Fixed sampler bug (update to new upstream Falcon code 2019-09-18). #235
Conversation
|
Thanks for the PR. Ugh, As I don't really care much about that warning anyway, let's just disable it: diff --git a/.clang-tidy b/.clang-tidy
index d141fd9..dafe2d1 100644
--- a/.clang-tidy
+++ b/.clang-tidy
@@ -1,5 +1,5 @@
----
-Checks: '*,-llvm-header-guard,-hicpp-*,-readability-function-size,-google-readability-todo,-readability-magic-numbers,-cppcoreguidelines-avoid-magic-numbers,-readability-isolate-declaration'
+--
+Checks: '*,-llvm-header-guard,-hicpp-*,-readability-function-size,-google-readability-todo,-readability-magic-numbers,-cppcoreguidelines-avoid-magic-numbers,-readability-isolate-declaration,-readability-uppercase-literal-suffix'
WarningsAsErrors: '*'
HeaderFilterRegex: '.*'
AnalyzeTemporaryDtors: false |
…rsions of clang-tidy.
|
Damn, it still fails. Apparently the fix on the 'u' / 'U' check has not come through yet... ... and it seems that that other fix has not been applied yet because of another "issue" (lack of an explicit cast from unsigned to int, required by clang-tidy on ppc only), which is fixed in this PR but was not in the other one. Or something like that. |
|
#235 didn't get merged because it failed the same Meanwhile I should maybe look into getting all test containers to run the same version of LLVM/Clang/GCC. |
As announced on the pqc-forum mailing-list yesterday, there's a nasty bug (really, two bugs) in the sampler implementation in Falcon, leading to seemingly valid but vulnerable signatures (i.e. the signatures leak information on the private key). This PR includes the necessary fixes. Test vectors have (by necessity) changed, I updated the hashes in the META.yml files.
For details on the bugs, see https://eprint.iacr.org/2019/893 (section 6).