Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ML-KEM/Kyber: fix kyber_prf() for when no AVX2 #8306

Merged
merged 1 commit into from
Dec 20, 2024
Merged

ML-KEM/Kyber: fix kyber_prf() for when no AVX2 #8306

merged 1 commit into from
Dec 20, 2024

Conversation

SparkiDev
Copy link
Contributor

Description

When no AVX2 available, kyber_prf() is called to produce more than one SHAKE-256 blocks worth of ouput. Otherwise only one block is needed. Changed function to support an outlen of greater than one block.

Fixes zd#19125

Testing

./configure --disable-shared --enable-kyber=all,original,ml-kem --enable-intelasm
Disable support for AVX2 in CPU detection.
./wolfcypt/test/testwolfcrypt
KYBER test failed!

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@SparkiDev
ML-KEM/Kyber: fix kyber_prf() for when no AVX2
e507c46 
When no AVX2 available, kyber_prf() is called to produce more than one
SHAKE-256 blocks worth of ouput. Otherwise only one block is needed.
Changed function to support an outlen of greater than one block.
@SparkiDev SparkiDev self-assigned this Dec 20, 2024
@SparkiDev SparkiDev assigned wolfSSL-Bot and unassigned SparkiDev Dec 20, 2024
kp-thomas-yau added a commit to expressvpn/lightway-core that referenced this pull request Dec 20, 2024
@kp-thomas-yau
CVPN-1681 Fix failed Kyber/ML-KEM handshake with non-AVX2 CPU
510d7d8 
The patch is from:
wolfSSL/wolfssl#8306

This patch fixes an issue where older CPUs, with no AVX2 support, fail to handshake Kyber/ML-KEM.
@kp-thomas-yau kp-thomas-yau mentioned this pull request Dec 20, 2024
Merged
8 tasks
JacobBarthelmeh
JacobBarthelmeh approved these changes Dec 20, 2024
View reviewed changes
Copy link
Contributor

@JacobBarthelmeh JacobBarthelmeh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested testwolfcrypt before and after the fix. Thanks Sean!

@JacobBarthelmeh JacobBarthelmeh merged commit 67f3343 into wolfSSL:master Dec 20, 2024
148 checks passed
kp-thomas-yau added a commit to expressvpn/wolfssl-rs that referenced this pull request Dec 24, 2024
@kp-thomas-yau
CVPN-1681 Fix failed Kyber/ML-KEM handshake with non-AVX2 CPU
9e20391 
The patch is from:
wolfSSL/wolfssl#8306

This patch fixes an issue where older CPUs, with no AVX2 support, fail to handshake Kyber/ML-KEM.
@kp-thomas-yau kp-thomas-yau mentioned this pull request Dec 24, 2024
Merged
kp-thomas-yau added a commit to expressvpn/wolfssl-rs that referenced this pull request Dec 24, 2024
@kp-thomas-yau
CVPN-1681 Fix failed Kyber/ML-KEM handshake with non-AVX2 CPU
243b412 
The patch is from:
wolfSSL/wolfssl#8306

This patch fixes an issue where older CPUs, with no AVX2 support, fail to handshake Kyber/ML-KEM.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JacobBarthelmeh JacobBarthelmeh JacobBarthelmeh approved these changes

@wolfSSL-Bot wolfSSL-Bot Awaiting requested review from wolfSSL-Bot

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels
For This Release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SparkiDev @JacobBarthelmeh @wolfSSL-Bot