summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/mlkem/mlkem1024.c
diff options
context:
space:
mode:
authortb <>2024-12-18 10:55:21 +0000
committertb <>2024-12-18 10:55:21 +0000
commit8240aac2f833ab9870011a4aba19d9fff2bfc019 (patch)
tree7c6eb0147d5f4d94171e3d29bf9523a9a57b3e9d /src/lib/libcrypto/mlkem/mlkem1024.c
parent6f00c9b50bc96ad2ab64896c2b80884cf043ec18 (diff)
downloadopenbsd-8240aac2f833ab9870011a4aba19d9fff2bfc019.tar.gz
openbsd-8240aac2f833ab9870011a4aba19d9fff2bfc019.tar.bz2
openbsd-8240aac2f833ab9870011a4aba19d9fff2bfc019.zip
mlkem: fix whitespace
Diffstat (limited to 'src/lib/libcrypto/mlkem/mlkem1024.c')
-rw-r--r--src/lib/libcrypto/mlkem/mlkem1024.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/src/lib/libcrypto/mlkem/mlkem1024.c b/src/lib/libcrypto/mlkem/mlkem1024.c
index d016a1de15..b3cacc828b 100644
--- a/src/lib/libcrypto/mlkem/mlkem1024.c
+++ b/src/lib/libcrypto/mlkem/mlkem1024.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mlkem1024.c,v 1.3 2024/12/17 17:06:10 beck Exp $ */ 1/* $OpenBSD: mlkem1024.c,v 1.4 2024/12/18 10:55:21 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2024, Google Inc. 3 * Copyright (c) 2024, Google Inc.
4 * Copyright (c) 2024, Bob Beck <beck@obtuse.com> 4 * Copyright (c) 2024, Bob Beck <beck@obtuse.com>
@@ -188,7 +188,7 @@ reduce_once(uint16_t x)
188 * value to transit through a general-purpose register). On AArch64, this 188 * value to transit through a general-purpose register). On AArch64, this
189 * is a difference of 2x. 189 * is a difference of 2x.
190 * 190 *
191 * We usually add value barriers to selects because Clang turns 191 * We usually add value barriers to selects because Clang turns
192 * consecutive selects with the same condition into a branch instead of 192 * consecutive selects with the same condition into a branch instead of
193 * CMOV/CSEL. This condition does not occur in ML-KEM, so omitting it 193 * CMOV/CSEL. This condition does not occur in ML-KEM, so omitting it
194 * seems to be safe so far but see 194 * seems to be safe so far but see
@@ -477,6 +477,7 @@ scalar_centered_binomial_distribution_eta_2_with_prf(scalar *out,
477 uint16_t value = (byte & 1) + ((byte >> 1) & 1); 477 uint16_t value = (byte & 1) + ((byte >> 1) & 1);
478 478
479 value -= ((byte >> 2) & 1) + ((byte >> 3) & 1); 479 value -= ((byte >> 2) & 1) + ((byte >> 3) & 1);
480
480 /* 481 /*
481 * Add |kPrime| if |value| underflowed. See |reduce_once| for a 482 * Add |kPrime| if |value| underflowed. See |reduce_once| for a
482 * discussion on why the value barrier is omitted. While this 483 * discussion on why the value barrier is omitted. While this