 0; i < 48; i++) {
- temp[i] ^= provided_data[i];
- }
- }
- aes256_ctx_release(&ctx);
- memcpy(Key, temp, 32);
- memcpy(V, temp + 32, 16);
-}
-static void randombytes_init_with_state(prng_t *state,
- unsigned char *entropy_input_48bytes) {
- memset(state->Key, 0x00, 32);
- memset(state->V, 0x00, 16);
- prng_update(entropy_input_48bytes, state->Key, state->V);
-}
-
-static int randombytes_with_state(prng_t *state,
- unsigned char *x,
- size_t xlen) {
-
- unsigned char block[16];
- int i = 0;
-
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, state->Key);
-
- while (xlen > 0) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (state->V[j] == 0xff) {
- state->V[j] = 0x00;
- } else {
- state->V[j]++;
- break;
- }
- }
- aes256_ecb(block, state->V, 1, &ctx);
- if (xlen > 15) {
- memcpy(x + i, block, 16);
- i += 16;
- xlen -= 16;
- } else {
- memcpy(x + i, block, xlen);
- xlen = 0;
- }
- }
- aes256_ctx_release(&ctx);
- prng_update(NULL, state->Key, state->V);
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) {
- unsigned char seed[48];
- if (prng_seedlen >= 48) {
- memcpy(seed, prng_seed, 48);
- } else {
- memcpy(seed, prng_seed, prng_seedlen);
- PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen);
- }
-
- randombytes_init_with_state(ctx, seed);
-
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) {
- return randombytes_with_state(ctx, out, outlen);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_prng.h b/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_prng.h
deleted file mode 100644
index 7acfc03918..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-circumzenithal_clean/utils_prng.h
+++ /dev/null
@@ -1,18 +0,0 @@
-#ifndef _UTILS_PRNG_H_
-#define _UTILS_PRNG_H_
-/// @file utils_prng.h
-/// @brief the interface for adapting PRNG functions.
-///
-///
-
-#include "randombytes.h"
-
-typedef struct {
- unsigned char Key[32];
- unsigned char V[16];
-} prng_t;
-
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen);
-int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen);
-
-#endif // _UTILS_PRNG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/LICENSE b/src/sig/rainbow/pqclean_rainbowV-classic_clean/LICENSE
deleted file mode 100644
index cb00a6e354..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/LICENSE
+++ /dev/null
@@ -1,8 +0,0 @@
-`Software implementation of Rainbow for NIST R2 submission' by Ming-Shing Chen
-
-To the extent possible under law, the person who associated CC0 with
-`Software implementation of Rainbow for NIST R2 submission' has waived all copyright and related or neighboring rights
-to `Software implementation of Rainbow for NIST R2 submission'.
-
-You should have received a copy of the CC0 legalcode along with this
-work. If not, see .
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/api.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/api.h
deleted file mode 100644
index b26496e1a0..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/api.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef PQCLEAN_RAINBOWVCLASSIC_CLEAN_API_H
-#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_API_H
-
-#include
-#include
-
-#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_SECRETKEYBYTES 1408736
-#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_PUBLICKEYBYTES 1930600
-#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_BYTES 212
-#define PQCLEAN_RAINBOWVCLASSIC_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,96,36,64) - classic"
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk);
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
- const uint8_t *m, size_t mlen,
- const uint8_t *sk);
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
- const uint8_t *sm, size_t smlen,
- const uint8_t *pk);
-
-
-#endif
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas.c
deleted file mode 100644
index 4a0b7d3e47..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas.c
+++ /dev/null
@@ -1,31 +0,0 @@
-#include "blas.h"
-#include "gf.h"
-
-#include
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) {
- uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate);
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= (a[i] & pr_u8);
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= a[i];
- }
-}
-
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- a[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a[i], b);
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_c[i] ^= PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a[i], gf256_b);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas.h
deleted file mode 100644
index 78dc991a2e..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _BLAS_H_
-#define _BLAS_H_
-/// @file blas.h
-/// @brief Functions for implementing basic linear algebra functions.
-///
-
-#include "rainbow_config.h"
-#include
-#include
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte);
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte);
-
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte);
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte);
-
-
-#endif // _BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas_comm.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas_comm.c
deleted file mode 100644
index 9cb4979aab..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas_comm.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/// @file blas_comm.c
-/// @brief The standard implementations for blas_comm.h
-///
-
-#include "blas_comm.h"
-#include "blas.h"
-#include "gf.h"
-#include "rainbow_config.h"
-
-#include
-#include
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- b[i] = 0;
- }
-}
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) {
- return a[i];
-}
-
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) {
- uint8_t r = 0;
- while (_num_byte--) {
- r |= a[0];
- a++;
- }
- return (0 == r);
-}
-
-/// polynomial multplication
-/// School boook
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(c, _num * 2 - 1);
- for (unsigned int i = 0; i < _num; i++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(c + i, a, b[i], _num);
- }
-}
-
-static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(c, n_A_vec_byte);
- for (unsigned int i = 0; i < n_A_width; i++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte);
- matA += n_A_vec_byte;
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) {
- unsigned int n_vec_byte = len_vec;
- for (unsigned int k = 0; k < len_vec; k++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(c, n_vec_byte);
- const uint8_t *bk = b + n_vec_byte * k;
- for (unsigned int i = 0; i < len_vec; i++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte);
- }
- c += n_vec_byte;
- }
-}
-
-static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) {
- unsigned int r8 = 1;
-
- for (unsigned int i = 0; i < h; i++) {
- uint8_t *ai = mat + w * i;
- unsigned int skip_len_align4 = i & ((unsigned int)~0x3);
-
- for (unsigned int j = i + 1; j < h; j++) {
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4);
- }
- r8 &= PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(ai[i]);
- uint8_t pivot = ai[i];
- pivot = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_inv(pivot);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4);
- for (unsigned int j = 0; j < h; j++) {
- if (i == j) {
- continue;
- }
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4);
- }
- }
-
- return r8;
-}
-
-static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- uint8_t mat[64 * 64];
- for (unsigned int i = 0; i < n; i++) {
- memcpy(mat + i * (n + 1), inp_mat + i * n, n);
- mat[i * (n + 1) + n] = c_terms[i];
- }
- unsigned int r8 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(mat, n, n + 1);
- for (unsigned int i = 0; i < n; i++) {
- sol[i] = mat[i * (n + 1) + n];
- }
- return r8;
-}
-
-static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) {
- for (unsigned int i = 0; i < h; i++) {
- for (unsigned int j = 0; j < w2; j++) {
- mat2[i * w2 + j] = mat[i * w + st + j];
- }
- }
-}
-
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) {
- uint8_t *aa = buffer;
- for (unsigned int i = 0; i < H; i++) {
- uint8_t *ai = aa + i * 2 * H;
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(ai, 2 * H);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(ai, a + i * H, H);
- ai[H + i] = 1;
- }
- unsigned int r8 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H);
- gf256mat_submat(inv_a, H, H, aa, 2 * H, H);
- return r8;
-}
-
-
-// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE
-
-#define gf256mat_prod_impl gf256mat_prod_ref
-#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref
-#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b);
-}
-
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) {
- return gf256mat_gauss_elim_impl(mat, h, w);
-}
-
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n);
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas_comm.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas_comm.h
deleted file mode 100644
index 0db6bb287f..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/blas_comm.h
+++ /dev/null
@@ -1,90 +0,0 @@
-#ifndef _BLAS_COMM_H_
-#define _BLAS_COMM_H_
-/// @file blas_comm.h
-/// @brief Common functions for linear algebra.
-///
-
-#include "rainbow_config.h"
-#include
-
-/// @brief set a vector to 0.
-///
-/// @param[in,out] b - the vector b.
-/// @param[in] _num_byte - number of bytes for the vector b.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte);
-
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i);
-
-/// @brief check if a vector is 0.
-///
-/// @param[in] a - the vector a.
-/// @param[in] _num_byte - number of bytes for the vector a.
-/// @return 1(true) if a is 0. 0(false) else.
-///
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte);
-
-/// @brief polynomial multiplication: c = a*b
-///
-/// @param[out] c - the output polynomial c
-/// @param[in] a - the vector a.
-/// @param[in] b - the vector b.
-/// @param[in] _num - number of elements for the polynomials a and b.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num);
-
-/// @brief matrix-vector multiplication: c = matA * b , in GF(256)
-///
-/// @param[out] c - the output vector c
-/// @param[in] matA - a column-major matrix A.
-/// @param[in] n_A_vec_byte - the size of column vectors in bytes.
-/// @param[in] n_A_width - the width of matrix A.
-/// @param[in] b - the vector b.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b);
-
-/// @brief matrix-matrix multiplication: c = a * b , in GF(256)
-///
-/// @param[out] c - the output matrix c
-/// @param[in] c - a matrix a.
-/// @param[in] b - a matrix b.
-/// @param[in] len_vec - the length of column vectors.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec);
-
-/// @brief Gauss elimination for a matrix, in GF(256)
-///
-/// @param[in,out] mat - the matrix.
-/// @param[in] h - the height of the matrix.
-/// @param[in] w - the width of the matrix.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w);
-
-/// @brief Solving linear equations, in GF(256)
-///
-/// @param[out] sol - the solutions.
-/// @param[in] inp_mat - the matrix parts of input equations.
-/// @param[in] c_terms - the constant terms of the input equations.
-/// @param[in] n - the number of equations.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n);
-
-/// @brief Computing the inverse matrix, in GF(256)
-///
-/// @param[out] inv_a - the output of matrix a.
-/// @param[in] a - a matrix a.
-/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix.
-/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer);
-
-#endif // _BLAS_COMM_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/gf.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/gf.c
deleted file mode 100644
index f1abbc4e75..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/gf.c
+++ /dev/null
@@ -1,91 +0,0 @@
-#include "gf.h"
-
-//// gf4 := gf2[x]/x^2+x+1
-static inline uint8_t gf4_mul_2(uint8_t a) {
- uint8_t r = (uint8_t)(a << 1);
- r ^= (uint8_t)((a >> 1) * 7);
- return r;
-}
-
-static inline uint8_t gf4_mul(uint8_t a, uint8_t b) {
- uint8_t r = (uint8_t)(a * (b & 1));
- return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1));
-}
-
-static inline uint8_t gf4_squ(uint8_t a) {
- return a ^ (a >> 1);
-}
-
-//// gf16 := gf4[y]/y^2+y+x
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- uint8_t b0 = b & 3;
- uint8_t b1 = (b >> 2);
- uint8_t a0b0 = gf4_mul(a0, b0);
- uint8_t a1b1 = gf4_mul(a1, b1);
- uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x2 = gf4_mul_2(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2);
-}
-
-static inline uint8_t gf16_squ(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- a1 = gf4_squ(a1);
- uint8_t a1squ_x2 = gf4_mul_2(a1);
- return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a) {
- unsigned int a8 = a;
- unsigned int r = ((unsigned int)0) - a8;
- r >>= 8;
- return r & 1;
-}
-
-static inline uint8_t gf4_mul_3(uint8_t a) {
- uint8_t msk = (uint8_t)((a - 2) >> 1);
- return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1)));
-}
-static inline uint8_t gf16_mul_8(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = a >> 2;
- return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1));
-}
-
-// gf256 := gf16[X]/X^2+X+xy
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- uint8_t b0 = b & 15;
- uint8_t b1 = (b >> 4);
- uint8_t a0b0 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(a0, b0);
- uint8_t a1b1 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(a1, b1);
- uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x8 = gf16_mul_8(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8);
-}
-
-static inline uint8_t gf256_squ(uint8_t a) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- a1 = gf16_squ(a1);
- uint8_t a1squ_x8 = gf16_mul_8(a1);
- return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_inv(uint8_t a) {
- // 128+64+32+16+8+4+2 = 254
- uint8_t a2 = gf256_squ(a);
- uint8_t a4 = gf256_squ(a2);
- uint8_t a8 = gf256_squ(a4);
- uint8_t a4_2 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a4, a2);
- uint8_t a8_4_2 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a4_2, a8);
- uint8_t a64_ = gf256_squ(a8_4_2);
- a64_ = gf256_squ(a64_);
- a64_ = gf256_squ(a64_);
- uint8_t a64_2 = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a64_, a8_4_2);
- uint8_t a128_ = gf256_squ(a64_2);
- return PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(a2, a128_);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/gf.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/gf.h
deleted file mode 100644
index 8fa48d2e89..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/gf.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _GF16_H_
-#define _GF16_H_
-
-#include "rainbow_config.h"
-#include
-
-/// @file gf16.h
-/// @brief Library for arithmetics in GF(16) and GF(256)
-///
-
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf16_mul(uint8_t a, uint8_t b);
-
-
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_is_nonzero(uint8_t a);
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_inv(uint8_t a);
-uint8_t PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256_mul(uint8_t a, uint8_t b);
-
-
-#endif // _GF16_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/parallel_matrix_op.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/parallel_matrix_op.c
deleted file mode 100644
index 44713eafc8..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/parallel_matrix_op.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/// @file parallel_matrix_op.c
-/// @brief the standard implementations for functions in parallel_matrix_op.h
-///
-/// the standard implementations for functions in parallel_matrix_op.h
-///
-
-#include "parallel_matrix_op.h"
-#include "blas.h"
-#include "blas_comm.h"
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) {
- return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row;
-}
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix.
-///
-/// @param[in] i_row - the i-th row in a triangle matrix.
-/// @param[in] j_col - the j-th column in a triangle matrix.
-/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) {
- if (i_row > j_col) {
- return PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(j_col, i_row, n_var);
- }
- return PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i_row, j_col, n_var);
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) {
- unsigned char *runningC = btriC;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < i; j++) {
- unsigned int idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(j, i, Aheight);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch);
- }
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i));
- runningC += size_batch * (Aheight - i);
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (k < i) {
- continue;
- }
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- btriA += (Aheight - i) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i < k) {
- continue;
- }
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i == k) {
- continue;
- }
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Atr_height = Awidth;
- unsigned int Atr_width = Aheight;
- for (unsigned int i = 0; i < Atr_height; i++) {
- for (unsigned int j = 0; j < Atr_width; j++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth);
- }
- bC += size_batch * Bwidth;
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- const unsigned char *bA = bA_to_tr;
- unsigned int Aheight = Awidth_before_tr;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- bA += (Awidth) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) {
- unsigned char tmp[256];
-
- unsigned char _x[256];
- for (unsigned int i = 0; i < dim; i++) {
- _x[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(x, i);
- }
-
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(y, size_batch);
- for (unsigned int i = 0; i < dim; i++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = i; j < dim; j++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch);
- trimat += size_batch;
- }
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch);
- }
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat,
- const unsigned char *x, unsigned dim_x, unsigned size_batch) {
- unsigned char tmp[128];
-
- unsigned char _x[128];
- for (unsigned int i = 0; i < dim_x; i++) {
- _x[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(x, i);
- }
- unsigned char _y[128];
- for (unsigned int i = 0; i < dim_y; i++) {
- _y[i] = PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele(y, i);
- }
-
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(z, size_batch);
- for (unsigned int i = 0; i < dim_y; i++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = 0; j < dim_x; j++) {
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch);
- mat += size_batch;
- }
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/parallel_matrix_op.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/parallel_matrix_op.h
deleted file mode 100644
index b85c603bd1..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/parallel_matrix_op.h
+++ /dev/null
@@ -1,260 +0,0 @@
-#ifndef _P_MATRIX_OP_H_
-#define _P_MATRIX_OP_H_
-/// @file parallel_matrix_op.h
-/// @brief Librarys for operations of batched matrixes.
-///
-///
-
-//////////////// Section: triangle matrix <-> rectangle matrix ///////////////////////////////////
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim);
-
-///
-/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix.
-///
-/// @param[out] btriC - the batched upper-trianglized matrix C.
-/// @param[in] bA - a batched retangle matrix A.
-/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch);
-
-//////////////////// Section: matrix multiplications ///////////////////////////////
-
-///
-/// @brief bC += btriA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf16(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf256(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-//////////////////// Section: "quadratric" matrix evaluation ///////////////////////////////
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(16)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(256)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(16)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(256)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-#endif // _P_MATRIX_OP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow.c
deleted file mode 100644
index 85452232e8..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/// @file rainbow.c
-/// @brief The standard implementations for functions in rainbow.h
-///
-
-#include "blas.h"
-#include "parallel_matrix_op.h"
-#include "rainbow.h"
-#include "rainbow_blas.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "utils_hash.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-#define MAX_ATTEMPT_FRMAT 128
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) {
- uint8_t mat_l1[_O1 * _O1_BYTE];
- uint8_t mat_l2[_O2 * _O2_BYTE];
- uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE];
-
- // setup PRNG
- prng_t prng_sign;
- uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN];
- memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED);
- memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest
- uint8_t prng_seed[_HASH_LEN];
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest )
- for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) {
- prng_preseed[i] ^= prng_preseed[i]; // clean
- }
- for (unsigned int i = 0; i < _HASH_LEN; i++) {
- prng_seed[i] ^= prng_seed[i]; // clean
- }
-
- // roll vinegars.
- uint8_t vinegar[_V1_BYTE];
- unsigned int n_attempt = 0;
- unsigned int l1_succ = 0;
- while (!l1_succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars
- gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1
- l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable
- n_attempt++;
- }
-
- // Given the vinegars, pre-compute variables needed for layer 2
- uint8_t r_l1_F1[_O1_BYTE] = {0};
- uint8_t r_l2_F1[_O2_BYTE] = {0};
- batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE);
- batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE);
- uint8_t mat_l2_F3[_O2 * _O2_BYTE];
- uint8_t mat_l2_F2[_O1 * _O2_BYTE];
- gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar);
- gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar);
-
- // Some local variables.
- uint8_t _z[_PUB_M_BYTE];
- uint8_t y[_PUB_M_BYTE];
- uint8_t *x_v1 = vinegar;
- uint8_t x_o1[_O1_BYTE];
- uint8_t x_o2[_O2_BYTE];
-
- uint8_t digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, _digest, _HASH_LEN);
- uint8_t *salt = digest_salt + _HASH_LEN;
-
- uint8_t temp_o[_MAX_O_BYTE + 32] = {0};
- unsigned int succ = 0;
- while (!succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w
-
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt)
-
- // y = S^-1 * z
- memcpy(y, _z, _PUB_M_BYTE); // identity part of S
- gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(y, temp_o, _O1_BYTE);
-
- // Central Map:
- // layer 1: calculate x_o1
- memcpy(temp_o, r_l1_F1, _O1_BYTE);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, y, _O1_BYTE);
- gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o);
-
- // layer 2: calculate x_o2
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE);
- gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2
- batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE);
-
- // generate the linear equations of the 2nd layer
- gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3
- succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer);
- gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs
-
- n_attempt++;
- };
- // w = T^-1 * y
- uint8_t w[_PUB_N_BYTE];
- // identity part of T.
- memcpy(w, x_v1, _V1_BYTE);
- memcpy(w + _V1_BYTE, x_o1, _O1_BYTE);
- memcpy(w + _V2_BYTE, x_o2, _O2_BYTE);
- // Computing the t1 part.
- gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t4 part.
- gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t3 part.
- gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE);
-
- memset(signature, 0, _SIGNATURE_BYTE); // set the output 0
- // clean
- memset(&prng_sign, 0, sizeof(prng_t));
- memset(vinegar, 0, _V1_BYTE);
- memset(r_l1_F1, 0, _O1_BYTE);
- memset(r_l2_F1, 0, _O2_BYTE);
- memset(_z, 0, _PUB_M_BYTE);
- memset(y, 0, _PUB_M_BYTE);
- memset(x_o1, 0, _O1_BYTE);
- memset(x_o2, 0, _O2_BYTE);
- memset(temp_o, 0, sizeof(temp_o));
-
- // return: copy w and salt to the signature.
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- return -1;
- }
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE);
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) {
- unsigned char digest_ck[_PUB_M_BYTE];
- // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials.
- batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE);
-
- unsigned char correct[_PUB_M_BYTE];
- unsigned char digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, digest, _HASH_LEN);
- memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt )
-
- // check consistancy.
- unsigned char cc = 0;
- for (unsigned int i = 0; i < _PUB_M_BYTE; i++) {
- cc |= (digest_ck[i] ^ correct[i]);
- }
- return (0 == cc) ? 0 : -1;
-}
-
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow.h
deleted file mode 100644
index 1b8e379fb0..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow.h
+++ /dev/null
@@ -1,33 +0,0 @@
-#ifndef _RAINBOW_H_
-#define _RAINBOW_H_
-/// @file rainbow.h
-/// @brief APIs for rainbow.
-///
-
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-
-#include
-
-///
-/// @brief Signing function for classical secret key.
-///
-/// @param[out] signature - the signature.
-/// @param[in] sk - the secret key.
-/// @param[in] digest - the digest.
-///
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest);
-
-///
-/// @brief Verifying function.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk);
-
-
-
-#endif // _RAINBOW_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_blas.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_blas.h
deleted file mode 100644
index e0114ab7c9..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_blas.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef _RAINBOW_BLAS_H_
-#define _RAINBOW_BLAS_H_
-/// @file rainbow_blas.h
-/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-///
-/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-
-#include "blas.h"
-#include "blas_comm.h"
-#include "parallel_matrix_op.h"
-#include "rainbow_config.h"
-
-
-#define gfv_get_ele PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_get_ele
-#define gfv_mul_scalar PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_mul_scalar
-#define gfv_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_madd
-
-#define gfmat_prod PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_prod
-#define gfmat_inv PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256mat_inv
-
-#define batch_trimat_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimat_madd_gf256
-#define batch_trimatTr_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_trimatTr_madd_gf256
-#define batch_2trimat_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_2trimat_madd_gf256
-#define batch_matTr_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_matTr_madd_gf256
-#define batch_bmatTr_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_bmatTr_madd_gf256
-#define batch_mat_madd PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_mat_madd_gf256
-
-#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_trimat_eval_gf256
-#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCLASSIC_CLEAN_batch_quad_recmat_eval_gf256
-
-
-#endif // _RAINBOW_BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_config.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_config.h
deleted file mode 100644
index e668ff3cb0..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_config.h
+++ /dev/null
@@ -1,48 +0,0 @@
-#ifndef _H_RAINBOW_CONFIG_H_
-#define _H_RAINBOW_CONFIG_H_
-
-/// @file rainbow_config.h
-/// @brief Defining the parameters of the Rainbow and the corresponding constants.
-///
-
-#define _GFSIZE 256
-#define _V1 96
-#define _O1 36
-#define _O2 64
-#define _MAX_O 64
-#define _HASH_LEN 64
-
-
-#define _V2 ((_V1) + (_O1))
-
-/// size of N, in # of gf elements.
-#define _PUB_N (_V1 + _O1 + _O2)
-
-/// size of M, in # gf elements.
-#define _PUB_M (_O1 + _O2)
-
-/// size of variables, in # bytes.
-
-// GF256
-#define _V1_BYTE (_V1)
-#define _V2_BYTE (_V2)
-#define _O1_BYTE (_O1)
-#define _O2_BYTE (_O2)
-#define _MAX_O_BYTE (_MAX_O)
-#define _PUB_N_BYTE (_PUB_N)
-#define _PUB_M_BYTE (_PUB_M)
-
-
-/// length of seed for public key, in # bytes
-#define LEN_PKSEED 32
-
-/// length of seed for secret key, in # bytes
-#define LEN_SKSEED 32
-
-/// length of salt for a signature, in # bytes
-#define _SALT_BYTE 16
-
-/// length of a signature
-#define _SIGNATURE_BYTE (_PUB_N_BYTE + _SALT_BYTE)
-
-#endif // _H_RAINBOW_CONFIG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair.c
deleted file mode 100644
index 7dff94f1ac..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/// @file rainbow_keypair.c
-/// @brief implementations of functions in rainbow_keypair.h
-///
-
-#include "rainbow_keypair.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair_computation.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-static
-void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) {
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->s1);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t1);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t4);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t3);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, s_and_t, size );
-}
-
-
-static
-unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l1_F1);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l1_F2);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static
-unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l2_F1);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F2);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F3);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F5);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F6);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static void generate_B1_B2(unsigned char *sk, prng_t *prng0) {
- sk += generate_l1_F12(sk, prng0);
- generate_l2_F12356(sk, prng0);
-}
-
-static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) {
- // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2
- unsigned char temp[_V1_BYTE + 32];
- unsigned char *t4 = t2_to_t4;
- for (unsigned int i = 0; i < _O2; i++) { /// t3 width
- gfmat_prod(temp, t1, _V1_BYTE, _O1, t3);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(t4, temp, _V1_BYTE);
- t4 += _V1_BYTE;
- t3 += _O1_BYTE;
- }
-}
-
-static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) {
- unsigned char temp[_O1_BYTE + 32];
- while (n_terms--) {
- gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE);
- l1_polys += _O1_BYTE;
- l2_polys += _O2_BYTE;
- }
-}
-
-/////////////////// Classic //////////////////////////////////
-
-static void generate_secretkey(sk_t *sk, const unsigned char *sk_seed) {
- memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);
-
- // set up prng
- prng_t prng0;
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED);
-
- // generating secret key with prng.
- generate_S_T(sk->s1, &prng0);
- generate_B1_B2(sk->l1_F1, &prng0);
-
- // clean prng
- memset(&prng0, 0, sizeof(prng_t));
-}
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_generate_keypair(pk_t *rpk, sk_t *sk, const unsigned char *sk_seed) {
- generate_secretkey(sk, sk_seed);
-
- // set up a temporary structure ext_cpk_t for calculating public key.
- ext_cpk_t pk;
-
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_calculate_Q_from_F(&pk, sk, sk); // compute the public key in ext_cpk_t format.
- calculate_t4(sk->t4, sk->t1, sk->t3);
-
- obsfucate_l1_polys(pk.l1_Q1, pk.l2_Q1, N_TRIANGLE_TERMS(_V1), sk->s1);
- obsfucate_l1_polys(pk.l1_Q2, pk.l2_Q2, _V1 * _O1, sk->s1);
- obsfucate_l1_polys(pk.l1_Q3, pk.l2_Q3, _V1 * _O2, sk->s1);
- obsfucate_l1_polys(pk.l1_Q5, pk.l2_Q5, N_TRIANGLE_TERMS(_O1), sk->s1);
- obsfucate_l1_polys(pk.l1_Q6, pk.l2_Q6, _O1 * _O2, sk->s1);
- obsfucate_l1_polys(pk.l1_Q9, pk.l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1);
- // so far, the pk contains the full pk but in ext_cpk_t format.
-
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_extcpk_to_pk(rpk, &pk); // convert the public key from ext_cpk_t to pk_t.
-}
-
-
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair.h
deleted file mode 100644
index d799403365..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair.h
+++ /dev/null
@@ -1,61 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_H_
-#define _RAINBOW_KEYPAIR_H_
-/// @file rainbow_keypair.h
-/// @brief Formats of key pairs and functions for generating key pairs.
-/// Formats of key pairs and functions for generating key pairs.
-///
-
-#include "rainbow_config.h"
-
-#define N_TRIANGLE_TERMS(n_var) ((n_var) * ((n_var) + 1) / 2)
-
-/// @brief public key for classic rainbow
-///
-/// public key for classic rainbow
-///
-typedef struct rainbow_publickey {
- unsigned char pk[(_PUB_M_BYTE)*N_TRIANGLE_TERMS(_PUB_N)];
-} pk_t;
-
-/// @brief secret key for classic rainbow
-///
-/// secret key for classic rainbow
-///
-typedef struct rainbow_secretkey {
- ///
- /// seed for generating secret key.
- /// Generating S, T, and F for classic rainbow.
- /// Generating S and T only for cyclic rainbow.
- unsigned char sk_seed[LEN_SKSEED];
-
- unsigned char s1[_O1_BYTE * _O2]; ///< part of S map
- unsigned char t1[_V1_BYTE * _O1]; ///< part of T map
- unsigned char t4[_V1_BYTE * _O2]; ///< part of T map
- unsigned char t3[_O1_BYTE * _O2]; ///< part of T map
-
- unsigned char l1_F1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer1
- unsigned char l1_F2[_O1_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer1
-
- unsigned char l2_F1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer2
- unsigned char l2_F2[_O2_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer2
-
- unsigned char l2_F3[_O2_BYTE * _V1 * _O2]; ///< part of C-map, F3, Layer2
- unsigned char l2_F5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< part of C-map, F5, Layer2
- unsigned char l2_F6[_O2_BYTE * _O1 * _O2]; ///< part of C-map, F6, Layer2
-} sk_t;
-
-
-///
-/// @brief Generate key pairs for classic rainbow.
-///
-/// @param[out] pk - the public key.
-/// @param[out] sk - the secret key.
-/// @param[in] sk_seed - seed for generating the secret key.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_generate_keypair(pk_t *pk, sk_t *sk, const unsigned char *sk_seed);
-
-
-
-
-
-#endif // _RAINBOW_KEYPAIR_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair_computation.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair_computation.c
deleted file mode 100644
index a28486190a..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair_computation.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/// @file rainbow_keypair_computation.c
-/// @brief Implementations for functions in rainbow_keypair_computation.h
-///
-
-#include "rainbow_keypair_computation.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair.h"
-#include
-#include
-#include
-
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) {
- const unsigned char *idx_l1 = cpk->l1_Q1;
- const unsigned char *idx_l2 = cpk->l2_Q1;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = i; j < _V1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q2;
- idx_l2 = cpk->l2_Q2;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q3;
- idx_l2 = cpk->l2_Q3;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q5;
- idx_l2 = cpk->l2_Q5;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = i; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q6;
- idx_l2 = cpk->l2_Q6;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q9;
- idx_l2 = cpk->l2_Q9;
- for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) {
- for (unsigned int j = i; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCLASSIC_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
-}
-
-static void calculate_Q_from_F_ref(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- /*
- Layer 1
- Computing :
- Q_pk.l1_F1s[i] = F_sk.l1_F1s[i]
-
- Q_pk.l1_F2s[i] = (F1* T1 + F2) + F1tr * t1
- Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) )
- */
- const unsigned char *t2 = Ts->t4;
-
- memcpy(Qs->l1_Q1, Fs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1));
-
- memcpy(Qs->l1_Q2, Fs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_trimat_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2
-
- memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2);
- memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1));
- memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2);
- memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2));
-
- // l1_Q5 : _O1_BYTE * _O1 * _O1
- // l1_Q9 : _O1_BYTE * _O2 * _O2
- // l2_Q5 : _O2_BYTE * _V1 * _O1
- // l2_Q9 : _O2_BYTE * _V1 * _O2
-
- unsigned char tempQ[_MAX_O_BYTE * _MAX_O * _MAX_O + 32];
-
- memset(tempQ, 0, _O1_BYTE * _O1 * _O1); // l1_Q5
- batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q2, _O1, _O1_BYTE); // t1_tr*(F1*T1 + F2)
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q5, tempQ, _O1, _O1_BYTE); // UT( ... ) // Q5
-
- batch_trimatTr_madd(Qs->l1_Q2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // Q2
- /*
- Computing:
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
- Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3
- Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2
- Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) )
- */
- batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2
- batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F2_T3
-
- memset(tempQ, 0, _O1_BYTE * _O2 * _O2); // l1_Q9
- batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 )
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l1_Q9, tempQ, _O2, _O1_BYTE); // Q9
-
- batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 // Q3
-
- batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2
- batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6
-
- /*
- layer 2
- Computing:
- Q1 = F1
- Q2 = F1_F1T*T1 + F2
- Q5 = UT( T1tr( F1*T1 + F2 ) + F5 )
- */
- memcpy(Qs->l2_Q1, Fs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1));
-
- memcpy(Qs->l2_Q2, Fs->l2_F2, _O2_BYTE * _V1 * _O1);
- batch_trimat_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F1*T1 + F2
-
- memcpy(Qs->l2_Q5, Fs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1));
- memset(tempQ, 0, _O2_BYTE * _O1 * _O1); // l2_Q5
- batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q2, _O1, _O2_BYTE); // t1_tr*(F1*T1 + F2)
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q5, tempQ, _O1, _O2_BYTE); // UT( ... ) // Q5
-
- batch_trimatTr_madd(Qs->l2_Q2, Fs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q2
-
- /*
- Computing:
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
-
- Q3 = F1_F1T*T2 + F2*T3 + F3
- Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) )
- Q6 = T1tr*( F1_F1T*T2 + F2*T3 + F3 ) + F2Tr*T2 + F5_F5T*T3 + F6
- */
- memcpy(Qs->l2_Q3, Fs->l2_F3, _O2_BYTE * _V1 * _O2);
- batch_trimat_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3
- batch_mat_madd(Qs->l2_Q3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3 + F3
-
- memset(tempQ, 0, _O2_BYTE * _O2 * _O2); // l2_Q9
- batch_matTr_madd(tempQ, t2, _V1, _V1_BYTE, _O2, Qs->l2_Q3, _O2, _O2_BYTE); // T2tr * ( ..... )
-
- memcpy(Qs->l2_Q6, Fs->l2_F6, _O2_BYTE * _O1 * _O2);
-
- batch_trimat_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6
- batch_matTr_madd(tempQ, Ts->t3, _O1, _O1_BYTE, _O2, Qs->l2_Q6, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... )
- memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_UpperTrianglize(Qs->l2_Q9, tempQ, _O2, _O2_BYTE); // Q9
-
- batch_trimatTr_madd(Qs->l2_Q3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1_F1T_T2 + F2_T3 + F3 // Q3
-
- batch_bmatTr_madd(Qs->l2_Q6, Fs->l2_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6 + F2tr*T2
- batch_trimatTr_madd(Qs->l2_Q6, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F2tr*T2 + F5_F5T*T3 + F6
- batch_matTr_madd(Qs->l2_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l2_Q3, _O2, _O2_BYTE); // Q6
-}
-#define calculate_Q_from_F_impl calculate_Q_from_F_ref
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- calculate_Q_from_F_impl(Qs, Fs, Ts);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair_computation.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair_computation.h
deleted file mode 100644
index d37923e370..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/rainbow_keypair_computation.h
+++ /dev/null
@@ -1,53 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_COMP_H_
-#define _RAINBOW_KEYPAIR_COMP_H_
-/// @file rainbow_keypair_computation.h
-/// @brief Functions for calculating pk/sk while generating keys.
-///
-/// Defining an internal structure of public key.
-/// Functions for calculating pk/sk for key generation.
-///
-
-#include "rainbow_keypair.h"
-
-/// @brief The (internal use) public key for rainbow
-///
-/// The (internal use) public key for rainbow. The public
-/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9,
-/// l2_Q1, .... , l2_Q9.
-///
-typedef struct rainbow_extend_publickey {
- unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l1_Q2[_O1_BYTE * _V1 * _O1];
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2];
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2];
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)];
-
- unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l2_Q2[_O2_BYTE * _V1 * _O1];
- unsigned char l2_Q3[_O2_BYTE * _V1 * _O2];
- unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l2_Q6[_O2_BYTE * _O1 * _O2];
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)];
-} ext_cpk_t;
-
-///
-/// @brief converting formats of public keys : from ext_cpk_t version to pk_t
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the internel public key.
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk);
-/////////////////////////////////////////////////
-
-///
-/// @brief Computing public key from secret key
-///
-/// @param[out] Qs - the public key
-/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the secret key: T1, T4, T3
-///
-void PQCLEAN_RAINBOWVCLASSIC_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-
-#endif // _RAINBOW_KEYPAIR_COMP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/sign.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/sign.c
deleted file mode 100644
index 1cf228e993..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/sign.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/// @file sign.c
-/// @brief the implementations for functions in api.h
-///
-///
-
-#include "api.h"
-#include "rainbow.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) {
- unsigned char sk_seed[LEN_SKSEED] = {0};
- randombytes(sk_seed, LEN_SKSEED);
-
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_generate_keypair((pk_t *)pk, (sk_t *)sk, sk_seed);
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
-
- memcpy(sm, m, mlen);
- smlen[0] = mlen + _SIGNATURE_BYTE;
-
- return PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(sm + mlen, (const sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) {
- int rc;
- if (_SIGNATURE_BYTE > smlen) {
- rc = -1;
- } else {
- *mlen = smlen - _SIGNATURE_BYTE;
-
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen);
-
- rc = PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(digest, sm + mlen[0], (const pk_t *)pk);
- }
- if (!rc) {
- memmove(m, sm, smlen - _SIGNATURE_BYTE);
- } else { // bad signature
- *mlen = (size_t) -1;
- memset(m, 0, smlen);
- }
- return rc;
-}
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- *siglen = _SIGNATURE_BYTE;
- return PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_sign(sig, (const sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk) {
- if (siglen != _SIGNATURE_BYTE) {
- return -1;
- }
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- return PQCLEAN_RAINBOWVCLASSIC_CLEAN_rainbow_verify(digest, sig, (const pk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_hash.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_hash.c
deleted file mode 100644
index ca045fbfef..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_hash.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/// @file utils_hash.c
-/// @brief the adapter for SHA2 families.
-///
-///
-
-#include "utils_hash.h"
-#include "rainbow_config.h"
-#include "sha2.h"
-
-static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) {
- sha512(digest, m, mlen);
- return 0;
-}
-
-static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsigned char *hash) {
- if (_HASH_LEN >= n_digest) {
- for (size_t i = 0; i < n_digest; i++) {
- digest[i] = hash[i];
- }
- return 0;
- }
- for (size_t i = 0; i < _HASH_LEN; i++) {
- digest[i] = hash[i];
- }
- n_digest -= _HASH_LEN;
-
- while (_HASH_LEN <= n_digest) {
- h(digest + _HASH_LEN, digest, _HASH_LEN);
-
- n_digest -= _HASH_LEN;
- digest += _HASH_LEN;
- }
- unsigned char temp[_HASH_LEN];
- if (n_digest) {
- h(temp, digest, _HASH_LEN);
- for (size_t i = 0; i < n_digest; i++) {
- digest[_HASH_LEN + i] = temp[i];
- }
- }
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(unsigned char *digest,
- size_t len_digest,
- const unsigned char *m,
- size_t mlen) {
- unsigned char buf[_HASH_LEN];
- h(buf, m, mlen);
- return expand_hash(digest, len_digest, buf);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_hash.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_hash.h
deleted file mode 100644
index 9624ee6997..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_hash.h
+++ /dev/null
@@ -1,11 +0,0 @@
-#ifndef _UTILS_HASH_H_
-#define _UTILS_HASH_H_
-/// @file utils_hash.h
-/// @brief the interface for adapting hash functions.
-///
-
-#include
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen);
-
-#endif // _UTILS_HASH_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_prng.c b/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_prng.c
deleted file mode 100644
index 4e552b6a31..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_prng.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/// @file utils_prng.c
-/// @brief The implementation of PRNG related functions.
-///
-
-#include "utils_prng.h"
-#include "aes.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-static void prng_update(const unsigned char *provided_data,
- unsigned char *Key,
- unsigned char *V) {
- unsigned char temp[48];
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, Key);
- for (int i = 0; i < 3; i++) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (V[j] == 0xff) {
- V[j] = 0x00;
- } else {
- V[j]++;
- break;
- }
- }
- aes256_ecb(temp + 16 * i, V, 1, &ctx);
- }
- if (provided_data != NULL) {
- for (int i = 0; i < 48; i++) {
- temp[i] ^= provided_data[i];
- }
- }
- aes256_ctx_release(&ctx);
- memcpy(Key, temp, 32);
- memcpy(V, temp + 32, 16);
-}
-static void randombytes_init_with_state(prng_t *state,
- unsigned char *entropy_input_48bytes) {
- memset(state->Key, 0x00, 32);
- memset(state->V, 0x00, 16);
- prng_update(entropy_input_48bytes, state->Key, state->V);
-}
-
-static int randombytes_with_state(prng_t *state,
- unsigned char *x,
- size_t xlen) {
-
- unsigned char block[16];
- int i = 0;
-
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, state->Key);
-
- while (xlen > 0) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (state->V[j] == 0xff) {
- state->V[j] = 0x00;
- } else {
- state->V[j]++;
- break;
- }
- }
- aes256_ecb(block, state->V, 1, &ctx);
- if (xlen > 15) {
- memcpy(x + i, block, 16);
- i += 16;
- xlen -= 16;
- } else {
- memcpy(x + i, block, xlen);
- xlen = 0;
- }
- }
- aes256_ctx_release(&ctx);
- prng_update(NULL, state->Key, state->V);
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) {
- unsigned char seed[48];
- if (prng_seedlen >= 48) {
- memcpy(seed, prng_seed, 48);
- } else {
- memcpy(seed, prng_seed, prng_seedlen);
- PQCLEAN_RAINBOWVCLASSIC_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen);
- }
-
- randombytes_init_with_state(ctx, seed);
-
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) {
- return randombytes_with_state(ctx, out, outlen);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_prng.h b/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_prng.h
deleted file mode 100644
index c0e582885c..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-classic_clean/utils_prng.h
+++ /dev/null
@@ -1,18 +0,0 @@
-#ifndef _UTILS_PRNG_H_
-#define _UTILS_PRNG_H_
-/// @file utils_prng.h
-/// @brief the interface for adapting PRNG functions.
-///
-///
-
-#include "randombytes.h"
-
-typedef struct {
- unsigned char Key[32];
- unsigned char V[16];
-} prng_t;
-
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen);
-int PQCLEAN_RAINBOWVCLASSIC_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen);
-
-#endif // _UTILS_PRNG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/LICENSE b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/LICENSE
deleted file mode 100644
index cb00a6e354..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/LICENSE
+++ /dev/null
@@ -1,8 +0,0 @@
-`Software implementation of Rainbow for NIST R2 submission' by Ming-Shing Chen
-
-To the extent possible under law, the person who associated CC0 with
-`Software implementation of Rainbow for NIST R2 submission' has waived all copyright and related or neighboring rights
-to `Software implementation of Rainbow for NIST R2 submission'.
-
-You should have received a copy of the CC0 legalcode along with this
-work. If not, see .
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/api.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/api.h
deleted file mode 100644
index 89e7b3d808..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/api.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_API_H
-#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_API_H
-
-#include
-#include
-
-#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_CRYPTO_SECRETKEYBYTES 64
-#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_CRYPTO_PUBLICKEYBYTES 536136
-#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_CRYPTO_BYTES 212
-#define PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_CRYPTO_ALGNAME "RAINBOW(256,96,36,64) - compressed"
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk);
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
- const uint8_t *m, size_t mlen,
- const uint8_t *sk);
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
- const uint8_t *sm, size_t smlen,
- const uint8_t *pk);
-
-
-#endif
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas.c
deleted file mode 100644
index 6a981547b3..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas.c
+++ /dev/null
@@ -1,31 +0,0 @@
-#include "blas.h"
-#include "gf.h"
-
-#include
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte) {
- uint8_t pr_u8 = (uint8_t) ((uint8_t) 0 - predicate);
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= (a[i] & pr_u8);
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_b[i] ^= a[i];
- }
-}
-
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- a[i] = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a[i], b);
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- accu_c[i] ^= PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a[i], gf256_b);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas.h
deleted file mode 100644
index fba6cfefeb..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _BLAS_H_
-#define _BLAS_H_
-/// @file blas.h
-/// @brief Functions for implementing basic linear algebra functions.
-///
-
-#include "rainbow_config.h"
-#include
-#include
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_predicated_add(uint8_t *accu_b, uint8_t predicate, const uint8_t *a, size_t _num_byte);
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(uint8_t *accu_b, const uint8_t *a, size_t _num_byte);
-
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_mul_scalar(uint8_t *a, uint8_t b, size_t _num_byte);
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(uint8_t *accu_c, const uint8_t *a, uint8_t gf256_b, size_t _num_byte);
-
-
-#endif // _BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas_comm.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas_comm.c
deleted file mode 100644
index 1f9a40cecb..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas_comm.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/// @file blas_comm.c
-/// @brief The standard implementations for blas_comm.h
-///
-
-#include "blas_comm.h"
-#include "blas.h"
-#include "gf.h"
-#include "rainbow_config.h"
-
-#include
-#include
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte) {
- for (size_t i = 0; i < _num_byte; i++) {
- b[i] = 0;
- }
-}
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i) {
- return a[i];
-}
-
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte) {
- uint8_t r = 0;
- while (_num_byte--) {
- r |= a[0];
- a++;
- }
- return (0 == r);
-}
-
-/// polynomial multplication
-/// School boook
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(c, _num * 2 - 1);
- for (unsigned int i = 0; i < _num; i++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(c + i, a, b[i], _num);
- }
-}
-
-static void gf256mat_prod_ref(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(c, n_A_vec_byte);
- for (unsigned int i = 0; i < n_A_width; i++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(c, matA, b[i], n_A_vec_byte);
- matA += n_A_vec_byte;
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec) {
- unsigned int n_vec_byte = len_vec;
- for (unsigned int k = 0; k < len_vec; k++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(c, n_vec_byte);
- const uint8_t *bk = b + n_vec_byte * k;
- for (unsigned int i = 0; i < len_vec; i++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(c, a + n_vec_byte * i, bk[i], n_vec_byte);
- }
- c += n_vec_byte;
- }
-}
-
-static unsigned int gf256mat_gauss_elim_ref(uint8_t *mat, unsigned int h, unsigned int w) {
- unsigned int r8 = 1;
-
- for (unsigned int i = 0; i < h; i++) {
- uint8_t *ai = mat + w * i;
- unsigned int skip_len_align4 = i & ((unsigned int)~0x3);
-
- for (unsigned int j = i + 1; j < h; j++) {
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_predicated_add(ai + skip_len_align4, 1 ^ PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]), aj + skip_len_align4, w - skip_len_align4);
- }
- r8 &= PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_is_nonzero(ai[i]);
- uint8_t pivot = ai[i];
- pivot = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_inv(pivot);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_mul_scalar(ai + skip_len_align4, pivot, w - skip_len_align4);
- for (unsigned int j = 0; j < h; j++) {
- if (i == j) {
- continue;
- }
- uint8_t *aj = mat + w * j;
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(aj + skip_len_align4, ai + skip_len_align4, aj[i], w - skip_len_align4);
- }
- }
-
- return r8;
-}
-
-static unsigned int gf256mat_solve_linear_eq_ref(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- uint8_t mat[64 * 64];
- for (unsigned int i = 0; i < n; i++) {
- memcpy(mat + i * (n + 1), inp_mat + i * n, n);
- mat[i * (n + 1) + n] = c_terms[i];
- }
- unsigned int r8 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_gauss_elim(mat, n, n + 1);
- for (unsigned int i = 0; i < n; i++) {
- sol[i] = mat[i * (n + 1) + n];
- }
- return r8;
-}
-
-static inline void gf256mat_submat(uint8_t *mat2, unsigned int w2, unsigned int st, const uint8_t *mat, unsigned int w, unsigned int h) {
- for (unsigned int i = 0; i < h; i++) {
- for (unsigned int j = 0; j < w2; j++) {
- mat2[i * w2 + j] = mat[i * w + st + j];
- }
- }
-}
-
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer) {
- uint8_t *aa = buffer;
- for (unsigned int i = 0; i < H; i++) {
- uint8_t *ai = aa + i * 2 * H;
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(ai, 2 * H);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(ai, a + i * H, H);
- ai[H + i] = 1;
- }
- unsigned int r8 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_gauss_elim(aa, H, 2 * H);
- gf256mat_submat(inv_a, H, H, aa, 2 * H, H);
- return r8;
-}
-
-
-// choosing the implementations depends on the macros _BLAS_AVX2_ and _BLAS_SSE
-
-#define gf256mat_prod_impl gf256mat_prod_ref
-#define gf256mat_gauss_elim_impl gf256mat_gauss_elim_ref
-#define gf256mat_solve_linear_eq_impl gf256mat_solve_linear_eq_ref
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b) {
- gf256mat_prod_impl(c, matA, n_A_vec_byte, n_A_width, b);
-}
-
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w) {
- return gf256mat_gauss_elim_impl(mat, h, w);
-}
-
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n) {
- return gf256mat_solve_linear_eq_impl(sol, inp_mat, c_terms, n);
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas_comm.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas_comm.h
deleted file mode 100644
index 89fde09c9e..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/blas_comm.h
+++ /dev/null
@@ -1,90 +0,0 @@
-#ifndef _BLAS_COMM_H_
-#define _BLAS_COMM_H_
-/// @file blas_comm.h
-/// @brief Common functions for linear algebra.
-///
-
-#include "rainbow_config.h"
-#include
-
-/// @brief set a vector to 0.
-///
-/// @param[in,out] b - the vector b.
-/// @param[in] _num_byte - number of bytes for the vector b.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(uint8_t *b, unsigned int _num_byte);
-
-/// @brief get an element from GF(256) vector .
-///
-/// @param[in] a - the input vector a.
-/// @param[in] i - the index in the vector a.
-/// @return the value of the element.
-///
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(const uint8_t *a, unsigned int i);
-
-/// @brief check if a vector is 0.
-///
-/// @param[in] a - the vector a.
-/// @param[in] _num_byte - number of bytes for the vector a.
-/// @return 1(true) if a is 0. 0(false) else.
-///
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_is_zero(const uint8_t *a, unsigned int _num_byte);
-
-/// @brief polynomial multiplication: c = a*b
-///
-/// @param[out] c - the output polynomial c
-/// @param[in] a - the vector a.
-/// @param[in] b - the vector b.
-/// @param[in] _num - number of elements for the polynomials a and b.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_polymul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int _num);
-
-/// @brief matrix-vector multiplication: c = matA * b , in GF(256)
-///
-/// @param[out] c - the output vector c
-/// @param[in] matA - a column-major matrix A.
-/// @param[in] n_A_vec_byte - the size of column vectors in bytes.
-/// @param[in] n_A_width - the width of matrix A.
-/// @param[in] b - the vector b.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_prod(uint8_t *c, const uint8_t *matA, unsigned int n_A_vec_byte, unsigned int n_A_width, const uint8_t *b);
-
-/// @brief matrix-matrix multiplication: c = a * b , in GF(256)
-///
-/// @param[out] c - the output matrix c
-/// @param[in] c - a matrix a.
-/// @param[in] b - a matrix b.
-/// @param[in] len_vec - the length of column vectors.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_mul(uint8_t *c, const uint8_t *a, const uint8_t *b, unsigned int len_vec);
-
-/// @brief Gauss elimination for a matrix, in GF(256)
-///
-/// @param[in,out] mat - the matrix.
-/// @param[in] h - the height of the matrix.
-/// @param[in] w - the width of the matrix.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_gauss_elim(uint8_t *mat, unsigned int h, unsigned int w);
-
-/// @brief Solving linear equations, in GF(256)
-///
-/// @param[out] sol - the solutions.
-/// @param[in] inp_mat - the matrix parts of input equations.
-/// @param[in] c_terms - the constant terms of the input equations.
-/// @param[in] n - the number of equations.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_solve_linear_eq(uint8_t *sol, const uint8_t *inp_mat, const uint8_t *c_terms, unsigned int n);
-
-/// @brief Computing the inverse matrix, in GF(256)
-///
-/// @param[out] inv_a - the output of matrix a.
-/// @param[in] a - a matrix a.
-/// @param[in] H - height of matrix a, i.e., matrix a is an HxH matrix.
-/// @param[in] buffer - The buffer for computations. it has to be as large as 2 input matrixes.
-/// @return 1(true) if success. 0(false) if the matrix is singular.
-///
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_inv(uint8_t *inv_a, const uint8_t *a, unsigned int H, uint8_t *buffer);
-
-#endif // _BLAS_COMM_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/gf.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/gf.c
deleted file mode 100644
index 1652b5bb29..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/gf.c
+++ /dev/null
@@ -1,91 +0,0 @@
-#include "gf.h"
-
-//// gf4 := gf2[x]/x^2+x+1
-static inline uint8_t gf4_mul_2(uint8_t a) {
- uint8_t r = (uint8_t)(a << 1);
- r ^= (uint8_t)((a >> 1) * 7);
- return r;
-}
-
-static inline uint8_t gf4_mul(uint8_t a, uint8_t b) {
- uint8_t r = (uint8_t)(a * (b & 1));
- return r ^ (uint8_t)(gf4_mul_2(a) * (b >> 1));
-}
-
-static inline uint8_t gf4_squ(uint8_t a) {
- return a ^ (a >> 1);
-}
-
-//// gf16 := gf4[y]/y^2+y+x
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- uint8_t b0 = b & 3;
- uint8_t b1 = (b >> 2);
- uint8_t a0b0 = gf4_mul(a0, b0);
- uint8_t a1b1 = gf4_mul(a1, b1);
- uint8_t a0b1_a1b0 = gf4_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x2 = gf4_mul_2(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 2 ^ a0b0 ^ a1b1_x2);
-}
-
-static inline uint8_t gf16_squ(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = (a >> 2);
- a1 = gf4_squ(a1);
- uint8_t a1squ_x2 = gf4_mul_2(a1);
- return (uint8_t)((a1 << 2) ^ a1squ_x2 ^ gf4_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a) {
- unsigned int a8 = a;
- unsigned int r = ((unsigned int)0) - a8;
- r >>= 8;
- return r & 1;
-}
-
-static inline uint8_t gf4_mul_3(uint8_t a) {
- uint8_t msk = (uint8_t)((a - 2) >> 1);
- return (uint8_t)((msk & ((int)a * 3)) | ((~msk) & ((int)a - 1)));
-}
-static inline uint8_t gf16_mul_8(uint8_t a) {
- uint8_t a0 = a & 3;
- uint8_t a1 = a >> 2;
- return (uint8_t)((gf4_mul_2(a0 ^ a1) << 2) | gf4_mul_3(a1));
-}
-
-// gf256 := gf16[X]/X^2+X+xy
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- uint8_t b0 = b & 15;
- uint8_t b1 = (b >> 4);
- uint8_t a0b0 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(a0, b0);
- uint8_t a1b1 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(a1, b1);
- uint8_t a0b1_a1b0 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(a0 ^ a1, b0 ^ b1) ^ a0b0 ^ a1b1;
- uint8_t a1b1_x8 = gf16_mul_8(a1b1);
- return (uint8_t)((a0b1_a1b0 ^ a1b1) << 4 ^ a0b0 ^ a1b1_x8);
-}
-
-static inline uint8_t gf256_squ(uint8_t a) {
- uint8_t a0 = a & 15;
- uint8_t a1 = (a >> 4);
- a1 = gf16_squ(a1);
- uint8_t a1squ_x8 = gf16_mul_8(a1);
- return (uint8_t)((a1 << 4) ^ a1squ_x8 ^ gf16_squ(a0));
-}
-
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_inv(uint8_t a) {
- // 128+64+32+16+8+4+2 = 254
- uint8_t a2 = gf256_squ(a);
- uint8_t a4 = gf256_squ(a2);
- uint8_t a8 = gf256_squ(a4);
- uint8_t a4_2 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a4, a2);
- uint8_t a8_4_2 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a4_2, a8);
- uint8_t a64_ = gf256_squ(a8_4_2);
- a64_ = gf256_squ(a64_);
- a64_ = gf256_squ(a64_);
- uint8_t a64_2 = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a64_, a8_4_2);
- uint8_t a128_ = gf256_squ(a64_2);
- return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(a2, a128_);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/gf.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/gf.h
deleted file mode 100644
index 07d7a54b3f..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/gf.h
+++ /dev/null
@@ -1,19 +0,0 @@
-#ifndef _GF16_H_
-#define _GF16_H_
-
-#include "rainbow_config.h"
-#include
-
-/// @file gf16.h
-/// @brief Library for arithmetics in GF(16) and GF(256)
-///
-
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf16_mul(uint8_t a, uint8_t b);
-
-
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_is_nonzero(uint8_t a);
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_inv(uint8_t a);
-uint8_t PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256_mul(uint8_t a, uint8_t b);
-
-
-#endif // _GF16_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/parallel_matrix_op.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/parallel_matrix_op.c
deleted file mode 100644
index 9b8d4eaca7..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/parallel_matrix_op.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/// @file parallel_matrix_op.c
-/// @brief the standard implementations for functions in parallel_matrix_op.h
-///
-/// the standard implementations for functions in parallel_matrix_op.h
-///
-
-#include "parallel_matrix_op.h"
-#include "blas.h"
-#include "blas_comm.h"
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim) {
- return (dim + dim - i_row + 1) * i_row / 2 + j_col - i_row;
-}
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle or lower-triangle matrix.
-///
-/// @param[in] i_row - the i-th row in a triangle matrix.
-/// @param[in] j_col - the j-th column in a triangle matrix.
-/// @param[in] dim - the dimension of the triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-static inline unsigned int idx_of_2trimat(unsigned int i_row, unsigned int j_col, unsigned int n_var) {
- if (i_row > j_col) {
- return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(j_col, i_row, n_var);
- }
- return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i_row, j_col, n_var);
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch) {
- unsigned char *runningC = btriC;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < i; j++) {
- unsigned int idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(j, i, Aheight);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(btriC + idx * size_batch, bA + size_batch * (i * Awidth + j), size_batch);
- }
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(runningC, bA + size_batch * (i * Awidth + i), size_batch * (Aheight - i));
- runningC += size_batch * (Aheight - i);
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- unsigned int Aheight = Awidth;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (k < i) {
- continue;
- }
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[(k - i) * size_batch], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- btriA += (Aheight - i) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i < k) {
- continue;
- }
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(k, i, Aheight))], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Aheight = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- if (i == k) {
- continue;
- }
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &btriA[size_batch * (idx_of_2trimat(i, k, Aheight))], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC, const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Atr_height = Awidth;
- unsigned int Atr_width = Aheight;
- for (unsigned int i = 0; i < Atr_height; i++) {
- for (unsigned int j = 0; j < Atr_width; j++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &bB[j * Bwidth * size_batch], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&A_to_tr[size_Acolvec * i], j), size_batch * Bwidth);
- }
- bC += size_batch * Bwidth;
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- const unsigned char *bA = bA_to_tr;
- unsigned int Aheight = Awidth_before_tr;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &bA[size_batch * (i + k * Aheight)], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch) {
- unsigned int Awidth = Bheight;
- for (unsigned int i = 0; i < Aheight; i++) {
- for (unsigned int j = 0; j < Bwidth; j++) {
- for (unsigned int k = 0; k < Bheight; k++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(bC, &bA[k * size_batch], PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(&B[j * size_Bcolvec], k), size_batch);
- }
- bC += size_batch;
- }
- bA += (Awidth) * size_batch;
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch) {
- unsigned char tmp[256];
-
- unsigned char _x[256];
- for (unsigned int i = 0; i < dim; i++) {
- _x[i] = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(x, i);
- }
-
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(y, size_batch);
- for (unsigned int i = 0; i < dim; i++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = i; j < dim; j++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(tmp, trimat, _x[j], size_batch);
- trimat += size_batch;
- }
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(y, tmp, _x[i], size_batch);
- }
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y, const unsigned char *mat,
- const unsigned char *x, unsigned dim_x, unsigned size_batch) {
- unsigned char tmp[128];
-
- unsigned char _x[128];
- for (unsigned int i = 0; i < dim_x; i++) {
- _x[i] = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(x, i);
- }
- unsigned char _y[128];
- for (unsigned int i = 0; i < dim_y; i++) {
- _y[i] = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele(y, i);
- }
-
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(z, size_batch);
- for (unsigned int i = 0; i < dim_y; i++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(tmp, size_batch);
- for (unsigned int j = 0; j < dim_x; j++) {
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(tmp, mat, _x[j], size_batch);
- mat += size_batch;
- }
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd(z, tmp, _y[i], size_batch);
- }
-}
-
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/parallel_matrix_op.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/parallel_matrix_op.h
deleted file mode 100644
index 5d7d632d24..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/parallel_matrix_op.h
+++ /dev/null
@@ -1,260 +0,0 @@
-#ifndef _P_MATRIX_OP_H_
-#define _P_MATRIX_OP_H_
-/// @file parallel_matrix_op.h
-/// @brief Librarys for operations of batched matrixes.
-///
-///
-
-//////////////// Section: triangle matrix <-> rectangle matrix ///////////////////////////////////
-
-///
-/// @brief Calculate the corresponding index in an array for an upper-triangle(UT) matrix.
-///
-/// @param[in] i_row - the i-th row in an upper-triangle matrix.
-/// @param[in] j_col - the j-th column in an upper-triangle matrix.
-/// @param[in] dim - the dimension of the upper-triangle matrix, i.e., an dim x dim matrix.
-/// @return the corresponding index in an array storage.
-///
-unsigned int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(unsigned int i_row, unsigned int j_col, unsigned int dim);
-
-///
-/// @brief Upper trianglize a rectangle matrix to the corresponding upper-trangle matrix.
-///
-/// @param[out] btriC - the batched upper-trianglized matrix C.
-/// @param[in] bA - a batched retangle matrix A.
-/// @param[in] bwidth - the width of the batched matrix A, i.e., A is a Awidth x Awidth matrix.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(unsigned char *btriC, const unsigned char *bA, unsigned int Awidth, unsigned int size_batch);
-
-//////////////////// Section: matrix multiplications ///////////////////////////////
-
-///
-/// @brief bC += btriA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. A will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimatTr_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += btriA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A, which will be transposed while multiplying.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_2trimat_madd_gf16(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += (btriA + btriA^Tr) *B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] btriA - a batched UT matrix A. The operand for multiplication is (btriA + btriA^Tr).
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_2trimat_madd_gf256(unsigned char *bC, const unsigned char *btriA,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_matTr_madd_gf16(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += A^Tr * bB , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] A_to_tr - a column-major matrix A. The operand for multiplication is A^Tr.
-/// @param[in] Aheight - the height of A.
-/// @param[in] size_Acolvec - the size of a column vector in A.
-/// @param[in] Awidth - the width of A.
-/// @param[in] bB - a batched matrix B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_matTr_madd_gf256(unsigned char *bC,
- const unsigned char *A_to_tr, unsigned int Aheight, unsigned int size_Acolvec, unsigned int Awidth,
- const unsigned char *bB, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_bmatTr_madd_gf16(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA^Tr * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA_to_tr - a batched matrix A. The operand for multiplication is (bA^Tr).
-/// @param[in] Awidth_befor_tr - the width of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256(unsigned char *bC, const unsigned char *bA_to_tr, unsigned int Awidth_before_tr,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(16)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_mat_madd_gf16(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-///
-/// @brief bC += bA * B , in GF(256)
-///
-/// @param[out] bC - the batched matrix C.
-/// @param[in] bA - a batched matrix A.
-/// @param[in] Aheigh - the height of A.
-/// @param[in] B - a column-major matrix B.
-/// @param[in] Bheight - the height of B.
-/// @param[in] size_Bcolvec - the size of the column vector in B.
-/// @param[in] Bwidth - the width of B.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_mat_madd_gf256(unsigned char *bC, const unsigned char *bA, unsigned int Aheight,
- const unsigned char *B, unsigned int Bheight, unsigned int size_Bcolvec, unsigned int Bwidth, unsigned int size_batch);
-
-//////////////////// Section: "quadratric" matrix evaluation ///////////////////////////////
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(16)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf16(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief y = x^Tr * trimat * x , in GF(256)
-///
-/// @param[out] y - the returned batched element y.
-/// @param[in] trimat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim - the dimension of matrix trimat (and x).
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256(unsigned char *y, const unsigned char *trimat, const unsigned char *x, unsigned int dim, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(16)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf16(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-///
-/// @brief z = y^Tr * mat * x , in GF(256)
-///
-/// @param[out] z - the returned batched element z.
-/// @param[in] y - an input vector y.
-/// @param[in] dim_y - the length of y.
-/// @param[in] mat - a batched matrix.
-/// @param[in] x - an input vector x.
-/// @param[in] dim_x - the length of x.
-/// @param[in] size_batch - number of the batched elements in the corresponding position of the matrix.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256(unsigned char *z, const unsigned char *y, unsigned int dim_y,
- const unsigned char *mat, const unsigned char *x, unsigned int dim_x, unsigned int size_batch);
-
-#endif // _P_MATRIX_OP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow.c
deleted file mode 100644
index ca8e6f800d..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/// @file rainbow.c
-/// @brief The standard implementations for functions in rainbow.h
-///
-
-#include "blas.h"
-#include "parallel_matrix_op.h"
-#include "rainbow.h"
-#include "rainbow_blas.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "utils_hash.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-#define MAX_ATTEMPT_FRMAT 128
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *_digest) {
- uint8_t mat_l1[_O1 * _O1_BYTE];
- uint8_t mat_l2[_O2 * _O2_BYTE];
- uint8_t mat_buffer[2 * _MAX_O * _MAX_O_BYTE];
-
- // setup PRNG
- prng_t prng_sign;
- uint8_t prng_preseed[LEN_SKSEED + _HASH_LEN];
- memcpy(prng_preseed, sk->sk_seed, LEN_SKSEED);
- memcpy(prng_preseed + LEN_SKSEED, _digest, _HASH_LEN); // prng_preseed = sk_seed || digest
- uint8_t prng_seed[_HASH_LEN];
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(prng_seed, _HASH_LEN, prng_preseed, _HASH_LEN + LEN_SKSEED);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(&prng_sign, prng_seed, _HASH_LEN); // seed = H( sk_seed || digest )
- for (unsigned int i = 0; i < LEN_SKSEED + _HASH_LEN; i++) {
- prng_preseed[i] ^= prng_preseed[i]; // clean
- }
- for (unsigned int i = 0; i < _HASH_LEN; i++) {
- prng_seed[i] ^= prng_seed[i]; // clean
- }
-
- // roll vinegars.
- uint8_t vinegar[_V1_BYTE];
- unsigned int n_attempt = 0;
- unsigned int l1_succ = 0;
- while (!l1_succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen(&prng_sign, vinegar, _V1_BYTE); // generating vinegars
- gfmat_prod(mat_l1, sk->l1_F2, _O1 * _O1_BYTE, _V1, vinegar); // generating the linear equations for layer 1
- l1_succ = gfmat_inv(mat_l1, mat_l1, _O1, mat_buffer); // check if the linear equation solvable
- n_attempt++;
- }
-
- // Given the vinegars, pre-compute variables needed for layer 2
- uint8_t r_l1_F1[_O1_BYTE] = {0};
- uint8_t r_l2_F1[_O2_BYTE] = {0};
- batch_quad_trimat_eval(r_l1_F1, sk->l1_F1, vinegar, _V1, _O1_BYTE);
- batch_quad_trimat_eval(r_l2_F1, sk->l2_F1, vinegar, _V1, _O2_BYTE);
- uint8_t mat_l2_F3[_O2 * _O2_BYTE];
- uint8_t mat_l2_F2[_O1 * _O2_BYTE];
- gfmat_prod(mat_l2_F3, sk->l2_F3, _O2 * _O2_BYTE, _V1, vinegar);
- gfmat_prod(mat_l2_F2, sk->l2_F2, _O1 * _O2_BYTE, _V1, vinegar);
-
- // Some local variables.
- uint8_t _z[_PUB_M_BYTE];
- uint8_t y[_PUB_M_BYTE];
- uint8_t *x_v1 = vinegar;
- uint8_t x_o1[_O1_BYTE];
- uint8_t x_o2[_O2_BYTE];
-
- uint8_t digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, _digest, _HASH_LEN);
- uint8_t *salt = digest_salt + _HASH_LEN;
-
- uint8_t temp_o[_MAX_O_BYTE + 32] = {0};
- unsigned int succ = 0;
- while (!succ) {
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- break;
- }
- // The computation: H(digest||salt) --> z --S--> y --C-map--> x --T--> w
-
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen(&prng_sign, salt, _SALT_BYTE); // roll the salt
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(_z, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H(digest||salt)
-
- // y = S^-1 * z
- memcpy(y, _z, _PUB_M_BYTE); // identity part of S
- gfmat_prod(temp_o, sk->s1, _O1_BYTE, _O2, _z + _O1_BYTE);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(y, temp_o, _O1_BYTE);
-
- // Central Map:
- // layer 1: calculate x_o1
- memcpy(temp_o, r_l1_F1, _O1_BYTE);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(temp_o, y, _O1_BYTE);
- gfmat_prod(x_o1, mat_l1, _O1_BYTE, _O1, temp_o);
-
- // layer 2: calculate x_o2
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_set_zero(temp_o, _O2_BYTE);
- gfmat_prod(temp_o, mat_l2_F2, _O2_BYTE, _O1, x_o1); // F2
- batch_quad_trimat_eval(mat_l2, sk->l2_F5, x_o1, _O1, _O2_BYTE); // F5
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(temp_o, mat_l2, _O2_BYTE);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(temp_o, r_l2_F1, _O2_BYTE); // F1
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(temp_o, y + _O1_BYTE, _O2_BYTE);
-
- // generate the linear equations of the 2nd layer
- gfmat_prod(mat_l2, sk->l2_F6, _O2 * _O2_BYTE, _O1, x_o1); // F6
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(mat_l2, mat_l2_F3, _O2 * _O2_BYTE); // F3
- succ = gfmat_inv(mat_l2, mat_l2, _O2, mat_buffer);
- gfmat_prod(x_o2, mat_l2, _O2_BYTE, _O2, temp_o); // solve l2 eqs
-
- n_attempt++;
- };
- // w = T^-1 * y
- uint8_t w[_PUB_N_BYTE];
- // identity part of T.
- memcpy(w, x_v1, _V1_BYTE);
- memcpy(w + _V1_BYTE, x_o1, _O1_BYTE);
- memcpy(w + _V2_BYTE, x_o2, _O2_BYTE);
- // Computing the t1 part.
- gfmat_prod(y, sk->t1, _V1_BYTE, _O1, x_o1);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t4 part.
- gfmat_prod(y, sk->t4, _V1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(w, y, _V1_BYTE);
- // Computing the t3 part.
- gfmat_prod(y, sk->t3, _O1_BYTE, _O2, x_o2);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(w + _V1_BYTE, y, _O1_BYTE);
-
- memset(signature, 0, _SIGNATURE_BYTE); // set the output 0
- // clean
- memset(&prng_sign, 0, sizeof(prng_t));
- memset(vinegar, 0, _V1_BYTE);
- memset(r_l1_F1, 0, _O1_BYTE);
- memset(r_l2_F1, 0, _O2_BYTE);
- memset(_z, 0, _PUB_M_BYTE);
- memset(y, 0, _PUB_M_BYTE);
- memset(x_o1, 0, _O1_BYTE);
- memset(x_o2, 0, _O2_BYTE);
- memset(temp_o, 0, sizeof(temp_o));
-
- // return: copy w and salt to the signature.
- if (MAX_ATTEMPT_FRMAT <= n_attempt) {
- return -1;
- }
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(signature, w, _PUB_N_BYTE);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(signature + _PUB_N_BYTE, salt, _SALT_BYTE);
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk) {
- unsigned char digest_ck[_PUB_M_BYTE];
- // public_map( digest_ck , pk , signature ); Evaluating the quadratic public polynomials.
- batch_quad_trimat_eval(digest_ck, pk->pk, signature, _PUB_N, _PUB_M_BYTE);
-
- unsigned char correct[_PUB_M_BYTE];
- unsigned char digest_salt[_HASH_LEN + _SALT_BYTE];
- memcpy(digest_salt, digest, _HASH_LEN);
- memcpy(digest_salt + _HASH_LEN, signature + _PUB_N_BYTE, _SALT_BYTE);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(correct, _PUB_M_BYTE, digest_salt, _HASH_LEN + _SALT_BYTE); // H( digest || salt )
-
- // check consistancy.
- unsigned char cc = 0;
- for (unsigned int i = 0; i < _PUB_M_BYTE; i++) {
- cc |= (digest_ck[i] ^ correct[i]);
- }
- return (0 == cc) ? 0 : -1;
-}
-
-/////////////// cyclic version ///////////////////////////
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *csk, const uint8_t *digest) {
- unsigned char sk[sizeof(sk_t) + 32];
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_secretkey_cyclic((sk_t *)sk, csk->pk_seed, csk->sk_seed); // generating classic secret key.
- return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign(signature, (sk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *_pk) {
- unsigned char pk[sizeof(pk_t) + 32];
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_cpk_to_pk((pk_t *)pk, _pk); // generating classic public key.
- return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify(digest, signature, (pk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow.h
deleted file mode 100644
index a1c69bc5fd..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow.h
+++ /dev/null
@@ -1,50 +0,0 @@
-#ifndef _RAINBOW_H_
-#define _RAINBOW_H_
-/// @file rainbow.h
-/// @brief APIs for rainbow.
-///
-
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-
-#include
-
-///
-/// @brief Signing function for classical secret key.
-///
-/// @param[out] signature - the signature.
-/// @param[in] sk - the secret key.
-/// @param[in] digest - the digest.
-///
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign(uint8_t *signature, const sk_t *sk, const uint8_t *digest);
-
-///
-/// @brief Verifying function.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify(const uint8_t *digest, const uint8_t *signature, const pk_t *pk);
-
-///
-/// @brief Signing function for compressed secret key of the cyclic rainbow.
-///
-/// @param[out] signature - the signature.
-/// @param[in] sk - the compressed secret key.
-/// @param[in] digest - the digest.
-///
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign_cyclic(uint8_t *signature, const csk_t *sk, const uint8_t *digest);
-
-///
-/// @brief Verifying function for cyclic public keys.
-///
-/// @param[in] digest - the digest.
-/// @param[in] signature - the signature.
-/// @param[in] pk - the public key of cyclic rainbow.
-/// @return 0 for successful verified. -1 for failed verification.
-///
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify_cyclic(const uint8_t *digest, const uint8_t *signature, const cpk_t *pk);
-
-#endif // _RAINBOW_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_blas.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_blas.h
deleted file mode 100644
index b33125f818..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_blas.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#ifndef _RAINBOW_BLAS_H_
-#define _RAINBOW_BLAS_H_
-/// @file rainbow_blas.h
-/// @brief Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-///
-/// Defining the functions used in rainbow.c acconding to the definitions in rainbow_config.h
-
-#include "blas.h"
-#include "blas_comm.h"
-#include "parallel_matrix_op.h"
-#include "rainbow_config.h"
-
-
-#define gfv_get_ele PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_get_ele
-#define gfv_mul_scalar PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_mul_scalar
-#define gfv_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_madd
-
-#define gfmat_prod PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_prod
-#define gfmat_inv PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256mat_inv
-
-#define batch_trimat_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimat_madd_gf256
-#define batch_trimatTr_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_trimatTr_madd_gf256
-#define batch_2trimat_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_2trimat_madd_gf256
-#define batch_matTr_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_matTr_madd_gf256
-#define batch_bmatTr_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_bmatTr_madd_gf256
-#define batch_mat_madd PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_mat_madd_gf256
-
-#define batch_quad_trimat_eval PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_trimat_eval_gf256
-#define batch_quad_recmat_eval PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_batch_quad_recmat_eval_gf256
-
-
-#endif // _RAINBOW_BLAS_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_config.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_config.h
deleted file mode 100644
index e668ff3cb0..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_config.h
+++ /dev/null
@@ -1,48 +0,0 @@
-#ifndef _H_RAINBOW_CONFIG_H_
-#define _H_RAINBOW_CONFIG_H_
-
-/// @file rainbow_config.h
-/// @brief Defining the parameters of the Rainbow and the corresponding constants.
-///
-
-#define _GFSIZE 256
-#define _V1 96
-#define _O1 36
-#define _O2 64
-#define _MAX_O 64
-#define _HASH_LEN 64
-
-
-#define _V2 ((_V1) + (_O1))
-
-/// size of N, in # of gf elements.
-#define _PUB_N (_V1 + _O1 + _O2)
-
-/// size of M, in # gf elements.
-#define _PUB_M (_O1 + _O2)
-
-/// size of variables, in # bytes.
-
-// GF256
-#define _V1_BYTE (_V1)
-#define _V2_BYTE (_V2)
-#define _O1_BYTE (_O1)
-#define _O2_BYTE (_O2)
-#define _MAX_O_BYTE (_MAX_O)
-#define _PUB_N_BYTE (_PUB_N)
-#define _PUB_M_BYTE (_PUB_M)
-
-
-/// length of seed for public key, in # bytes
-#define LEN_PKSEED 32
-
-/// length of seed for secret key, in # bytes
-#define LEN_SKSEED 32
-
-/// length of salt for a signature, in # bytes
-#define _SALT_BYTE 16
-
-/// length of a signature
-#define _SIGNATURE_BYTE (_PUB_N_BYTE + _SALT_BYTE)
-
-#endif // _H_RAINBOW_CONFIG_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair.c
deleted file mode 100644
index d202b8afe4..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair.c
+++ /dev/null
@@ -1,217 +0,0 @@
-/// @file rainbow_keypair.c
-/// @brief implementations of functions in rainbow_keypair.h
-///
-
-#include "rainbow_keypair.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair_computation.h"
-#include "utils_prng.h"
-#include
-#include
-#include
-
-static
-void generate_S_T( unsigned char *s_and_t, prng_t *prng0 ) {
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->s1);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t1);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t4);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size );
- s_and_t += size;
-
- size = sizeof(_sk->t3);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, s_and_t, size );
-}
-
-
-static
-unsigned generate_l1_F12( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l1_F1);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l1_F2);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static
-unsigned generate_l2_F12356( unsigned char *sk, prng_t *prng0 ) {
- unsigned n_byte_generated = 0;
- sk_t *_sk;
- unsigned size;
-
- size = sizeof(_sk->l2_F1);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F2);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F3);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F5);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- sk += size;
- n_byte_generated += size;
-
- size = sizeof(_sk->l2_F6);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen( prng0, sk, size );
- n_byte_generated += size;
-
- return n_byte_generated;
-}
-
-
-static void generate_B1_B2(unsigned char *sk, prng_t *prng0) {
- sk += generate_l1_F12(sk, prng0);
- generate_l2_F12356(sk, prng0);
-}
-
-static void calculate_t4(unsigned char *t2_to_t4, const unsigned char *t1, const unsigned char *t3) {
- // t4 = T_sk.t1 * T_sk.t3 - T_sk.t2
- unsigned char temp[_V1_BYTE + 32];
- unsigned char *t4 = t2_to_t4;
- for (unsigned int i = 0; i < _O2; i++) { /// t3 width
- gfmat_prod(temp, t1, _V1_BYTE, _O1, t3);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(t4, temp, _V1_BYTE);
- t4 += _V1_BYTE;
- t3 += _O1_BYTE;
- }
-}
-
-static void obsfucate_l1_polys(unsigned char *l1_polys, const unsigned char *l2_polys, unsigned int n_terms, const unsigned char *s1) {
- unsigned char temp[_O1_BYTE + 32];
- while (n_terms--) {
- gfmat_prod(temp, s1, _O1_BYTE, _O2, l2_polys);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_gf256v_add(l1_polys, temp, _O1_BYTE);
- l1_polys += _O1_BYTE;
- l2_polys += _O2_BYTE;
- }
-}
-
-/////////////////// Classic //////////////////////////////////
-
-
-///////////////////// Cyclic //////////////////////////////////
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) {
- memcpy(pk->pk_seed, pk_seed, LEN_PKSEED);
- memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);
-
- // prng for sk
- prng_t prng;
- prng_t *prng0 = &prng;
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(prng0, sk_seed, LEN_SKSEED);
- generate_S_T(sk->s1, prng0); // S,T: only a part of sk
-
- unsigned char t2[sizeof(sk->t4)];
- memcpy(t2, sk->t4, _V1_BYTE * _O2); // temporarily store t2
- calculate_t4(sk->t4, sk->t1, sk->t3); // t2 <- t4
-
- // prng for pk
- sk_t inst_Qs;
- sk_t *Qs = &inst_Qs;
- prng_t *prng1 = &prng;
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(prng1, pk_seed, LEN_PKSEED);
- generate_B1_B2(Qs->l1_F1, prng1); // generating l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6
- obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1);
- obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1);
- // so far, the Qs contains l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6.
-
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk); // calcuate the rest parts of secret key from Qs and S,T
-
- unsigned char t4[sizeof(sk->t4)];
- memcpy(t4, sk->t4, _V1_BYTE * _O2); // temporarily store t4
- memcpy(sk->t4, t2, _V1_BYTE * _O2); // restore t2
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(pk, sk, sk); // calculate the rest parts of public key: l1_Q3, l1_Q5, l1_Q6, l1_Q9, l2_Q9
- memcpy(sk->t4, t4, _V1_BYTE * _O2); // restore t4
-
- obsfucate_l1_polys(pk->l1_Q3, Qs->l2_F3, _V1 * _O2, sk->s1);
- obsfucate_l1_polys(pk->l1_Q5, Qs->l2_F5, N_TRIANGLE_TERMS(_O1), sk->s1);
- obsfucate_l1_polys(pk->l1_Q6, Qs->l2_F6, _O1 * _O2, sk->s1);
- obsfucate_l1_polys(pk->l1_Q9, pk->l2_Q9, N_TRIANGLE_TERMS(_O2), sk->s1);
-
- // clean
- memset(&prng, 0, sizeof(prng_t));
-}
-
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *rsk, const unsigned char *pk_seed, const unsigned char *sk_seed) {
- memcpy(rsk->pk_seed, pk_seed, LEN_PKSEED);
- memcpy(rsk->sk_seed, sk_seed, LEN_SKSEED);
- sk_t sk;
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_keypair_cyclic(pk, &sk, pk_seed, sk_seed);
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed) {
- memcpy(sk->sk_seed, sk_seed, LEN_SKSEED);
-
- // prng for sk
- prng_t prng0;
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(&prng0, sk_seed, LEN_SKSEED);
- generate_S_T(sk->s1, &prng0);
- calculate_t4(sk->t4, sk->t1, sk->t3);
-
- // prng for pk
- sk_t inst_Qs;
- sk_t *Qs = &inst_Qs;
- prng_t prng1;
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(&prng1, pk_seed, LEN_PKSEED);
- generate_B1_B2(Qs->l1_F1, &prng1);
-
- obsfucate_l1_polys(Qs->l1_F1, Qs->l2_F1, N_TRIANGLE_TERMS(_V1), sk->s1);
- obsfucate_l1_polys(Qs->l1_F2, Qs->l2_F2, _V1 * _O1, sk->s1);
-
- // calcuate the parts of sk according to pk.
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_F_from_Q(sk, Qs, sk);
-
- // clean prng for sk
- memset(&prng0, 0, sizeof(prng_t));
-}
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_cpk_to_pk(pk_t *rpk, const cpk_t *cpk) {
- // procedure: cpk_t --> extcpk_t --> pk_t
-
- // convert from cpk_t to extcpk_t
- ext_cpk_t pk;
-
- // setup prng
- prng_t prng0;
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(&prng0, cpk->pk_seed, LEN_SKSEED);
-
- // generating parts of key with prng
- generate_l1_F12(pk.l1_Q1, &prng0);
- // copying parts of key from input. l1_Q3, l1_Q5, l1_Q6, l1_Q9
- memcpy(pk.l1_Q3, cpk->l1_Q3, _O1_BYTE * (_V1 * _O2 + N_TRIANGLE_TERMS(_O1) + _O1 * _O2 + N_TRIANGLE_TERMS(_O2)));
-
- // generating parts of key with prng
- generate_l2_F12356(pk.l2_Q1, &prng0);
- // copying parts of key from input: l2_Q9
- memcpy(pk.l2_Q9, cpk->l2_Q9, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
-
- // convert from extcpk_t to pk_t
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_extcpk_to_pk(rpk, &pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair.h
deleted file mode 100644
index 9204d2c057..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair.h
+++ /dev/null
@@ -1,111 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_H_
-#define _RAINBOW_KEYPAIR_H_
-/// @file rainbow_keypair.h
-/// @brief Formats of key pairs and functions for generating key pairs.
-/// Formats of key pairs and functions for generating key pairs.
-///
-
-#include "rainbow_config.h"
-
-#define N_TRIANGLE_TERMS(n_var) ((n_var) * ((n_var) + 1) / 2)
-
-/// @brief public key for classic rainbow
-///
-/// public key for classic rainbow
-///
-typedef struct rainbow_publickey {
- unsigned char pk[(_PUB_M_BYTE)*N_TRIANGLE_TERMS(_PUB_N)];
-} pk_t;
-
-/// @brief secret key for classic rainbow
-///
-/// secret key for classic rainbow
-///
-typedef struct rainbow_secretkey {
- ///
- /// seed for generating secret key.
- /// Generating S, T, and F for classic rainbow.
- /// Generating S and T only for cyclic rainbow.
- unsigned char sk_seed[LEN_SKSEED];
-
- unsigned char s1[_O1_BYTE * _O2]; ///< part of S map
- unsigned char t1[_V1_BYTE * _O1]; ///< part of T map
- unsigned char t4[_V1_BYTE * _O2]; ///< part of T map
- unsigned char t3[_O1_BYTE * _O2]; ///< part of T map
-
- unsigned char l1_F1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer1
- unsigned char l1_F2[_O1_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer1
-
- unsigned char l2_F1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)]; ///< part of C-map, F1, Layer2
- unsigned char l2_F2[_O2_BYTE * _V1 * _O1]; ///< part of C-map, F2, Layer2
-
- unsigned char l2_F3[_O2_BYTE * _V1 * _O2]; ///< part of C-map, F3, Layer2
- unsigned char l2_F5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< part of C-map, F5, Layer2
- unsigned char l2_F6[_O2_BYTE * _O1 * _O2]; ///< part of C-map, F6, Layer2
-} sk_t;
-
-/// @brief public key for cyclic rainbow
-///
-/// public key for cyclic rainbow
-///
-typedef struct rainbow_publickey_cyclic {
- unsigned char pk_seed[LEN_PKSEED]; ///< seed for generating l1_Q1,l1_Q2,l2_Q1,l2_Q2,l2_Q3,l2_Q5,l2_Q6
-
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2]; ///< Q3, layer1
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)]; ///< Q5, layer1
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2]; ///< Q6, layer1
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)]; ///< Q9, layer1
-
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)]; ///< Q9, layer2
-} cpk_t;
-
-/// @brief compressed secret key for cyclic rainbow
-///
-/// compressed secret key for cyclic rainbow
-///
-typedef struct rainbow_secretkey_cyclic {
- unsigned char pk_seed[LEN_PKSEED]; ///< seed for generating a part of public key.
- unsigned char sk_seed[LEN_SKSEED]; ///< seed for generating a part of secret key.
-} csk_t;
-
-
-///
-/// @brief Generate key pairs for cyclic rainbow.
-///
-/// @param[out] pk - the public key.
-/// @param[out] sk - the secret key.
-/// @param[in] pk_seed - seed for generating parts of public key.
-/// @param[in] sk_seed - seed for generating secret key.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_keypair_cyclic(cpk_t *pk, sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed);
-
-///
-/// @brief Generate compressed key pairs for cyclic rainbow.
-///
-/// @param[out] pk - the public key.
-/// @param[out] sk - the compressed secret key.
-/// @param[in] pk_seed - seed for generating parts of the public key.
-/// @param[in] sk_seed - seed for generating the secret key.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_compact_keypair_cyclic(cpk_t *pk, csk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed);
-
-///
-/// @brief Generate secret key for cyclic rainbow.
-///
-/// @param[out] sk - the secret key.
-/// @param[in] pk_seed - seed for generating parts of the pbulic key.
-/// @param[in] sk_seed - seed for generating the secret key.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_secretkey_cyclic(sk_t *sk, const unsigned char *pk_seed, const unsigned char *sk_seed);
-
-////////////////////////////////////
-
-///
-/// @brief converting formats of public keys : from cyclic version to classic key
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the cyclic public key.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_cpk_to_pk(pk_t *pk, const cpk_t *cpk);
-
-#endif // _RAINBOW_KEYPAIR_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair_computation.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair_computation.c
deleted file mode 100644
index aafa84dc2f..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair_computation.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/// @file rainbow_keypair_computation.c
-/// @brief Implementations for functions in rainbow_keypair_computation.h
-///
-
-#include "rainbow_keypair_computation.h"
-#include "blas.h"
-#include "blas_comm.h"
-#include "rainbow_blas.h"
-#include "rainbow_keypair.h"
-#include
-#include
-#include
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk) {
- const unsigned char *idx_l1 = cpk->l1_Q1;
- const unsigned char *idx_l2 = cpk->l2_Q1;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = i; j < _V1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q2;
- idx_l2 = cpk->l2_Q2;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q3;
- idx_l2 = cpk->l2_Q3;
- for (unsigned int i = 0; i < _V1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q5;
- idx_l2 = cpk->l2_Q5;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = i; j < _V1 + _O1; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q6;
- idx_l2 = cpk->l2_Q6;
- for (unsigned int i = _V1; i < _V1 + _O1; i++) {
- for (unsigned int j = _V1 + _O1; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
- idx_l1 = cpk->l1_Q9;
- idx_l2 = cpk->l2_Q9;
- for (unsigned int i = _V1 + _O1; i < _PUB_N; i++) {
- for (unsigned int j = i; j < _PUB_N; j++) {
- unsigned int pub_idx = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_idx_of_trimat(i, j, _PUB_N);
- memcpy(&pk->pk[_PUB_M_BYTE * pub_idx], idx_l1, _O1_BYTE);
- memcpy((&pk->pk[_PUB_M_BYTE * pub_idx]) + _O1_BYTE, idx_l2, _O2_BYTE);
- idx_l1 += _O1_BYTE;
- idx_l2 += _O2_BYTE;
- }
- }
-}
-
-static void calculate_F_from_Q_ref(sk_t *Fs, const sk_t *Qs, sk_t *Ts) {
- // Layer 1
- // F_sk.l1_F1s[i] = Q_pk.l1_F1s[i]
- memcpy(Fs->l1_F1, Qs->l1_F1, _O1_BYTE * N_TRIANGLE_TERMS(_V1));
-
- // F_sk.l1_F2s[i] = ( Q_pk.l1_F1s[i] + Q_pk.l1_F1s[i].transpose() ) * T_sk.t1 + Q_pk.l1_F2s[i]
- memcpy(Fs->l1_F2, Qs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_2trimat_madd(Fs->l1_F2, Qs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE);
-
- /*
- Layer 2
- computations:
-
- F_sk.l2_F1s[i] = Q_pk.l2_F1s[i]
-
- Q1_T1 = Q_pk.l2_F1s[i]*T_sk.t1
- F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1
- F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i]
-
- Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4
- #Q1_Q1T_T4 = Q1_Q1T * t4
- Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3
- F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i]
- F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- + Q_pk.l2_F2s[i].transpose() * t4
- + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i]
-
- */
- memcpy(Fs->l2_F1, Qs->l2_F1, _O2_BYTE * N_TRIANGLE_TERMS(_V1)); // F_sk.l2_F1s[i] = Q_pk.l2_F1s[i]
-
- // F_sk.l2_F2s[i] = Q1_T1 + Q_pk.l2_F2s[i] + Q_pk.l2_F1s[i].transpose() * T_sk.t1
- // F_sk.l2_F5s[i] = UT( t1_tr* ( Q1_T1 + Q_pk.l2_F2s[i] ) ) + Q_pk.l2_F5s[i]
- memcpy(Fs->l2_F2, Qs->l2_F2, _O2_BYTE * _V1 * _O1);
- batch_trimat_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // Q1_T1+ Q2
-
- unsigned char tempQ[_O1 * _O1 * _O2_BYTE + 32];
- memset(tempQ, 0, _O1 * _O1 * _O2_BYTE);
- batch_matTr_madd(tempQ, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F2, _O1, _O2_BYTE); // t1_tr*(Q1_T1+Q2)
- memcpy(Fs->l2_F5, Qs->l2_F5, _O2_BYTE * N_TRIANGLE_TERMS(_O1)); // F5
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(Fs->l2_F5, tempQ, _O1, _O2_BYTE); // UT( ... )
-
- batch_trimatTr_madd(Fs->l2_F2, Qs->l2_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O2_BYTE); // F2 = Q1_T1 + Q2 + Q1^tr*t1
-
- // Q1_Q1T_T4 = (Q_pk.l2_F1s[i] + Q_pk.l2_F1s[i].transpose()) * t4
- // Q2_T3 = Q_pk.l2_F2s[i]*T_sk.t3
- // F_sk.l2_F3s[i] = Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i]
- memcpy(Fs->l2_F3, Qs->l2_F3, _V1 * _O2 * _O2_BYTE);
- batch_2trimat_madd(Fs->l2_F3, Qs->l2_F1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE); // Q1_Q1T_T4
- batch_mat_madd(Fs->l2_F3, Qs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // Q2_T3
-
- // F_sk.l2_F6s[i] = t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- // + Q_pk.l2_F2s[i].transpose() * t4
- // + (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3 + Q_pk.l2_F6s[i]
- memcpy(Fs->l2_F6, Qs->l2_F6, _O1 * _O2 * _O2_BYTE);
- batch_matTr_madd(Fs->l2_F6, Ts->t1, _V1, _V1_BYTE, _O1, Fs->l2_F3, _O2, _O2_BYTE); // t1_tr * ( Q1_Q1T_T4 + Q2_T3 + Q_pk.l2_F3s[i] )
- batch_2trimat_madd(Fs->l2_F6, Qs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // (Q_pk.l2_F5s[i] + Q_pk.l2_F5s[i].transpose())*T_sk.t3
- batch_bmatTr_madd(Fs->l2_F6, Qs->l2_F2, _O1, Ts->t4, _V1, _V1_BYTE, _O2, _O2_BYTE);
-}
-
-#define _SIZE_BUFFER_F2 (_O2_BYTE * _V1 * _O2)
-#define _SIZE_BUFFER_F3 (_O2_BYTE * _V1 * _O2)
-static void calculate_Q_from_F_cyclic_ref(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- // Layer 1: Computing Q5, Q3, Q6, Q9
-
- // Q_pk.l1_F5s[i] = UT( T1tr* (F1 * T1 + F2) )
- const unsigned char *t2 = Ts->t4;
-
- // assuming _O2 >= _O1
-
- unsigned char buffer_F2[_SIZE_BUFFER_F2];
- memcpy(buffer_F2, Fs->l1_F2, _O1_BYTE * _V1 * _O1);
- batch_trimat_madd( buffer_F2, Fs->l1_F1, Ts->t1, _V1, _V1_BYTE, _O1, _O1_BYTE); // F1*T1 + F2
-
- // assuming _O2 >= _O1
- unsigned char buffer_F3[_SIZE_BUFFER_F3];
- memset(buffer_F3, 0, _O1_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F3, Ts->t1, _V1, _V1_BYTE, _O1, buffer_F2, _O1, _O1_BYTE); // T1tr*(F1*T1 + F2) , release buffer_F2
- memset(Qs->l1_Q5, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O1));
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q5, buffer_F3, _O1, _O1_BYTE); // UT( ... ) // Q5 , release buffer_F3
- /*
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- F1_F1T_T2 + F2_T3 = F1_T2 + F2_T3 + F1tr * t2
- Q_pk.l1_F3s[i] = F1_F1T_T2 + F2_T3
- Q_pk.l1_F6s[i] = T1tr* ( F1_F1T_T2 + F2_T3 ) + F2tr * t2
- Q_pk.l1_F9s[i] = UT( T2tr* ( F1_T2 + F2_T3 ) )
- */
- memset(Qs->l1_Q3, 0, _O1_BYTE * _V1 * _O2);
- memset(Qs->l1_Q6, 0, _O1_BYTE * _O1 * _O2);
- memset(Qs->l1_Q9, 0, _O1_BYTE * N_TRIANGLE_TERMS(_O2));
-
- batch_trimat_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1*T2
- batch_mat_madd(Qs->l1_Q3, Fs->l1_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O1_BYTE); // F1_T2 + F
- memset(buffer_F3, 0, _O1_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F3, t2, _V1, _V1_BYTE, _O2, Qs->l1_Q3, _O2, _O1_BYTE); // T2tr * ( F1_T2 + F2_T3 )
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(Qs->l1_Q9, buffer_F3, _O2, _O1_BYTE); // Q9 , release buffe
- batch_trimatTr_madd(Qs->l1_Q3, Fs->l1_F1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F1_F1T_T2 + F2_T3 /
- batch_bmatTr_madd(Qs->l1_Q6, Fs->l1_F2, _O1, t2, _V1, _V1_BYTE, _O2, _O1_BYTE); // F2tr*T2
- batch_matTr_madd(Qs->l1_Q6, Ts->t1, _V1, _V1_BYTE, _O1, Qs->l1_Q3, _O2, _O1_BYTE); // Q6
- /*
- Layer 2
- Computing
- F1_T2 = F1 * t2
- F2_T3 = F2 * t3
- Q9 = UT( T2tr*( F1*T2 + F2*T3 + F3 ) + T3tr*( F5*T3 + F6 ) )
- */
- memcpy(buffer_F3, Fs->l2_F3, _O2_BYTE * _V1 * _O2);
- batch_trimat_madd(buffer_F3, Fs->l2_F1, t2, _V1, _V1_BYTE, _O2, _O2_BYTE); // F1*T2 + F3
- batch_mat_madd(buffer_F3, Fs->l2_F2, _V1, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F1_T2 + F2_T3
- memset(buffer_F2, 0, _O2_BYTE * _V1 * _O2);
- batch_matTr_madd(buffer_F2, t2, _V1, _V1_BYTE, _O2, buffer_F3, _O2, _O2_BYTE); // T2tr * ( ..... ) , release buffe
- memcpy(buffer_F3, Fs->l2_F6, _O2_BYTE * _O1 * _O2);
- batch_trimat_madd(buffer_F3, Fs->l2_F5, Ts->t3, _O1, _O1_BYTE, _O2, _O2_BYTE); // F5*T3 + F6
- batch_matTr_madd(buffer_F2, Ts->t3, _O1, _O1_BYTE, _O2, buffer_F3, _O2, _O2_BYTE); // T2tr*( ..... ) + T3tr*( ..... )
- memset(Qs->l2_Q9, 0, _O2_BYTE * N_TRIANGLE_TERMS(_O2));
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_UpperTrianglize(Qs->l2_Q9, buffer_F2, _O2, _O2_BYTE); // Q9
- memset(buffer_F2, 0, _SIZE_BUFFER_F2);
- memset(buffer_F3, 0, _SIZE_BUFFER_F3);
-}
-
-// Choosing implementations depends on the macros: _BLAS_SSE_ and _BLAS_AVX2_
-#define calculate_F_from_Q_impl calculate_F_from_Q_ref
-#define calculate_Q_from_F_cyclic_impl calculate_Q_from_F_cyclic_ref
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts) {
- calculate_F_from_Q_impl(Fs, Qs, Ts);
-}
-
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts) {
- calculate_Q_from_F_cyclic_impl(Qs, Fs, Ts);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair_computation.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair_computation.h
deleted file mode 100644
index 68e7234a3b..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/rainbow_keypair_computation.h
+++ /dev/null
@@ -1,71 +0,0 @@
-#ifndef _RAINBOW_KEYPAIR_COMP_H_
-#define _RAINBOW_KEYPAIR_COMP_H_
-/// @file rainbow_keypair_computation.h
-/// @brief Functions for calculating pk/sk while generating keys.
-///
-/// Defining an internal structure of public key.
-/// Functions for calculating pk/sk for key generation.
-///
-
-#include "rainbow_keypair.h"
-
-/// @brief The (internal use) public key for rainbow
-///
-/// The (internal use) public key for rainbow. The public
-/// polynomials are divided into l1_Q1, l1_Q2, ... l1_Q9,
-/// l2_Q1, .... , l2_Q9.
-///
-typedef struct rainbow_extend_publickey {
- unsigned char l1_Q1[_O1_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l1_Q2[_O1_BYTE * _V1 * _O1];
- unsigned char l1_Q3[_O1_BYTE * _V1 * _O2];
- unsigned char l1_Q5[_O1_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l1_Q6[_O1_BYTE * _O1 * _O2];
- unsigned char l1_Q9[_O1_BYTE * N_TRIANGLE_TERMS(_O2)];
-
- unsigned char l2_Q1[_O2_BYTE * N_TRIANGLE_TERMS(_V1)];
- unsigned char l2_Q2[_O2_BYTE * _V1 * _O1];
- unsigned char l2_Q3[_O2_BYTE * _V1 * _O2];
- unsigned char l2_Q5[_O2_BYTE * N_TRIANGLE_TERMS(_O1)];
- unsigned char l2_Q6[_O2_BYTE * _O1 * _O2];
- unsigned char l2_Q9[_O2_BYTE * N_TRIANGLE_TERMS(_O2)];
-} ext_cpk_t;
-
-///
-/// @brief converting formats of public keys : from ext_cpk_t version to pk_t
-///
-/// @param[out] pk - the classic public key.
-/// @param[in] cpk - the internel public key.
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_extcpk_to_pk(pk_t *pk, const ext_cpk_t *cpk);
-/////////////////////////////////////////////////
-
-///
-/// @brief Computing public key from secret key
-///
-/// @param[out] Qs - the public key
-/// @param[in] Fs - parts of the secret key: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the secret key: T1, T4, T3
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_Q_from_F(ext_cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-
-///
-/// @brief Computing parts of the sk from parts of pk and sk
-///
-/// @param[out] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Qs - parts of the pk: l1_Q1, l1_Q2, l2_Q1, l2_Q2, l2_Q3, l2_Q5, l2_Q6
-/// @param[in] Ts - parts of the sk: T1, T4, T3
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_F_from_Q(sk_t *Fs, const sk_t *Qs, sk_t *Ts);
-
-///
-/// @brief Computing parts of the pk from the secret key
-///
-/// @param[out] Qs - parts of the pk: l1_Q3, l1_Q5, l2_Q6, l1_Q9, l2_Q9
-/// @param[in] Fs - parts of the sk: l1_F1, l1_F2, l2_F1, l2_F2, l2_F3, l2_F5, l2_F6
-/// @param[in] Ts - parts of the sk: T1, T4, T3
-///
-void PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_calculate_Q_from_F_cyclic(cpk_t *Qs, const sk_t *Fs, const sk_t *Ts);
-
-#endif // _RAINBOW_KEYPAIR_COMP_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/sign.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/sign.c
deleted file mode 100644
index 335e7bfd84..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/sign.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/// @file sign.c
-/// @brief the implementations for functions in api.h
-///
-///
-
-#include "api.h"
-#include "rainbow.h"
-#include "rainbow_config.h"
-#include "rainbow_keypair.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_keypair(unsigned char *pk, unsigned char *sk) {
- unsigned char sk_seed[LEN_SKSEED] = {0};
- randombytes(sk_seed, LEN_SKSEED);
-
- unsigned char pk_seed[LEN_PKSEED] = {0};
- randombytes(pk_seed, LEN_PKSEED);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_generate_compact_keypair_cyclic((cpk_t *)pk, (csk_t *)sk, pk_seed, sk_seed);
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign(unsigned char *sm, size_t *smlen, const unsigned char *m, size_t mlen, const unsigned char *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
-
- memcpy(sm, m, mlen);
- smlen[0] = mlen + _SIGNATURE_BYTE;
-
- return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign_cyclic(sm + mlen, (const csk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_open(unsigned char *m, size_t *mlen, const unsigned char *sm, size_t smlen, const unsigned char *pk) {
- int rc;
- if (_SIGNATURE_BYTE > smlen) {
- rc = -1;
- } else {
- *mlen = smlen - _SIGNATURE_BYTE;
-
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, sm, *mlen);
-
- rc = PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sm + mlen[0], (const cpk_t *)pk);
- }
- if (!rc) {
- memmove(m, sm, smlen - _SIGNATURE_BYTE);
- } else { // bad signature
- *mlen = (size_t) -1;
- memset(m, 0, smlen);
- }
- return rc;
-}
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_signature(
- uint8_t *sig, size_t *siglen,
- const uint8_t *m, size_t mlen, const uint8_t *sk) {
- unsigned char digest[_HASH_LEN];
-
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- *siglen = _SIGNATURE_BYTE;
- return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_sign_cyclic(sig, (const csk_t *)sk, digest);
-}
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_verify(
- const uint8_t *sig, size_t siglen,
- const uint8_t *m, size_t mlen, const uint8_t *pk) {
- if (siglen != _SIGNATURE_BYTE) {
- return -1;
- }
- unsigned char digest[_HASH_LEN];
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(digest, _HASH_LEN, m, mlen);
- return PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_rainbow_verify_cyclic(digest, sig, (const cpk_t *)pk);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_hash.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_hash.c
deleted file mode 100644
index d3ab9aeccb..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_hash.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/// @file utils_hash.c
-/// @brief the adapter for SHA2 families.
-///
-///
-
-#include "utils_hash.h"
-#include "rainbow_config.h"
-#include "sha2.h"
-
-static inline int h(unsigned char *digest, const unsigned char *m, size_t mlen) {
- sha512(digest, m, mlen);
- return 0;
-}
-
-static inline int expand_hash(unsigned char *digest, size_t n_digest, const unsigned char *hash) {
- if (_HASH_LEN >= n_digest) {
- for (size_t i = 0; i < n_digest; i++) {
- digest[i] = hash[i];
- }
- return 0;
- }
- for (size_t i = 0; i < _HASH_LEN; i++) {
- digest[i] = hash[i];
- }
- n_digest -= _HASH_LEN;
-
- while (_HASH_LEN <= n_digest) {
- h(digest + _HASH_LEN, digest, _HASH_LEN);
-
- n_digest -= _HASH_LEN;
- digest += _HASH_LEN;
- }
- unsigned char temp[_HASH_LEN];
- if (n_digest) {
- h(temp, digest, _HASH_LEN);
- for (size_t i = 0; i < n_digest; i++) {
- digest[_HASH_LEN + i] = temp[i];
- }
- }
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(unsigned char *digest,
- size_t len_digest,
- const unsigned char *m,
- size_t mlen) {
- unsigned char buf[_HASH_LEN];
- h(buf, m, mlen);
- return expand_hash(digest, len_digest, buf);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_hash.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_hash.h
deleted file mode 100644
index b1577ac130..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_hash.h
+++ /dev/null
@@ -1,11 +0,0 @@
-#ifndef _UTILS_HASH_H_
-#define _UTILS_HASH_H_
-/// @file utils_hash.h
-/// @brief the interface for adapting hash functions.
-///
-
-#include
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(unsigned char *digest, size_t len_digest, const unsigned char *m, size_t mlen);
-
-#endif // _UTILS_HASH_H_
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_prng.c b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_prng.c
deleted file mode 100644
index 378939db82..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_prng.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/// @file utils_prng.c
-/// @brief The implementation of PRNG related functions.
-///
-
-#include "utils_prng.h"
-#include "aes.h"
-#include "randombytes.h"
-#include "utils_hash.h"
-#include
-#include
-
-static void prng_update(const unsigned char *provided_data,
- unsigned char *Key,
- unsigned char *V) {
- unsigned char temp[48];
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, Key);
- for (int i = 0; i < 3; i++) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (V[j] == 0xff) {
- V[j] = 0x00;
- } else {
- V[j]++;
- break;
- }
- }
- aes256_ecb(temp + 16 * i, V, 1, &ctx);
- }
- if (provided_data != NULL) {
- for (int i = 0; i < 48; i++) {
- temp[i] ^= provided_data[i];
- }
- }
- aes256_ctx_release(&ctx);
- memcpy(Key, temp, 32);
- memcpy(V, temp + 32, 16);
-}
-static void randombytes_init_with_state(prng_t *state,
- unsigned char *entropy_input_48bytes) {
- memset(state->Key, 0x00, 32);
- memset(state->V, 0x00, 16);
- prng_update(entropy_input_48bytes, state->Key, state->V);
-}
-
-static int randombytes_with_state(prng_t *state,
- unsigned char *x,
- size_t xlen) {
-
- unsigned char block[16];
- int i = 0;
-
- aes256ctx ctx;
- aes256_ecb_keyexp(&ctx, state->Key);
-
- while (xlen > 0) {
- //increment V
- for (int j = 15; j >= 0; j--) {
- if (state->V[j] == 0xff) {
- state->V[j] = 0x00;
- } else {
- state->V[j]++;
- break;
- }
- }
- aes256_ecb(block, state->V, 1, &ctx);
- if (xlen > 15) {
- memcpy(x + i, block, 16);
- i += 16;
- xlen -= 16;
- } else {
- memcpy(x + i, block, xlen);
- xlen = 0;
- }
- }
- aes256_ctx_release(&ctx);
- prng_update(NULL, state->Key, state->V);
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen) {
- unsigned char seed[48];
- if (prng_seedlen >= 48) {
- memcpy(seed, prng_seed, 48);
- } else {
- memcpy(seed, prng_seed, prng_seedlen);
- PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_hash_msg(seed + prng_seedlen, 48 - (unsigned)prng_seedlen, (const unsigned char *)prng_seed, prng_seedlen);
- }
-
- randombytes_init_with_state(ctx, seed);
-
- return 0;
-}
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen) {
- return randombytes_with_state(ctx, out, outlen);
-}
diff --git a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_prng.h b/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_prng.h
deleted file mode 100644
index fdd2a7b286..0000000000
--- a/src/sig/rainbow/pqclean_rainbowV-compressed_clean/utils_prng.h
+++ /dev/null
@@ -1,18 +0,0 @@
-#ifndef _UTILS_PRNG_H_
-#define _UTILS_PRNG_H_
-/// @file utils_prng.h
-/// @brief the interface for adapting PRNG functions.
-///
-///
-
-#include "randombytes.h"
-
-typedef struct {
- unsigned char Key[32];
- unsigned char V[16];
-} prng_t;
-
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_set(prng_t *ctx, const void *prng_seed, unsigned long prng_seedlen);
-int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_prng_gen(prng_t *ctx, unsigned char *out, unsigned long outlen);
-
-#endif // _UTILS_PRNG_H_
diff --git a/src/sig/rainbow/sig_rainbow.h b/src/sig/rainbow/sig_rainbow.h
deleted file mode 100644
index 0f8307d141..0000000000
--- a/src/sig/rainbow/sig_rainbow.h
+++ /dev/null
@@ -1,74 +0,0 @@
-// SPDX-License-Identifier: MIT
-
-#ifndef OQS_SIG_RAINBOW_H
-#define OQS_SIG_RAINBOW_H
-
-#include
-
-#ifdef OQS_ENABLE_SIG_rainbow_III_classic
-#define OQS_SIG_rainbow_III_classic_length_public_key 882080
-#define OQS_SIG_rainbow_III_classic_length_secret_key 626048
-#define OQS_SIG_rainbow_III_classic_length_signature 164
-
-OQS_SIG *OQS_SIG_rainbow_III_classic_new(void);
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_classic_keypair(uint8_t *public_key, uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_classic_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_classic_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key);
-#endif
-
-#ifdef OQS_ENABLE_SIG_rainbow_III_circumzenithal
-#define OQS_SIG_rainbow_III_circumzenithal_length_public_key 264608
-#define OQS_SIG_rainbow_III_circumzenithal_length_secret_key 626048
-#define OQS_SIG_rainbow_III_circumzenithal_length_signature 164
-
-OQS_SIG *OQS_SIG_rainbow_III_circumzenithal_new(void);
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_circumzenithal_keypair(uint8_t *public_key, uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_circumzenithal_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_circumzenithal_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key);
-#endif
-
-#ifdef OQS_ENABLE_SIG_rainbow_III_compressed
-#define OQS_SIG_rainbow_III_compressed_length_public_key 264608
-#define OQS_SIG_rainbow_III_compressed_length_secret_key 64
-#define OQS_SIG_rainbow_III_compressed_length_signature 164
-
-OQS_SIG *OQS_SIG_rainbow_III_compressed_new(void);
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_compressed_keypair(uint8_t *public_key, uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_compressed_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_compressed_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key);
-#endif
-
-#ifdef OQS_ENABLE_SIG_rainbow_V_classic
-#define OQS_SIG_rainbow_V_classic_length_public_key 1930600
-#define OQS_SIG_rainbow_V_classic_length_secret_key 1408736
-#define OQS_SIG_rainbow_V_classic_length_signature 212
-
-OQS_SIG *OQS_SIG_rainbow_V_classic_new(void);
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_classic_keypair(uint8_t *public_key, uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_classic_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_classic_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key);
-#endif
-
-#ifdef OQS_ENABLE_SIG_rainbow_V_circumzenithal
-#define OQS_SIG_rainbow_V_circumzenithal_length_public_key 536136
-#define OQS_SIG_rainbow_V_circumzenithal_length_secret_key 1408736
-#define OQS_SIG_rainbow_V_circumzenithal_length_signature 212
-
-OQS_SIG *OQS_SIG_rainbow_V_circumzenithal_new(void);
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_circumzenithal_keypair(uint8_t *public_key, uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_circumzenithal_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_circumzenithal_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key);
-#endif
-
-#ifdef OQS_ENABLE_SIG_rainbow_V_compressed
-#define OQS_SIG_rainbow_V_compressed_length_public_key 536136
-#define OQS_SIG_rainbow_V_compressed_length_secret_key 64
-#define OQS_SIG_rainbow_V_compressed_length_signature 212
-
-OQS_SIG *OQS_SIG_rainbow_V_compressed_new(void);
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_compressed_keypair(uint8_t *public_key, uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_compressed_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key);
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_compressed_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key);
-#endif
-
-#endif
diff --git a/src/sig/rainbow/sig_rainbow_III_circumzenithal.c b/src/sig/rainbow/sig_rainbow_III_circumzenithal.c
deleted file mode 100644
index 0397d53da3..0000000000
--- a/src/sig/rainbow/sig_rainbow_III_circumzenithal.c
+++ /dev/null
@@ -1,48 +0,0 @@
-// SPDX-License-Identifier: MIT
-
-#include
-
-#include
-
-#if defined(OQS_ENABLE_SIG_rainbow_III_circumzenithal)
-
-OQS_SIG *OQS_SIG_rainbow_III_circumzenithal_new(void) {
-
- OQS_SIG *sig = malloc(sizeof(OQS_SIG));
- if (sig == NULL) {
- return NULL;
- }
- sig->method_name = OQS_SIG_alg_rainbow_III_circumzenithal;
- sig->alg_version = "https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263";
-
- sig->claimed_nist_level = 3;
- sig->euf_cma = true;
-
- sig->length_public_key = OQS_SIG_rainbow_III_circumzenithal_length_public_key;
- sig->length_secret_key = OQS_SIG_rainbow_III_circumzenithal_length_secret_key;
- sig->length_signature = OQS_SIG_rainbow_III_circumzenithal_length_signature;
-
- sig->keypair = OQS_SIG_rainbow_III_circumzenithal_keypair;
- sig->sign = OQS_SIG_rainbow_III_circumzenithal_sign;
- sig->verify = OQS_SIG_rainbow_III_circumzenithal_verify;
-
- return sig;
-}
-
-extern int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-extern int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk);
-extern int PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_circumzenithal_keypair(uint8_t *public_key, uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_keypair(public_key, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_circumzenithal_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_signature(signature, signature_len, message, message_len, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_circumzenithal_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWIIICIRCUMZENITHAL_CLEAN_crypto_sign_verify(signature, signature_len, message, message_len, public_key);
-}
-
-#endif
diff --git a/src/sig/rainbow/sig_rainbow_III_classic.c b/src/sig/rainbow/sig_rainbow_III_classic.c
deleted file mode 100644
index e8157f6a28..0000000000
--- a/src/sig/rainbow/sig_rainbow_III_classic.c
+++ /dev/null
@@ -1,48 +0,0 @@
-// SPDX-License-Identifier: MIT
-
-#include
-
-#include
-
-#if defined(OQS_ENABLE_SIG_rainbow_III_classic)
-
-OQS_SIG *OQS_SIG_rainbow_III_classic_new(void) {
-
- OQS_SIG *sig = malloc(sizeof(OQS_SIG));
- if (sig == NULL) {
- return NULL;
- }
- sig->method_name = OQS_SIG_alg_rainbow_III_classic;
- sig->alg_version = "https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263";
-
- sig->claimed_nist_level = 3;
- sig->euf_cma = true;
-
- sig->length_public_key = OQS_SIG_rainbow_III_classic_length_public_key;
- sig->length_secret_key = OQS_SIG_rainbow_III_classic_length_secret_key;
- sig->length_signature = OQS_SIG_rainbow_III_classic_length_signature;
-
- sig->keypair = OQS_SIG_rainbow_III_classic_keypair;
- sig->sign = OQS_SIG_rainbow_III_classic_sign;
- sig->verify = OQS_SIG_rainbow_III_classic_verify;
-
- return sig;
-}
-
-extern int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-extern int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk);
-extern int PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_classic_keypair(uint8_t *public_key, uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_keypair(public_key, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_classic_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_signature(signature, signature_len, message, message_len, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_classic_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWIIICLASSIC_CLEAN_crypto_sign_verify(signature, signature_len, message, message_len, public_key);
-}
-
-#endif
diff --git a/src/sig/rainbow/sig_rainbow_III_compressed.c b/src/sig/rainbow/sig_rainbow_III_compressed.c
deleted file mode 100644
index 2a7173d931..0000000000
--- a/src/sig/rainbow/sig_rainbow_III_compressed.c
+++ /dev/null
@@ -1,48 +0,0 @@
-// SPDX-License-Identifier: MIT
-
-#include
-
-#include
-
-#if defined(OQS_ENABLE_SIG_rainbow_III_compressed)
-
-OQS_SIG *OQS_SIG_rainbow_III_compressed_new(void) {
-
- OQS_SIG *sig = malloc(sizeof(OQS_SIG));
- if (sig == NULL) {
- return NULL;
- }
- sig->method_name = OQS_SIG_alg_rainbow_III_compressed;
- sig->alg_version = "https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263";
-
- sig->claimed_nist_level = 3;
- sig->euf_cma = true;
-
- sig->length_public_key = OQS_SIG_rainbow_III_compressed_length_public_key;
- sig->length_secret_key = OQS_SIG_rainbow_III_compressed_length_secret_key;
- sig->length_signature = OQS_SIG_rainbow_III_compressed_length_signature;
-
- sig->keypair = OQS_SIG_rainbow_III_compressed_keypair;
- sig->sign = OQS_SIG_rainbow_III_compressed_sign;
- sig->verify = OQS_SIG_rainbow_III_compressed_verify;
-
- return sig;
-}
-
-extern int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-extern int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk);
-extern int PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_compressed_keypair(uint8_t *public_key, uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_keypair(public_key, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_compressed_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_signature(signature, signature_len, message, message_len, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_III_compressed_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWIIICOMPRESSED_CLEAN_crypto_sign_verify(signature, signature_len, message, message_len, public_key);
-}
-
-#endif
diff --git a/src/sig/rainbow/sig_rainbow_V_circumzenithal.c b/src/sig/rainbow/sig_rainbow_V_circumzenithal.c
deleted file mode 100644
index 890503b6ac..0000000000
--- a/src/sig/rainbow/sig_rainbow_V_circumzenithal.c
+++ /dev/null
@@ -1,48 +0,0 @@
-// SPDX-License-Identifier: MIT
-
-#include
-
-#include
-
-#if defined(OQS_ENABLE_SIG_rainbow_V_circumzenithal)
-
-OQS_SIG *OQS_SIG_rainbow_V_circumzenithal_new(void) {
-
- OQS_SIG *sig = malloc(sizeof(OQS_SIG));
- if (sig == NULL) {
- return NULL;
- }
- sig->method_name = OQS_SIG_alg_rainbow_V_circumzenithal;
- sig->alg_version = "https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263";
-
- sig->claimed_nist_level = 5;
- sig->euf_cma = true;
-
- sig->length_public_key = OQS_SIG_rainbow_V_circumzenithal_length_public_key;
- sig->length_secret_key = OQS_SIG_rainbow_V_circumzenithal_length_secret_key;
- sig->length_signature = OQS_SIG_rainbow_V_circumzenithal_length_signature;
-
- sig->keypair = OQS_SIG_rainbow_V_circumzenithal_keypair;
- sig->sign = OQS_SIG_rainbow_V_circumzenithal_sign;
- sig->verify = OQS_SIG_rainbow_V_circumzenithal_verify;
-
- return sig;
-}
-
-extern int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-extern int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk);
-extern int PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_circumzenithal_keypair(uint8_t *public_key, uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_keypair(public_key, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_circumzenithal_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_signature(signature, signature_len, message, message_len, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_circumzenithal_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWVCIRCUMZENITHAL_CLEAN_crypto_sign_verify(signature, signature_len, message, message_len, public_key);
-}
-
-#endif
diff --git a/src/sig/rainbow/sig_rainbow_V_classic.c b/src/sig/rainbow/sig_rainbow_V_classic.c
deleted file mode 100644
index ceac9de598..0000000000
--- a/src/sig/rainbow/sig_rainbow_V_classic.c
+++ /dev/null
@@ -1,48 +0,0 @@
-// SPDX-License-Identifier: MIT
-
-#include
-
-#include
-
-#if defined(OQS_ENABLE_SIG_rainbow_V_classic)
-
-OQS_SIG *OQS_SIG_rainbow_V_classic_new(void) {
-
- OQS_SIG *sig = malloc(sizeof(OQS_SIG));
- if (sig == NULL) {
- return NULL;
- }
- sig->method_name = OQS_SIG_alg_rainbow_V_classic;
- sig->alg_version = "https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263";
-
- sig->claimed_nist_level = 5;
- sig->euf_cma = true;
-
- sig->length_public_key = OQS_SIG_rainbow_V_classic_length_public_key;
- sig->length_secret_key = OQS_SIG_rainbow_V_classic_length_secret_key;
- sig->length_signature = OQS_SIG_rainbow_V_classic_length_signature;
-
- sig->keypair = OQS_SIG_rainbow_V_classic_keypair;
- sig->sign = OQS_SIG_rainbow_V_classic_sign;
- sig->verify = OQS_SIG_rainbow_V_classic_verify;
-
- return sig;
-}
-
-extern int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-extern int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk);
-extern int PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_classic_keypair(uint8_t *public_key, uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_keypair(public_key, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_classic_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_signature(signature, signature_len, message, message_len, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_classic_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWVCLASSIC_CLEAN_crypto_sign_verify(signature, signature_len, message, message_len, public_key);
-}
-
-#endif
diff --git a/src/sig/rainbow/sig_rainbow_V_compressed.c b/src/sig/rainbow/sig_rainbow_V_compressed.c
deleted file mode 100644
index 258570e0d8..0000000000
--- a/src/sig/rainbow/sig_rainbow_V_compressed.c
+++ /dev/null
@@ -1,48 +0,0 @@
-// SPDX-License-Identifier: MIT
-
-#include
-
-#include
-
-#if defined(OQS_ENABLE_SIG_rainbow_V_compressed)
-
-OQS_SIG *OQS_SIG_rainbow_V_compressed_new(void) {
-
- OQS_SIG *sig = malloc(sizeof(OQS_SIG));
- if (sig == NULL) {
- return NULL;
- }
- sig->method_name = OQS_SIG_alg_rainbow_V_compressed;
- sig->alg_version = "https://github.com/fast-crypto-lab/rainbow-submission-round2/commit/173ada0e077e1b9dbd8e4a78994f87acc0c92263";
-
- sig->claimed_nist_level = 5;
- sig->euf_cma = true;
-
- sig->length_public_key = OQS_SIG_rainbow_V_compressed_length_public_key;
- sig->length_secret_key = OQS_SIG_rainbow_V_compressed_length_secret_key;
- sig->length_signature = OQS_SIG_rainbow_V_compressed_length_signature;
-
- sig->keypair = OQS_SIG_rainbow_V_compressed_keypair;
- sig->sign = OQS_SIG_rainbow_V_compressed_sign;
- sig->verify = OQS_SIG_rainbow_V_compressed_verify;
-
- return sig;
-}
-
-extern int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-extern int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m, size_t mlen, const uint8_t *sk);
-extern int PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, size_t mlen, const uint8_t *pk);
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_compressed_keypair(uint8_t *public_key, uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_keypair(public_key, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_compressed_sign(uint8_t *signature, size_t *signature_len, const uint8_t *message, size_t message_len, const uint8_t *secret_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_signature(signature, signature_len, message, message_len, secret_key);
-}
-
-OQS_API OQS_STATUS OQS_SIG_rainbow_V_compressed_verify(const uint8_t *message, size_t message_len, const uint8_t *signature, size_t signature_len, const uint8_t *public_key) {
- return (OQS_STATUS) PQCLEAN_RAINBOWVCOMPRESSED_CLEAN_crypto_sign_verify(signature, signature_len, message, message_len, public_key);
-}
-
-#endif
diff --git a/src/sig/sig.c b/src/sig/sig.c
index fd1fab1038..dcd83bdc40 100644
--- a/src/sig/sig.c
+++ b/src/sig/sig.c
@@ -23,12 +23,6 @@ OQS_API const char *OQS_SIG_alg_identifier(size_t i) {
OQS_SIG_alg_dilithium_5_aes,
OQS_SIG_alg_falcon_512,
OQS_SIG_alg_falcon_1024,
- OQS_SIG_alg_rainbow_III_classic,
- OQS_SIG_alg_rainbow_III_circumzenithal,
- OQS_SIG_alg_rainbow_III_compressed,
- OQS_SIG_alg_rainbow_V_classic,
- OQS_SIG_alg_rainbow_V_circumzenithal,
- OQS_SIG_alg_rainbow_V_compressed,
OQS_SIG_alg_sphincs_haraka_128f_robust,
OQS_SIG_alg_sphincs_haraka_128f_simple,
OQS_SIG_alg_sphincs_haraka_128s_robust,
@@ -143,42 +137,6 @@ OQS_API int OQS_SIG_alg_is_enabled(const char *method_name) {
return 1;
#else
return 0;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_III_classic)) {
-#ifdef OQS_ENABLE_SIG_rainbow_III_classic
- return 1;
-#else
- return 0;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_III_circumzenithal)) {
-#ifdef OQS_ENABLE_SIG_rainbow_III_circumzenithal
- return 1;
-#else
- return 0;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_III_compressed)) {
-#ifdef OQS_ENABLE_SIG_rainbow_III_compressed
- return 1;
-#else
- return 0;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_V_classic)) {
-#ifdef OQS_ENABLE_SIG_rainbow_V_classic
- return 1;
-#else
- return 0;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_V_circumzenithal)) {
-#ifdef OQS_ENABLE_SIG_rainbow_V_circumzenithal
- return 1;
-#else
- return 0;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_V_compressed)) {
-#ifdef OQS_ENABLE_SIG_rainbow_V_compressed
- return 1;
-#else
- return 0;
#endif
} else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_haraka_128f_robust)) {
#ifdef OQS_ENABLE_SIG_sphincs_haraka_128f_robust
@@ -528,42 +486,6 @@ OQS_API OQS_SIG *OQS_SIG_new(const char *method_name) {
return OQS_SIG_falcon_1024_new();
#else
return NULL;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_III_classic)) {
-#ifdef OQS_ENABLE_SIG_rainbow_III_classic
- return OQS_SIG_rainbow_III_classic_new();
-#else
- return NULL;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_III_circumzenithal)) {
-#ifdef OQS_ENABLE_SIG_rainbow_III_circumzenithal
- return OQS_SIG_rainbow_III_circumzenithal_new();
-#else
- return NULL;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_III_compressed)) {
-#ifdef OQS_ENABLE_SIG_rainbow_III_compressed
- return OQS_SIG_rainbow_III_compressed_new();
-#else
- return NULL;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_V_classic)) {
-#ifdef OQS_ENABLE_SIG_rainbow_V_classic
- return OQS_SIG_rainbow_V_classic_new();
-#else
- return NULL;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_V_circumzenithal)) {
-#ifdef OQS_ENABLE_SIG_rainbow_V_circumzenithal
- return OQS_SIG_rainbow_V_circumzenithal_new();
-#else
- return NULL;
-#endif
- } else if (0 == strcasecmp(method_name, OQS_SIG_alg_rainbow_V_compressed)) {
-#ifdef OQS_ENABLE_SIG_rainbow_V_compressed
- return OQS_SIG_rainbow_V_compressed_new();
-#else
- return NULL;
#endif
} else if (0 == strcasecmp(method_name, OQS_SIG_alg_sphincs_haraka_128f_robust)) {
#ifdef OQS_ENABLE_SIG_sphincs_haraka_128f_robust
diff --git a/src/sig/sig.h b/src/sig/sig.h
index 6dec651664..578056692f 100644
--- a/src/sig/sig.h
+++ b/src/sig/sig.h
@@ -72,18 +72,6 @@ extern "C" {
#define OQS_SIG_alg_falcon_512 "Falcon-512"
/** Algorithm identifier for Falcon-1024 */
#define OQS_SIG_alg_falcon_1024 "Falcon-1024"
-/** Algorithm identifier for Rainbow-III-Classic */
-#define OQS_SIG_alg_rainbow_III_classic "Rainbow-III-Classic"
-/** Algorithm identifier for Rainbow-III-Circumzenithal */
-#define OQS_SIG_alg_rainbow_III_circumzenithal "Rainbow-III-Circumzenithal"
-/** Algorithm identifier for Rainbow-III-Compressed */
-#define OQS_SIG_alg_rainbow_III_compressed "Rainbow-III-Compressed"
-/** Algorithm identifier for Rainbow-V-Classic */
-#define OQS_SIG_alg_rainbow_V_classic "Rainbow-V-Classic"
-/** Algorithm identifier for Rainbow-V-Circumzenithal */
-#define OQS_SIG_alg_rainbow_V_circumzenithal "Rainbow-V-Circumzenithal"
-/** Algorithm identifier for Rainbow-V-Compressed */
-#define OQS_SIG_alg_rainbow_V_compressed "Rainbow-V-Compressed"
/** Algorithm identifier for SPHINCS+-Haraka-128f-robust */
#define OQS_SIG_alg_sphincs_haraka_128f_robust "SPHINCS+-Haraka-128f-robust"
/** Algorithm identifier for SPHINCS+-Haraka-128f-simple */
@@ -160,7 +148,7 @@ extern "C" {
// EDIT-WHEN-ADDING-SIG
///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_ALGS_LENGTH_START
/** Number of algorithm identifiers above. */
-#define OQS_SIG_algs_length 62
+#define OQS_SIG_algs_length 56
///// OQS_COPY_FROM_UPSTREAM_FRAGMENT_ALGS_LENGTH_END
/**
@@ -336,9 +324,6 @@ OQS_API void OQS_SIG_free(OQS_SIG *sig);
#ifdef OQS_ENABLE_SIG_FALCON
#include
#endif /* OQS_ENABLE_SIG_FALCON */
-#ifdef OQS_ENABLE_SIG_RAINBOW
-#include
-#endif /* OQS_ENABLE_SIG_RAINBOW */
#ifdef OQS_ENABLE_SIG_SPHINCS
#include
#endif /* OQS_ENABLE_SIG_SPHINCS */
diff --git a/tests/KATs/sig/kats.json b/tests/KATs/sig/kats.json
index ade752bf2c..4d49354081 100644
--- a/tests/KATs/sig/kats.json
+++ b/tests/KATs/sig/kats.json
@@ -7,12 +7,6 @@
"Dilithium5-AES": "6d5032d970450d9dc94a243fcf303ed84b5562618a228f31dd047d600cbcbf9e",
"Falcon-1024": "ef2104e326221515621638ca03cd99802271bdd9907e2ae5fc7b8d19d696c584",
"Falcon-512": "e9c3985f1ce732e29ca81aeca091f20d4dbb5beb456ee1a7ab41d04add4dab10",
- "Rainbow-III-Circumzenithal": "1b5cbbdef12492ba8176309a44461d3d64a05b049f78edb85af1d166f4b64f32",
- "Rainbow-III-Classic": "1eb9bb6e63cfdbd05a6eaca9989e969fd234b110b67ff7e6373e1af080b35f41",
- "Rainbow-III-Compressed": "8f895e88918df9e26123b5e0be722e952f3603bfc1f6b2859a8155edf3907969",
- "Rainbow-V-Circumzenithal": "fba7a186c7f809da0d7ee0dcbc64d2573d824b44e539539b30c7ef1a36911760",
- "Rainbow-V-Classic": "3b13607b2761cd4b5ccf3206d3fec04f2568e0b01d6f370a336d0de7c70051ff",
- "Rainbow-V-Compressed": "452159bbc353bcb8e209d466df8c2ba3816d66a8dcf2059aa96185e10016feec",
"SPHINCS+-Haraka-128f-robust": "a8b966844b0c9bb2d954d95d25777bd548ee3dcb78e0833de8333a033d24cacb",
"SPHINCS+-Haraka-128f-simple": "266fb0a5e65ba0183fe4e462d48ff814842a389fb0785d30f89fa1c126df518b",
"SPHINCS+-Haraka-128s-robust": "ffad452b5ec3217d204ed13f5af76009ce265dd61ce9097714d941fec106dd01",
@@ -61,4 +55,4 @@
"picnic_L5_FS": "f8af8003cca1cca9c7fb56ec4dcb397b6ca13ab585cb88cc89edd33d1572b088",
"picnic_L5_UR": "a0366dfc37debef213619d5491d47e232fae27980669be7433ba859638f63015",
"picnic_L5_full": "839f72163492e1fd80a2923842cb269e13f60cdc023e0e2bd3533e54d88fe4f8"
-}
\ No newline at end of file
+}
diff --git a/tests/constant_time/sig/issues.json b/tests/constant_time/sig/issues.json
index 5a02b4ae10..9363dd89d4 100644
--- a/tests/constant_time/sig/issues.json
+++ b/tests/constant_time/sig/issues.json
@@ -8,12 +8,6 @@
"Dilithium5-AES": [],
"Falcon-1024": [],
"Falcon-512": [],
- "Rainbow-III-Circumzenithal": [],
- "Rainbow-III-Classic": [],
- "Rainbow-III-Compressed": [],
- "Rainbow-V-Circumzenithal": [],
- "Rainbow-V-Classic": [],
- "Rainbow-V-Compressed": [],
"SPHINCS+-Haraka-128f-robust": ["sphincs"],
"SPHINCS+-Haraka-128f-simple": ["sphincs"],
"SPHINCS+-Haraka-128s-robust": ["sphincs"],
diff --git a/tests/constant_time/sig/passes.json b/tests/constant_time/sig/passes.json
index 99096300fd..b8c1987112 100644
--- a/tests/constant_time/sig/passes.json
+++ b/tests/constant_time/sig/passes.json
@@ -8,12 +8,6 @@
"Dilithium5-AES": ["dilithium", "dilithium-avx2", "dilithium-aarch64", "dilithium-aes-avx2"],
"Falcon-1024": ["falcon_keygen", "falcon_sign"],
"Falcon-512": ["falcon_keygen", "falcon_sign"],
- "Rainbow-III-Circumzenithal": ["rainbow"],
- "Rainbow-III-Classic": ["rainbow"],
- "Rainbow-III-Compressed": ["rainbow"],
- "Rainbow-V-Circumzenithal": ["rainbow"],
- "Rainbow-V-Classic": ["rainbow"],
- "Rainbow-V-Compressed": ["rainbow"],
"SPHINCS+-Haraka-128f-robust": ["sphincs", "sphincs-haraka-aesni"],
"SPHINCS+-Haraka-128f-simple": ["sphincs", "sphincs-haraka-aesni"],
"SPHINCS+-Haraka-128s-robust": ["sphincs", "sphincs-haraka-aesni"],
diff --git a/tests/constant_time/sig/passes/rainbow b/tests/constant_time/sig/passes/rainbow
deleted file mode 100644
index d7fcceeb98..0000000000
--- a/tests/constant_time/sig/passes/rainbow
+++ /dev/null
@@ -1,25 +0,0 @@
-{
- Rejection sampling for solvable first layer
- Memcheck:Cond
- src:rainbow.c:43 # fun:PQCLEAN_RAINBOW*_CLEAN_rainbow_sign
- ...
- fun:PQCLEAN_RAINBOW*_CLEAN_crypto_sign_signature
-}
-{
- Rejection sampling for solvable second layer
- Memcheck:Cond
- src:rainbow.c:76 # fun:PQCLEAN_RAINBOW*_CLEAN_rainbow_sign
- ...
- fun:PQCLEAN_RAINBOW*_CLEAN_crypto_sign_signature
-}
-{
- Number of random bytes consumed is not secret
- Memcheck:Cond
- src:utils_prng.c:21 # fun:prng_update
- fun:randombytes_with_state
-}
-{
- Number of random bytes consumed is not secret
- Memcheck:Cond
- src:utils_prng.c:59 # fun:randombytes_with_state
-}
diff --git a/tests/kat_sig.c b/tests/kat_sig.c
index 321d91a0a5..ef436b6057 100644
--- a/tests/kat_sig.c
+++ b/tests/kat_sig.c
@@ -174,66 +174,6 @@ OQS_STATUS combine_message_signature(uint8_t **signed_msg, size_t *signed_msg_le
(*signed_msg)[42 + msg_len] = 0x2A;
memcpy(*signed_msg + 42 + msg_len + 1, falc_sig, signature_len - 41);
return OQS_SUCCESS;
- } else if (0 == strcmp(sig->method_name, "Rainbow-III-Classic")) {
- // signed_msg = msg || signature
- *signed_msg_len = msg_len + signature_len;
- *signed_msg = malloc(*signed_msg_len);
- if (*signed_msg == NULL) {
- return OQS_ERROR;
- }
- memcpy(*signed_msg, msg, msg_len);
- memcpy(*signed_msg + msg_len, signature, signature_len);
- return OQS_SUCCESS;
- } else if (0 == strcmp(sig->method_name, "Rainbow-III-Circumzenithal")) {
- // signed_msg = msg || signature
- *signed_msg_len = msg_len + signature_len;
- *signed_msg = malloc(*signed_msg_len);
- if (*signed_msg == NULL) {
- return OQS_ERROR;
- }
- memcpy(*signed_msg, msg, msg_len);
- memcpy(*signed_msg + msg_len, signature, signature_len);
- return OQS_SUCCESS;
- } else if (0 == strcmp(sig->method_name, "Rainbow-III-Compressed")) {
- // signed_msg = msg || signature
- *signed_msg_len = msg_len + signature_len;
- *signed_msg = malloc(*signed_msg_len);
- if (*signed_msg == NULL) {
- return OQS_ERROR;
- }
- memcpy(*signed_msg, msg, msg_len);
- memcpy(*signed_msg + msg_len, signature, signature_len);
- return OQS_SUCCESS;
- } else if (0 == strcmp(sig->method_name, "Rainbow-V-Classic")) {
- // signed_msg = msg || signature
- *signed_msg_len = msg_len + signature_len;
- *signed_msg = malloc(*signed_msg_len);
- if (*signed_msg == NULL) {
- return OQS_ERROR;
- }
- memcpy(*signed_msg, msg, msg_len);
- memcpy(*signed_msg + msg_len, signature, signature_len);
- return OQS_SUCCESS;
- } else if (0 == strcmp(sig->method_name, "Rainbow-V-Circumzenithal")) {
- // signed_msg = msg || signature
- *signed_msg_len = msg_len + signature_len;
- *signed_msg = malloc(*signed_msg_len);
- if (*signed_msg == NULL) {
- return OQS_ERROR;
- }
- memcpy(*signed_msg, msg, msg_len);
- memcpy(*signed_msg + msg_len, signature, signature_len);
- return OQS_SUCCESS;
- } else if (0 == strcmp(sig->method_name, "Rainbow-V-Compressed")) {
- // signed_msg = msg || signature
- *signed_msg_len = msg_len + signature_len;
- *signed_msg = malloc(*signed_msg_len);
- if (*signed_msg == NULL) {
- return OQS_ERROR;
- }
- memcpy(*signed_msg, msg, msg_len);
- memcpy(*signed_msg + msg_len, signature, signature_len);
- return OQS_SUCCESS;
} else if (0 == strcmp(sig->method_name, "SPHINCS+-Haraka-128f-robust")) {
// signed_msg = signature || msg
*signed_msg_len = signature_len + msg_len;
diff --git a/tests/test_sig.c b/tests/test_sig.c
index abf92084ed..980987d63b 100644
--- a/tests/test_sig.c
+++ b/tests/test_sig.c
@@ -215,29 +215,16 @@ int main(int argc, char **argv) {
OQS_STATUS rc;
#if OQS_USE_PTHREADS_IN_TESTS
#define MAX_LEN_SIG_NAME_ 64
- // don't run Rainbow III and V in threads because of large stack usage
- char no_thread_sig_patterns[][MAX_LEN_SIG_NAME_] = {"Rainbow-III", "Rainbow-V"};
- int test_in_thread = 1;
- for (size_t i = 0 ; i < sizeof(no_thread_sig_patterns) / MAX_LEN_SIG_NAME_; ++i) {
- if (strstr(alg_name, no_thread_sig_patterns[i]) != NULL) {
- test_in_thread = 0;
- break;
- }
- }
- if (test_in_thread) {
- pthread_t thread;
- struct thread_data td;
- td.alg_name = alg_name;
- int trc = pthread_create(&thread, NULL, test_wrapper, &td);
- if (trc) {
- fprintf(stderr, "ERROR: Creating pthread\n");
- return EXIT_FAILURE;
- }
- pthread_join(thread, NULL);
- rc = td.rc;
- } else {
- rc = sig_test_correctness(alg_name);
+ pthread_t thread;
+ struct thread_data td;
+ td.alg_name = alg_name;
+ int trc = pthread_create(&thread, NULL, test_wrapper, &td);
+ if (trc) {
+ fprintf(stderr, "ERROR: Creating pthread\n");
+ return EXIT_FAILURE;
}
+ pthread_join(thread, NULL);
+ rc = td.rc;
#else
rc = sig_test_correctness(alg_name);
#endif