From 85f6b80d0166452f37693047d473dcf25e1dd3db Mon Sep 17 00:00:00 2001 From: Rui Fernandes Date: Wed, 6 Mar 2024 16:38:00 +0100 Subject: [PATCH] wots avx2: wip --- avx2-jasmin/memcpy/memcpy.jtmpl | 2 +- avx2-jasmin/params/auto/Makefile | 1 - .../params/params-sphincs-haraka-128f.h | 80 ------------ .../params/params-sphincs-haraka-128f.jinc | 37 ------ .../params/params-sphincs-haraka-128s.h | 80 ------------ .../params/params-sphincs-haraka-128s.jinc | 37 ------ .../params/params-sphincs-haraka-192f.h | 80 ------------ .../params/params-sphincs-haraka-192f.jinc | 37 ------ .../params/params-sphincs-haraka-192s.h | 80 ------------ .../params/params-sphincs-haraka-192s.jinc | 37 ------ .../params/params-sphincs-haraka-256f.h | 80 ------------ .../params/params-sphincs-haraka-256f.jinc | 37 ------ .../params/params-sphincs-haraka-256s.h | 80 ------------ .../params/params-sphincs-haraka-256s.jinc | 37 ------ avx2-jasmin/params/params-sphincs-sha2-128f.h | 85 ------------ .../params/params-sphincs-sha2-128f.jinc | 37 ------ avx2-jasmin/params/params-sphincs-sha2-128s.h | 85 ------------ .../params/params-sphincs-sha2-128s.jinc | 37 ------ avx2-jasmin/params/params-sphincs-sha2-192f.h | 85 ------------ .../params/params-sphincs-sha2-192f.jinc | 37 ------ avx2-jasmin/params/params-sphincs-sha2-192s.h | 85 ------------ .../params/params-sphincs-sha2-192s.jinc | 37 ------ avx2-jasmin/params/params-sphincs-sha2-256f.h | 85 ------------ .../params/params-sphincs-sha2-256f.jinc | 37 ------ avx2-jasmin/params/params-sphincs-sha2-256s.h | 85 ------------ .../params/params-sphincs-sha2-256s.jinc | 37 ------ avx2-jasmin/utilsx4.c | 121 ++++-------------- avx2-jasmin/wots/wots.jtmpl | 101 +++++++++++++++ ref-jasmin/utilsx1.c | 51 +------- 29 files changed, 129 insertions(+), 1581 deletions(-) delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-128f.h delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-128f.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-128s.h delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-128s.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-192f.h delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-192f.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-192s.h delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-192s.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-256f.h delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-256f.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-256s.h delete mode 100644 avx2-jasmin/params/params-sphincs-haraka-256s.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-128f.h delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-128f.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-128s.h delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-128s.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-192f.h delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-192f.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-192s.h delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-192s.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-256f.h delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-256f.jinc delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-256s.h delete mode 100644 avx2-jasmin/params/params-sphincs-sha2-256s.jinc create mode 100644 avx2-jasmin/wots/wots.jtmpl diff --git a/avx2-jasmin/memcpy/memcpy.jtmpl b/avx2-jasmin/memcpy/memcpy.jtmpl index d4e27f0f..e4584db8 100644 --- a/avx2-jasmin/memcpy/memcpy.jtmpl +++ b/avx2-jasmin/memcpy/memcpy.jtmpl @@ -329,4 +329,4 @@ inline fn _x_memcpy_u8pu8_2( offset = offset; return out, offset; -}//<> \ No newline at end of file +}//<> diff --git a/avx2-jasmin/params/auto/Makefile b/avx2-jasmin/params/auto/Makefile index 3609ba67..851b6b56 100644 --- a/avx2-jasmin/params/auto/Makefile +++ b/avx2-jasmin/params/auto/Makefile @@ -16,4 +16,3 @@ clean: distclean: clean rm -f $(PARAMS_J) - diff --git a/avx2-jasmin/params/params-sphincs-haraka-128f.h b/avx2-jasmin/params/params-sphincs-haraka-128f.h deleted file mode 100644 index a9bb1cf5..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-128f.h +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 16 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 66 -/* Number of subtree layer. */ -#define SPX_D 22 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 6 -#define SPX_FORS_TREES 33 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../haraka_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-haraka-128f.jinc b/avx2-jasmin/params/params-sphincs-haraka-128f.jinc deleted file mode 100644 index a23fc2f6..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-128f.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 16; -param int SPX_FULL_HEIGHT = 66; -param int SPX_D = 22; -param int SPX_FORS_HEIGHT = 6; -param int SPX_FORS_TREES = 33; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 32; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 35; -param int SPX_WOTS_BYTES = 560; -param int SPX_WOTS_PK_BYTES = 560; -param int SPX_TREE_HEIGHT = 3; -param int SPX_FORS_MSG_BYTES = 25; -param int SPX_FORS_BYTES = 3696; -param int SPX_FORS_PK_BYTES = 16; -param int SPX_BYTES = 17088; -param int SPX_PK_BYTES = 32; -param int SPX_SK_BYTES = 64; -param int SPX_OFFSET_LAYER = 3; -param int SPX_OFFSET_TREE = 8; -param int SPX_OFFSET_TYPE = 19; -param int SPX_OFFSET_KP_ADDR2 = 22; -param int SPX_OFFSET_KP_ADDR1 = 23; -param int SPX_OFFSET_CHAIN_ADDR = 27; -param int SPX_OFFSET_HASH_ADDR = 31; -param int SPX_OFFSET_TREE_HGT = 27; -param int SPX_OFFSET_TREE_INDEX = 28; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 48; diff --git a/avx2-jasmin/params/params-sphincs-haraka-128s.h b/avx2-jasmin/params/params-sphincs-haraka-128s.h deleted file mode 100644 index 73372eed..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-128s.h +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 16 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 63 -/* Number of subtree layer. */ -#define SPX_D 7 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 12 -#define SPX_FORS_TREES 14 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../haraka_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-haraka-128s.jinc b/avx2-jasmin/params/params-sphincs-haraka-128s.jinc deleted file mode 100644 index dcc65d60..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-128s.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 16; -param int SPX_FULL_HEIGHT = 63; -param int SPX_D = 7; -param int SPX_FORS_HEIGHT = 12; -param int SPX_FORS_TREES = 14; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 32; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 35; -param int SPX_WOTS_BYTES = 560; -param int SPX_WOTS_PK_BYTES = 560; -param int SPX_TREE_HEIGHT = 9; -param int SPX_FORS_MSG_BYTES = 21; -param int SPX_FORS_BYTES = 2912; -param int SPX_FORS_PK_BYTES = 16; -param int SPX_BYTES = 7856; -param int SPX_PK_BYTES = 32; -param int SPX_SK_BYTES = 64; -param int SPX_OFFSET_LAYER = 3; -param int SPX_OFFSET_TREE = 8; -param int SPX_OFFSET_TYPE = 19; -param int SPX_OFFSET_KP_ADDR2 = 22; -param int SPX_OFFSET_KP_ADDR1 = 23; -param int SPX_OFFSET_CHAIN_ADDR = 27; -param int SPX_OFFSET_HASH_ADDR = 31; -param int SPX_OFFSET_TREE_HGT = 27; -param int SPX_OFFSET_TREE_INDEX = 28; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 48; diff --git a/avx2-jasmin/params/params-sphincs-haraka-192f.h b/avx2-jasmin/params/params-sphincs-haraka-192f.h deleted file mode 100644 index 9eb356a0..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-192f.h +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 24 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 66 -/* Number of subtree layer. */ -#define SPX_D 22 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 8 -#define SPX_FORS_TREES 33 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../haraka_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-haraka-192f.jinc b/avx2-jasmin/params/params-sphincs-haraka-192f.jinc deleted file mode 100644 index 0401f10e..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-192f.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 24; -param int SPX_FULL_HEIGHT = 66; -param int SPX_D = 22; -param int SPX_FORS_HEIGHT = 8; -param int SPX_FORS_TREES = 33; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 48; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 51; -param int SPX_WOTS_BYTES = 1224; -param int SPX_WOTS_PK_BYTES = 1224; -param int SPX_TREE_HEIGHT = 3; -param int SPX_FORS_MSG_BYTES = 33; -param int SPX_FORS_BYTES = 7128; -param int SPX_FORS_PK_BYTES = 24; -param int SPX_BYTES = 35664; -param int SPX_PK_BYTES = 48; -param int SPX_SK_BYTES = 96; -param int SPX_OFFSET_LAYER = 3; -param int SPX_OFFSET_TREE = 8; -param int SPX_OFFSET_TYPE = 19; -param int SPX_OFFSET_KP_ADDR2 = 22; -param int SPX_OFFSET_KP_ADDR1 = 23; -param int SPX_OFFSET_CHAIN_ADDR = 27; -param int SPX_OFFSET_HASH_ADDR = 31; -param int SPX_OFFSET_TREE_HGT = 27; -param int SPX_OFFSET_TREE_INDEX = 28; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 72; diff --git a/avx2-jasmin/params/params-sphincs-haraka-192s.h b/avx2-jasmin/params/params-sphincs-haraka-192s.h deleted file mode 100644 index 00b6b70a..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-192s.h +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 24 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 63 -/* Number of subtree layer. */ -#define SPX_D 7 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 14 -#define SPX_FORS_TREES 17 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../haraka_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-haraka-192s.jinc b/avx2-jasmin/params/params-sphincs-haraka-192s.jinc deleted file mode 100644 index 1e17b3d9..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-192s.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 24; -param int SPX_FULL_HEIGHT = 63; -param int SPX_D = 7; -param int SPX_FORS_HEIGHT = 14; -param int SPX_FORS_TREES = 17; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 48; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 51; -param int SPX_WOTS_BYTES = 1224; -param int SPX_WOTS_PK_BYTES = 1224; -param int SPX_TREE_HEIGHT = 9; -param int SPX_FORS_MSG_BYTES = 30; -param int SPX_FORS_BYTES = 6120; -param int SPX_FORS_PK_BYTES = 24; -param int SPX_BYTES = 16224; -param int SPX_PK_BYTES = 48; -param int SPX_SK_BYTES = 96; -param int SPX_OFFSET_LAYER = 3; -param int SPX_OFFSET_TREE = 8; -param int SPX_OFFSET_TYPE = 19; -param int SPX_OFFSET_KP_ADDR2 = 22; -param int SPX_OFFSET_KP_ADDR1 = 23; -param int SPX_OFFSET_CHAIN_ADDR = 27; -param int SPX_OFFSET_HASH_ADDR = 31; -param int SPX_OFFSET_TREE_HGT = 27; -param int SPX_OFFSET_TREE_INDEX = 28; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 72; diff --git a/avx2-jasmin/params/params-sphincs-haraka-256f.h b/avx2-jasmin/params/params-sphincs-haraka-256f.h deleted file mode 100644 index 7491b66e..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-256f.h +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 32 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 68 -/* Number of subtree layer. */ -#define SPX_D 17 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 9 -#define SPX_FORS_TREES 35 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../haraka_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-haraka-256f.jinc b/avx2-jasmin/params/params-sphincs-haraka-256f.jinc deleted file mode 100644 index f662b029..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-256f.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 32; -param int SPX_FULL_HEIGHT = 68; -param int SPX_D = 17; -param int SPX_FORS_HEIGHT = 9; -param int SPX_FORS_TREES = 35; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 64; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 67; -param int SPX_WOTS_BYTES = 2144; -param int SPX_WOTS_PK_BYTES = 2144; -param int SPX_TREE_HEIGHT = 4; -param int SPX_FORS_MSG_BYTES = 40; -param int SPX_FORS_BYTES = 11200; -param int SPX_FORS_PK_BYTES = 32; -param int SPX_BYTES = 49856; -param int SPX_PK_BYTES = 64; -param int SPX_SK_BYTES = 128; -param int SPX_OFFSET_LAYER = 3; -param int SPX_OFFSET_TREE = 8; -param int SPX_OFFSET_TYPE = 19; -param int SPX_OFFSET_KP_ADDR2 = 22; -param int SPX_OFFSET_KP_ADDR1 = 23; -param int SPX_OFFSET_CHAIN_ADDR = 27; -param int SPX_OFFSET_HASH_ADDR = 31; -param int SPX_OFFSET_TREE_HGT = 27; -param int SPX_OFFSET_TREE_INDEX = 28; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 96; diff --git a/avx2-jasmin/params/params-sphincs-haraka-256s.h b/avx2-jasmin/params/params-sphincs-haraka-256s.h deleted file mode 100644 index 6ef3a5c6..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-256s.h +++ /dev/null @@ -1,80 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 32 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 64 -/* Number of subtree layer. */ -#define SPX_D 8 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 14 -#define SPX_FORS_TREES 22 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../haraka_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-haraka-256s.jinc b/avx2-jasmin/params/params-sphincs-haraka-256s.jinc deleted file mode 100644 index 990673ab..00000000 --- a/avx2-jasmin/params/params-sphincs-haraka-256s.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 32; -param int SPX_FULL_HEIGHT = 64; -param int SPX_D = 8; -param int SPX_FORS_HEIGHT = 14; -param int SPX_FORS_TREES = 22; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 64; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 67; -param int SPX_WOTS_BYTES = 2144; -param int SPX_WOTS_PK_BYTES = 2144; -param int SPX_TREE_HEIGHT = 8; -param int SPX_FORS_MSG_BYTES = 39; -param int SPX_FORS_BYTES = 10560; -param int SPX_FORS_PK_BYTES = 32; -param int SPX_BYTES = 29792; -param int SPX_PK_BYTES = 64; -param int SPX_SK_BYTES = 128; -param int SPX_OFFSET_LAYER = 3; -param int SPX_OFFSET_TREE = 8; -param int SPX_OFFSET_TYPE = 19; -param int SPX_OFFSET_KP_ADDR2 = 22; -param int SPX_OFFSET_KP_ADDR1 = 23; -param int SPX_OFFSET_CHAIN_ADDR = 27; -param int SPX_OFFSET_HASH_ADDR = 31; -param int SPX_OFFSET_TREE_HGT = 27; -param int SPX_OFFSET_TREE_INDEX = 28; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 96; diff --git a/avx2-jasmin/params/params-sphincs-sha2-128f.h b/avx2-jasmin/params/params-sphincs-sha2-128f.h deleted file mode 100644 index 3f7a60fd..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-128f.h +++ /dev/null @@ -1,85 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 16 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 66 -/* Number of subtree layer. */ -#define SPX_D 22 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 6 -#define SPX_FORS_TREES 33 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* This is a SHA2-based parameter set, hence whether we use SHA-256 - * exclusively or we use both SHA-256 and SHA-512 is controlled by - * the following #define */ -#define SPX_SHA512 0 /* Use SHA-256 for all hashes */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../sha2_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-sha2-128f.jinc b/avx2-jasmin/params/params-sphincs-sha2-128f.jinc deleted file mode 100644 index d722df4e..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-128f.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 16; -param int SPX_FULL_HEIGHT = 66; -param int SPX_D = 22; -param int SPX_FORS_HEIGHT = 6; -param int SPX_FORS_TREES = 33; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 32; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 35; -param int SPX_WOTS_BYTES = 560; -param int SPX_WOTS_PK_BYTES = 560; -param int SPX_TREE_HEIGHT = 3; -param int SPX_FORS_MSG_BYTES = 25; -param int SPX_FORS_BYTES = 3696; -param int SPX_FORS_PK_BYTES = 16; -param int SPX_BYTES = 17088; -param int SPX_PK_BYTES = 32; -param int SPX_SK_BYTES = 64; -param int SPX_OFFSET_LAYER = 0; -param int SPX_OFFSET_TREE = 1; -param int SPX_OFFSET_TYPE = 9; -param int SPX_OFFSET_KP_ADDR2 = 12; -param int SPX_OFFSET_KP_ADDR1 = 13; -param int SPX_OFFSET_CHAIN_ADDR = 17; -param int SPX_OFFSET_HASH_ADDR = 21; -param int SPX_OFFSET_TREE_HGT = 17; -param int SPX_OFFSET_TREE_INDEX = 18; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 48; diff --git a/avx2-jasmin/params/params-sphincs-sha2-128s.h b/avx2-jasmin/params/params-sphincs-sha2-128s.h deleted file mode 100644 index 8ef86088..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-128s.h +++ /dev/null @@ -1,85 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 16 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 63 -/* Number of subtree layer. */ -#define SPX_D 7 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 12 -#define SPX_FORS_TREES 14 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* This is a SHA2-based parameter set, hence whether we use SHA-256 - * exclusively or we use both SHA-256 and SHA-512 is controlled by - * the following #define */ -#define SPX_SHA512 0 /* Use SHA-256 for all hashes */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../sha2_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-sha2-128s.jinc b/avx2-jasmin/params/params-sphincs-sha2-128s.jinc deleted file mode 100644 index b34949ed..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-128s.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 16; -param int SPX_FULL_HEIGHT = 63; -param int SPX_D = 7; -param int SPX_FORS_HEIGHT = 12; -param int SPX_FORS_TREES = 14; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 32; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 35; -param int SPX_WOTS_BYTES = 560; -param int SPX_WOTS_PK_BYTES = 560; -param int SPX_TREE_HEIGHT = 9; -param int SPX_FORS_MSG_BYTES = 21; -param int SPX_FORS_BYTES = 2912; -param int SPX_FORS_PK_BYTES = 16; -param int SPX_BYTES = 7856; -param int SPX_PK_BYTES = 32; -param int SPX_SK_BYTES = 64; -param int SPX_OFFSET_LAYER = 0; -param int SPX_OFFSET_TREE = 1; -param int SPX_OFFSET_TYPE = 9; -param int SPX_OFFSET_KP_ADDR2 = 12; -param int SPX_OFFSET_KP_ADDR1 = 13; -param int SPX_OFFSET_CHAIN_ADDR = 17; -param int SPX_OFFSET_HASH_ADDR = 21; -param int SPX_OFFSET_TREE_HGT = 17; -param int SPX_OFFSET_TREE_INDEX = 18; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 48; diff --git a/avx2-jasmin/params/params-sphincs-sha2-192f.h b/avx2-jasmin/params/params-sphincs-sha2-192f.h deleted file mode 100644 index d4d98a22..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-192f.h +++ /dev/null @@ -1,85 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 24 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 66 -/* Number of subtree layer. */ -#define SPX_D 22 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 8 -#define SPX_FORS_TREES 33 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* This is a SHA2-based parameter set, hence whether we use SHA-256 - * exclusively or we use both SHA-256 and SHA-512 is controlled by - * the following #define */ -#define SPX_SHA512 1 /* Use SHA-512 for H and T_l, l >= 2 */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../sha2_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-sha2-192f.jinc b/avx2-jasmin/params/params-sphincs-sha2-192f.jinc deleted file mode 100644 index c49a78f8..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-192f.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 24; -param int SPX_FULL_HEIGHT = 66; -param int SPX_D = 22; -param int SPX_FORS_HEIGHT = 8; -param int SPX_FORS_TREES = 33; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 48; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 51; -param int SPX_WOTS_BYTES = 1224; -param int SPX_WOTS_PK_BYTES = 1224; -param int SPX_TREE_HEIGHT = 3; -param int SPX_FORS_MSG_BYTES = 33; -param int SPX_FORS_BYTES = 7128; -param int SPX_FORS_PK_BYTES = 24; -param int SPX_BYTES = 35664; -param int SPX_PK_BYTES = 48; -param int SPX_SK_BYTES = 96; -param int SPX_OFFSET_LAYER = 0; -param int SPX_OFFSET_TREE = 1; -param int SPX_OFFSET_TYPE = 9; -param int SPX_OFFSET_KP_ADDR2 = 12; -param int SPX_OFFSET_KP_ADDR1 = 13; -param int SPX_OFFSET_CHAIN_ADDR = 17; -param int SPX_OFFSET_HASH_ADDR = 21; -param int SPX_OFFSET_TREE_HGT = 17; -param int SPX_OFFSET_TREE_INDEX = 18; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 72; diff --git a/avx2-jasmin/params/params-sphincs-sha2-192s.h b/avx2-jasmin/params/params-sphincs-sha2-192s.h deleted file mode 100644 index 0070e59f..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-192s.h +++ /dev/null @@ -1,85 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 24 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 63 -/* Number of subtree layer. */ -#define SPX_D 7 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 14 -#define SPX_FORS_TREES 17 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* This is a SHA2-based parameter set, hence whether we use SHA-256 - * exclusively or we use both SHA-256 and SHA-512 is controlled by - * the following #define */ -#define SPX_SHA512 1 /* Use SHA-512 for H and T_l, l >= 2 */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../sha2_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-sha2-192s.jinc b/avx2-jasmin/params/params-sphincs-sha2-192s.jinc deleted file mode 100644 index 1ff4318a..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-192s.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 24; -param int SPX_FULL_HEIGHT = 63; -param int SPX_D = 7; -param int SPX_FORS_HEIGHT = 14; -param int SPX_FORS_TREES = 17; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 48; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 51; -param int SPX_WOTS_BYTES = 1224; -param int SPX_WOTS_PK_BYTES = 1224; -param int SPX_TREE_HEIGHT = 9; -param int SPX_FORS_MSG_BYTES = 30; -param int SPX_FORS_BYTES = 6120; -param int SPX_FORS_PK_BYTES = 24; -param int SPX_BYTES = 16224; -param int SPX_PK_BYTES = 48; -param int SPX_SK_BYTES = 96; -param int SPX_OFFSET_LAYER = 0; -param int SPX_OFFSET_TREE = 1; -param int SPX_OFFSET_TYPE = 9; -param int SPX_OFFSET_KP_ADDR2 = 12; -param int SPX_OFFSET_KP_ADDR1 = 13; -param int SPX_OFFSET_CHAIN_ADDR = 17; -param int SPX_OFFSET_HASH_ADDR = 21; -param int SPX_OFFSET_TREE_HGT = 17; -param int SPX_OFFSET_TREE_INDEX = 18; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 72; diff --git a/avx2-jasmin/params/params-sphincs-sha2-256f.h b/avx2-jasmin/params/params-sphincs-sha2-256f.h deleted file mode 100644 index 53c5befd..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-256f.h +++ /dev/null @@ -1,85 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 32 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 68 -/* Number of subtree layer. */ -#define SPX_D 17 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 9 -#define SPX_FORS_TREES 35 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* This is a SHA2-based parameter set, hence whether we use SHA-256 - * exclusively or we use both SHA-256 and SHA-512 is controlled by - * the following #define */ -#define SPX_SHA512 1 /* Use SHA-512 for H and T_l, l >= 2 */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../sha2_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-sha2-256f.jinc b/avx2-jasmin/params/params-sphincs-sha2-256f.jinc deleted file mode 100644 index 1a943135..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-256f.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 32; -param int SPX_FULL_HEIGHT = 68; -param int SPX_D = 17; -param int SPX_FORS_HEIGHT = 9; -param int SPX_FORS_TREES = 35; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 64; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 67; -param int SPX_WOTS_BYTES = 2144; -param int SPX_WOTS_PK_BYTES = 2144; -param int SPX_TREE_HEIGHT = 4; -param int SPX_FORS_MSG_BYTES = 40; -param int SPX_FORS_BYTES = 11200; -param int SPX_FORS_PK_BYTES = 32; -param int SPX_BYTES = 49856; -param int SPX_PK_BYTES = 64; -param int SPX_SK_BYTES = 128; -param int SPX_OFFSET_LAYER = 0; -param int SPX_OFFSET_TREE = 1; -param int SPX_OFFSET_TYPE = 9; -param int SPX_OFFSET_KP_ADDR2 = 12; -param int SPX_OFFSET_KP_ADDR1 = 13; -param int SPX_OFFSET_CHAIN_ADDR = 17; -param int SPX_OFFSET_HASH_ADDR = 21; -param int SPX_OFFSET_TREE_HGT = 17; -param int SPX_OFFSET_TREE_INDEX = 18; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 96; diff --git a/avx2-jasmin/params/params-sphincs-sha2-256s.h b/avx2-jasmin/params/params-sphincs-sha2-256s.h deleted file mode 100644 index 10c36638..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-256s.h +++ /dev/null @@ -1,85 +0,0 @@ -#ifndef SPX_PARAMS_H -#define SPX_PARAMS_H - -#define SPX_NAMESPACE(s) SPX_##s - -/* Hash output length in bytes. */ -#define SPX_N 32 -/* Height of the hypertree. */ -#define SPX_FULL_HEIGHT 64 -/* Number of subtree layer. */ -#define SPX_D 8 -/* FORS tree dimensions. */ -#define SPX_FORS_HEIGHT 14 -#define SPX_FORS_TREES 22 -/* Winternitz parameter, */ -#define SPX_WOTS_W 16 - -/* The hash function is defined by linking a different hash.c file, as opposed - to setting a #define constant. */ - -/* This is a SHA2-based parameter set, hence whether we use SHA-256 - * exclusively or we use both SHA-256 and SHA-512 is controlled by - * the following #define */ -#define SPX_SHA512 1 /* Use SHA-512 for H and T_l, l >= 2 */ - -/* For clarity */ -#define SPX_ADDR_BYTES 32 - -/* WOTS parameters. */ -#if SPX_WOTS_W == 256 - #define SPX_WOTS_LOGW 8 -#elif SPX_WOTS_W == 16 - #define SPX_WOTS_LOGW 4 -#else - #error SPX_WOTS_W assumed 16 or 256 -#endif - -#define SPX_WOTS_LEN1 (8 * SPX_N / SPX_WOTS_LOGW) - -/* SPX_WOTS_LEN2 is floor(log(len_1 * (w - 1)) / log(w)) + 1; we precompute */ -#if SPX_WOTS_W == 256 - #if SPX_N <= 1 - #define SPX_WOTS_LEN2 1 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 2 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#elif SPX_WOTS_W == 16 - #if SPX_N <= 8 - #define SPX_WOTS_LEN2 2 - #elif SPX_N <= 136 - #define SPX_WOTS_LEN2 3 - #elif SPX_N <= 256 - #define SPX_WOTS_LEN2 4 - #else - #error Did not precompute SPX_WOTS_LEN2 for n outside {2, .., 256} - #endif -#endif - -#define SPX_WOTS_LEN (SPX_WOTS_LEN1 + SPX_WOTS_LEN2) -#define SPX_WOTS_BYTES (SPX_WOTS_LEN * SPX_N) -#define SPX_WOTS_PK_BYTES SPX_WOTS_BYTES - -/* Subtree size. */ -#define SPX_TREE_HEIGHT (SPX_FULL_HEIGHT / SPX_D) - -#if SPX_TREE_HEIGHT * SPX_D != SPX_FULL_HEIGHT - #error SPX_D should always divide SPX_FULL_HEIGHT -#endif - -/* FORS parameters. */ -#define SPX_FORS_MSG_BYTES ((SPX_FORS_HEIGHT * SPX_FORS_TREES + 7) / 8) -#define SPX_FORS_BYTES ((SPX_FORS_HEIGHT + 1) * SPX_FORS_TREES * SPX_N) -#define SPX_FORS_PK_BYTES SPX_N - -/* Resulting SPX sizes. */ -#define SPX_BYTES (SPX_N + SPX_FORS_BYTES + SPX_D * SPX_WOTS_BYTES +\ - SPX_FULL_HEIGHT * SPX_N) -#define SPX_PK_BYTES (2 * SPX_N) -#define SPX_SK_BYTES (2 * SPX_N + SPX_PK_BYTES) - -#include "../sha2_offsets.h" - -#endif diff --git a/avx2-jasmin/params/params-sphincs-sha2-256s.jinc b/avx2-jasmin/params/params-sphincs-sha2-256s.jinc deleted file mode 100644 index f8c2e352..00000000 --- a/avx2-jasmin/params/params-sphincs-sha2-256s.jinc +++ /dev/null @@ -1,37 +0,0 @@ -param int SPX_N = 32; -param int SPX_FULL_HEIGHT = 64; -param int SPX_D = 8; -param int SPX_FORS_HEIGHT = 14; -param int SPX_FORS_TREES = 22; -param int SPX_WOTS_W = 16; -param int SPX_ADDR_BYTES = 32; -param int SPX_WOTS_LOGW = 4; -param int SPX_WOTS_LEN1 = 64; -param int SPX_WOTS_LEN2 = 3; -param int SPX_WOTS_LEN = 67; -param int SPX_WOTS_BYTES = 2144; -param int SPX_WOTS_PK_BYTES = 2144; -param int SPX_TREE_HEIGHT = 8; -param int SPX_FORS_MSG_BYTES = 39; -param int SPX_FORS_BYTES = 10560; -param int SPX_FORS_PK_BYTES = 32; -param int SPX_BYTES = 29792; -param int SPX_PK_BYTES = 64; -param int SPX_SK_BYTES = 128; -param int SPX_OFFSET_LAYER = 0; -param int SPX_OFFSET_TREE = 1; -param int SPX_OFFSET_TYPE = 9; -param int SPX_OFFSET_KP_ADDR2 = 12; -param int SPX_OFFSET_KP_ADDR1 = 13; -param int SPX_OFFSET_CHAIN_ADDR = 17; -param int SPX_OFFSET_HASH_ADDR = 21; -param int SPX_OFFSET_TREE_HGT = 17; -param int SPX_OFFSET_TREE_INDEX = 18; -param int SPX_ADDR_TYPE_WOTS = 0; -param int SPX_ADDR_TYPE_WOTSPK = 1; -param int SPX_ADDR_TYPE_HASHTREE = 2; -param int SPX_ADDR_TYPE_FORSTREE = 3; -param int SPX_ADDR_TYPE_FORSPK = 4; -param int SPX_ADDR_TYPE_WOTSPRF = 5; -param int SPX_ADDR_TYPE_FORSPRF = 6; -param int CRYPTO_SEEDBYTES = 96; diff --git a/avx2-jasmin/utilsx4.c b/avx2-jasmin/utilsx4.c index 4d69825e..b8093f4d 100644 --- a/avx2-jasmin/utilsx4.c +++ b/avx2-jasmin/utilsx4.c @@ -1,138 +1,63 @@ +#include "utilsx4.h" + #include -#include "utils.h" -#include "utilsx4.h" +#include "address.h" #include "params.h" #include "thashx4.h" -#include "address.h" +#include "utils.h" -/* - * Generate the entire Merkle tree, computing the authentication path for leaf_idx, - * and the resulting root node using Merkle's TreeHash algorithm. - * Expects the layer and tree parts of the tree_addr to be set, as well as the - * tree type (i.e. SPX_ADDR_TYPE_HASHTREE or SPX_ADDR_TYPE_FORSTREE) - * - * This expects tree_addrx4 to be initialized to 4 parallel addr structures for - * the Merkle tree nodes - * - * Applies the offset idx_offset to indices before building addresses, so that - * it is possible to continue counting indices across trees. - * - * This works by using the standard Merkle tree building algorithm, except - * that each 'node' tracked is actually 4 consecutive nodes in the real tree. - * When we combine two logical nodes ABCD and WXYZ, we perform the H - * operation on adjacent real nodes, forming the parent logical node - * (AB)(CD)(WX)(YZ) - * - * When we get to the top two levels of the real tree (where there is only - * one logical node), we continue this operation two more times; the right - * most real node will by the actual root (and the other 3 nodes will be - * garbage). We follow the same thashx4 logic so that the 'extract - * authentication path components' part of the loop is still executed (and - * to simplify the code somewhat) - * - * This currently assumes tree_height >= 2; I suspect that doing an adjusting - * idx, addr_idx on the gen_leafx4 call if tree_height < 2 would fix it; since - * we don't actually use such short trees, I haven't bothered - */ -void treehashx4(unsigned char *root, unsigned char *auth_path, - const spx_ctx *ctx, - uint32_t leaf_idx, uint32_t idx_offset, - uint32_t tree_height, - void (*gen_leafx4)( - unsigned char* /* Where to write the leaves */, - const spx_ctx*, - uint32_t idx, void *info), - uint32_t tree_addrx4[4*8], - void *info) -{ - /* This is where we keep the intermediate nodes */ +void treehashx4(unsigned char *root, unsigned char *auth_path, const spx_ctx *ctx, uint32_t leaf_idx, + uint32_t idx_offset, uint32_t tree_height, + void (*gen_leafx4)(unsigned char *, const spx_ctx *, uint32_t idx, void *info), + uint32_t tree_addrx4[4 * 8], void *info) { SPX_VLA(unsigned char, stackx4, tree_height * 4 * SPX_N); - uint32_t left_adj = 0, prev_left_adj = 0; /* When we're doing the top 3 */ - /* levels, the left-most part of the tree isn't at the beginning */ - /* of current[]. These give the offset of the actual start */ + uint32_t left_adj = 0, prev_left_adj = 0; uint32_t idx; - uint32_t max_idx = (1 << (tree_height-2)) - 1; + uint32_t max_idx = (1 << (tree_height - 2)) - 1; for (idx = 0;; idx++) { - unsigned char current[4*SPX_N]; /* Current logical node */ - gen_leafx4( current, ctx, 4*idx + idx_offset, - info ); + unsigned char current[4 * SPX_N]; + gen_leafx4(current, ctx, 4 * idx + idx_offset, info); - /* Now combine the freshly generated right node with previously */ - /* generated left ones */ uint32_t internal_idx_offset = idx_offset; uint32_t internal_idx = idx; uint32_t internal_leaf = leaf_idx; - uint32_t h; /* The height we are in the Merkle tree */ - for (h=0;; h++, internal_idx >>= 1, internal_leaf >>= 1) { - - /* Special processing if we're at the top of the tree */ + uint32_t h; + for (h = 0;; h++, internal_idx >>= 1, internal_leaf >>= 1) { if (h >= tree_height - 2) { if (h == tree_height) { - /* We hit the root; return it */ - memcpy( root, ¤t[3*SPX_N], SPX_N ); + memcpy(root, ¤t[3 * SPX_N], SPX_N); return; } - /* The tree indexing logic is a bit off in this case */ - /* Adjust it so that the left-most node of the part of */ - /* the tree that we're processing has index 0 */ prev_left_adj = left_adj; left_adj = 4 - (1 << (tree_height - h - 1)); } - /* Check if we hit the top of the tree */ if (h == tree_height) { - /* We hit the root; return it */ - memcpy( root, ¤t[3*SPX_N], SPX_N ); + memcpy(root, ¤t[3 * SPX_N], SPX_N); return; } - - /* - * Check if one of the nodes we have is a part of the - * authentication path; if it is, write it out - */ + if ((((internal_idx << 2) ^ internal_leaf) & ~0x3) == 0) { - memcpy( &auth_path[ h * SPX_N ], - ¤t[(((internal_leaf&3)^1) + prev_left_adj) * SPX_N], - SPX_N ); + memcpy(&auth_path[h * SPX_N], ¤t[(((internal_leaf & 3) ^ 1) + prev_left_adj) * SPX_N], SPX_N); } - /* - * Check if we're at a left child; if so, stop going up the stack - * Exception: if we've reached the end of the tree, keep on going - * (so we combine the last 4 nodes into the one root node in two - * more iterations) - */ if ((internal_idx & 1) == 0 && idx < max_idx) { break; } - /* Ok, we're at a right node (or doing the top 3 levels) */ - /* Now combine the left and right logical nodes together */ - - /* Set the address of the node we're creating. */ int j; internal_idx_offset >>= 1; for (j = 0; j < 4; j++) { - set_tree_height(tree_addrx4 + j*8, h + 1); - set_tree_index(tree_addrx4 + j*8, - (4/2) * (internal_idx&~1) + j - left_adj + internal_idx_offset ); + set_tree_height(tree_addrx4 + j * 8, h + 1); + set_tree_index(tree_addrx4 + j * 8, (4 / 1) * (internal_idx & ~1) + j - left_adj + internal_idx_offset); } unsigned char *left = &stackx4[h * 4 * SPX_N]; - thashx4( ¤t[0 * SPX_N], - ¤t[1 * SPX_N], - ¤t[2 * SPX_N], - ¤t[3 * SPX_N], - &left [0 * SPX_N], - &left [2 * SPX_N], - ¤t[0 * SPX_N], - ¤t[2 * SPX_N], - 2, ctx, tree_addrx4); + thashx4(¤t[0 * SPX_N], ¤t[1 * SPX_N], ¤t[2 * SPX_N], ¤t[3 * SPX_N], + &left[0 * SPX_N], &left[2 * SPX_N], ¤t[0 * SPX_N], ¤t[2 * SPX_N], 2, ctx, tree_addrx4); } - /* We've hit a left child; save the current for when we get the */ - /* corresponding right right */ - memcpy( &stackx4[h * 4 * SPX_N], current, 4 * SPX_N); + memcpy(&stackx4[h * 4 * SPX_N], current, 4 * SPX_N); } } diff --git a/avx2-jasmin/wots/wots.jtmpl b/avx2-jasmin/wots/wots.jtmpl new file mode 100644 index 00000000..1ad2cd35 --- /dev/null +++ b/avx2-jasmin/wots/wots.jtmpl @@ -0,0 +1,101 @@ +from Sphincs require "address/address.jinc" +from Sphincs require "memcpy/memcpy.jtmpl" +from Sphincs require "generic/conditions.jinc" +from Sphincs require "generic/utils.jtmpl" + +/////////////////////////////////////////////////////////////////////////// SAME AS REF-JASMIN + +inline fn __base_w( + reg ptr u32[OUTLEN] output, + reg ptr u8[INLEN] input +) -> reg ptr u32[OUTLEN] +{ + reg u64 in out; + reg u8 total; + reg u32 total_32; + reg u64 bits consumed; + + in = 0; + out = 0; + bits = 0; + + consumed = 0; + while (consumed < OUTLEN) { + if (bits == 0) { + total = input[in]; + in += 1; + bits += 8; + } + + bits -= SPX_WOTS_LOGW; + + total_32 = (32u) total; + total_32 >>= (bits & 31); + total_32 &= (SPX_WOTS_W - 1); + output[out] = total_32; + + out += 1; + consumed += 1; + } + + return output; +}//<> + +inline fn __wots_checksum( + reg ptr u32[SPX_WOTS_LEN2] csum_base_w, + reg ptr u32[SPX_WOTS_LEN] msg_base_w +) -> reg ptr u32[SPX_WOTS_LEN2] +{ + stack u8[(SPX_WOTS_LEN2 * SPX_WOTS_LOGW + 7) / 8] csum_bytes; + reg ptr u8[(SPX_WOTS_LEN2 * SPX_WOTS_LOGW + 7) / 8] csum_bytes_p; + + reg u64 i; + reg u64 csum t u; + + inline int k; + + csum = 0; + + i = 0; + while (i < SPX_WOTS_LEN1) { + t = SPX_WOTS_W - 1; + u = (64u) msg_base_w[i]; + t -= u; + csum += t; + i += 1; + } + + k = (SPX_WOTS_LEN2 * SPX_WOTS_LOGW) % 8; + + u = 8; + u -= k; + t = 0x7; + ?{}, u = #AND(u, t); + + u = u; + ?{}, csum = #SHL(csum, u); + + csum_bytes_p = csum_bytes; + csum_bytes_p = __ull_to_bytes_t<(SPX_WOTS_LEN2 * SPX_WOTS_LOGW + 7) / 8>(csum_bytes_p, csum); + + csum_base_w = __base_w(csum_base_w, csum_bytes_p); + + return csum_base_w; +} + +inline fn __chain_lengths( + reg ptr u32[SPX_WOTS_LEN] lengths, + reg ptr u8[SPX_N] msg // root +) -> reg ptr u32[SPX_WOTS_LEN] +{ + reg ptr u32[SPX_WOTS_LEN2] t; + + lengths = __base_w(lengths, msg); + + t = lengths[SPX_WOTS_LEN1 : SPX_WOTS_LEN2]; + t = __wots_checksum(t, lengths); + + lengths[SPX_WOTS_LEN1 : SPX_WOTS_LEN2] = t; + + return lengths; +} diff --git a/ref-jasmin/utilsx1.c b/ref-jasmin/utilsx1.c index 03948225..b2f4322b 100644 --- a/ref-jasmin/utilsx1.c +++ b/ref-jasmin/utilsx1.c @@ -7,89 +7,46 @@ #include "thash.h" #include "utils.h" -/* - * Generate the entire Merkle tree, computing the authentication path for - * leaf_idx, and the resulting root node using Merkle's TreeHash algorithm. - * Expects the layer and tree parts of the tree_addr to be set, as well as the - * tree type (i.e. SPX_ADDR_TYPE_HASHTREE or SPX_ADDR_TYPE_FORSTREE) - * - * This expects tree_addr to be initialized to the addr structures for the - * Merkle tree nodes - * - * Applies the offset idx_offset to indices before building addresses, so that - * it is possible to continue counting indices across trees. - * - * This works by using the standard Merkle tree building algorithm, - */ void treehashx1(unsigned char *root, unsigned char *auth_path, const spx_ctx *ctx, uint32_t leaf_idx, uint32_t idx_offset, uint32_t tree_height, - void (*gen_leaf)(unsigned char * /* Where to write the leaves */, const spx_ctx * /* ctx */, - uint32_t idx, void *info), - uint32_t tree_addr[8], void *info) { - /* This is where we keep the intermediate nodes */ + void (*gen_leaf)(unsigned char *, const spx_ctx *, uint32_t idx, void *info), uint32_t tree_addr[8], + void *info) { SPX_VLA(uint8_t, stack, tree_height * SPX_N); uint32_t idx; uint32_t max_idx = (uint32_t)((1 << tree_height) - 1); for (idx = 0;; idx++) { - unsigned char current[2 * SPX_N]; /* Current logical node is at */ - /* index[SPX_N]. We do this to minimize the number of copies */ - /* needed during a thash */ + unsigned char current[2 * SPX_N]; gen_leaf(¤t[SPX_N], ctx, idx + idx_offset, info); - /* Now combine the freshly generated right node with previously */ - /* generated left ones */ uint32_t internal_idx_offset = idx_offset; uint32_t internal_idx = idx; uint32_t internal_leaf = leaf_idx; - uint32_t h; /* The height we are in the Merkle tree */ + uint32_t h; for (h = 0;; h++, internal_idx >>= 1, internal_leaf >>= 1) { - /* Check if we hit the top of the tree */ if (h == tree_height) { - /* We hit the root; return it */ memcpy(root, ¤t[SPX_N], SPX_N); return; } - /* - * Check if the node we have is a part of the - * authentication path; if it is, write it out - */ if ((internal_idx ^ internal_leaf) == 0x01) { memcpy(&auth_path[h * SPX_N], ¤t[SPX_N], SPX_N); } - /* - * Check if we're at a left child; if so, stop going up the stack - * Exception: if we've reached the end of the tree, keep on going - * (so we combine the last 4 nodes into the one root node in two - * more iterations) - */ if ((internal_idx & 1) == 0 && idx < max_idx) { break; } - /* Ok, we're at a right node */ - /* Now combine the left and right logical nodes together */ - - /* Set the address of the node we're creating. */ internal_idx_offset >>= 1; -#ifdef TEST_ADDRESS - set_tree_height_jazz(tree_addr, h + 1); - set_tree_index_jazz(tree_addr, internal_idx / 2 + internal_idx_offset); -#else set_tree_height(tree_addr, h + 1); set_tree_index(tree_addr, internal_idx / 2 + internal_idx_offset); -#endif unsigned char *left = &stack[h * SPX_N]; memcpy(¤t[0], left, SPX_N); thash(¤t[1 * SPX_N], ¤t[0 * SPX_N], 2, ctx, tree_addr); } - /* We've hit a left child; save the current for when we get the */ - /* corresponding right right */ memcpy(&stack[h * SPX_N], ¤t[SPX_N], SPX_N); } }