summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/mlkem/mlkem768.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/mlkem/mlkem768.c')
-rw-r--r--src/lib/libcrypto/mlkem/mlkem768.c40
1 files changed, 23 insertions, 17 deletions
diff --git a/src/lib/libcrypto/mlkem/mlkem768.c b/src/lib/libcrypto/mlkem/mlkem768.c
index a76971778c..b20545defc 100644
--- a/src/lib/libcrypto/mlkem/mlkem768.c
+++ b/src/lib/libcrypto/mlkem/mlkem768.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mlkem768.c,v 1.9 2025/05/19 06:47:40 beck Exp $ */ 1/* $OpenBSD: mlkem768.c,v 1.10 2025/05/19 07:40:17 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2024, Google Inc. 3 * Copyright (c) 2024, Google Inc.
4 * Copyright (c) 2024, Bob Beck <beck@obtuse.com> 4 * Copyright (c) 2024, Bob Beck <beck@obtuse.com>
@@ -1085,10 +1085,11 @@ mlkem_parse_public_key_no_hash(struct public_key *pub, CBS *in)
1085{ 1085{
1086 CBS t_bytes; 1086 CBS t_bytes;
1087 1087
1088 if (!CBS_get_bytes(in, &t_bytes, kEncodedVectorSize) || 1088 if (!CBS_get_bytes(in, &t_bytes, kEncodedVectorSize))
1089 !vector_decode(&pub->t, CBS_data(&t_bytes), kLog2Prime)) {
1090 return 0; 1089 return 0;
1091 } 1090 if (!vector_decode(&pub->t, CBS_data(&t_bytes), kLog2Prime))
1091 return 0;
1092
1092 memcpy(pub->rho, CBS_data(in), sizeof(pub->rho)); 1093 memcpy(pub->rho, CBS_data(in), sizeof(pub->rho));
1093 if (!CBS_skip(in, sizeof(pub->rho))) 1094 if (!CBS_skip(in, sizeof(pub->rho)))
1094 return 0; 1095 return 0;
@@ -1104,10 +1105,11 @@ MLKEM768_parse_public_key(struct MLKEM768_public_key *public_key,
1104 CBS cbs; 1105 CBS cbs;
1105 1106
1106 CBS_init(&cbs, input, input_len); 1107 CBS_init(&cbs, input, input_len);
1107 if (!mlkem_parse_public_key_no_hash(pub, &cbs) || 1108 if (!mlkem_parse_public_key_no_hash(pub, &cbs))
1108 CBS_len(&cbs) != 0) {
1109 return 0; 1109 return 0;
1110 } 1110 if (CBS_len(&cbs) != 0)
1111 return 0;
1112
1111 hash_h(pub->public_key_hash, input, input_len); 1113 hash_h(pub->public_key_hash, input, input_len);
1112 1114
1113 return 1; 1115 return 1;
@@ -1126,13 +1128,15 @@ MLKEM768_marshal_private_key(CBB *out,
1126 return 0; 1128 return 0;
1127 } 1129 }
1128 vector_encode(s_output, &priv->s, kLog2Prime); 1130 vector_encode(s_output, &priv->s, kLog2Prime);
1129 if (!mlkem_marshal_public_key(out, &priv->pub) || 1131 if (!mlkem_marshal_public_key(out, &priv->pub))
1130 !CBB_add_bytes(out, priv->pub.public_key_hash,
1131 sizeof(priv->pub.public_key_hash)) ||
1132 !CBB_add_bytes(out, priv->fo_failure_secret,
1133 sizeof(priv->fo_failure_secret))) {
1134 return 0; 1132 return 0;
1135 } 1133 if (!CBB_add_bytes(out, priv->pub.public_key_hash,
1134 sizeof(priv->pub.public_key_hash)))
1135 return 0;
1136 if (!CBB_add_bytes(out, priv->fo_failure_secret,
1137 sizeof(priv->fo_failure_secret)))
1138 return 0;
1139
1136 return 1; 1140 return 1;
1137} 1141}
1138 1142
@@ -1146,11 +1150,13 @@ MLKEM768_parse_private_key(struct MLKEM768_private_key *out_private_key,
1146 1150
1147 CBS_init(&cbs, input, input_len); 1151 CBS_init(&cbs, input, input_len);
1148 1152
1149 if (!CBS_get_bytes(&cbs, &s_bytes, kEncodedVectorSize) || 1153 if (!CBS_get_bytes(&cbs, &s_bytes, kEncodedVectorSize))
1150 !vector_decode(&priv->s, CBS_data(&s_bytes), kLog2Prime) ||
1151 !mlkem_parse_public_key_no_hash(&priv->pub, &cbs)) {
1152 return 0; 1154 return 0;
1153 } 1155 if (!vector_decode(&priv->s, CBS_data(&s_bytes), kLog2Prime))
1156 return 0;
1157 if (!mlkem_parse_public_key_no_hash(&priv->pub, &cbs))
1158 return 0;
1159
1154 memcpy(priv->pub.public_key_hash, CBS_data(&cbs), 1160 memcpy(priv->pub.public_key_hash, CBS_data(&cbs),
1155 sizeof(priv->pub.public_key_hash)); 1161 sizeof(priv->pub.public_key_hash));
1156 if (!CBS_skip(&cbs, sizeof(priv->pub.public_key_hash))) 1162 if (!CBS_skip(&cbs, sizeof(priv->pub.public_key_hash)))
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-28 07:57:19 +0000