New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed sampler bug (update to new upstream Falcon code 2019-09-18). #235
Conversation
Thanks for the PR. Ugh, As I don't really care much about that warning anyway, let's just disable it: diff --git a/.clang-tidy b/.clang-tidy
index d141fd9..dafe2d1 100644
--- a/.clang-tidy
+++ b/.clang-tidy
@@ -1,5 +1,5 @@
----
-Checks: '*,-llvm-header-guard,-hicpp-*,-readability-function-size,-google-readability-todo,-readability-magic-numbers,-cppcoreguidelines-avoid-magic-numbers,-readability-isolate-declaration'
+--
+Checks: '*,-llvm-header-guard,-hicpp-*,-readability-function-size,-google-readability-todo,-readability-magic-numbers,-cppcoreguidelines-avoid-magic-numbers,-readability-isolate-declaration,-readability-uppercase-literal-suffix'
WarningsAsErrors: '*'
HeaderFilterRegex: '.*'
AnalyzeTemporaryDtors: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe also update the version
number in the implementations:
dicts.
…rsions of clang-tidy.
Damn, it still fails. Apparently the fix on the 'u' / 'U' check has not come through yet... ... and it seems that that other fix has not been applied yet because of another "issue" (lack of an explicit cast from unsigned to int, required by clang-tidy on ppc only), which is fixed in this PR but was not in the other one. Or something like that. |
#235 didn't get merged because it failed the same Meanwhile I should maybe look into getting all test containers to run the same version of LLVM/Clang/GCC. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great, thanks.
I must say, I really appreciate all the docs in the code explaining what's going on. If only all the implementations were like this.
As announced on the pqc-forum mailing-list yesterday, there's a nasty bug (really, two bugs) in the sampler implementation in Falcon, leading to seemingly valid but vulnerable signatures (i.e. the signatures leak information on the private key). This PR includes the necessary fixes. Test vectors have (by necessity) changed, I updated the hashes in the META.yml files.
For details on the bugs, see https://eprint.iacr.org/2019/893 (section 6).