diff --git a/configure.ac b/configure.ac index dad08a66f..e190e8ab4 100644 --- a/configure.ac +++ b/configure.ac @@ -1030,10 +1030,6 @@ do ENABLED_WC_KYBER=yes AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WC_KYBER" ;; - 90s) - ENABLED_KYBER_90S=yes - AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KYBER_90S" - ;; small) AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KYBER_SMALL" ;; @@ -1067,15 +1063,9 @@ then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_KYBER1024" fi - if test "$ENABLED_KYBER_90S" != "yes"; then - test "$enable_sha3" = "" && enable_sha3=yes - test "$enable_shake128" = "" && enable_shake128=yes - test "$enable_shake256" = "" && enable_shake256=yes - else - test "$enable_sha256" = "" && enable_sha256=yes - test "$enable_sha512" = "" && enable_sha512=yes - test "$enable_aesctr" = "" && enable_aesctr=yes - fi + test "$enable_sha3" = "" && enable_sha3=yes + test "$enable_shake128" = "" && enable_shake128=yes + test "$enable_shake256" = "" && enable_shake256=yes else # Default is to use liboqs. Make sure its enabled. if test "$ENABLED_LIBOQS" = "no"; then diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index 4373d196b..bb6698030 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -276,15 +276,9 @@ static struct group_info groups[] = { { WOLFSSL_KYBER_LEVEL1, "KYBER_LEVEL1" }, { WOLFSSL_KYBER_LEVEL3, "KYBER_LEVEL3" }, { WOLFSSL_KYBER_LEVEL5, "KYBER_LEVEL5" }, - { WOLFSSL_KYBER_90S_LEVEL1, "KYBER_90S_LEVEL1" }, - { WOLFSSL_KYBER_90S_LEVEL3, "KYBER_90S_LEVEL3" }, - { WOLFSSL_KYBER_90S_LEVEL5, "KYBER_90S_LEVEL5" }, { WOLFSSL_P256_KYBER_LEVEL1, "P256_KYBER_LEVEL1" }, { WOLFSSL_P384_KYBER_LEVEL3, "P384_KYBER_LEVEL3" }, { WOLFSSL_P521_KYBER_LEVEL5, "P521_KYBER_LEVEL5" }, - { WOLFSSL_P256_KYBER_90S_LEVEL1, "P256_KYBER_90S_LEVEL1" }, - { WOLFSSL_P384_KYBER_90S_LEVEL3, "P384_KYBER_90S_LEVEL3" }, - { WOLFSSL_P521_KYBER_90S_LEVEL5, "P521_KYBER_90S_LEVEL5" }, #endif { 0, NULL } }; diff --git a/examples/client/client.c b/examples/client/client.c index bf3a2fa6f..80a0e0ee8 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -385,15 +385,6 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, else if (XSTRCMP(pqcAlg, "KYBER_LEVEL5") == 0) { group = WOLFSSL_KYBER_LEVEL5; } - else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL1") == 0) { - group = WOLFSSL_KYBER_90S_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL3") == 0) { - group = WOLFSSL_KYBER_90S_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL5") == 0) { - group = WOLFSSL_KYBER_90S_LEVEL5; - } else if (XSTRCMP(pqcAlg, "P256_KYBER_LEVEL1") == 0) { group = WOLFSSL_P256_KYBER_LEVEL1; } @@ -402,15 +393,6 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, } else if (XSTRCMP(pqcAlg, "P521_KYBER_LEVEL5") == 0) { group = WOLFSSL_P521_KYBER_LEVEL5; - } - else if (XSTRCMP(pqcAlg, "P256_KYBER_90S_LEVEL1") == 0) { - group = WOLFSSL_P256_KYBER_90S_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "P384_KYBER_90S_LEVEL3") == 0) { - group = WOLFSSL_P384_KYBER_90S_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "P521_KYBER_90S_LEVEL5") == 0) { - group = WOLFSSL_P521_KYBER_90S_LEVEL5; } else { err_sys("invalid post-quantum KEM specified"); } @@ -1265,9 +1247,7 @@ static const char* client_usage_msg[][70] = { #endif #ifdef HAVE_PQC "--pqc Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n" - " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n" - " P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5, P256_KYBER_90S_LEVEL1,\n" - " P384_KYBER_90S_LEVEL3, P521_KYBER_90S_LEVEL5]\n", /* 70 */ + " KYBER_LEVEL5, P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5]\n", /* 70 */ #endif #ifdef WOLFSSL_SRTP "--srtp (default is SRTP_AES128_CM_SHA1_80)\n", /* 71 */ @@ -1485,9 +1465,7 @@ static const char* client_usage_msg[][70] = { #endif #ifdef HAVE_PQC "--pqc post-quantum 名前付きグループとの鍵共有のみ [KYBER_LEVEL1, KYBER_LEVEL3,\n" - " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n" - " P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5,\n" - " P256_KYBER_90S_LEVEL1, P384_KYBER_90S_LEVEL3, P521_KYBER_90S_LEVEL5]\n", /* 70 */ + " KYBER_LEVEL5, P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5]\n", /* 70 */ #endif #ifdef WOLFSSL_SRTP "--srtp (デフォルトは SRTP_AES128_CM_SHA1_80)\n", /* 71 */ diff --git a/examples/server/server.c b/examples/server/server.c index f63d51c29..ef9b52900 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -707,15 +707,6 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, else if (XSTRCMP(pqcAlg, "KYBER_LEVEL5") == 0) { groups[count] = WOLFSSL_KYBER_LEVEL5; } - else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL1") == 0) { - groups[count] = WOLFSSL_KYBER_90S_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL3") == 0) { - groups[count] = WOLFSSL_KYBER_90S_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "KYBER_90S_LEVEL5") == 0) { - groups[count] = WOLFSSL_KYBER_90S_LEVEL5; - } else if (XSTRCMP(pqcAlg, "P256_KYBER_LEVEL1") == 0) { groups[count] = WOLFSSL_P256_KYBER_LEVEL1; } @@ -725,15 +716,6 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, else if (XSTRCMP(pqcAlg, "P521_KYBER_LEVEL5") == 0) { groups[count] = WOLFSSL_P521_KYBER_LEVEL5; } - else if (XSTRCMP(pqcAlg, "P256_KYBER_90S_LEVEL1") == 0) { - groups[count] = WOLFSSL_P256_KYBER_90S_LEVEL1; - } - else if (XSTRCMP(pqcAlg, "P384_KYBER_90S_LEVEL3") == 0) { - groups[count] = WOLFSSL_P384_KYBER_90S_LEVEL3; - } - else if (XSTRCMP(pqcAlg, "P521_KYBER_90S_LEVEL5") == 0) { - groups[count] = WOLFSSL_P521_KYBER_90S_LEVEL5; - } if (groups[count] == 0) { err_sys("invalid post-quantum KEM specified"); @@ -952,9 +934,7 @@ static const char* server_usage_msg[][65] = { #endif #ifdef HAVE_PQC "--pqc Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n" - " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n" - " P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5, P256_KYBER_90S_LEVEL1,\n" - " P384_KYBER_90S_LEVEL3, P521_KYBER_90S_LEVEL5]\n", /* 60 */ + " KYBER_LEVEL5, P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5] \n", /* 60 */ #endif #ifdef WOLFSSL_SRTP "--srtp (default is SRTP_AES128_CM_SHA1_80)\n", /* 61 */ @@ -1139,9 +1119,7 @@ static const char* server_usage_msg[][65] = { #endif #ifdef HAVE_PQC "--pqc post-quantum 名前付きグループとの鍵共有のみ [KYBER_LEVEL1, KYBER_LEVEL3,\n" - " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n" - " P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5,\n" - " P256_KYBER_90S_LEVEL1, P384_KYBER_90S_LEVEL3, P521_KYBER_90S_LEVEL5]\n", /* 60 */ + " KYBER_LEVEL5, P256_KYBER_LEVEL1, P384_KYBER_LEVEL3, P521_KYBER_LEVEL5]\n", /* 60 */ #endif #ifdef WOLFSSL_SRTP "--srtp (デフォルトはSRTP_AES128_CM_SHA1_80)\n", /* 61 */ diff --git a/src/ssl.c b/src/ssl.c index abb700056..e7fc1ba41 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -249,9 +249,6 @@ const WOLF_EC_NIST_NAME kNistCurves[] = { {XSTR_SIZEOF("P256_KYBER_LEVEL1"), "P256_KYBER_LEVEL1", WOLFSSL_P256_KYBER_LEVEL1}, {XSTR_SIZEOF("P384_KYBER_LEVEL3"), "P384_KYBER_LEVEL3", WOLFSSL_P384_KYBER_LEVEL3}, {XSTR_SIZEOF("P521_KYBER_LEVEL5"), "P521_KYBER_LEVEL5", WOLFSSL_P521_KYBER_LEVEL5}, - {XSTR_SIZEOF("P256_KYBER_90S_LEVEL1"), "P256_KYBER_90S_LEVEL1", WOLFSSL_P256_KYBER_90S_LEVEL1}, - {XSTR_SIZEOF("P384_KYBER_90S_LEVEL3"), "P384_KYBER_90S_LEVEL3", WOLFSSL_P384_KYBER_90S_LEVEL3}, - {XSTR_SIZEOF("P521_KYBER_90S_LEVEL5"), "P521_KYBER_90S_LEVEL5", WOLFSSL_P521_KYBER_90S_LEVEL5}, #endif #endif {0, NULL, 0}, @@ -2928,15 +2925,9 @@ static int isValidCurveGroup(word16 name) case WOLFSSL_KYBER_LEVEL3: case WOLFSSL_KYBER_LEVEL5: #ifdef HAVE_LIBOQS - case WOLFSSL_KYBER_90S_LEVEL1: - case WOLFSSL_KYBER_90S_LEVEL3: - case WOLFSSL_KYBER_90S_LEVEL5: case WOLFSSL_P256_KYBER_LEVEL1: case WOLFSSL_P384_KYBER_LEVEL3: case WOLFSSL_P521_KYBER_LEVEL5: - case WOLFSSL_P256_KYBER_90S_LEVEL1: - case WOLFSSL_P384_KYBER_90S_LEVEL3: - case WOLFSSL_P521_KYBER_90S_LEVEL5: #endif #endif return 1; @@ -21310,24 +21301,12 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl) return "KYBER_LEVEL3"; case WOLFSSL_KYBER_LEVEL5: return "KYBER_LEVEL5"; - case WOLFSSL_KYBER_90S_LEVEL1: - return "KYBER_90S_LEVEL1"; - case WOLFSSL_KYBER_90S_LEVEL3: - return "KYBER_90S_LEVEL3"; - case WOLFSSL_KYBER_90S_LEVEL5: - return "KYBER_90S_LEVEL5"; case WOLFSSL_P256_KYBER_LEVEL1: return "P256_KYBER_LEVEL1"; case WOLFSSL_P384_KYBER_LEVEL3: return "P384_KYBER_LEVEL3"; case WOLFSSL_P521_KYBER_LEVEL5: return "P521_KYBER_LEVEL5"; - case WOLFSSL_P256_KYBER_90S_LEVEL1: - return "P256_KYBER_90S_LEVEL1"; - case WOLFSSL_P384_KYBER_90S_LEVEL3: - return "P384_KYBER_90S_LEVEL3"; - case WOLFSSL_P521_KYBER_90S_LEVEL5: - return "P521_KYBER_90S_LEVEL5"; #elif defined(HAVE_PQM4) case WOLFSSL_KYBER_LEVEL1: return "KYBER_LEVEL1"; diff --git a/src/tls.c b/src/tls.c index 754fb88e7..af91cbcd7 100644 --- a/src/tls.c +++ b/src/tls.c @@ -52,15 +52,7 @@ #include #ifdef WOLFSSL_WC_KYBER #include -#elif defined(HAVE_LIBOQS) - #include - #include -#elif defined(HAVE_PQM4) - #include "api_kyber.h" - #define PQM4_PUBLIC_KEY_LENGTH CRYPTO_PUBLICKEYBYTES - #define PQM4_PRIVATE_KEY_LENGTH CRYPTO_SECRETKEYBYTES - #define PQM4_SHARED_SECRET_LENGTH CRYPTO_BYTES - #define PQM4_CIPHERTEXT_LENGTH CRYPTO_CIPHERTEXTBYTES +#elif defined(HAVE_LIBOQS) || defined(HAVE_PQM4) #include #endif #endif @@ -7102,7 +7094,6 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse) } #ifdef HAVE_PQC -#ifdef WOLFSSL_WC_KYBER static int kyber_id2type(int id, int *type) { int ret = 0; @@ -7130,22 +7121,6 @@ static int kyber_id2type(int id, int *type) return ret; } -#elif defined(HAVE_LIBOQS) -/* Transform a group ID into an OQS Algorithm name as a string. */ -static const char* OQS_ID2name(int id) -{ - switch (id) { - case WOLFSSL_KYBER_LEVEL1: return OQS_KEM_alg_kyber_512; - case WOLFSSL_KYBER_LEVEL3: return OQS_KEM_alg_kyber_768; - case WOLFSSL_KYBER_LEVEL5: return OQS_KEM_alg_kyber_1024; - case WOLFSSL_KYBER_90S_LEVEL1: return OQS_KEM_alg_kyber_512_90s; - case WOLFSSL_KYBER_90S_LEVEL3: return OQS_KEM_alg_kyber_768_90s; - case WOLFSSL_KYBER_90S_LEVEL5: return OQS_KEM_alg_kyber_1024_90s; - default: break; - } - return NULL; -} -#endif /* HAVE_LIBOQS */ typedef struct PqcHybridMapping { int hybrid; @@ -7160,12 +7135,6 @@ static const PqcHybridMapping pqc_hybrid_mapping[] = { .pqc = WOLFSSL_KYBER_LEVEL3}, {.hybrid = WOLFSSL_P521_KYBER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, .pqc = WOLFSSL_KYBER_LEVEL5}, - {.hybrid = WOLFSSL_P256_KYBER_90S_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .pqc = WOLFSSL_KYBER_90S_LEVEL1}, - {.hybrid = WOLFSSL_P384_KYBER_90S_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .pqc = WOLFSSL_KYBER_90S_LEVEL3}, - {.hybrid = WOLFSSL_P521_KYBER_90S_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .pqc = WOLFSSL_KYBER_90S_LEVEL5}, {.hybrid = 0, .ecc = 0, .pqc = 0} }; @@ -7206,7 +7175,6 @@ static void findEccPqc(int *ecc, int *pqc, int group) * kse The key share entry object. * returns 0 on success, otherwise failure. */ -#ifdef WOLFSSL_WC_KYBER static int TLSX_KeyShare_GenPqcKey(WOLFSSL *ssl, KeyShareEntry* kse) { int ret = 0; @@ -7278,7 +7246,7 @@ static int TLSX_KeyShare_GenPqcKey(WOLFSSL *ssl, KeyShareEntry* kse) if (ret == 0) { ret = wc_KyberKey_MakeKey(kem, ssl->rng); if (ret != 0) { - WOLFSSL_MSG("lKyber keygen failure"); + WOLFSSL_MSG("Kyber keygen failure"); } } if (ret == 0) { @@ -7319,198 +7287,6 @@ static int TLSX_KeyShare_GenPqcKey(WOLFSSL *ssl, KeyShareEntry* kse) return ret; } -#elif defined(HAVE_LIBOQS) -static int TLSX_KeyShare_GenPqcKey(WOLFSSL *ssl, KeyShareEntry* kse) -{ - int ret = 0; - const char* algName = NULL; - OQS_KEM* kem = NULL; - byte* pubKey = NULL; - byte* privKey = NULL; - KeyShareEntry *ecc_kse = NULL; - int oqs_group = 0; - int ecc_group = 0; - - findEccPqc(&ecc_group, &oqs_group, kse->group); - algName = OQS_ID2name(oqs_group); - if (algName == NULL) { - WOLFSSL_MSG("Invalid OQS algorithm specified."); - return BAD_FUNC_ARG; - } - - kem = OQS_KEM_new(algName); - if (kem == NULL) { - WOLFSSL_MSG("Error creating OQS KEM, ensure algorithm support" - "was enabled in liboqs."); - return BAD_FUNC_ARG; - } - - ecc_kse = (KeyShareEntry*)XMALLOC(sizeof(*ecc_kse), ssl->heap, - DYNAMIC_TYPE_TLSX); - if (ecc_kse == NULL) { - WOLFSSL_MSG("ecc_kse memory allocation failure"); - ret = MEMORY_ERROR; - } - - if (ret == 0) { - XMEMSET(ecc_kse, 0, sizeof(*ecc_kse)); - } - - if (ret == 0 && ecc_group != 0) { - ecc_kse->group = ecc_group; - ret = TLSX_KeyShare_GenEccKey(ssl, ecc_kse); - /* If fail, no error message, TLSX_KeyShare_GenEccKey will do it. */ - } - - if (ret == 0) { - pubKey = (byte*)XMALLOC(ecc_kse->pubKeyLen + kem->length_public_key, - ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - if (pubKey == NULL) { - WOLFSSL_MSG("pubkey memory allocation failure"); - ret = MEMORY_ERROR; - } - } - - if (ret == 0) { - privKey = (byte*)XMALLOC(kem->length_secret_key, - ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); - if (privKey == NULL) { - WOLFSSL_MSG("privkey memory allocation failure"); - ret = MEMORY_ERROR; - } - } - - if (ret == 0) { - if (OQS_KEM_keypair(kem, pubKey + ecc_kse->pubKeyLen, privKey) == - OQS_SUCCESS) { - XMEMCPY(pubKey, ecc_kse->pubKey, ecc_kse->pubKeyLen); - kse->pubKey = pubKey; - kse->pubKeyLen = ecc_kse->pubKeyLen + - (word32) kem->length_public_key; - pubKey = NULL; - - /* Note we are saving the OQS private key and ECC private key - * separately. That's because the ECC private key is not simply a - * buffer. Its is an ecc_key struct. - */ - kse->privKey = privKey; - privKey = NULL; - - kse->key = ecc_kse->key; - ecc_kse->key = NULL; - - ret = 0; - } - else { - WOLFSSL_MSG("liboqs keygen failure"); - ret = BAD_FUNC_ARG; - WOLFSSL_ERROR_VERBOSE(ret); - } - } - -#ifdef WOLFSSL_DEBUG_TLS - WOLFSSL_MSG("Public liboqs Key"); - WOLFSSL_BUFFER(kse->pubKey, kse->pubKeyLen); -#endif - - OQS_KEM_free(kem); - TLSX_KeyShare_FreeAll(ecc_kse, ssl->heap); - if (pubKey != NULL) - XFREE(pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - if (privKey != NULL) - XFREE(privKey, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); - - return ret; -} -#elif defined(HAVE_PQM4) -static int TLSX_KeyShare_GenPqcKey(WOLFSSL *ssl, KeyShareEntry* kse) -{ - /* This assumes KYBER LEVEL 1 (512) implementation is compiled in. */ - int ret = 0; - byte* pubKey = NULL; - byte* privKey = NULL; - KeyShareEntry *ecc_kse = NULL; - int oqs_group = 0; - int ecc_group = 0; - - findEccPqc(&ecc_group, &oqs_group, kse->group); - - ecc_kse = (KeyShareEntry*)XMALLOC(sizeof(*ecc_kse), ssl->heap, - DYNAMIC_TYPE_TLSX); - if (ecc_kse == NULL) { - WOLFSSL_MSG("ecc_kse memory allocation failure"); - ret = MEMORY_ERROR; - } - - if (ret == 0) { - XMEMSET(ecc_kse, 0, sizeof(*ecc_kse)); - } - - if (ret == 0 && ecc_group != 0) { - ecc_kse->group = ecc_group; - ret = TLSX_KeyShare_GenEccKey(ssl, ecc_kse); - /* If fail, no error message, TLSX_KeyShare_GenEccKey will do it. */ - } - - if (ret == 0) { - pubKey = (byte*)XMALLOC(ecc_kse->pubKeyLen + PQM4_PUBLIC_KEY_LENGTH, - ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - if (pubKey == NULL) { - WOLFSSL_MSG("pubkey memory allocation failure"); - ret = MEMORY_ERROR; - } - } - - if (ret == 0) { - privKey = (byte*)XMALLOC(PQM4_PRIVATE_KEY_LENGTH, - ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); - if (privKey == NULL) { - WOLFSSL_MSG("privkey memory allocation failure"); - ret = MEMORY_ERROR; - } - } - - if (ret == 0) { - if (crypto_kem_keypair(pubKey + ecc_kse->pubKeyLen, privKey) == 0) { - XMEMCPY(pubKey, ecc_kse->pubKey, ecc_kse->pubKeyLen); - kse->pubKey = pubKey; - kse->pubKeyLen = ecc_kse->pubKeyLen + - (word32) PQM4_PUBLIC_KEY_LENGTH; - pubKey = NULL; - - /* Note we are saving the PQ private key and ECC private key - * separately. That's because the ECC private key is not simply a - * buffer. Its is an ecc_key struct. - */ - kse->privKey = privKey; - privKey = NULL; - - kse->key = ecc_kse->key; - ecc_kse->key = NULL; - - ret = 0; - } - else { - WOLFSSL_MSG("liboqs keygen failure"); - ret = BAD_FUNC_ARG; - WOLFSSL_ERROR_VERBOSE(ret); - } - } - -#ifdef WOLFSSL_DEBUG_TLS - WOLFSSL_MSG("Public PQM4 Key"); - WOLFSSL_BUFFER(kse->pubKey, kse->pubKeyLen ); -#endif - - TLSX_KeyShare_FreeAll(ecc_kse, ssl->heap); - if (pubKey != NULL) - XFREE(pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - if (privKey != NULL) - XFREE(privKey, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); - - return ret; -} -#endif /* HAVE_PQM4 */ #endif /* HAVE_PQC */ /* Generate a secret/key using the key share entry. @@ -8107,7 +7883,6 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) } #ifdef HAVE_PQC -#ifdef WOLFSSL_WC_KYBER /* Process the Kyber key share extension on the client side. * * ssl The SSL/TLS object. @@ -8274,294 +8049,6 @@ static int TLSX_KeyShare_ProcessPqc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) wc_KyberKey_Free(kem); return ret; } -#elif defined(HAVE_LIBOQS) -/* Process the liboqs key share extension on the client side. - * - * ssl The SSL/TLS object. - * keyShareEntry The key share entry object to use to calculate shared secret. - * returns 0 on success and other values indicate failure. - */ -static int TLSX_KeyShare_ProcessPqc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) -{ - int ret = 0; - const char* algName = NULL; - OQS_KEM* kem = NULL; - byte* sharedSecret = NULL; - word32 sharedSecretLen = 0; - int oqs_group = 0; - int ecc_group = 0; - ecc_key eccpubkey; - word32 outlen = 0; - - if (keyShareEntry->ke == NULL) { - WOLFSSL_MSG("Invalid OQS algorithm specified."); - return BAD_FUNC_ARG; - } - - if (ssl->options.side == WOLFSSL_SERVER_END) { - /* I am the server, the shared secret has already been generated and - * is in keyShareEntry->ke; copy it to the pre-master secret - * pre-allocated buffer. */ - if (keyShareEntry->keLen > ENCRYPT_LEN) { - WOLFSSL_MSG("shared secret is too long."); - WOLFSSL_ERROR_VERBOSE(LENGTH_ERROR); - return LENGTH_ERROR; - } - - XMEMCPY(ssl->arrays->preMasterSecret, keyShareEntry->ke, keyShareEntry->keLen); - ssl->arrays->preMasterSz = keyShareEntry->keLen; - XFREE(keyShareEntry->ke, sl->heap, DYNAMIC_TYPE_SECRET) - keyShareEntry->ke = NULL; - keyShareEntry->keLen = 0; - return 0; - } - - /* I am the client, the ciphertext is in keyShareEntry->ke */ - findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group); - - algName = OQS_ID2name(oqs_group); - if (algName == NULL) { - WOLFSSL_MSG("Invalid OQS algorithm specified."); - WOLFSSL_ERROR_VERBOSE(BAD_FUNC_ARG); - return BAD_FUNC_ARG; - } - - kem = OQS_KEM_new(algName); - if (kem == NULL) { - WOLFSSL_MSG("Error creating OQS KEM, ensure algorithm support" - "was enabled in liboqs."); - return MEMORY_E; - } - - sharedSecretLen = (word32)kem->length_shared_secret; - switch (ecc_group) { - case WOLFSSL_ECC_SECP256R1: - sharedSecretLen += 32; - outlen = 32; - break; - case WOLFSSL_ECC_SECP384R1: - sharedSecretLen += 48; - outlen = 48; - break; - case WOLFSSL_ECC_SECP521R1: - sharedSecretLen += 66; - outlen = 66; - break; - default: - break; - } - - ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId); - if (ret != 0) { - WOLFSSL_MSG("Memory allocation error."); - return MEMORY_E; - } - - sharedSecret = (byte*)XMALLOC(sharedSecretLen, ssl->heap, - DYNAMIC_TYPE_TLSX); - if (sharedSecret == NULL) { - WOLFSSL_MSG("Memory allocation error."); - ret = MEMORY_E; - } - - if (ret == 0 && OQS_KEM_decaps(kem, sharedSecret + outlen, - keyShareEntry->ke + keyShareEntry->keLen - - kem->length_ciphertext, - keyShareEntry->privKey) != OQS_SUCCESS) { - WOLFSSL_MSG("Liboqs decapsulation failure."); - ret = BAD_FUNC_ARG; - WOLFSSL_ERROR_VERBOSE(ret); - } - - if (ecc_group != 0) { - if (ret == 0) { - /* Point is validated by import function. */ - ret = wc_ecc_import_x963(keyShareEntry->ke, - keyShareEntry->keLen - - (word32)kem->length_ciphertext, - &eccpubkey); - if (ret != 0) { - WOLFSSL_ERROR_VERBOSE(ret); - WOLFSSL_MSG("ECC Public key import error."); - } - } - -#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ - (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ - !defined(HAVE_SELFTEST) - if (ret == 0) { - ret = wc_ecc_set_rng(keyShareEntry->key, ssl->rng); - if (ret != 0) { - WOLFSSL_MSG("Failure to set the ECC private key RNG."); - } - } -#endif - - if (ret == 0) { - PRIVATE_KEY_UNLOCK(); - ret = wc_ecc_shared_secret(keyShareEntry->key, &eccpubkey, sharedSecret, &outlen); - PRIVATE_KEY_LOCK(); - if (outlen != sharedSecretLen - kem->length_shared_secret) { - WOLFSSL_MSG("ECC shared secret derivation error."); - ret = BAD_FUNC_ARG; - WOLFSSL_ERROR_VERBOSE(ret); - } - } - } - - if (sharedSecretLen > ENCRYPT_LEN) { - WOLFSSL_MSG("shared secret is too long."); - ret = LENGTH_ERROR; - WOLFSSL_ERROR_VERBOSE(ret); - } - - if (ret == 0) { - /* Copy the shared secret to the pre-master secret pre-allocated - * buffer. */ - XMEMCPY(ssl->arrays->preMasterSecret, sharedSecret, sharedSecretLen); - ssl->arrays->preMasterSz = (word32) sharedSecretLen; - } - - if (sharedSecret != NULL) { - XFREE(sharedSecret, ssl->heap, DYNAMIC_TYPE_SECRET); - } - - wc_ecc_free(&eccpubkey); - OQS_KEM_free(kem); - return ret; -} -#elif defined(HAVE_PQM4) -static int TLSX_KeyShare_ProcessPqc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) -{ - int ret = 0; - byte* sharedSecret = NULL; - word32 sharedSecretLen = 0; - int oqs_group = 0; - int ecc_group = 0; - ecc_key eccpubkey; - word32 outlen = 0; - - if (keyShareEntry->ke == NULL) { - WOLFSSL_MSG("Invalid OQS algorithm specified."); - return BAD_FUNC_ARG; - } - - if (ssl->options.side == WOLFSSL_SERVER_END) { - /* I am the server, the shared secret has already been generated and - * is in keyShareEntry->ke; copy it to the pre-master secret - * pre-allocated buffer. */ - if (keyShareEntry->keLen > ENCRYPT_LEN) { - WOLFSSL_MSG("shared secret is too long."); - WOLFSSL_ERROR_VERBOSE(LENGTH_ERROR); - return LENGTH_ERROR; - } - - XMEMCPY(ssl->arrays->preMasterSecret, keyShareEntry->ke, keyShareEntry->keLen); - ssl->arrays->preMasterSz = keyShareEntry->keLen; - XFREE(keyShareEntry->ke, sl->heap, DYNAMIC_TYPE_SECRET); - keyShareEntry->ke = NULL; - keyShareEntry->keLen = 0; - return 0; - } - - /* I am the client, the ciphertext is in keyShareEntry->ke */ - findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group); - - sharedSecretLen = (word32)PQM4_SHARED_SECRET_LENGTH; - switch (ecc_group) { - case WOLFSSL_ECC_SECP256R1: - sharedSecretLen += 32; - outlen = 32; - break; - case WOLFSSL_ECC_SECP384R1: - sharedSecretLen += 48; - outlen = 48; - break; - case WOLFSSL_ECC_SECP521R1: - sharedSecretLen += 66; - outlen = 66; - break; - default: - break; - } - - ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId); - if (ret != 0) { - WOLFSSL_MSG("Memory allocation error."); - return MEMORY_E; - } - - sharedSecret = (byte*)XMALLOC(sharedSecretLen, ssl->heap, - DYNAMIC_TYPE_TLSX); - if (sharedSecret == NULL) { - WOLFSSL_MSG("Memory allocation error."); - ret = MEMORY_E; - } - - if (ret == 0 && crypto_kem_dec(sharedSecret + outlen, - keyShareEntry->ke + keyShareEntry->keLen - - PQM4_CIPHERTEXT_LENGTH, - keyShareEntry->privKey) != 0) { - WOLFSSL_MSG("PQM4 decapsulation failure."); - ret = BAD_FUNC_ARG; - } else { - WOLFSSL_MSG("PQM4 decapsulation SUCCESS!!!!!"); - } - - if (ecc_group != 0) { - if (ret == 0) { - /* Point is validated by import function. */ - ret = wc_ecc_import_x963(keyShareEntry->ke, - keyShareEntry->keLen - - (word32)PQM4_CIPHERTEXT_LENGTH, - &eccpubkey); - if (ret != 0) { - WOLFSSL_MSG("ECC Public key import error."); - } - } - -#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ - (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ - !defined(HAVE_SELFTEST) - if (ret == 0) { - ret = wc_ecc_set_rng(keyShareEntry->key, ssl->rng); - if (ret != 0) { - WOLFSSL_MSG("Failure to set the ECC private key RNG."); - } - } -#endif - - if (ret == 0) { - PRIVATE_KEY_UNLOCK(); - ret = wc_ecc_shared_secret(keyShareEntry->key, &eccpubkey, sharedSecret, &outlen); - PRIVATE_KEY_LOCK(); - if (outlen != sharedSecretLen - PQM4_SHARED_SECRET_LENGTH) { - WOLFSSL_MSG("ECC shared secret derivation error."); - ret = BAD_FUNC_ARG; - } - } - } - - if (sharedSecretLen > ENCRYPT_LEN) { - WOLFSSL_MSG("shared secret is too long.\n"); - ret = LENGTH_ERROR; - } - - if (ret == 0) { - /* Copy the shared secret to the pre-master secret pre-allocated - * buffer. */ - XMEMCPY(ssl->arrays->preMasterSecret, sharedSecret, sharedSecretLen); - ssl->arrays->preMasterSz = (word32) sharedSecretLen; - } - - if (sharedSecret != NULL) { - XFREE(sharedSecret, ssl->heap, DYNAMIC_TYPE_SECRET); - } - - wc_ecc_free(&eccpubkey); - return ret; -} -#endif /* HAVE_PQM4 */ #endif /* HAVE_PQC */ /* Process the key share extension on the client side. @@ -8904,7 +8391,6 @@ static int TLSX_KeyShare_New(KeyShareEntry** list, int group, void *heap, } #ifdef HAVE_PQC -#ifdef WOLFSSL_WC_KYBER static int server_generate_pqc_ciphertext(WOLFSSL* ssl, KeyShareEntry* keyShareEntry, byte* data, word16 len) { @@ -9064,289 +8550,6 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl, wc_KyberKey_Free(kem); return ret; } -#elif defined(HAVE_LIBOQS) -static int server_generate_pqc_ciphertext(WOLFSSL* ssl, - KeyShareEntry* keyShareEntry, - byte* data, word16 len) -{ - /* I am the server. The data parameter is the client's public key. I need - * to generate the public information (AKA ciphertext) and shared secret - * here. Note the "public information" is equivalent to a the public key in - * key exchange parlance. That's why it is being assigned to pubKey. - */ - const char* algName = NULL; - OQS_KEM* kem = NULL; - byte* sharedSecret = NULL; - byte* ciphertext = NULL; - int ret = 0; - int oqs_group = 0; - int ecc_group = 0; - KeyShareEntry *ecc_kse = NULL; - ecc_key eccpubkey; - word32 outlen = 0; - - findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group); - algName = OQS_ID2name(oqs_group); - if (algName == NULL) { - WOLFSSL_MSG("Invalid OQS algorithm specified."); - return BAD_FUNC_ARG; - } - - ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId); - if (ret != 0) { - WOLFSSL_MSG("Could not do ECC public key initialization."); - return MEMORY_E; - } - - ecc_kse = (KeyShareEntry*)XMALLOC(sizeof(*ecc_kse), ssl->heap, DYNAMIC_TYPE_TLSX); - if (ecc_kse == NULL) { - WOLFSSL_MSG("ecc_kse memory allocation failure"); - ret = MEMORY_ERROR; - } - - if (ret == 0) { - XMEMSET(ecc_kse, 0, sizeof(*ecc_kse)); - } - - if (ret == 0 && ecc_group != 0) { - ecc_kse->group = ecc_group; - ret = TLSX_KeyShare_GenEccKey(ssl, ecc_kse); - if (ret != 0) { - /* No message, TLSX_KeyShare_GenEccKey() will do it. */ - return ret; - } - ret = 0; - } - - if (ret == 0) { - kem = OQS_KEM_new(algName); - if (kem == NULL) { - WOLFSSL_MSG("Error creating OQS KEM, ensure algorithm support " - "was enabled in liboqs."); - ret = MEMORY_E; - } - } - - if (ret == 0 && len != kem->length_public_key + ecc_kse->pubKeyLen) { - WOLFSSL_MSG("Invalid public key."); - WOLFSSL_ERROR_VERBOSE(BAD_FUNC_ARG); - ret = BAD_FUNC_ARG; - } - - if (ret == 0) { - sharedSecret = (byte*)XMALLOC(ecc_kse->keyLen + - kem->length_shared_secret, - ssl->heap, DYNAMIC_TYPE_TLSX); - ciphertext = (byte*)XMALLOC(ecc_kse->pubKeyLen + kem->length_ciphertext, - ssl->heap, DYNAMIC_TYPE_TLSX); - - if (sharedSecret == NULL || ciphertext == NULL) { - WOLFSSL_MSG("Ciphertext/shared secret memory allocation failure."); - ret = MEMORY_E; - } - } - - if (ecc_group != 0) { - if (ret == 0) { - /* Point is validated by import function. */ - ret = wc_ecc_import_x963(data, len - (word32)kem->length_public_key, - &eccpubkey); - if (ret != 0) { - WOLFSSL_MSG("Bad ECC public key."); - } - } - -#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ - (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ - !defined(HAVE_SELFTEST) - if (ret == 0) { - ret = wc_ecc_set_rng(ecc_kse->key, ssl->rng); - } -#endif - - if (ret == 0) { - outlen = ecc_kse->keyLen; - PRIVATE_KEY_UNLOCK(); - ret = wc_ecc_shared_secret(ecc_kse->key, &eccpubkey, - sharedSecret, - &outlen); - PRIVATE_KEY_LOCK(); - if (outlen != ecc_kse->keyLen) { - WOLFSSL_MSG("Data length mismatch."); - ret = BAD_FUNC_ARG; - } - } - } - - if (ret == 0 && - OQS_KEM_encaps(kem, ciphertext + ecc_kse->pubKeyLen, - sharedSecret + outlen, - data + ecc_kse->pubKeyLen) != OQS_SUCCESS) { - WOLFSSL_MSG("OQS Encapsulation failure."); - ret = BAD_FUNC_ARG; - } - - if (ret == 0) { - if (keyShareEntry->ke != NULL) { - XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - } - - keyShareEntry->ke = sharedSecret; - keyShareEntry->keLen = outlen + (word32)kem->length_shared_secret; - sharedSecret = NULL; - - XMEMCPY(ciphertext, ecc_kse->pubKey, ecc_kse->pubKeyLen); - keyShareEntry->pubKey = ciphertext; - keyShareEntry->pubKeyLen = (word32)(ecc_kse->pubKeyLen + - kem->length_ciphertext); - ciphertext = NULL; - - /* Set namedGroup so wolfSSL_get_curve_name() can function properly on - * the server side. */ - ssl->namedGroup = keyShareEntry->group; - } - - TLSX_KeyShare_FreeAll(ecc_kse, ssl->heap); - if (sharedSecret != NULL) - XFREE(sharedSecret, ssl->heap, DYNAMIC_TYPE_TLSX); - if (ciphertext != NULL) - XFREE(ciphertext, ssl->heap, DYNAMIC_TYPE_TLSX); - wc_ecc_free(&eccpubkey); - OQS_KEM_free(kem); - return ret; -} -#elif defined(HAVE_PQM4) -static int server_generate_pqc_ciphertext(WOLFSSL* ssl, - KeyShareEntry* keyShareEntry, - byte* data, word16 len) -{ - /* I am the server. The data parameter is the client's public key. I need - * to generate the public information (AKA ciphertext) and shared secret - * here. Note the "public information" is equivalent to a the public key in - * key exchange parlance. That's why it is being assigned to pubKey. - */ - byte* sharedSecret = NULL; - byte* ciphertext = NULL; - int ret = 0; - int oqs_group = 0; - int ecc_group = 0; - KeyShareEntry *ecc_kse = NULL; - ecc_key eccpubkey; - word32 outlen = 0; - - findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group); - ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId); - if (ret != 0) { - WOLFSSL_MSG("Could not do ECC public key initialization."); - return MEMORY_E; - } - - ecc_kse = (KeyShareEntry*)XMALLOC(sizeof(*ecc_kse), ssl->heap, DYNAMIC_TYPE_TLSX); - if (ecc_kse == NULL) { - WOLFSSL_MSG("ecc_kse memory allocation failure"); - ret = MEMORY_ERROR; - } - - if (ret == 0) { - XMEMSET(ecc_kse, 0, sizeof(*ecc_kse)); - } - - if (ret == 0 && ecc_group != 0) { - ecc_kse->group = ecc_group; - ret = TLSX_KeyShare_GenEccKey(ssl, ecc_kse); - if (ret != 0) { - /* No message, TLSX_KeyShare_GenEccKey() will do it. */ - return ret; - } - ret = 0; - } - - if (ret == 0 && len != PQM4_PUBLIC_KEY_LENGTH + ecc_kse->pubKeyLen) { - WOLFSSL_MSG("Invalid public key."); - ret = BAD_FUNC_ARG; - } - - if (ret == 0) { - sharedSecret = (byte*)XMALLOC(ecc_kse->keyLen + PQM4_SHARED_SECRET_LENGTH, - ssl->heap, DYNAMIC_TYPE_TLSX); - ciphertext = (byte*)XMALLOC(ecc_kse->pubKeyLen + PQM4_CIPHERTEXT_LENGTH, - ssl->heap, DYNAMIC_TYPE_TLSX); - - if (sharedSecret == NULL || ciphertext == NULL) { - WOLFSSL_MSG("Ciphertext/shared secret memory allocation failure."); - ret = MEMORY_E; - } - } - - if (ecc_group != 0) { - if (ret == 0) { - /* Point is validated by import function. */ - ret = wc_ecc_import_x963(data, len - PQM4_PUBLIC_KEY_LENGTH, - &eccpubkey); - if (ret != 0) { - WOLFSSL_MSG("Bad ECC public key."); - } - } - -#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \ - (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \ - !defined(HAVE_SELFTEST) - if (ret == 0) { - ret = wc_ecc_set_rng(ecc_kse->key, ssl->rng); - } -#endif - - if (ret == 0) { - outlen = ecc_kse->keyLen; - PRIVATE_KEY_UNLOCK(); - ret = wc_ecc_shared_secret(ecc_kse->key, &eccpubkey, - sharedSecret, - &outlen); - PRIVATE_KEY_LOCK(); - if (outlen != ecc_kse->keyLen) { - WOLFSSL_MSG("Data length mismatch."); - ret = BAD_FUNC_ARG; - } - } - } - - if (ret == 0 && - crypto_kem_enc(ciphertext + ecc_kse->pubKeyLen, - sharedSecret + outlen, - data + ecc_kse->pubKeyLen) != 0) { - WOLFSSL_MSG("PQM4 Encapsulation failure."); - ret = BAD_FUNC_ARG; - } - - if (ret == 0) { - if (keyShareEntry->ke != NULL) { - XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - } - - keyShareEntry->ke = sharedSecret; - keyShareEntry->keLen = outlen + (word32)PQM4_SHARED_SECRET_LENGTH; - sharedSecret = NULL; - - XMEMCPY(ciphertext, ecc_kse->pubKey, ecc_kse->pubKeyLen); - keyShareEntry->pubKey = ciphertext; - keyShareEntry->pubKeyLen = (word32)(ecc_kse->pubKeyLen + - PQM4_CIPHERTEXT_LENGTH); - ciphertext = NULL; - - /* Set namedGroup so wolfSSL_get_curve_name() can function properly on - * the server side. */ - ssl->namedGroup = keyShareEntry->group; - } - - TLSX_KeyShare_FreeAll(ecc_kse, ssl->heap); - if (sharedSecret != NULL) - XFREE(sharedSecret, ssl->heap, DYNAMIC_TYPE_TLSX); - if (ciphertext != NULL) - XFREE(ciphertext, ssl->heap, DYNAMIC_TYPE_TLSX); - wc_ecc_free(&eccpubkey); - return ret; -} -#endif /* HAVE_PQM4 */ #endif /* HAVE_PQC */ /* Use the data to create a new key share object in the extensions. @@ -9572,20 +8775,23 @@ static int TLSX_KeyShare_IsSupported(int namedGroup) case WOLFSSL_KYBER_LEVEL1: case WOLFSSL_KYBER_LEVEL3: case WOLFSSL_KYBER_LEVEL5: - case WOLFSSL_KYBER_90S_LEVEL1: - case WOLFSSL_KYBER_90S_LEVEL3: - case WOLFSSL_KYBER_90S_LEVEL5: case WOLFSSL_P256_KYBER_LEVEL1: case WOLFSSL_P384_KYBER_LEVEL3: case WOLFSSL_P521_KYBER_LEVEL5: - case WOLFSSL_P256_KYBER_90S_LEVEL1: - case WOLFSSL_P384_KYBER_90S_LEVEL3: - case WOLFSSL_P521_KYBER_90S_LEVEL5: + { + int ret; + int id; findEccPqc(NULL, &namedGroup, namedGroup); - if (! OQS_KEM_alg_is_enabled(OQS_ID2name(namedGroup))) { + ret = kyber_id2type(namedGroup, &id); + if (ret == NOT_COMPILED_IN) { + return 0; + } + + if (! ext_kyber_enabled(id)) { return 0; } break; + } #elif defined(HAVE_PQM4) case WOLFSSL_KYBER_LEVEL1: break; @@ -9680,24 +8886,12 @@ static int TLSX_KeyShare_GroupRank(WOLFSSL* ssl, int group) ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_LEVEL3; if (TLSX_KeyShare_IsSupported(WOLFSSL_KYBER_LEVEL5)) ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_LEVEL5; - if (TLSX_KeyShare_IsSupported(WOLFSSL_KYBER_90S_LEVEL1)) - ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_90S_LEVEL1; - if (TLSX_KeyShare_IsSupported(WOLFSSL_KYBER_90S_LEVEL3)) - ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_90S_LEVEL3; - if (TLSX_KeyShare_IsSupported(WOLFSSL_KYBER_90S_LEVEL5)) - ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_90S_LEVEL5; if (TLSX_KeyShare_IsSupported(WOLFSSL_P256_KYBER_LEVEL1)) ssl->group[ssl->numGroups++] = WOLFSSL_P256_KYBER_LEVEL1; if (TLSX_KeyShare_IsSupported(WOLFSSL_P384_KYBER_LEVEL3)) ssl->group[ssl->numGroups++] = WOLFSSL_P384_KYBER_LEVEL3; if (TLSX_KeyShare_IsSupported(WOLFSSL_P521_KYBER_LEVEL5)) ssl->group[ssl->numGroups++] = WOLFSSL_P521_KYBER_LEVEL5; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P256_KYBER_90S_LEVEL1)) - ssl->group[ssl->numGroups++] = WOLFSSL_P256_KYBER_90S_LEVEL1; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P384_KYBER_90S_LEVEL3)) - ssl->group[ssl->numGroups++] = WOLFSSL_P384_KYBER_90S_LEVEL3; - if (TLSX_KeyShare_IsSupported(WOLFSSL_P521_KYBER_90S_LEVEL5)) - ssl->group[ssl->numGroups++] = WOLFSSL_P521_KYBER_90S_LEVEL5; #elif defined(HAVE_PQM4) if (TLSX_KeyShare_IsSupported(WOLFSSL_KYBER_LEVEL1)) ssl->group[ssl->numGroups++] = WOLFSSL_KYBER_LEVEL1; @@ -11738,15 +10932,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) if (ret == WOLFSSL_SUCCESS) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL5, ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_90S_LEVEL1, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_90S_LEVEL3, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_90S_LEVEL5, - ssl->heap); if (ret == WOLFSSL_SUCCESS) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_KYBER_LEVEL1, ssl->heap); @@ -11756,15 +10941,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) if (ret == WOLFSSL_SUCCESS) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_KYBER_LEVEL5, ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_KYBER_90S_LEVEL1, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_KYBER_90S_LEVEL3, - ssl->heap); - if (ret == WOLFSSL_SUCCESS) - ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_KYBER_90S_LEVEL5, - ssl->heap); #elif defined(HAVE_PQM4) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL1, ssl->heap); #endif /* HAVE_LIBOQS */ diff --git a/tests/test-tls13-pq-2.conf b/tests/test-tls13-pq-2.conf index f896e91de..ff09d72a7 100644 --- a/tests/test-tls13-pq-2.conf +++ b/tests/test-tls13-pq-2.conf @@ -1,33 +1,3 @@ -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc KYBER_90S_LEVEL1 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc KYBER_90S_LEVEL1 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc KYBER_90S_LEVEL3 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc KYBER_90S_LEVEL3 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc KYBER_90S_LEVEL5 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc KYBER_90S_LEVEL5 - # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 @@ -57,34 +27,3 @@ -v 4 -l TLS13-AES256-GCM-SHA384 --pqc P521_KYBER_LEVEL5 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P256_KYBER_90S_LEVEL1 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P256_KYBER_90S_LEVEL1 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P384_KYBER_90S_LEVEL3 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P384_KYBER_90S_LEVEL3 - -# server TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P521_KYBER_90S_LEVEL5 - -# client TLSv1.3 with post-quantum group --v 4 --l TLS13-AES256-GCM-SHA384 ---pqc P521_KYBER_90S_LEVEL5 - diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index b9ce49887..c5b413db1 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -447,12 +447,6 @@ static const char err_prefix[] = ""; #define BENCH_KYBER_LEVEL3_ENCAP 0x00000020 #define BENCH_KYBER_LEVEL5_KEYGEN 0x00000040 #define BENCH_KYBER_LEVEL5_ENCAP 0x00000080 -#define BENCH_KYBER90S_LEVEL1_KEYGEN 0x00000100 -#define BENCH_KYBER90S_LEVEL1_ENCAP 0x00000200 -#define BENCH_KYBER90S_LEVEL3_KEYGEN 0x00000400 -#define BENCH_KYBER90S_LEVEL3_ENCAP 0x00000800 -#define BENCH_KYBER90S_LEVEL5_KEYGEN 0x00001000 -#define BENCH_KYBER90S_LEVEL5_ENCAP 0x00002000 #define BENCH_DILITHIUM_LEVEL2_SIGN 0x04000000 #define BENCH_DILITHIUM_LEVEL3_SIGN 0x08000000 #define BENCH_DILITHIUM_LEVEL5_SIGN 0x10000000 @@ -789,18 +783,6 @@ static const bench_pq_alg bench_pq_asym_opt[] = { OQS_KEM_alg_kyber_1024 }, { "-kyber_level5-ed", BENCH_KYBER_LEVEL5_ENCAP, OQS_KEM_alg_kyber_1024 }, - { "-kyber90s_level1-kg", BENCH_KYBER90S_LEVEL1_KEYGEN, - OQS_KEM_alg_kyber_512_90s }, - { "-kyber90s_level1-ed", BENCH_KYBER90S_LEVEL1_ENCAP, - OQS_KEM_alg_kyber_512_90s }, - { "-kyber90s_level3-kg", BENCH_KYBER90S_LEVEL3_KEYGEN, - OQS_KEM_alg_kyber_768_90s }, - { "-kyber90s_level3-ed", BENCH_KYBER90S_LEVEL3_ENCAP, - OQS_KEM_alg_kyber_768_90s }, - { "-kyber90s_level5-kg", BENCH_KYBER90S_LEVEL5_KEYGEN, - OQS_KEM_alg_kyber_1024_90s}, - { "-kyber90s_level5-ed", BENCH_KYBER90S_LEVEL5_ENCAP, - OQS_KEM_alg_kyber_1024_90s }, #endif /* HAVE_LIBOQS */ { NULL, 0, NULL } }; @@ -2583,18 +2565,6 @@ static void* benchmarks_do(void* args) bench_pqcKemKeygen(BENCH_KYBER_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL5_ENCAP)) bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL5_ENCAP); - if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL1_KEYGEN)) - bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL1_KEYGEN); - if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL1_ENCAP)) - bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL1_ENCAP); - if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL3_KEYGEN)) - bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL3_KEYGEN); - if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL3_ENCAP)) - bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL3_ENCAP); - if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL5_KEYGEN)) - bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL5_KEYGEN); - if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL5_ENCAP)) - bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL5_ENCAP); #ifdef HAVE_FALCON if (bench_all || (bench_pq_asym_algs & BENCH_FALCON_LEVEL1_SIGN)) bench_falconKeySign(1); diff --git a/wolfcrypt/src/ext_kyber.c b/wolfcrypt/src/ext_kyber.c index 61a771329..7519a0352 100644 --- a/wolfcrypt/src/ext_kyber.c +++ b/wolfcrypt/src/ext_kyber.c @@ -26,10 +26,6 @@ #include #include -#if defined(WOLFSSL_KYBER_90S) && defined(HAVE_PQM4) -#error "KYBER-90s is not supported when building PQM4" -#endif - #ifdef WOLFSSL_HAVE_KYBER #include @@ -41,21 +37,22 @@ #endif #if defined (HAVE_LIBOQS) + static const char* OQS_ID2name(int id) { switch (id) { -#ifdef WOLFSSL_KYBER_90S - case KYBER_LEVEL1: return OQS_KEM_alg_kyber_512_90s; - case KYBER_LEVEL3: return OQS_KEM_alg_kyber_768_90s; - case KYBER_LEVEL5: return OQS_KEM_alg_kyber_1024_90s; -#else case KYBER_LEVEL1: return OQS_KEM_alg_kyber_512; case KYBER_LEVEL3: return OQS_KEM_alg_kyber_768; case KYBER_LEVEL5: return OQS_KEM_alg_kyber_1024; -#endif default: break; } return NULL; } + +int ext_kyber_enabled(int id) +{ + const char * name = OQS_ID2name(id); + return OQS_KEM_alg_is_enabled(name); +} #endif /******************************************************************************/ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 7ce68117d..879354f28 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -30231,7 +30231,6 @@ static int kyber512_kat(void) 0xc8, 0x0e, 0xfe, 0x79, 0xa3, 0xa9, 0xa8, 0x74, 0xcc, 0x09, 0xfe, 0x76, 0xf6, 0x99, 0x76, 0x15 }; -#ifndef WOLFSSL_KYBER_90S const byte kyber512_pk[] = { 0x11, 0x5A, 0xCE, 0x0E, 0x64, 0x67, 0x7C, 0xBB, 0x7D, 0xCF, 0xC9, 0x3C, 0x16, 0xD3, 0xA3, 0x05, @@ -30644,420 +30643,6 @@ static int kyber512_kat(void) 0x50, 0x6C, 0x9B, 0x25, 0x7D, 0x48, 0x0E, 0x02, 0xE3, 0xB4, 0x9F, 0x44, 0xCA, 0xA3, 0x23, 0x7F }; -#else - const byte kyber512_pk[] = { - 0x68, 0xD6, 0x83, 0xF6, 0x01, 0x8F, 0xCB, 0x38, - 0x71, 0xC0, 0x64, 0x0A, 0xD1, 0x7B, 0x7E, 0x80, - 0x02, 0x93, 0xC9, 0xF6, 0x36, 0xC1, 0xE2, 0x09, - 0x10, 0x34, 0x25, 0xAD, 0x72, 0x26, 0xDD, 0x13, - 0x90, 0x41, 0xFA, 0x84, 0x9F, 0x8C, 0x2F, 0xED, - 0x18, 0xAB, 0xEF, 0xF5, 0x2A, 0xE0, 0xB6, 0x06, - 0x86, 0x13, 0xBA, 0x05, 0x73, 0x09, 0x3D, 0xE8, - 0xAC, 0xC8, 0x56, 0x19, 0x80, 0x62, 0xCD, 0x38, - 0xDC, 0x0F, 0x80, 0x05, 0x6B, 0x8D, 0x1C, 0x42, - 0xDF, 0xA3, 0x2C, 0x4C, 0xA4, 0x0E, 0x8C, 0x57, - 0x03, 0xF3, 0x13, 0xBA, 0x5F, 0xD0, 0x5C, 0x1E, - 0x75, 0xC3, 0x78, 0xD7, 0x04, 0x77, 0x62, 0x1A, - 0xF3, 0xA0, 0x8E, 0x52, 0x0A, 0x16, 0x05, 0xC4, - 0x89, 0x42, 0x2C, 0x97, 0xD0, 0xD9, 0x2E, 0x43, - 0x12, 0xBB, 0xEF, 0xB6, 0xC0, 0x18, 0x7A, 0x45, - 0xF9, 0x24, 0x6B, 0xF8, 0xEB, 0xA6, 0x2C, 0x04, - 0x7F, 0x8C, 0xB2, 0x42, 0x17, 0xB2, 0x01, 0x78, - 0xBB, 0x09, 0x5E, 0x59, 0x63, 0x6B, 0xCB, 0xA9, - 0x13, 0x73, 0x52, 0x65, 0xC7, 0xA0, 0x90, 0x06, - 0x12, 0xEF, 0x16, 0x41, 0xC9, 0xE1, 0x4D, 0x7D, - 0x89, 0x15, 0xE3, 0xC8, 0x83, 0xB7, 0x50, 0x68, - 0xA9, 0xB1, 0x3B, 0x0C, 0xF0, 0xA1, 0x32, 0x8A, - 0x3E, 0xC5, 0xD6, 0x00, 0x1E, 0xE9, 0x6D, 0x01, - 0x05, 0x6C, 0x25, 0x09, 0xC2, 0x16, 0x51, 0x4D, - 0xA5, 0x24, 0x61, 0xF7, 0xCA, 0x6A, 0xC4, 0x1A, - 0x2C, 0x0E, 0x35, 0x2B, 0x53, 0x63, 0x68, 0x99, - 0xD0, 0x65, 0xBD, 0xF2, 0xBF, 0x14, 0xF5, 0x35, - 0xFC, 0xE9, 0x42, 0x93, 0x9B, 0x6B, 0x4B, 0x97, - 0x72, 0x04, 0xD6, 0x29, 0xA6, 0x24, 0x1F, 0xFD, - 0x99, 0x94, 0x6A, 0x70, 0xBC, 0xA8, 0x91, 0x2B, - 0x1D, 0xFA, 0x61, 0x4A, 0xE9, 0x91, 0x3C, 0xB3, - 0x65, 0x63, 0x04, 0x7F, 0x9F, 0xA0, 0xA6, 0x48, - 0x7B, 0xA4, 0x10, 0x19, 0x5F, 0x56, 0x17, 0x58, - 0x84, 0x41, 0xC6, 0xA1, 0xA1, 0x50, 0x78, 0xBA, - 0x60, 0x93, 0x36, 0x79, 0x64, 0xD2, 0x5F, 0x19, - 0xD7, 0x15, 0x1A, 0xE0, 0x9F, 0xAF, 0xA6, 0xA4, - 0xCB, 0x63, 0x09, 0x40, 0xC5, 0x8F, 0x88, 0xEB, - 0x77, 0x8B, 0xFA, 0x44, 0xD7, 0x3B, 0x30, 0x63, - 0x74, 0x46, 0x8A, 0xBB, 0x8B, 0x56, 0x16, 0x0D, - 0x49, 0xA2, 0x4E, 0x6F, 0x43, 0x2B, 0xBF, 0xE8, - 0x8D, 0xE0, 0xC5, 0x6E, 0x9A, 0xE2, 0x13, 0x23, - 0xF1, 0x2D, 0xEE, 0xFC, 0xAF, 0x32, 0xF6, 0x8C, - 0x46, 0x21, 0x2F, 0xE3, 0x68, 0x3F, 0xB0, 0x48, - 0xB7, 0xE2, 0x4C, 0xB8, 0x17, 0xF8, 0x7E, 0xC4, - 0xA4, 0x2F, 0xE1, 0x1B, 0x21, 0xEA, 0x54, 0x4E, - 0xB7, 0xD4, 0x82, 0x89, 0xAA, 0xB4, 0xB3, 0x9C, - 0x57, 0x8F, 0xF3, 0x21, 0xFF, 0xEA, 0x57, 0xE9, - 0xD8, 0x81, 0x04, 0x9A, 0x1F, 0x92, 0xB7, 0x4A, - 0xFC, 0xB5, 0x5B, 0xA5, 0x29, 0x1F, 0xF5, 0x25, - 0x5D, 0x91, 0x11, 0xAA, 0x01, 0x08, 0x52, 0x5A, - 0xA3, 0x65, 0x33, 0xB4, 0xC2, 0xF0, 0x0C, 0x49, - 0x73, 0x07, 0x75, 0x67, 0x5C, 0x17, 0x8F, 0xE2, - 0x80, 0x83, 0x0B, 0xBC, 0x0A, 0xDA, 0x08, 0xC3, - 0xB3, 0x55, 0x19, 0x90, 0x78, 0x4F, 0xD5, 0x5A, - 0x12, 0x8B, 0x6A, 0x29, 0xF9, 0xB7, 0xA0, 0xF1, - 0x68, 0xD5, 0xC2, 0x9D, 0xEC, 0xC9, 0x63, 0x82, - 0x83, 0x9A, 0xCD, 0xEA, 0x32, 0xA8, 0xD4, 0x90, - 0x48, 0xFC, 0x47, 0x1D, 0x9B, 0x23, 0xB3, 0xAC, - 0xBE, 0x7D, 0x16, 0x94, 0x4A, 0xF6, 0x5A, 0x0B, - 0x76, 0x2D, 0xFF, 0xBA, 0x03, 0xA5, 0x25, 0xCB, - 0x69, 0x9B, 0x03, 0xB0, 0x7A, 0x2C, 0xFE, 0x55, - 0x22, 0x1E, 0x52, 0x68, 0x8A, 0xA2, 0xBF, 0xCB, - 0x8A, 0xA7, 0x3D, 0x75, 0x22, 0x28, 0x29, 0x88, - 0x8F, 0xA7, 0xC9, 0x97, 0x2A, 0xCD, 0x04, 0x01, - 0x60, 0xC1, 0x43, 0x25, 0x07, 0x78, 0x65, 0x00, - 0x08, 0x8A, 0x0A, 0xD5, 0x09, 0xC4, 0x45, 0xBB, - 0x5B, 0xF1, 0xCF, 0x40, 0x92, 0xAA, 0x74, 0xE1, - 0x50, 0x34, 0x30, 0x07, 0xE9, 0x00, 0x16, 0xA2, - 0xF4, 0xBD, 0x6A, 0xE8, 0x6A, 0x71, 0x76, 0x37, - 0xED, 0x5C, 0x7C, 0x9E, 0x1C, 0xCD, 0x4C, 0x78, - 0xAF, 0xA2, 0x74, 0xA5, 0x66, 0xB1, 0x7E, 0x5F, - 0xC4, 0x33, 0x26, 0x7C, 0x40, 0xBD, 0x16, 0x40, - 0x3C, 0x53, 0x2C, 0x2B, 0x9A, 0xBF, 0xA0, 0xC6, - 0x25, 0x1B, 0x8A, 0xAD, 0x27, 0xB8, 0x97, 0x3D, - 0x54, 0x87, 0x0B, 0x50, 0xB9, 0xDE, 0x37, 0xAE, - 0x5F, 0xA5, 0x6F, 0x79, 0xF9, 0x75, 0x77, 0xE6, - 0x35, 0xC7, 0x03, 0xBC, 0xBB, 0x02, 0x82, 0x67, - 0xB5, 0x44, 0x87, 0x96, 0xA0, 0xDC, 0xE0, 0x34, - 0xE2, 0xCB, 0xBB, 0x09, 0x27, 0x6F, 0x49, 0x50, - 0xBE, 0x02, 0x23, 0xCC, 0x97, 0xC0, 0x0A, 0x66, - 0xBB, 0x32, 0x1B, 0x11, 0x4D, 0x5F, 0xB1, 0xBB, - 0x5A, 0x6C, 0x97, 0x3C, 0xEC, 0x1B, 0x53, 0xDB, - 0x26, 0x30, 0x81, 0x44, 0x74, 0x76, 0x99, 0x3E, - 0x68, 0x18, 0xA6, 0xD6, 0xCE, 0x4D, 0x05, 0x61, - 0xFD, 0xBA, 0x94, 0x1B, 0xD9, 0xBE, 0x17, 0x41, - 0x6B, 0xEA, 0xBB, 0x51, 0x1C, 0x61, 0xCD, 0xA4, - 0x12, 0x3D, 0x45, 0xB0, 0x09, 0xEA, 0x6C, 0x09, - 0xAD, 0x78, 0x09, 0xD4, 0x52, 0xBE, 0x93, 0x42, - 0x9E, 0x05, 0x39, 0x41, 0xBB, 0xA9, 0xB0, 0x65, - 0x99, 0x61, 0xBB, 0x02, 0x16, 0x60, 0x08, 0x7C, - 0xCD, 0x6C, 0x6E, 0x0D, 0xEA, 0xA6, 0xBE, 0xE5, - 0x87, 0x19, 0x3C, 0x4E, 0x1C, 0x13, 0x20, 0x04, - 0x5C, 0xB5, 0x09, 0xC7, 0xC0, 0x58, 0x4C, 0x43, - 0xCD, 0x65, 0x0F, 0xD7, 0x82, 0x65, 0x20, 0x24, - 0x36, 0xC7, 0xC9, 0x31, 0x75, 0xFB, 0xCB, 0x3B, - 0x55, 0x69, 0x4A, 0xB9, 0xB8, 0xAE, 0x99, 0xC2, - 0x69, 0x2D, 0x3C, 0x8E, 0x8C, 0x73, 0x9F, 0xB3, - 0x78, 0x27, 0x74, 0x15, 0x61, 0xD5, 0xE7, 0x66, - 0x67, 0x51, 0x82, 0xFF, 0x83, 0xC9, 0x1C, 0xF0, - 0x33, 0x65, 0x88, 0x23, 0xD8, 0xFA, 0x91, 0xE1 - }; - const byte kyber512_sk[] = { - 0xD3, 0xBA, 0x7A, 0x3B, 0x91, 0x56, 0x15, 0x32, - 0x1E, 0xD4, 0xE4, 0x19, 0x6B, 0xC7, 0x34, 0xD0, - 0x75, 0xB7, 0x40, 0x56, 0xC9, 0x7C, 0x83, 0x00, - 0x78, 0xF0, 0x28, 0xDD, 0xB3, 0x4E, 0xEF, 0x76, - 0x9A, 0x22, 0x31, 0xC6, 0x60, 0x05, 0x9A, 0x56, - 0xA0, 0x9A, 0x64, 0x10, 0x8C, 0x7C, 0x0B, 0xC4, - 0x8B, 0x0A, 0x5E, 0xD3, 0x47, 0xA4, 0xA8, 0xBC, - 0x7D, 0xA1, 0x70, 0x74, 0xF4, 0xE3, 0x3E, 0x8A, - 0x13, 0x0B, 0x2F, 0x67, 0x64, 0x74, 0x63, 0x50, - 0x0B, 0x50, 0x1E, 0x8C, 0x41, 0x42, 0x8C, 0x87, - 0x85, 0x63, 0x19, 0x6C, 0x99, 0x40, 0x2B, 0x1F, - 0x4A, 0x17, 0x9E, 0x18, 0xC2, 0xF8, 0x8B, 0xA5, - 0x75, 0xD1, 0x5C, 0xF2, 0xF0, 0xA8, 0xDC, 0x3C, - 0x8A, 0x28, 0x2B, 0x3E, 0xF1, 0x18, 0x1F, 0xAA, - 0x28, 0x9B, 0x81, 0xF0, 0xA9, 0xBE, 0x47, 0xC3, - 0xFA, 0xFC, 0xCB, 0x18, 0xAC, 0x08, 0xF8, 0x6C, - 0xA2, 0xF3, 0xBB, 0x06, 0x99, 0xE5, 0x7E, 0xAD, - 0x61, 0x0E, 0x6A, 0xA7, 0x02, 0xD1, 0x09, 0xC4, - 0xF5, 0x04, 0x33, 0xA4, 0x74, 0x2B, 0x74, 0xDC, - 0x75, 0x27, 0x8B, 0x22, 0x46, 0xA8, 0xC1, 0xE4, - 0xC3, 0x73, 0xDC, 0x03, 0x85, 0x17, 0xB4, 0x8A, - 0x0B, 0xDC, 0xB3, 0xB3, 0xB1, 0x9F, 0x5F, 0xFA, - 0xBD, 0x65, 0x11, 0xAA, 0xD5, 0x4C, 0xCE, 0xB6, - 0x3C, 0xB9, 0x40, 0xCC, 0xB3, 0xF9, 0x40, 0x75, - 0xDF, 0x03, 0x19, 0x7D, 0x81, 0xAD, 0x2D, 0x8A, - 0x8D, 0x35, 0xBC, 0x01, 0x1C, 0xCA, 0xCF, 0xE5, - 0xB0, 0xA8, 0x21, 0xC1, 0xAD, 0x04, 0x6B, 0xC2, - 0x0B, 0xD4, 0x48, 0xAB, 0x98, 0xAE, 0x49, 0x46, - 0x7F, 0xA7, 0xA2, 0xCB, 0x2B, 0xF1, 0x30, 0x32, - 0xA1, 0x3E, 0x98, 0x65, 0x08, 0x10, 0x0A, 0x22, - 0x1D, 0x55, 0xAD, 0x97, 0x91, 0xAE, 0x47, 0x37, - 0x91, 0xCA, 0xA3, 0x18, 0x91, 0x5B, 0x58, 0x3F, - 0xD4, 0x73, 0x91, 0xC2, 0x31, 0xD9, 0x0B, 0xB7, - 0x29, 0xB2, 0x06, 0x2A, 0x0A, 0xC4, 0x30, 0x91, - 0xAF, 0x14, 0x05, 0x02, 0xB0, 0x62, 0x42, 0xFD, - 0x65, 0x04, 0xFB, 0x74, 0x9C, 0x20, 0x93, 0xCD, - 0x78, 0x00, 0x63, 0x4B, 0x48, 0xBA, 0xFC, 0xE0, - 0xB1, 0xDC, 0x22, 0x2A, 0x42, 0xB9, 0x70, 0xB7, - 0x34, 0x26, 0x02, 0x1B, 0xC0, 0x8F, 0xE7, 0x10, - 0x98, 0x6B, 0x3E, 0xD6, 0x47, 0x9C, 0x21, 0xEB, - 0xBB, 0x9D, 0x94, 0x6D, 0x13, 0x3A, 0x97, 0x55, - 0xB7, 0x33, 0xB0, 0xBA, 0x79, 0x5D, 0x34, 0xAA, - 0x2C, 0x43, 0x6E, 0xB3, 0x04, 0x87, 0xFE, 0x19, - 0x3C, 0xDE, 0x86, 0xC7, 0x54, 0x00, 0x14, 0x85, - 0x48, 0x4C, 0x4D, 0x28, 0x89, 0xD9, 0x67, 0x66, - 0x7E, 0xD1, 0x72, 0xAB, 0xE4, 0x52, 0x5C, 0x05, - 0xA7, 0xE9, 0x53, 0x8E, 0x1B, 0x0C, 0x38, 0xBE, - 0x40, 0x7D, 0x3F, 0x09, 0x72, 0xEA, 0x82, 0xB9, - 0xA7, 0xB1, 0x55, 0x0B, 0x2A, 0x20, 0x68, 0xFA, - 0x80, 0x56, 0x86, 0xB2, 0x7F, 0x50, 0xAD, 0xCC, - 0x47, 0x30, 0xCA, 0xF9, 0x04, 0x28, 0x74, 0x11, - 0xED, 0xB4, 0x82, 0x46, 0x36, 0x6C, 0x4B, 0x02, - 0xB7, 0x95, 0x96, 0x69, 0x81, 0x56, 0xA0, 0xE4, - 0x89, 0x65, 0x2D, 0xA5, 0xC2, 0x2B, 0x51, 0x24, - 0xD7, 0x90, 0x33, 0xD9, 0x84, 0x0D, 0x51, 0x93, - 0x39, 0xF2, 0xA9, 0x90, 0x72, 0x1C, 0x73, 0x1B, - 0x02, 0xC2, 0x36, 0xBC, 0x72, 0x8C, 0x22, 0x61, - 0xFF, 0x18, 0x18, 0xA3, 0x8A, 0x4D, 0x39, 0x54, - 0x61, 0xAE, 0x20, 0xC4, 0x2E, 0x12, 0xB0, 0x1C, - 0xBC, 0x85, 0xFE, 0xC8, 0x9E, 0x9F, 0x75, 0x9D, - 0x20, 0xE3, 0x87, 0x4F, 0x37, 0x16, 0x0E, 0x19, - 0x5C, 0x4C, 0x61, 0x47, 0x54, 0xC5, 0x93, 0x03, - 0xD0, 0x9B, 0x27, 0x76, 0xAE, 0xF6, 0x8C, 0x5B, - 0xF6, 0x1C, 0x4B, 0x50, 0x47, 0x42, 0x41, 0x3A, - 0xC3, 0xD7, 0xC4, 0x95, 0x7C, 0x47, 0x0B, 0xC2, - 0x9A, 0x72, 0x2C, 0xC3, 0x7F, 0xB2, 0xB2, 0x30, - 0x45, 0x7A, 0x3A, 0x98, 0x8A, 0xBE, 0x48, 0x96, - 0x71, 0x70, 0x54, 0x4F, 0xD2, 0x57, 0xBB, 0x89, - 0xEC, 0xC3, 0x13, 0xF1, 0xBD, 0x33, 0x10, 0xCA, - 0x37, 0xB0, 0x2D, 0x6E, 0x97, 0x07, 0xCA, 0x91, - 0xB6, 0x25, 0x97, 0x7B, 0xED, 0xB3, 0x1B, 0xA8, - 0x27, 0x48, 0xEE, 0x31, 0xAF, 0x2B, 0xC7, 0x62, - 0x92, 0xA7, 0x2B, 0xCF, 0xA0, 0x46, 0xE9, 0x31, - 0x48, 0xBE, 0x8C, 0x83, 0xB2, 0x58, 0x50, 0x7D, - 0x96, 0x6F, 0x14, 0xD2, 0x02, 0x81, 0xA3, 0x33, - 0x3E, 0x69, 0xAB, 0x78, 0x60, 0x0D, 0x3F, 0x3B, - 0x6B, 0xAF, 0x7A, 0xC9, 0xAC, 0xEA, 0xB5, 0x5B, - 0xB2, 0x0C, 0xE7, 0x5C, 0x13, 0x47, 0x4A, 0x67, - 0x8E, 0x7C, 0x60, 0xC0, 0x81, 0x87, 0x1E, 0xF3, - 0x3C, 0xA9, 0xEC, 0x6C, 0xD6, 0xA3, 0x64, 0x3B, - 0x6A, 0x41, 0x60, 0xF8, 0x3A, 0x27, 0x8C, 0x21, - 0x0C, 0xA2, 0xBC, 0xB9, 0xE0, 0x12, 0x27, 0x01, - 0xC9, 0xAD, 0xF0, 0x45, 0x8E, 0xF4, 0x71, 0x9F, - 0xB5, 0xB4, 0x01, 0xB3, 0xB5, 0x16, 0xE1, 0xAD, - 0x25, 0xD7, 0xA4, 0x84, 0xA6, 0x3E, 0xE4, 0x1A, - 0x81, 0x44, 0xE1, 0xAA, 0x38, 0x8A, 0xC8, 0xAE, - 0x69, 0x00, 0xCE, 0x87, 0x9E, 0x9F, 0xD7, 0x4F, - 0x47, 0xC7, 0x30, 0x78, 0xCC, 0x6E, 0x85, 0xC7, - 0x64, 0x15, 0x0C, 0x00, 0x3A, 0x58, 0x70, 0x56, - 0x97, 0x33, 0xDA, 0x66, 0x8B, 0xDA, 0x15, 0xC5, - 0xA2, 0x69, 0x9D, 0x38, 0x25, 0x82, 0x6B, 0x36, - 0x98, 0x5A, 0x51, 0x08, 0x51, 0x0B, 0x6F, 0xC3, - 0x65, 0x4B, 0x17, 0x51, 0x02, 0xA4, 0xD9, 0x06, - 0x14, 0x47, 0xA7, 0x8B, 0xA9, 0x39, 0x40, 0x8B, - 0x9A, 0x94, 0x57, 0x61, 0xEC, 0x0C, 0x24, 0x6F, - 0x8A, 0x64, 0x18, 0xF6, 0x2F, 0x1E, 0xA3, 0x00, - 0x68, 0xD6, 0x83, 0xF6, 0x01, 0x8F, 0xCB, 0x38, - 0x71, 0xC0, 0x64, 0x0A, 0xD1, 0x7B, 0x7E, 0x80, - 0x02, 0x93, 0xC9, 0xF6, 0x36, 0xC1, 0xE2, 0x09, - 0x10, 0x34, 0x25, 0xAD, 0x72, 0x26, 0xDD, 0x13, - 0x90, 0x41, 0xFA, 0x84, 0x9F, 0x8C, 0x2F, 0xED, - 0x18, 0xAB, 0xEF, 0xF5, 0x2A, 0xE0, 0xB6, 0x06, - 0x86, 0x13, 0xBA, 0x05, 0x73, 0x09, 0x3D, 0xE8, - 0xAC, 0xC8, 0x56, 0x19, 0x80, 0x62, 0xCD, 0x38, - 0xDC, 0x0F, 0x80, 0x05, 0x6B, 0x8D, 0x1C, 0x42, - 0xDF, 0xA3, 0x2C, 0x4C, 0xA4, 0x0E, 0x8C, 0x57, - 0x03, 0xF3, 0x13, 0xBA, 0x5F, 0xD0, 0x5C, 0x1E, - 0x75, 0xC3, 0x78, 0xD7, 0x04, 0x77, 0x62, 0x1A, - 0xF3, 0xA0, 0x8E, 0x52, 0x0A, 0x16, 0x05, 0xC4, - 0x89, 0x42, 0x2C, 0x97, 0xD0, 0xD9, 0x2E, 0x43, - 0x12, 0xBB, 0xEF, 0xB6, 0xC0, 0x18, 0x7A, 0x45, - 0xF9, 0x24, 0x6B, 0xF8, 0xEB, 0xA6, 0x2C, 0x04, - 0x7F, 0x8C, 0xB2, 0x42, 0x17, 0xB2, 0x01, 0x78, - 0xBB, 0x09, 0x5E, 0x59, 0x63, 0x6B, 0xCB, 0xA9, - 0x13, 0x73, 0x52, 0x65, 0xC7, 0xA0, 0x90, 0x06, - 0x12, 0xEF, 0x16, 0x41, 0xC9, 0xE1, 0x4D, 0x7D, - 0x89, 0x15, 0xE3, 0xC8, 0x83, 0xB7, 0x50, 0x68, - 0xA9, 0xB1, 0x3B, 0x0C, 0xF0, 0xA1, 0x32, 0x8A, - 0x3E, 0xC5, 0xD6, 0x00, 0x1E, 0xE9, 0x6D, 0x01, - 0x05, 0x6C, 0x25, 0x09, 0xC2, 0x16, 0x51, 0x4D, - 0xA5, 0x24, 0x61, 0xF7, 0xCA, 0x6A, 0xC4, 0x1A, - 0x2C, 0x0E, 0x35, 0x2B, 0x53, 0x63, 0x68, 0x99, - 0xD0, 0x65, 0xBD, 0xF2, 0xBF, 0x14, 0xF5, 0x35, - 0xFC, 0xE9, 0x42, 0x93, 0x9B, 0x6B, 0x4B, 0x97, - 0x72, 0x04, 0xD6, 0x29, 0xA6, 0x24, 0x1F, 0xFD, - 0x99, 0x94, 0x6A, 0x70, 0xBC, 0xA8, 0x91, 0x2B, - 0x1D, 0xFA, 0x61, 0x4A, 0xE9, 0x91, 0x3C, 0xB3, - 0x65, 0x63, 0x04, 0x7F, 0x9F, 0xA0, 0xA6, 0x48, - 0x7B, 0xA4, 0x10, 0x19, 0x5F, 0x56, 0x17, 0x58, - 0x84, 0x41, 0xC6, 0xA1, 0xA1, 0x50, 0x78, 0xBA, - 0x60, 0x93, 0x36, 0x79, 0x64, 0xD2, 0x5F, 0x19, - 0xD7, 0x15, 0x1A, 0xE0, 0x9F, 0xAF, 0xA6, 0xA4, - 0xCB, 0x63, 0x09, 0x40, 0xC5, 0x8F, 0x88, 0xEB, - 0x77, 0x8B, 0xFA, 0x44, 0xD7, 0x3B, 0x30, 0x63, - 0x74, 0x46, 0x8A, 0xBB, 0x8B, 0x56, 0x16, 0x0D, - 0x49, 0xA2, 0x4E, 0x6F, 0x43, 0x2B, 0xBF, 0xE8, - 0x8D, 0xE0, 0xC5, 0x6E, 0x9A, 0xE2, 0x13, 0x23, - 0xF1, 0x2D, 0xEE, 0xFC, 0xAF, 0x32, 0xF6, 0x8C, - 0x46, 0x21, 0x2F, 0xE3, 0x68, 0x3F, 0xB0, 0x48, - 0xB7, 0xE2, 0x4C, 0xB8, 0x17, 0xF8, 0x7E, 0xC4, - 0xA4, 0x2F, 0xE1, 0x1B, 0x21, 0xEA, 0x54, 0x4E, - 0xB7, 0xD4, 0x82, 0x89, 0xAA, 0xB4, 0xB3, 0x9C, - 0x57, 0x8F, 0xF3, 0x21, 0xFF, 0xEA, 0x57, 0xE9, - 0xD8, 0x81, 0x04, 0x9A, 0x1F, 0x92, 0xB7, 0x4A, - 0xFC, 0xB5, 0x5B, 0xA5, 0x29, 0x1F, 0xF5, 0x25, - 0x5D, 0x91, 0x11, 0xAA, 0x01, 0x08, 0x52, 0x5A, - 0xA3, 0x65, 0x33, 0xB4, 0xC2, 0xF0, 0x0C, 0x49, - 0x73, 0x07, 0x75, 0x67, 0x5C, 0x17, 0x8F, 0xE2, - 0x80, 0x83, 0x0B, 0xBC, 0x0A, 0xDA, 0x08, 0xC3, - 0xB3, 0x55, 0x19, 0x90, 0x78, 0x4F, 0xD5, 0x5A, - 0x12, 0x8B, 0x6A, 0x29, 0xF9, 0xB7, 0xA0, 0xF1, - 0x68, 0xD5, 0xC2, 0x9D, 0xEC, 0xC9, 0x63, 0x82, - 0x83, 0x9A, 0xCD, 0xEA, 0x32, 0xA8, 0xD4, 0x90, - 0x48, 0xFC, 0x47, 0x1D, 0x9B, 0x23, 0xB3, 0xAC, - 0xBE, 0x7D, 0x16, 0x94, 0x4A, 0xF6, 0x5A, 0x0B, - 0x76, 0x2D, 0xFF, 0xBA, 0x03, 0xA5, 0x25, 0xCB, - 0x69, 0x9B, 0x03, 0xB0, 0x7A, 0x2C, 0xFE, 0x55, - 0x22, 0x1E, 0x52, 0x68, 0x8A, 0xA2, 0xBF, 0xCB, - 0x8A, 0xA7, 0x3D, 0x75, 0x22, 0x28, 0x29, 0x88, - 0x8F, 0xA7, 0xC9, 0x97, 0x2A, 0xCD, 0x04, 0x01, - 0x60, 0xC1, 0x43, 0x25, 0x07, 0x78, 0x65, 0x00, - 0x08, 0x8A, 0x0A, 0xD5, 0x09, 0xC4, 0x45, 0xBB, - 0x5B, 0xF1, 0xCF, 0x40, 0x92, 0xAA, 0x74, 0xE1, - 0x50, 0x34, 0x30, 0x07, 0xE9, 0x00, 0x16, 0xA2, - 0xF4, 0xBD, 0x6A, 0xE8, 0x6A, 0x71, 0x76, 0x37, - 0xED, 0x5C, 0x7C, 0x9E, 0x1C, 0xCD, 0x4C, 0x78, - 0xAF, 0xA2, 0x74, 0xA5, 0x66, 0xB1, 0x7E, 0x5F, - 0xC4, 0x33, 0x26, 0x7C, 0x40, 0xBD, 0x16, 0x40, - 0x3C, 0x53, 0x2C, 0x2B, 0x9A, 0xBF, 0xA0, 0xC6, - 0x25, 0x1B, 0x8A, 0xAD, 0x27, 0xB8, 0x97, 0x3D, - 0x54, 0x87, 0x0B, 0x50, 0xB9, 0xDE, 0x37, 0xAE, - 0x5F, 0xA5, 0x6F, 0x79, 0xF9, 0x75, 0x77, 0xE6, - 0x35, 0xC7, 0x03, 0xBC, 0xBB, 0x02, 0x82, 0x67, - 0xB5, 0x44, 0x87, 0x96, 0xA0, 0xDC, 0xE0, 0x34, - 0xE2, 0xCB, 0xBB, 0x09, 0x27, 0x6F, 0x49, 0x50, - 0xBE, 0x02, 0x23, 0xCC, 0x97, 0xC0, 0x0A, 0x66, - 0xBB, 0x32, 0x1B, 0x11, 0x4D, 0x5F, 0xB1, 0xBB, - 0x5A, 0x6C, 0x97, 0x3C, 0xEC, 0x1B, 0x53, 0xDB, - 0x26, 0x30, 0x81, 0x44, 0x74, 0x76, 0x99, 0x3E, - 0x68, 0x18, 0xA6, 0xD6, 0xCE, 0x4D, 0x05, 0x61, - 0xFD, 0xBA, 0x94, 0x1B, 0xD9, 0xBE, 0x17, 0x41, - 0x6B, 0xEA, 0xBB, 0x51, 0x1C, 0x61, 0xCD, 0xA4, - 0x12, 0x3D, 0x45, 0xB0, 0x09, 0xEA, 0x6C, 0x09, - 0xAD, 0x78, 0x09, 0xD4, 0x52, 0xBE, 0x93, 0x42, - 0x9E, 0x05, 0x39, 0x41, 0xBB, 0xA9, 0xB0, 0x65, - 0x99, 0x61, 0xBB, 0x02, 0x16, 0x60, 0x08, 0x7C, - 0xCD, 0x6C, 0x6E, 0x0D, 0xEA, 0xA6, 0xBE, 0xE5, - 0x87, 0x19, 0x3C, 0x4E, 0x1C, 0x13, 0x20, 0x04, - 0x5C, 0xB5, 0x09, 0xC7, 0xC0, 0x58, 0x4C, 0x43, - 0xCD, 0x65, 0x0F, 0xD7, 0x82, 0x65, 0x20, 0x24, - 0x36, 0xC7, 0xC9, 0x31, 0x75, 0xFB, 0xCB, 0x3B, - 0x55, 0x69, 0x4A, 0xB9, 0xB8, 0xAE, 0x99, 0xC2, - 0x69, 0x2D, 0x3C, 0x8E, 0x8C, 0x73, 0x9F, 0xB3, - 0x78, 0x27, 0x74, 0x15, 0x61, 0xD5, 0xE7, 0x66, - 0x67, 0x51, 0x82, 0xFF, 0x83, 0xC9, 0x1C, 0xF0, - 0x33, 0x65, 0x88, 0x23, 0xD8, 0xFA, 0x91, 0xE1, - 0xC1, 0xC0, 0x8E, 0xFF, 0x2A, 0xB6, 0xE2, 0xAF, - 0x9F, 0x29, 0xA6, 0x32, 0xC5, 0x93, 0x32, 0xE9, - 0xA6, 0x1B, 0x63, 0x14, 0x6E, 0x8A, 0xC3, 0x5E, - 0xF3, 0xD3, 0xC4, 0x5A, 0x10, 0x10, 0xAC, 0xE2, - 0x86, 0x26, 0xED, 0x79, 0xD4, 0x51, 0x14, 0x08, - 0x00, 0xE0, 0x3B, 0x59, 0xB9, 0x56, 0xF8, 0x21, - 0x0E, 0x55, 0x60, 0x67, 0x40, 0x7D, 0x13, 0xDC, - 0x90, 0xFA, 0x9E, 0x8B, 0x87, 0x2B, 0xFB, 0x8F - }; - const byte kyber512_ct[] = { - 0x58, 0x56, 0xAE, 0x75, 0x76, 0x21, 0xFD, 0x94, - 0x9B, 0xA5, 0x49, 0xD2, 0x49, 0x70, 0x52, 0x5F, - 0x17, 0x95, 0x60, 0xE3, 0x24, 0xF7, 0x1B, 0x3C, - 0x1F, 0xDC, 0xFC, 0xAF, 0x92, 0xFD, 0x7F, 0xED, - 0x6B, 0x35, 0x1F, 0x0D, 0xA4, 0x1C, 0x98, 0x51, - 0x24, 0x9F, 0x6E, 0x63, 0xB7, 0xBC, 0xE3, 0x4F, - 0xD4, 0x9C, 0x97, 0x70, 0x58, 0x8B, 0x94, 0x2D, - 0x1B, 0x51, 0x69, 0x57, 0xDB, 0x3A, 0xE9, 0x7C, - 0x5F, 0x94, 0x51, 0x8D, 0x40, 0xF5, 0x4B, 0x5B, - 0x78, 0xE1, 0xF3, 0x8F, 0x8D, 0x61, 0x27, 0xA5, - 0xD0, 0xD5, 0xD4, 0x24, 0x29, 0xEA, 0x79, 0x62, - 0x13, 0xC0, 0x77, 0x2D, 0x5C, 0x9B, 0x99, 0x2C, - 0xEC, 0x72, 0x1B, 0x52, 0x17, 0xB6, 0x91, 0x7F, - 0xF8, 0xC0, 0xCC, 0xBB, 0xCC, 0xFE, 0x13, 0x4B, - 0xD8, 0x9A, 0x99, 0x48, 0x0B, 0x95, 0x66, 0xE4, - 0x69, 0x60, 0xBD, 0x21, 0x8C, 0xAC, 0x2D, 0xDD, - 0x58, 0x00, 0xB0, 0x83, 0x01, 0x9F, 0x09, 0x42, - 0x0E, 0x8B, 0xA2, 0x8E, 0x1E, 0x4D, 0xCC, 0x51, - 0xD4, 0xF5, 0xF9, 0x57, 0xD4, 0x57, 0x5B, 0xC3, - 0x2C, 0xF3, 0xDD, 0x08, 0x15, 0xD7, 0xE1, 0xEC, - 0xDA, 0x47, 0x44, 0x3B, 0x34, 0xCD, 0x88, 0x68, - 0xE7, 0x39, 0xD1, 0x57, 0x90, 0x29, 0x37, 0x12, - 0xBF, 0xF0, 0x89, 0x19, 0x8D, 0xFF, 0xA8, 0x42, - 0xD9, 0x5C, 0x03, 0x68, 0x49, 0x6C, 0x3E, 0x7D, - 0xFA, 0x06, 0xC8, 0x99, 0x9B, 0x9A, 0xEA, 0x3B, - 0x09, 0xC6, 0xD3, 0x62, 0x80, 0xF7, 0x6D, 0xD9, - 0xC8, 0xC1, 0x58, 0x53, 0xB4, 0x5E, 0xBC, 0xCA, - 0x5E, 0xC8, 0xF9, 0xB1, 0xF5, 0x7C, 0xFA, 0x6A, - 0x60, 0x19, 0xA0, 0x52, 0xCD, 0x9D, 0xD9, 0x5F, - 0x6F, 0x25, 0x97, 0x3D, 0xFA, 0xB9, 0x79, 0x7B, - 0x3F, 0xDB, 0xDC, 0x2C, 0xEF, 0xCE, 0x8B, 0x0B, - 0x35, 0x33, 0xA3, 0xA8, 0x54, 0x96, 0xA4, 0x11, - 0x09, 0xF6, 0x14, 0xB0, 0x53, 0xB0, 0x8E, 0x48, - 0xFE, 0xA9, 0x2F, 0xA5, 0x61, 0x07, 0xB5, 0x24, - 0xDD, 0x28, 0x77, 0x93, 0xA0, 0x24, 0x50, 0x03, - 0xEA, 0x35, 0xA0, 0x4E, 0x03, 0xEA, 0x59, 0x3D, - 0xAA, 0xFE, 0x31, 0x24, 0xB1, 0x7D, 0x0F, 0x2D, - 0xC3, 0xBE, 0xAE, 0xD3, 0x48, 0xD8, 0x96, 0xD1, - 0x65, 0xE5, 0x24, 0x08, 0x67, 0xA2, 0xCB, 0x72, - 0x3A, 0xA3, 0x88, 0x62, 0xC0, 0x47, 0x45, 0x75, - 0x40, 0xB4, 0xA4, 0xC0, 0x06, 0xF8, 0x22, 0xBE, - 0xEF, 0xB6, 0xF2, 0x75, 0xF5, 0x82, 0x8D, 0x3B, - 0x79, 0xC5, 0x3F, 0x87, 0x5E, 0x3C, 0x5B, 0xD4, - 0xA7, 0x66, 0x5C, 0xD1, 0x0C, 0xFA, 0x25, 0x1B, - 0x79, 0xE7, 0x6D, 0x26, 0xC5, 0xDB, 0x24, 0x25, - 0x72, 0xE5, 0xD8, 0x11, 0xC4, 0x60, 0x04, 0xB0, - 0xCC, 0xAB, 0x1C, 0xE5, 0x00, 0x2C, 0xA1, 0xDE, - 0x61, 0x4F, 0x31, 0x0B, 0x30, 0x9D, 0xFA, 0x75, - 0x63, 0xD0, 0x66, 0x23, 0x03, 0x6C, 0x7C, 0x26, - 0x17, 0x96, 0x40, 0x26, 0x45, 0x03, 0x60, 0xEF, - 0x52, 0x5B, 0x1B, 0xE7, 0xD8, 0x16, 0xEA, 0x1D, - 0xDF, 0xA1, 0x07, 0x15, 0xA1, 0x14, 0x86, 0x9E, - 0x62, 0x70, 0xC0, 0x3C, 0xDC, 0x58, 0x52, 0xD7, - 0x20, 0x46, 0x81, 0xB0, 0xF4, 0xD1, 0xB2, 0xA3, - 0x88, 0xAC, 0x06, 0x1B, 0x99, 0xAE, 0x0C, 0x01, - 0x1A, 0xFF, 0x0D, 0x3D, 0x89, 0x6B, 0xFF, 0xE6, - 0x27, 0x2D, 0xCF, 0x30, 0x9B, 0xB4, 0xF8, 0x6E, - 0xF4, 0xB5, 0x8B, 0xA8, 0xF4, 0xA1, 0x41, 0x15, - 0x38, 0x83, 0x4B, 0xAE, 0x55, 0x22, 0xBB, 0x51, - 0x3B, 0xF3, 0x56, 0xA5, 0x20, 0x3F, 0xE8, 0xAA, - 0x57, 0x5A, 0xCC, 0xD0, 0x94, 0xC9, 0x55, 0x2C, - 0xC7, 0xB6, 0x40, 0x75, 0x2C, 0xDE, 0x80, 0xD1, - 0x5F, 0x7F, 0x6B, 0xE0, 0x88, 0xA1, 0x2C, 0x5C, - 0x58, 0x47, 0xDD, 0x56, 0xCA, 0x66, 0x26, 0x7C, - 0x08, 0xDC, 0xD5, 0x16, 0x70, 0x6F, 0x3A, 0xE9, - 0x0F, 0x17, 0xA7, 0x42, 0x6A, 0x1B, 0x24, 0x44, - 0x05, 0x6E, 0x89, 0x5B, 0x77, 0x6C, 0x1E, 0x7A, - 0xE1, 0x65, 0xE4, 0xE9, 0x5D, 0x62, 0x0B, 0x20, - 0x54, 0xE5, 0x00, 0x5C, 0x62, 0x2C, 0x97, 0x03, - 0x4F, 0x96, 0x39, 0x14, 0x28, 0x0A, 0x0A, 0x06, - 0x2C, 0x2A, 0x63, 0x0E, 0x65, 0xCF, 0x64, 0xF2, - 0xD7, 0x0C, 0xD6, 0x0F, 0xE1, 0x57, 0xE3, 0x20, - 0xB7, 0xE2, 0xD6, 0x33, 0x2C, 0xDB, 0x73, 0x5E, - 0xA9, 0x8B, 0xEB, 0x1E, 0x2E, 0x01, 0x5C, 0x0A, - 0x2B, 0x33, 0xD7, 0x0F, 0xE7, 0x68, 0xF1, 0x77, - 0xE6, 0x23, 0x91, 0x04, 0x88, 0xE8, 0xBB, 0x2F, - 0x83, 0x83, 0xE3, 0xE4, 0xA6, 0xE0, 0xFC, 0xA1, - 0x11, 0xF0, 0xA0, 0x2E, 0x57, 0x3B, 0xFB, 0x38, - 0xBC, 0x34, 0x73, 0x47, 0x08, 0x11, 0x62, 0x08, - 0xCA, 0x3E, 0x82, 0xEF, 0xE5, 0xC2, 0x15, 0x44, - 0x3D, 0x3F, 0xE9, 0x46, 0x3B, 0x61, 0x4D, 0xA1, - 0x7A, 0x09, 0x29, 0x37, 0xFB, 0x9C, 0xCB, 0xCE, - 0xE9, 0xC8, 0x84, 0x01, 0xCD, 0xC3, 0x55, 0x7E, - 0xF5, 0xBF, 0xFE, 0x89, 0x45, 0x2C, 0x42, 0x1A, - 0x6E, 0x8C, 0xB0, 0x0D, 0xA5, 0x00, 0xDB, 0x90, - 0x94, 0xA9, 0x92, 0xD5, 0x76, 0xAA, 0xCB, 0x2D, - 0x17, 0xB5, 0xF5, 0xEA, 0x5B, 0xC4, 0x58, 0x8E, - 0x2B, 0x2E, 0x08, 0x76, 0x9D, 0x62, 0x6C, 0x00, - 0x98, 0x0D, 0x51, 0x63, 0x9A, 0x43, 0xA0, 0xD0, - 0xEA, 0x5C, 0xCC, 0x26, 0x9E, 0x86, 0x8C, 0x1E, - 0xB1, 0xEE, 0xC8, 0x08, 0xCE, 0x64, 0x20, 0x8C, - 0x6B, 0xA0, 0x73, 0x5A, 0x0B, 0x42, 0x06, 0xB1, - 0x08, 0x28, 0xCE, 0x9B, 0x5E, 0x51, 0xCD, 0x5F, - 0x0E, 0xA5, 0x77, 0x7D, 0x0B, 0x7A, 0xCF, 0x14, - 0x42, 0xC9, 0xAA, 0xCC, 0x3E, 0x80, 0x87, 0x8C, - 0x4D, 0x7D, 0x3B, 0x6F, 0xDC, 0x56, 0xEF, 0x17 - }; - const byte kyber512_ss[] = { - 0x0C, 0x92, 0x39, 0xC7, 0x70, 0x5D, 0x63, 0x91, - 0x51, 0xAD, 0x1B, 0xCA, 0xDF, 0x58, 0xBD, 0x99, - 0x91, 0x0B, 0x7A, 0x12, 0x44, 0x99, 0x17, 0x21, - 0x13, 0x22, 0x8B, 0x4C, 0x75, 0xF8, 0x22, 0xE1 - }; -#endif ret = wc_KyberKey_Init(KYBER512, &key, HEAP_HINT, INVALID_DEVID); if (ret != 0) @@ -31132,7 +30717,7 @@ static int kyber768_kat(void) 0xc8, 0x0e, 0xfe, 0x79, 0xa3, 0xa9, 0xa8, 0x74, 0xcc, 0x09, 0xfe, 0x76, 0xf6, 0x99, 0x76, 0x15 }; -#ifndef WOLFSSL_KYBER_90S + const byte kyber768_pk[] = { 0xA7, 0x2C, 0x2D, 0x9C, 0x84, 0x3E, 0xE9, 0xF8, 0x31, 0x3E, 0xCC, 0x7F, 0x86, 0xD6, 0x29, 0x4D, @@ -31729,604 +31314,6 @@ static int kyber768_kat(void) 0xDE, 0xDF, 0x77, 0x50, 0xA9, 0x80, 0x58, 0xF7, 0xD5, 0x36, 0x70, 0x87, 0x74, 0x53, 0x5B, 0x29 }; -#else - const byte kyber768_pk[] = { - 0x86, 0x1A, 0xCF, 0x24, 0x57, 0x9D, 0x8E, 0xE8, - 0x94, 0x63, 0xB4, 0x78, 0xE2, 0xE9, 0x53, 0xC7, - 0xD5, 0xCD, 0xA4, 0xD3, 0x07, 0xD1, 0x68, 0xCF, - 0xC6, 0x79, 0xB1, 0xA3, 0x79, 0x1F, 0x05, 0x83, - 0x82, 0x86, 0x0B, 0x1C, 0x77, 0x52, 0x87, 0x89, - 0xC6, 0x96, 0x4B, 0xCC, 0x40, 0x8A, 0x21, 0xCA, - 0x4E, 0x42, 0x8F, 0xE7, 0x33, 0x9F, 0x7C, 0x08, - 0x76, 0xA8, 0x58, 0xAB, 0xA9, 0x44, 0xB7, 0x3F, - 0x9C, 0xC9, 0xB8, 0xAC, 0xC4, 0xB7, 0x9A, 0x9F, - 0x72, 0xF7, 0xA0, 0x47, 0x72, 0x57, 0xB9, 0xF3, - 0x26, 0xE4, 0x4C, 0x2C, 0x5F, 0x8B, 0x8A, 0x17, - 0x58, 0x81, 0x42, 0xB0, 0x91, 0xA3, 0x12, 0x31, - 0xD0, 0x98, 0xB0, 0x57, 0x30, 0x45, 0x62, 0x90, - 0x6E, 0x96, 0x05, 0x47, 0x3D, 0x28, 0xB7, 0xB4, - 0x33, 0x2A, 0xB4, 0x49, 0x82, 0x48, 0x7B, 0x04, - 0x9E, 0x41, 0x93, 0x74, 0xA4, 0x8E, 0xAC, 0x6A, - 0xB8, 0xCB, 0x42, 0x6D, 0x13, 0xA4, 0x86, 0x28, - 0x28, 0x43, 0x02, 0xFB, 0x72, 0x71, 0xD1, 0x54, - 0xCA, 0x09, 0x06, 0xD8, 0xE2, 0x0F, 0x1D, 0x97, - 0xBE, 0x9C, 0x82, 0x2E, 0x78, 0x83, 0x79, 0x32, - 0xEB, 0x28, 0xEE, 0xB0, 0x83, 0x71, 0xBB, 0xC6, - 0x3A, 0x7A, 0x96, 0x6C, 0xAC, 0x7A, 0x05, 0xB5, - 0x50, 0x3C, 0x55, 0x1A, 0xEF, 0x80, 0x15, 0x14, - 0xE1, 0x6A, 0xF6, 0x81, 0x02, 0x64, 0x6C, 0x66, - 0x9D, 0xD8, 0xA7, 0xE8, 0xA4, 0x11, 0x39, 0x54, - 0x62, 0xC7, 0xD4, 0x83, 0x8B, 0x91, 0x96, 0x96, - 0x54, 0x16, 0x59, 0x2B, 0xCF, 0xAC, 0x97, 0x87, - 0x0C, 0x23, 0x58, 0xA8, 0x59, 0x5B, 0x2F, 0x43, - 0x55, 0xF0, 0xFA, 0x10, 0x43, 0xA1, 0x1F, 0x62, - 0x86, 0x2F, 0xD5, 0xD9, 0x7A, 0x9D, 0xE2, 0x1B, - 0xD3, 0x39, 0x85, 0x5E, 0x17, 0x8C, 0x97, 0xD3, - 0x77, 0xD1, 0xD1, 0x46, 0xEC, 0x6A, 0x96, 0xE4, - 0xFB, 0xB7, 0x15, 0xC4, 0xC0, 0x22, 0x84, 0x55, - 0xBB, 0x64, 0xA3, 0x88, 0xDC, 0xC4, 0xD3, 0x91, - 0x3A, 0x76, 0x09, 0x57, 0xD1, 0xA6, 0x9F, 0xEA, - 0xAA, 0x08, 0x92, 0x29, 0xB8, 0xCA, 0xD0, 0xBC, - 0xC9, 0x38, 0xC7, 0x80, 0x69, 0x8A, 0x5C, 0xE1, - 0x9B, 0xC5, 0x21, 0x44, 0xDB, 0x46, 0x3B, 0x6D, - 0x55, 0x4F, 0xC4, 0xEC, 0x5E, 0x18, 0x64, 0xC4, - 0xC6, 0x88, 0x75, 0x97, 0x50, 0x0F, 0x40, 0x94, - 0x18, 0xB3, 0xA3, 0x3F, 0x2C, 0x88, 0xB2, 0x6E, - 0xD9, 0x83, 0x1D, 0xB4, 0x65, 0x08, 0xE8, 0x9F, - 0x8C, 0x33, 0x5B, 0xE1, 0x94, 0x56, 0x12, 0x05, - 0x22, 0xA8, 0xB4, 0x43, 0xFE, 0xF2, 0x1A, 0x7B, - 0xC3, 0x05, 0x9A, 0xFB, 0x4A, 0xAA, 0xD5, 0x0E, - 0x6C, 0x72, 0x8B, 0xEA, 0x8A, 0xC5, 0xDC, 0x7C, - 0x6D, 0x06, 0x94, 0x76, 0x03, 0x51, 0x0A, 0x84, - 0x90, 0xAF, 0xCE, 0x30, 0x4D, 0x57, 0xA7, 0x25, - 0xC4, 0x3B, 0x5A, 0xA3, 0x71, 0x3B, 0xA0, 0x44, - 0x98, 0x75, 0xE5, 0x67, 0x55, 0x13, 0x22, 0x60, - 0x54, 0x63, 0x6C, 0xF8, 0x9E, 0x59, 0x5A, 0xC5, - 0xAE, 0xE5, 0x66, 0x78, 0x4B, 0x80, 0xFA, 0x39, - 0x64, 0x0B, 0x74, 0x0F, 0x47, 0x12, 0x22, 0x60, - 0x25, 0x11, 0x00, 0xFA, 0x8E, 0xE0, 0xF1, 0x65, - 0x27, 0x11, 0x40, 0x0C, 0x68, 0x16, 0x38, 0x3C, - 0xC5, 0xE6, 0xDA, 0xB7, 0x9C, 0xDC, 0x3E, 0x41, - 0x98, 0x37, 0x48, 0x15, 0xB2, 0xBB, 0xA2, 0x0E, - 0xFC, 0x14, 0x25, 0xCE, 0xD1, 0x9B, 0x60, 0x19, - 0x77, 0x08, 0x08, 0x00, 0xCF, 0x54, 0x9C, 0xC4, - 0x80, 0x7D, 0xE6, 0xCA, 0x84, 0xE5, 0xD3, 0xC2, - 0xCF, 0x8B, 0x11, 0xEB, 0x68, 0x56, 0xE7, 0x1C, - 0x6B, 0xA5, 0xD2, 0x96, 0x45, 0x46, 0xAA, 0x0C, - 0x82, 0x53, 0x10, 0xF7, 0x79, 0xED, 0x69, 0x53, - 0xD9, 0x22, 0x5E, 0x11, 0xF0, 0x57, 0x93, 0x48, - 0x4C, 0x6B, 0x47, 0xB6, 0xE3, 0xD0, 0x4A, 0x4B, - 0x27, 0xB7, 0x86, 0x71, 0x46, 0xF6, 0xA0, 0x64, - 0xB9, 0x8B, 0x8B, 0xDD, 0x2B, 0x69, 0x94, 0xBA, - 0x20, 0xF8, 0x14, 0x95, 0xB3, 0x74, 0x1C, 0xE1, - 0xD3, 0x07, 0xE5, 0xEC, 0x0A, 0x7C, 0x20, 0x20, - 0x2B, 0x81, 0xA1, 0x04, 0x02, 0x83, 0x4D, 0x23, - 0x83, 0xEC, 0xB2, 0x33, 0x3B, 0x2C, 0x93, 0xD6, - 0xC4, 0x37, 0xC3, 0x17, 0x58, 0xDF, 0x92, 0x21, - 0xA3, 0xFA, 0x60, 0x24, 0x81, 0x29, 0x29, 0x62, - 0x81, 0x17, 0xCB, 0xC4, 0x79, 0x22, 0x76, 0xDA, - 0x84, 0x0F, 0xAB, 0x37, 0x03, 0x54, 0x65, 0x23, - 0x0C, 0x7A, 0x79, 0xEB, 0xB1, 0xA8, 0xC2, 0xB4, - 0x49, 0x0C, 0x2C, 0x1C, 0xB8, 0xE8, 0xB5, 0x73, - 0x5B, 0xC0, 0x72, 0xFC, 0x4D, 0x0F, 0x02, 0xB5, - 0x5B, 0x01, 0x3A, 0x53, 0x86, 0x4B, 0x82, 0x5A, - 0x85, 0xE9, 0x52, 0x03, 0x76, 0xC4, 0x4A, 0x9D, - 0xBA, 0x2C, 0xE9, 0x06, 0x8F, 0x25, 0x7A, 0x11, - 0xCF, 0xB6, 0x46, 0x6A, 0xC5, 0xAB, 0xBC, 0x85, - 0xCE, 0x80, 0x0A, 0x13, 0xB9, 0x64, 0x4D, 0x6E, - 0x04, 0x70, 0x1D, 0x23, 0xA9, 0x9A, 0x7C, 0x1A, - 0x5A, 0xEA, 0xBE, 0x2D, 0xB1, 0x34, 0x16, 0xD0, - 0xC3, 0x5C, 0x6C, 0x04, 0x98, 0x8B, 0x39, 0x91, - 0x6C, 0x46, 0x67, 0x6C, 0x66, 0x51, 0xF3, 0x5E, - 0xC2, 0x28, 0x13, 0xCF, 0xE3, 0x84, 0x40, 0x69, - 0x2F, 0x43, 0x29, 0xC5, 0x85, 0x03, 0x27, 0x30, - 0xC6, 0x94, 0xF2, 0xB2, 0x41, 0x03, 0xFB, 0x78, - 0xE4, 0x3A, 0x49, 0x52, 0x70, 0x03, 0xF4, 0xFA, - 0x5B, 0x73, 0x49, 0x2A, 0x50, 0x71, 0x83, 0x55, - 0x36, 0x26, 0x78, 0x26, 0x97, 0x37, 0x65, 0x7B, - 0x7A, 0x24, 0x03, 0xD4, 0x15, 0x09, 0xD6, 0xEC, - 0x9E, 0x51, 0x65, 0x51, 0x95, 0x56, 0xCB, 0x94, - 0x92, 0xCD, 0x6D, 0x04, 0x6F, 0x2B, 0x4C, 0x91, - 0x4A, 0xF6, 0x3C, 0xBF, 0xCC, 0xA0, 0xB4, 0xCC, - 0x44, 0x6A, 0x54, 0x69, 0x54, 0x59, 0x41, 0x66, - 0x8A, 0xBD, 0x9A, 0x26, 0x7A, 0xF2, 0x41, 0x28, - 0x33, 0xD9, 0x67, 0xB8, 0xAB, 0xB4, 0x34, 0xD7, - 0xA0, 0xAF, 0x5C, 0xAB, 0x11, 0x34, 0xB0, 0x9E, - 0xDB, 0x7A, 0xA1, 0xC1, 0x60, 0x0A, 0xF1, 0x5E, - 0xF6, 0x15, 0x27, 0xC8, 0xC1, 0xA1, 0x59, 0x40, - 0xCA, 0xB1, 0x60, 0x35, 0xF0, 0x5C, 0x71, 0x77, - 0x15, 0x90, 0x9D, 0x73, 0x2D, 0x1E, 0x9B, 0x4C, - 0x59, 0x2B, 0xB3, 0x86, 0xA5, 0xC1, 0xF3, 0xB9, - 0x89, 0x17, 0x58, 0x82, 0x05, 0xD2, 0xA8, 0xB5, - 0x03, 0x8A, 0x52, 0x4B, 0x99, 0x52, 0xD5, 0x9D, - 0x85, 0xDB, 0x27, 0x3C, 0xA1, 0xA7, 0x87, 0xF0, - 0x1F, 0x9B, 0xCB, 0x07, 0xDA, 0xC3, 0x3B, 0xC4, - 0xF0, 0xB4, 0x33, 0x36, 0x38, 0xCD, 0x3A, 0x60, - 0x1D, 0x35, 0x63, 0xF3, 0x53, 0xB5, 0xDF, 0xAA, - 0xA6, 0x2C, 0x68, 0xBF, 0x92, 0xA4, 0x79, 0xD8, - 0xB9, 0x4F, 0x81, 0x54, 0x31, 0x72, 0xB8, 0x36, - 0x26, 0xCC, 0x3B, 0x48, 0x72, 0x76, 0xAA, 0x5C, - 0xCB, 0x4D, 0x10, 0xBB, 0x18, 0xC9, 0x9F, 0x48, - 0x2A, 0x88, 0x26, 0x1C, 0x21, 0xA7, 0x90, 0x0F, - 0x60, 0x73, 0xB7, 0x06, 0xAC, 0xC5, 0xD2, 0xD7, - 0x54, 0x10, 0xB3, 0xA8, 0x84, 0x06, 0x95, 0x87, - 0x2B, 0xAC, 0xC8, 0xAA, 0x36, 0x60, 0xA4, 0x7D, - 0x6B, 0x7A, 0x5A, 0xA7, 0x9A, 0x5D, 0x28, 0xB2, - 0x6B, 0xFF, 0x80, 0x63, 0x14, 0xE6, 0x92, 0x93, - 0x30, 0x4A, 0xD0, 0x13, 0xB4, 0xE6, 0x75, 0xAE, - 0x62, 0x0B, 0x52, 0xEF, 0x30, 0x79, 0x00, 0x33, - 0xCC, 0x42, 0x78, 0xC0, 0x38, 0x50, 0xB4, 0xE6, - 0x0B, 0x39, 0x63, 0x46, 0x11, 0xDC, 0x3A, 0x5F, - 0x4C, 0x79, 0x66, 0xA9, 0xF4, 0x92, 0x0B, 0xF7, - 0x08, 0xBA, 0x8A, 0x01, 0x49, 0x1C, 0x7C, 0xEC, - 0x97, 0x40, 0xFA, 0x97, 0x6E, 0x8E, 0x76, 0x13, - 0x00, 0x60, 0x5F, 0x75, 0x20, 0x88, 0x56, 0x56, - 0x5F, 0x4F, 0x55, 0x60, 0x8F, 0x61, 0x37, 0x92, - 0x99, 0xA6, 0x4C, 0x96, 0x6B, 0xAD, 0x4A, 0x0E, - 0x87, 0x92, 0xAD, 0x3D, 0x46, 0x86, 0x41, 0x28, - 0x37, 0x61, 0xA5, 0x39, 0x99, 0x25, 0x86, 0x63, - 0x30, 0xB5, 0xBA, 0x37, 0x07, 0xE8, 0x54, 0xA6, - 0x3F, 0xE7, 0xAA, 0x7F, 0x81, 0x1A, 0xA4, 0x57, - 0x54, 0x08, 0xC8, 0xC2, 0x06, 0xBB, 0x39, 0x53, - 0xA7, 0x66, 0x29, 0x9A, 0x5C, 0x26, 0xC6, 0x7A, - 0x4E, 0x58, 0x21, 0x05, 0x79, 0xB3, 0x10, 0xF7, - 0x99, 0xB0, 0x97, 0x9B, 0xB9, 0x45, 0x8A, 0xEC, - 0x21, 0x50, 0xAD, 0x27, 0x3F, 0xEB, 0xCB, 0x3E, - 0xF3, 0xB6, 0x0B, 0x38, 0x56, 0xA7, 0x16, 0xB9, - 0x78, 0x3D, 0xF8, 0x08, 0xC6, 0x9C, 0x06, 0x12, - 0xA0, 0x9E, 0xA5, 0x93, 0x16, 0x64, 0x65, 0x87, - 0x69, 0x2D, 0x3C, 0x8E, 0x8C, 0x73, 0x9F, 0xB3, - 0x78, 0x27, 0x74, 0x15, 0x61, 0xD5, 0xE7, 0x66, - 0x67, 0x51, 0x82, 0xFF, 0x83, 0xC9, 0x1C, 0xF0, - 0x33, 0x65, 0x88, 0x23, 0xD8, 0xFA, 0x91, 0xE1 - }; - const byte kyber768_sk[] = { - 0x1B, 0xD1, 0x97, 0x95, 0x10, 0xBC, 0xE5, 0x03, - 0x1C, 0x0F, 0x99, 0x1D, 0xE0, 0x82, 0xC3, 0x89, - 0xA1, 0xBD, 0x15, 0x57, 0x19, 0x1D, 0x81, 0x03, - 0xBD, 0xCC, 0x04, 0xC1, 0x98, 0xAE, 0x3E, 0x95, - 0x95, 0xFD, 0xB6, 0x57, 0xB5, 0xC6, 0x39, 0x97, - 0x95, 0x79, 0xAE, 0x13, 0x5B, 0x11, 0xE2, 0x4D, - 0x36, 0xE5, 0x49, 0x44, 0x67, 0x83, 0x2E, 0x6A, - 0x8A, 0x46, 0xAA, 0x8F, 0x9F, 0xF9, 0x87, 0x4A, - 0x16, 0x00, 0x27, 0x84, 0x07, 0x71, 0x56, 0x2D, - 0x74, 0x61, 0xB1, 0x6C, 0x61, 0x87, 0xF3, 0xC2, - 0xC1, 0x9C, 0x9C, 0x8F, 0xE6, 0x41, 0x49, 0x7D, - 0x8A, 0x15, 0x5C, 0x51, 0x15, 0x7D, 0x91, 0x35, - 0xD9, 0xB4, 0x5D, 0x3C, 0x7C, 0x4C, 0xB1, 0x82, - 0x31, 0x8C, 0x11, 0xAD, 0x08, 0xB3, 0x9F, 0xAC, - 0x04, 0x15, 0xE6, 0xE2, 0x6D, 0xB3, 0x43, 0x91, - 0xDE, 0xC2, 0x47, 0x1B, 0x30, 0x3C, 0x05, 0x05, - 0xB6, 0xFE, 0x45, 0x6E, 0x81, 0x50, 0x21, 0xE8, - 0x2B, 0x5F, 0x2D, 0x16, 0x6F, 0xDF, 0xB5, 0xB9, - 0x23, 0xC8, 0x3A, 0x61, 0x67, 0x30, 0x28, 0xF0, - 0xBA, 0xE0, 0x28, 0x08, 0x9F, 0x47, 0x61, 0x67, - 0xE5, 0x75, 0x6C, 0xAA, 0x3E, 0xE0, 0xF1, 0x89, - 0xC6, 0x47, 0x81, 0xC7, 0x49, 0x27, 0xBC, 0xDB, - 0x67, 0xE7, 0x75, 0xCC, 0xA8, 0x5B, 0x44, 0xB8, - 0x8B, 0x10, 0x61, 0xD8, 0x96, 0x3F, 0xE4, 0x0B, - 0x1F, 0xB4, 0x34, 0x68, 0x20, 0x09, 0x0E, 0x5C, - 0x0B, 0x7C, 0x49, 0x08, 0x89, 0x33, 0xAD, 0xE3, - 0x82, 0x96, 0x88, 0x6C, 0x43, 0x45, 0x65, 0x7C, - 0x3F, 0x07, 0xCF, 0x1A, 0xE9, 0x76, 0xE6, 0xBA, - 0x77, 0x7E, 0xF0, 0x1F, 0xB9, 0xC3, 0xB0, 0xDC, - 0xF0, 0x58, 0x3A, 0xE5, 0x44, 0xCD, 0x80, 0x3A, - 0xC1, 0x39, 0xCA, 0x61, 0x9B, 0x8D, 0xCA, 0x13, - 0x1C, 0xD2, 0x73, 0xCE, 0xCB, 0x65, 0xBC, 0xEF, - 0x00, 0x29, 0x95, 0x12, 0xB0, 0x21, 0xBA, 0x1B, - 0x2F, 0xF2, 0x08, 0xEE, 0xBB, 0x08, 0xA6, 0x28, - 0x7E, 0xC4, 0x4C, 0x21, 0x7D, 0x94, 0x76, 0x40, - 0x42, 0x5C, 0x0E, 0x97, 0x13, 0x44, 0x5B, 0xC5, - 0x2B, 0xC3, 0xCD, 0x66, 0x01, 0x2C, 0x8C, 0xB7, - 0x10, 0xA2, 0xE8, 0xAD, 0x5F, 0xC5, 0x1C, 0x5B, - 0x71, 0xCE, 0x69, 0xE9, 0x6A, 0x22, 0x06, 0x6F, - 0x74, 0x4B, 0xBA, 0xB6, 0x47, 0x2F, 0xEF, 0x3A, - 0x5B, 0xCF, 0xD6, 0x1D, 0xF1, 0xF8, 0x6A, 0x95, - 0x64, 0x80, 0x03, 0x1A, 0x99, 0x0E, 0xE0, 0x7D, - 0xE5, 0x04, 0x5E, 0xBC, 0x49, 0x8F, 0x2D, 0x3A, - 0xBD, 0xE3, 0x28, 0xC4, 0x2A, 0xCB, 0x21, 0xAD, - 0x62, 0x5D, 0x7B, 0xCB, 0x85, 0x5A, 0x8A, 0x0A, - 0xCB, 0xA2, 0x85, 0x16, 0xD3, 0x5A, 0xAF, 0x92, - 0xBE, 0xB3, 0x9C, 0x46, 0xD8, 0xF4, 0xA0, 0x1F, - 0x73, 0x20, 0x40, 0xF2, 0x7C, 0x40, 0x9B, 0xA4, - 0x9A, 0x80, 0xCF, 0x95, 0x55, 0x7C, 0x73, 0x7C, - 0x4A, 0x45, 0x11, 0x2C, 0x52, 0x2C, 0x78, 0x04, - 0xC7, 0x7A, 0x3D, 0x44, 0x53, 0xBA, 0x82, 0xC1, - 0x49, 0x08, 0xBC, 0xC0, 0x47, 0x13, 0x7E, 0x5A, - 0x7B, 0x23, 0x92, 0xC8, 0x31, 0x25, 0x4C, 0x1A, - 0x59, 0x54, 0xC8, 0x8C, 0xCF, 0xA5, 0xD8, 0x8B, - 0x3B, 0x93, 0x31, 0xBE, 0xF4, 0x62, 0x55, 0x09, - 0x14, 0xD1, 0x84, 0x17, 0x59, 0x40, 0xB4, 0xE9, - 0xB7, 0xAD, 0x3D, 0x44, 0x2E, 0xA9, 0x68, 0xB6, - 0xA4, 0x0A, 0x19, 0x72, 0x71, 0x5B, 0xCB, 0x72, - 0x82, 0x14, 0xA1, 0xBE, 0x8E, 0x04, 0x1D, 0xF5, - 0x72, 0xCC, 0x2D, 0x01, 0x6F, 0xFD, 0x6B, 0x0A, - 0xFA, 0xC8, 0x02, 0xBA, 0x97, 0x5A, 0x4A, 0x31, - 0xA4, 0x18, 0x40, 0x2E, 0x6B, 0x01, 0x41, 0xFA, - 0xD6, 0x48, 0x49, 0xE1, 0x6C, 0x80, 0x37, 0x23, - 0xA7, 0x74, 0x2B, 0x08, 0x2A, 0x7A, 0x56, 0x26, - 0x4E, 0x02, 0x60, 0xA2, 0x4A, 0x66, 0x42, 0x3D, - 0x52, 0x64, 0x82, 0x07, 0x04, 0x06, 0x5C, 0xAC, - 0x41, 0x10, 0x72, 0x48, 0x64, 0x37, 0xCA, 0xA5, - 0x47, 0x2D, 0x73, 0x3C, 0x64, 0x14, 0x5F, 0x10, - 0x0B, 0x0B, 0x16, 0xC0, 0xAB, 0x0D, 0xB8, 0x7C, - 0xC5, 0x64, 0x26, 0xC1, 0x1A, 0x69, 0x45, 0x25, - 0x95, 0x8D, 0xB8, 0x31, 0x59, 0x31, 0xC5, 0x09, - 0xD6, 0x3C, 0x48, 0x10, 0xBB, 0xA7, 0x68, 0xCA, - 0xCB, 0xF9, 0xCD, 0x85, 0x7B, 0x0D, 0x66, 0xD6, - 0x5A, 0xF7, 0xEB, 0xAC, 0x18, 0xB7, 0x9C, 0xBE, - 0xBC, 0x0A, 0x49, 0xB5, 0xC0, 0x5A, 0xA8, 0x7F, - 0x8D, 0xE8, 0x25, 0xA6, 0xA1, 0x13, 0x5F, 0xE8, - 0x64, 0xCF, 0x6C, 0x99, 0x8D, 0xDC, 0x37, 0xFC, - 0x01, 0x56, 0xBB, 0x52, 0xA7, 0x8E, 0xC2, 0x99, - 0xCA, 0x53, 0x1C, 0xF8, 0x75, 0xBE, 0xFA, 0x48, - 0x75, 0x72, 0x60, 0x28, 0xED, 0x37, 0x91, 0xBA, - 0x31, 0xC0, 0x0E, 0xC7, 0x40, 0x20, 0xCA, 0xA1, - 0x7F, 0x91, 0x19, 0x63, 0x96, 0xCF, 0xE5, 0x88, - 0x6E, 0x51, 0x1A, 0x52, 0xD0, 0xCA, 0x8D, 0xEE, - 0x25, 0xBF, 0x4E, 0x77, 0xCB, 0x92, 0xE6, 0x36, - 0x40, 0x64, 0x6D, 0xE2, 0x58, 0x6D, 0xCD, 0x00, - 0x14, 0x16, 0xCC, 0xC1, 0xEC, 0x30, 0x7C, 0xA2, - 0x75, 0x6D, 0xBE, 0xA8, 0x26, 0x36, 0x14, 0x51, - 0x3C, 0xA0, 0x5E, 0x70, 0xC7, 0x54, 0xF5, 0x6A, - 0x2C, 0x3F, 0xF7, 0x42, 0x94, 0x8C, 0x34, 0xAF, - 0x49, 0x34, 0x2F, 0x55, 0x03, 0x4C, 0x1C, 0x70, - 0xE0, 0x79, 0x6D, 0x26, 0xB2, 0x30, 0x35, 0x6B, - 0x1B, 0x74, 0xA1, 0x6C, 0x0B, 0x28, 0x37, 0x4B, - 0x79, 0xC1, 0x6B, 0x04, 0x96, 0xCA, 0x20, 0x12, - 0x3E, 0x6C, 0x67, 0x62, 0xD9, 0x01, 0xE2, 0x76, - 0x08, 0x5D, 0x81, 0x2A, 0xE9, 0xC3, 0x45, 0xAD, - 0xF5, 0x09, 0xDD, 0xC7, 0x87, 0x61, 0x62, 0xCE, - 0x34, 0xA6, 0x00, 0x3F, 0xB4, 0x5C, 0xD8, 0x66, - 0x0F, 0xDD, 0x46, 0x71, 0x6E, 0x82, 0x55, 0x06, - 0x62, 0x37, 0x5D, 0xB5, 0x5E, 0x63, 0xA2, 0x0F, - 0x01, 0x2A, 0x71, 0xE3, 0xD9, 0x72, 0x25, 0xC5, - 0x8F, 0x52, 0x34, 0xC6, 0xB5, 0x3A, 0x8A, 0xA0, - 0x33, 0x9C, 0xEF, 0xD4, 0x84, 0xE4, 0x7A, 0x3D, - 0xE6, 0x49, 0x88, 0x05, 0xC2, 0x82, 0xE0, 0x76, - 0x8E, 0x35, 0xC7, 0x5C, 0x20, 0x07, 0x76, 0x5C, - 0xA1, 0x7F, 0x01, 0xD2, 0x85, 0xA7, 0xC3, 0x04, - 0x8B, 0xC7, 0x2B, 0xA3, 0xAA, 0x57, 0x7C, 0x1C, - 0x43, 0x2A, 0x3C, 0x76, 0x9D, 0x21, 0xB8, 0x6C, - 0x01, 0x8F, 0x81, 0x7A, 0x26, 0x67, 0x35, 0x1C, - 0x2B, 0xC8, 0x5F, 0xA5, 0x53, 0x6F, 0xA7, 0xA6, - 0xCD, 0xEF, 0xCC, 0x0D, 0xD6, 0xF9, 0x1B, 0xDD, - 0xE8, 0x9D, 0x4E, 0x51, 0x6C, 0x8B, 0x75, 0x40, - 0xA7, 0xDC, 0x3F, 0xC4, 0x89, 0x8A, 0xB3, 0x30, - 0x08, 0xBC, 0xC1, 0x9F, 0x9E, 0x46, 0x3D, 0xE9, - 0x36, 0x26, 0x99, 0x4C, 0xC9, 0x27, 0xA3, 0x4A, - 0x9D, 0x70, 0x40, 0xC1, 0x31, 0xC8, 0x1F, 0x07, - 0x83, 0xDD, 0x68, 0x84, 0x29, 0x43, 0xC5, 0x5D, - 0xC5, 0x77, 0xD3, 0x67, 0xA4, 0x01, 0x83, 0x94, - 0xBB, 0x11, 0x60, 0x72, 0xAC, 0x65, 0xF2, 0xEB, - 0x9B, 0x4F, 0xF5, 0x8F, 0x41, 0x15, 0x40, 0x1B, - 0x11, 0x7D, 0x91, 0x3B, 0x75, 0x75, 0x57, 0x57, - 0x19, 0x39, 0x0C, 0x9E, 0x80, 0x06, 0x97, 0xA8, - 0x28, 0xB1, 0x25, 0x83, 0xF9, 0x4A, 0x2F, 0x8F, - 0x72, 0x0A, 0x6E, 0x87, 0x00, 0xFD, 0x40, 0x7D, - 0x73, 0xA4, 0xC7, 0x97, 0x55, 0x2B, 0x98, 0x75, - 0x7A, 0x5F, 0x57, 0x82, 0xA9, 0x50, 0x95, 0xDF, - 0xA5, 0xAC, 0xB7, 0xD9, 0x3A, 0x80, 0x5C, 0x30, - 0x18, 0x30, 0x4E, 0x5D, 0x22, 0xB7, 0x6F, 0xA5, - 0xAA, 0x51, 0x96, 0xB7, 0xEB, 0xDB, 0x7A, 0xA0, - 0xA5, 0x2D, 0x06, 0xAC, 0x4B, 0x9E, 0x4C, 0x00, - 0xC0, 0xF8, 0x5C, 0xEC, 0xB0, 0xBD, 0x95, 0x56, - 0x2D, 0x56, 0x23, 0x30, 0x78, 0x51, 0x43, 0xC7, - 0xF1, 0x29, 0xFA, 0xF9, 0x19, 0x48, 0xB0, 0xC8, - 0x8C, 0x60, 0x82, 0xE0, 0xF3, 0x03, 0x54, 0x74, - 0x12, 0x6E, 0x23, 0x6B, 0x80, 0xD2, 0x22, 0xD2, - 0x81, 0x4F, 0x6A, 0xF2, 0x4B, 0xD5, 0xD1, 0x19, - 0x86, 0x33, 0x1F, 0xAF, 0xC2, 0x1E, 0xC8, 0x4C, - 0x93, 0xA8, 0x81, 0x24, 0x72, 0x51, 0x10, 0x5A, - 0x6A, 0xB4, 0x35, 0xD7, 0x6E, 0xFD, 0x88, 0x9D, - 0x27, 0xC0, 0x0C, 0x2A, 0x14, 0xBD, 0x04, 0xA6, - 0xBD, 0x0B, 0x20, 0x07, 0xB5, 0x51, 0x5A, 0x75, - 0xF1, 0x14, 0xD1, 0x92, 0x10, 0xBC, 0x70, 0x50, - 0x85, 0x33, 0x53, 0x2F, 0x1B, 0x0A, 0x30, 0x0C, - 0x8B, 0x12, 0xF0, 0x0A, 0xC4, 0xFC, 0x46, 0x0F, - 0xA8, 0x4A, 0x2D, 0x15, 0x21, 0xBD, 0x0B, 0x42, - 0x86, 0x1A, 0xCF, 0x24, 0x57, 0x9D, 0x8E, 0xE8, - 0x94, 0x63, 0xB4, 0x78, 0xE2, 0xE9, 0x53, 0xC7, - 0xD5, 0xCD, 0xA4, 0xD3, 0x07, 0xD1, 0x68, 0xCF, - 0xC6, 0x79, 0xB1, 0xA3, 0x79, 0x1F, 0x05, 0x83, - 0x82, 0x86, 0x0B, 0x1C, 0x77, 0x52, 0x87, 0x89, - 0xC6, 0x96, 0x4B, 0xCC, 0x40, 0x8A, 0x21, 0xCA, - 0x4E, 0x42, 0x8F, 0xE7, 0x33, 0x9F, 0x7C, 0x08, - 0x76, 0xA8, 0x58, 0xAB, 0xA9, 0x44, 0xB7, 0x3F, - 0x9C, 0xC9, 0xB8, 0xAC, 0xC4, 0xB7, 0x9A, 0x9F, - 0x72, 0xF7, 0xA0, 0x47, 0x72, 0x57, 0xB9, 0xF3, - 0x26, 0xE4, 0x4C, 0x2C, 0x5F, 0x8B, 0x8A, 0x17, - 0x58, 0x81, 0x42, 0xB0, 0x91, 0xA3, 0x12, 0x31, - 0xD0, 0x98, 0xB0, 0x57, 0x30, 0x45, 0x62, 0x90, - 0x6E, 0x96, 0x05, 0x47, 0x3D, 0x28, 0xB7, 0xB4, - 0x33, 0x2A, 0xB4, 0x49, 0x82, 0x48, 0x7B, 0x04, - 0x9E, 0x41, 0x93, 0x74, 0xA4, 0x8E, 0xAC, 0x6A, - 0xB8, 0xCB, 0x42, 0x6D, 0x13, 0xA4, 0x86, 0x28, - 0x28, 0x43, 0x02, 0xFB, 0x72, 0x71, 0xD1, 0x54, - 0xCA, 0x09, 0x06, 0xD8, 0xE2, 0x0F, 0x1D, 0x97, - 0xBE, 0x9C, 0x82, 0x2E, 0x78, 0x83, 0x79, 0x32, - 0xEB, 0x28, 0xEE, 0xB0, 0x83, 0x71, 0xBB, 0xC6, - 0x3A, 0x7A, 0x96, 0x6C, 0xAC, 0x7A, 0x05, 0xB5, - 0x50, 0x3C, 0x55, 0x1A, 0xEF, 0x80, 0x15, 0x14, - 0xE1, 0x6A, 0xF6, 0x81, 0x02, 0x64, 0x6C, 0x66, - 0x9D, 0xD8, 0xA7, 0xE8, 0xA4, 0x11, 0x39, 0x54, - 0x62, 0xC7, 0xD4, 0x83, 0x8B, 0x91, 0x96, 0x96, - 0x54, 0x16, 0x59, 0x2B, 0xCF, 0xAC, 0x97, 0x87, - 0x0C, 0x23, 0x58, 0xA8, 0x59, 0x5B, 0x2F, 0x43, - 0x55, 0xF0, 0xFA, 0x10, 0x43, 0xA1, 0x1F, 0x62, - 0x86, 0x2F, 0xD5, 0xD9, 0x7A, 0x9D, 0xE2, 0x1B, - 0xD3, 0x39, 0x85, 0x5E, 0x17, 0x8C, 0x97, 0xD3, - 0x77, 0xD1, 0xD1, 0x46, 0xEC, 0x6A, 0x96, 0xE4, - 0xFB, 0xB7, 0x15, 0xC4, 0xC0, 0x22, 0x84, 0x55, - 0xBB, 0x64, 0xA3, 0x88, 0xDC, 0xC4, 0xD3, 0x91, - 0x3A, 0x76, 0x09, 0x57, 0xD1, 0xA6, 0x9F, 0xEA, - 0xAA, 0x08, 0x92, 0x29, 0xB8, 0xCA, 0xD0, 0xBC, - 0xC9, 0x38, 0xC7, 0x80, 0x69, 0x8A, 0x5C, 0xE1, - 0x9B, 0xC5, 0x21, 0x44, 0xDB, 0x46, 0x3B, 0x6D, - 0x55, 0x4F, 0xC4, 0xEC, 0x5E, 0x18, 0x64, 0xC4, - 0xC6, 0x88, 0x75, 0x97, 0x50, 0x0F, 0x40, 0x94, - 0x18, 0xB3, 0xA3, 0x3F, 0x2C, 0x88, 0xB2, 0x6E, - 0xD9, 0x83, 0x1D, 0xB4, 0x65, 0x08, 0xE8, 0x9F, - 0x8C, 0x33, 0x5B, 0xE1, 0x94, 0x56, 0x12, 0x05, - 0x22, 0xA8, 0xB4, 0x43, 0xFE, 0xF2, 0x1A, 0x7B, - 0xC3, 0x05, 0x9A, 0xFB, 0x4A, 0xAA, 0xD5, 0x0E, - 0x6C, 0x72, 0x8B, 0xEA, 0x8A, 0xC5, 0xDC, 0x7C, - 0x6D, 0x06, 0x94, 0x76, 0x03, 0x51, 0x0A, 0x84, - 0x90, 0xAF, 0xCE, 0x30, 0x4D, 0x57, 0xA7, 0x25, - 0xC4, 0x3B, 0x5A, 0xA3, 0x71, 0x3B, 0xA0, 0x44, - 0x98, 0x75, 0xE5, 0x67, 0x55, 0x13, 0x22, 0x60, - 0x54, 0x63, 0x6C, 0xF8, 0x9E, 0x59, 0x5A, 0xC5, - 0xAE, 0xE5, 0x66, 0x78, 0x4B, 0x80, 0xFA, 0x39, - 0x64, 0x0B, 0x74, 0x0F, 0x47, 0x12, 0x22, 0x60, - 0x25, 0x11, 0x00, 0xFA, 0x8E, 0xE0, 0xF1, 0x65, - 0x27, 0x11, 0x40, 0x0C, 0x68, 0x16, 0x38, 0x3C, - 0xC5, 0xE6, 0xDA, 0xB7, 0x9C, 0xDC, 0x3E, 0x41, - 0x98, 0x37, 0x48, 0x15, 0xB2, 0xBB, 0xA2, 0x0E, - 0xFC, 0x14, 0x25, 0xCE, 0xD1, 0x9B, 0x60, 0x19, - 0x77, 0x08, 0x08, 0x00, 0xCF, 0x54, 0x9C, 0xC4, - 0x80, 0x7D, 0xE6, 0xCA, 0x84, 0xE5, 0xD3, 0xC2, - 0xCF, 0x8B, 0x11, 0xEB, 0x68, 0x56, 0xE7, 0x1C, - 0x6B, 0xA5, 0xD2, 0x96, 0x45, 0x46, 0xAA, 0x0C, - 0x82, 0x53, 0x10, 0xF7, 0x79, 0xED, 0x69, 0x53, - 0xD9, 0x22, 0x5E, 0x11, 0xF0, 0x57, 0x93, 0x48, - 0x4C, 0x6B, 0x47, 0xB6, 0xE3, 0xD0, 0x4A, 0x4B, - 0x27, 0xB7, 0x86, 0x71, 0x46, 0xF6, 0xA0, 0x64, - 0xB9, 0x8B, 0x8B, 0xDD, 0x2B, 0x69, 0x94, 0xBA, - 0x20, 0xF8, 0x14, 0x95, 0xB3, 0x74, 0x1C, 0xE1, - 0xD3, 0x07, 0xE5, 0xEC, 0x0A, 0x7C, 0x20, 0x20, - 0x2B, 0x81, 0xA1, 0x04, 0x02, 0x83, 0x4D, 0x23, - 0x83, 0xEC, 0xB2, 0x33, 0x3B, 0x2C, 0x93, 0xD6, - 0xC4, 0x37, 0xC3, 0x17, 0x58, 0xDF, 0x92, 0x21, - 0xA3, 0xFA, 0x60, 0x24, 0x81, 0x29, 0x29, 0x62, - 0x81, 0x17, 0xCB, 0xC4, 0x79, 0x22, 0x76, 0xDA, - 0x84, 0x0F, 0xAB, 0x37, 0x03, 0x54, 0x65, 0x23, - 0x0C, 0x7A, 0x79, 0xEB, 0xB1, 0xA8, 0xC2, 0xB4, - 0x49, 0x0C, 0x2C, 0x1C, 0xB8, 0xE8, 0xB5, 0x73, - 0x5B, 0xC0, 0x72, 0xFC, 0x4D, 0x0F, 0x02, 0xB5, - 0x5B, 0x01, 0x3A, 0x53, 0x86, 0x4B, 0x82, 0x5A, - 0x85, 0xE9, 0x52, 0x03, 0x76, 0xC4, 0x4A, 0x9D, - 0xBA, 0x2C, 0xE9, 0x06, 0x8F, 0x25, 0x7A, 0x11, - 0xCF, 0xB6, 0x46, 0x6A, 0xC5, 0xAB, 0xBC, 0x85, - 0xCE, 0x80, 0x0A, 0x13, 0xB9, 0x64, 0x4D, 0x6E, - 0x04, 0x70, 0x1D, 0x23, 0xA9, 0x9A, 0x7C, 0x1A, - 0x5A, 0xEA, 0xBE, 0x2D, 0xB1, 0x34, 0x16, 0xD0, - 0xC3, 0x5C, 0x6C, 0x04, 0x98, 0x8B, 0x39, 0x91, - 0x6C, 0x46, 0x67, 0x6C, 0x66, 0x51, 0xF3, 0x5E, - 0xC2, 0x28, 0x13, 0xCF, 0xE3, 0x84, 0x40, 0x69, - 0x2F, 0x43, 0x29, 0xC5, 0x85, 0x03, 0x27, 0x30, - 0xC6, 0x94, 0xF2, 0xB2, 0x41, 0x03, 0xFB, 0x78, - 0xE4, 0x3A, 0x49, 0x52, 0x70, 0x03, 0xF4, 0xFA, - 0x5B, 0x73, 0x49, 0x2A, 0x50, 0x71, 0x83, 0x55, - 0x36, 0x26, 0x78, 0x26, 0x97, 0x37, 0x65, 0x7B, - 0x7A, 0x24, 0x03, 0xD4, 0x15, 0x09, 0xD6, 0xEC, - 0x9E, 0x51, 0x65, 0x51, 0x95, 0x56, 0xCB, 0x94, - 0x92, 0xCD, 0x6D, 0x04, 0x6F, 0x2B, 0x4C, 0x91, - 0x4A, 0xF6, 0x3C, 0xBF, 0xCC, 0xA0, 0xB4, 0xCC, - 0x44, 0x6A, 0x54, 0x69, 0x54, 0x59, 0x41, 0x66, - 0x8A, 0xBD, 0x9A, 0x26, 0x7A, 0xF2, 0x41, 0x28, - 0x33, 0xD9, 0x67, 0xB8, 0xAB, 0xB4, 0x34, 0xD7, - 0xA0, 0xAF, 0x5C, 0xAB, 0x11, 0x34, 0xB0, 0x9E, - 0xDB, 0x7A, 0xA1, 0xC1, 0x60, 0x0A, 0xF1, 0x5E, - 0xF6, 0x15, 0x27, 0xC8, 0xC1, 0xA1, 0x59, 0x40, - 0xCA, 0xB1, 0x60, 0x35, 0xF0, 0x5C, 0x71, 0x77, - 0x15, 0x90, 0x9D, 0x73, 0x2D, 0x1E, 0x9B, 0x4C, - 0x59, 0x2B, 0xB3, 0x86, 0xA5, 0xC1, 0xF3, 0xB9, - 0x89, 0x17, 0x58, 0x82, 0x05, 0xD2, 0xA8, 0xB5, - 0x03, 0x8A, 0x52, 0x4B, 0x99, 0x52, 0xD5, 0x9D, - 0x85, 0xDB, 0x27, 0x3C, 0xA1, 0xA7, 0x87, 0xF0, - 0x1F, 0x9B, 0xCB, 0x07, 0xDA, 0xC3, 0x3B, 0xC4, - 0xF0, 0xB4, 0x33, 0x36, 0x38, 0xCD, 0x3A, 0x60, - 0x1D, 0x35, 0x63, 0xF3, 0x53, 0xB5, 0xDF, 0xAA, - 0xA6, 0x2C, 0x68, 0xBF, 0x92, 0xA4, 0x79, 0xD8, - 0xB9, 0x4F, 0x81, 0x54, 0x31, 0x72, 0xB8, 0x36, - 0x26, 0xCC, 0x3B, 0x48, 0x72, 0x76, 0xAA, 0x5C, - 0xCB, 0x4D, 0x10, 0xBB, 0x18, 0xC9, 0x9F, 0x48, - 0x2A, 0x88, 0x26, 0x1C, 0x21, 0xA7, 0x90, 0x0F, - 0x60, 0x73, 0xB7, 0x06, 0xAC, 0xC5, 0xD2, 0xD7, - 0x54, 0x10, 0xB3, 0xA8, 0x84, 0x06, 0x95, 0x87, - 0x2B, 0xAC, 0xC8, 0xAA, 0x36, 0x60, 0xA4, 0x7D, - 0x6B, 0x7A, 0x5A, 0xA7, 0x9A, 0x5D, 0x28, 0xB2, - 0x6B, 0xFF, 0x80, 0x63, 0x14, 0xE6, 0x92, 0x93, - 0x30, 0x4A, 0xD0, 0x13, 0xB4, 0xE6, 0x75, 0xAE, - 0x62, 0x0B, 0x52, 0xEF, 0x30, 0x79, 0x00, 0x33, - 0xCC, 0x42, 0x78, 0xC0, 0x38, 0x50, 0xB4, 0xE6, - 0x0B, 0x39, 0x63, 0x46, 0x11, 0xDC, 0x3A, 0x5F, - 0x4C, 0x79, 0x66, 0xA9, 0xF4, 0x92, 0x0B, 0xF7, - 0x08, 0xBA, 0x8A, 0x01, 0x49, 0x1C, 0x7C, 0xEC, - 0x97, 0x40, 0xFA, 0x97, 0x6E, 0x8E, 0x76, 0x13, - 0x00, 0x60, 0x5F, 0x75, 0x20, 0x88, 0x56, 0x56, - 0x5F, 0x4F, 0x55, 0x60, 0x8F, 0x61, 0x37, 0x92, - 0x99, 0xA6, 0x4C, 0x96, 0x6B, 0xAD, 0x4A, 0x0E, - 0x87, 0x92, 0xAD, 0x3D, 0x46, 0x86, 0x41, 0x28, - 0x37, 0x61, 0xA5, 0x39, 0x99, 0x25, 0x86, 0x63, - 0x30, 0xB5, 0xBA, 0x37, 0x07, 0xE8, 0x54, 0xA6, - 0x3F, 0xE7, 0xAA, 0x7F, 0x81, 0x1A, 0xA4, 0x57, - 0x54, 0x08, 0xC8, 0xC2, 0x06, 0xBB, 0x39, 0x53, - 0xA7, 0x66, 0x29, 0x9A, 0x5C, 0x26, 0xC6, 0x7A, - 0x4E, 0x58, 0x21, 0x05, 0x79, 0xB3, 0x10, 0xF7, - 0x99, 0xB0, 0x97, 0x9B, 0xB9, 0x45, 0x8A, 0xEC, - 0x21, 0x50, 0xAD, 0x27, 0x3F, 0xEB, 0xCB, 0x3E, - 0xF3, 0xB6, 0x0B, 0x38, 0x56, 0xA7, 0x16, 0xB9, - 0x78, 0x3D, 0xF8, 0x08, 0xC6, 0x9C, 0x06, 0x12, - 0xA0, 0x9E, 0xA5, 0x93, 0x16, 0x64, 0x65, 0x87, - 0x69, 0x2D, 0x3C, 0x8E, 0x8C, 0x73, 0x9F, 0xB3, - 0x78, 0x27, 0x74, 0x15, 0x61, 0xD5, 0xE7, 0x66, - 0x67, 0x51, 0x82, 0xFF, 0x83, 0xC9, 0x1C, 0xF0, - 0x33, 0x65, 0x88, 0x23, 0xD8, 0xFA, 0x91, 0xE1, - 0x05, 0xFC, 0x14, 0xDA, 0x24, 0xF1, 0xC4, 0x1E, - 0xB3, 0xCC, 0xE3, 0xC7, 0x47, 0xEE, 0x30, 0x0C, - 0x31, 0x1F, 0x27, 0x85, 0x47, 0x7A, 0x01, 0x33, - 0xF7, 0x13, 0xB0, 0x28, 0x04, 0x67, 0x4E, 0x7A, - 0x86, 0x26, 0xED, 0x79, 0xD4, 0x51, 0x14, 0x08, - 0x00, 0xE0, 0x3B, 0x59, 0xB9, 0x56, 0xF8, 0x21, - 0x0E, 0x55, 0x60, 0x67, 0x40, 0x7D, 0x13, 0xDC, - 0x90, 0xFA, 0x9E, 0x8B, 0x87, 0x2B, 0xFB, 0x8F - }; - const byte kyber768_ct[] = { - 0xB9, 0x54, 0x84, 0x84, 0xA4, 0x87, 0x3B, 0x1F, - 0x2C, 0xFF, 0x66, 0xA3, 0x23, 0x09, 0x34, 0x60, - 0x05, 0xEB, 0x7C, 0x04, 0x44, 0x9E, 0xAD, 0xC4, - 0x66, 0xBC, 0x47, 0x0E, 0x71, 0xED, 0x6C, 0x77, - 0x1C, 0x2C, 0xF3, 0x92, 0x5E, 0xEB, 0x78, 0x91, - 0x56, 0xAC, 0xF5, 0x8D, 0x13, 0x21, 0xA5, 0x23, - 0xE4, 0xDD, 0xB1, 0x58, 0x4C, 0x6E, 0x3F, 0x4A, - 0x3E, 0xE5, 0xCC, 0x9C, 0x00, 0x7A, 0x00, 0xFF, - 0xA2, 0xBF, 0xF2, 0xD3, 0x92, 0xD2, 0x9D, 0xCB, - 0xEF, 0x44, 0x6D, 0x16, 0x51, 0xC9, 0xB3, 0x63, - 0x8B, 0x0F, 0xB7, 0xEB, 0xEC, 0xE5, 0xB0, 0x59, - 0xC9, 0x76, 0x21, 0xFF, 0x7A, 0x1E, 0x1C, 0xE7, - 0x7A, 0xD5, 0x46, 0x1C, 0x51, 0xE1, 0x3A, 0xF7, - 0x07, 0x89, 0xE4, 0x88, 0x58, 0x98, 0xEA, 0x20, - 0xFA, 0x17, 0x85, 0xA0, 0x3E, 0x3E, 0xF8, 0xA2, - 0x98, 0x33, 0xDA, 0x8D, 0x4D, 0x28, 0x32, 0x53, - 0x74, 0xE4, 0xF4, 0x67, 0x1B, 0xDA, 0x5B, 0x8F, - 0xAE, 0x9C, 0x9F, 0x68, 0x88, 0xAD, 0x5B, 0xCD, - 0x0B, 0x91, 0x16, 0x47, 0x35, 0x73, 0xFB, 0x78, - 0xDD, 0xA7, 0x9A, 0x27, 0x8D, 0x0D, 0x6A, 0xFF, - 0x71, 0xD0, 0x37, 0x7F, 0xB5, 0x0C, 0x47, 0xEC, - 0xBD, 0xB4, 0xB1, 0x42, 0x7D, 0xF8, 0xD4, 0x55, - 0xCC, 0x34, 0x29, 0xCC, 0x84, 0xA1, 0x4A, 0x99, - 0xFB, 0xE4, 0xAD, 0x1E, 0xB3, 0xE8, 0x07, 0x48, - 0x3E, 0x62, 0x26, 0xC7, 0x59, 0xAA, 0x0A, 0x6C, - 0x96, 0x04, 0x41, 0x19, 0x76, 0x8A, 0xB5, 0xA9, - 0x9B, 0x6F, 0xCD, 0x5B, 0x00, 0x7A, 0x18, 0x82, - 0xF4, 0xEC, 0xD3, 0x71, 0x39, 0x64, 0x33, 0x32, - 0x74, 0x4D, 0x08, 0x77, 0xB4, 0x47, 0x01, 0xB0, - 0xE3, 0xB5, 0xD1, 0x22, 0x8A, 0xB1, 0xE3, 0xA7, - 0xF9, 0x94, 0xA2, 0xC0, 0xC3, 0xC1, 0x6C, 0x1E, - 0x6E, 0x02, 0xDF, 0xBF, 0x44, 0x44, 0x4F, 0x6A, - 0x9D, 0x58, 0x25, 0x49, 0x2A, 0x10, 0x88, 0xD1, - 0x91, 0xB4, 0x62, 0x22, 0x76, 0x14, 0x30, 0xDD, - 0x50, 0xEB, 0xF1, 0x1C, 0xAB, 0xE9, 0x95, 0x5C, - 0x5A, 0x10, 0x79, 0xC4, 0xB7, 0xF2, 0xF4, 0x8F, - 0xB6, 0xF3, 0x89, 0x3A, 0xBE, 0x38, 0xDD, 0xB0, - 0x4A, 0xB1, 0x8C, 0xAE, 0x8D, 0x50, 0x70, 0xBD, - 0x9E, 0x05, 0x71, 0x0A, 0x7B, 0x4C, 0xBE, 0xE2, - 0xAE, 0x3F, 0xEC, 0xCF, 0xFA, 0x26, 0x65, 0xBE, - 0xC9, 0xD0, 0xBC, 0x6B, 0x57, 0x34, 0xF2, 0x4C, - 0x29, 0xB5, 0x9E, 0xF8, 0x21, 0x99, 0x77, 0x58, - 0x73, 0x2B, 0x04, 0x72, 0xFE, 0x63, 0x81, 0x63, - 0xC0, 0xF8, 0x67, 0x64, 0x48, 0x12, 0xBB, 0x95, - 0x83, 0xEE, 0xB7, 0xED, 0x64, 0x73, 0xEE, 0x97, - 0x23, 0x35, 0xA5, 0x06, 0xCE, 0x64, 0x94, 0x90, - 0x49, 0x26, 0x3E, 0x32, 0x77, 0x92, 0x88, 0xF8, - 0xD0, 0x16, 0x5E, 0xE5, 0x22, 0x79, 0xF7, 0x98, - 0xE0, 0x2F, 0x8B, 0xDE, 0xA2, 0x5F, 0x67, 0x8E, - 0x2A, 0xB9, 0xE8, 0x8A, 0x77, 0xD2, 0x89, 0x2B, - 0x79, 0x69, 0x22, 0x1B, 0x9D, 0x81, 0xFD, 0xA7, - 0x6B, 0x91, 0xD1, 0x8F, 0xE6, 0xBF, 0x14, 0xA1, - 0xC2, 0x3A, 0xAF, 0x42, 0xCB, 0x95, 0x53, 0x44, - 0x82, 0xAC, 0x2C, 0x56, 0x9C, 0x01, 0xE0, 0xC2, - 0x0E, 0x65, 0x8A, 0x1E, 0x17, 0xC1, 0xD8, 0xB3, - 0x8F, 0xF6, 0x44, 0xD5, 0x3F, 0x41, 0x10, 0x65, - 0x55, 0x14, 0x09, 0xB7, 0x4A, 0x7A, 0x26, 0x04, - 0x42, 0xE1, 0x96, 0xE1, 0x2B, 0x48, 0x33, 0x96, - 0x86, 0x3E, 0x6D, 0x67, 0xDC, 0x4E, 0x54, 0x07, - 0x4C, 0x73, 0x97, 0x9E, 0x69, 0x83, 0x07, 0xCF, - 0xA6, 0x37, 0xA3, 0xFD, 0xBB, 0xD0, 0xAA, 0xA0, - 0xA7, 0x97, 0x0B, 0x38, 0xEE, 0x38, 0xB1, 0x85, - 0xA6, 0x68, 0x71, 0x29, 0xE6, 0xA2, 0xFF, 0x62, - 0x4F, 0x65, 0x6C, 0x53, 0x80, 0x5B, 0x72, 0xF4, - 0xD2, 0x41, 0x50, 0x59, 0x01, 0x22, 0xC8, 0x25, - 0x96, 0x5C, 0xE1, 0x24, 0x7D, 0x3B, 0x4A, 0x10, - 0xEE, 0x82, 0x47, 0xDF, 0xB5, 0x60, 0x25, 0x4F, - 0x79, 0x91, 0x09, 0x82, 0xED, 0x30, 0xE7, 0xF3, - 0xE6, 0x7A, 0x9F, 0xD1, 0xF0, 0xA7, 0x15, 0x60, - 0xB9, 0xDF, 0xAB, 0x4A, 0xCC, 0x0A, 0x78, 0xC9, - 0x9A, 0x7F, 0x15, 0x26, 0x81, 0x2C, 0x16, 0xA7, - 0xDC, 0x4A, 0xA8, 0xBB, 0x9F, 0xA6, 0xCA, 0xA6, - 0x80, 0xE3, 0x60, 0x2D, 0x13, 0x3C, 0xCA, 0xE9, - 0xD1, 0xAD, 0x39, 0xFD, 0xA6, 0xA3, 0xDA, 0x7F, - 0xF1, 0x0A, 0x25, 0xBD, 0x8F, 0x05, 0xBC, 0x17, - 0x98, 0xCD, 0x01, 0x2F, 0x63, 0x16, 0xCB, 0xF1, - 0xC9, 0x9F, 0x75, 0x98, 0x62, 0x43, 0x3B, 0xB7, - 0x55, 0xCC, 0x5C, 0x40, 0xF3, 0x87, 0x55, 0xEA, - 0x03, 0xA5, 0x00, 0xB4, 0x7F, 0xDD, 0x2D, 0xBD, - 0xFE, 0x05, 0x60, 0x69, 0x42, 0xB5, 0x99, 0x1E, - 0x0E, 0xA8, 0xEC, 0x04, 0x7E, 0x6F, 0x77, 0xD4, - 0x92, 0x8F, 0xC7, 0xE0, 0xB5, 0x06, 0x05, 0x76, - 0xFA, 0x45, 0x25, 0xB1, 0xD1, 0xF4, 0x01, 0x3A, - 0x49, 0xA9, 0x93, 0x77, 0x4B, 0xEE, 0xA2, 0xE8, - 0xAA, 0x39, 0xBD, 0xD9, 0x90, 0xEB, 0x0F, 0xB5, - 0xFA, 0xB6, 0xC4, 0x10, 0x79, 0xF5, 0x6A, 0x32, - 0xFD, 0x9C, 0x38, 0xAC, 0xEC, 0x84, 0xF1, 0x62, - 0xC6, 0x71, 0xE9, 0xDC, 0x55, 0xD8, 0x40, 0x1D, - 0x29, 0x8A, 0x97, 0x02, 0x08, 0x44, 0x23, 0x27, - 0x51, 0x13, 0xC3, 0x46, 0x62, 0x4A, 0x8F, 0x0E, - 0x79, 0xFC, 0xC3, 0x59, 0x33, 0xC7, 0x75, 0x7F, - 0x24, 0xE0, 0x7A, 0x25, 0x7A, 0xBF, 0xEA, 0x28, - 0xDA, 0x2B, 0xDE, 0x70, 0x73, 0xAE, 0xC1, 0x33, - 0xE6, 0x55, 0xC5, 0xA4, 0xB8, 0x94, 0xC5, 0x95, - 0x10, 0x2E, 0x7D, 0x13, 0x80, 0x96, 0xCD, 0x6F, - 0x97, 0xF5, 0x62, 0x27, 0x62, 0x4D, 0xCC, 0xAB, - 0xFB, 0x9D, 0xCF, 0xE9, 0x0E, 0x26, 0x5A, 0x04, - 0x9B, 0x90, 0xA3, 0x2E, 0x54, 0xD4, 0x81, 0xE2, - 0xF3, 0x7B, 0x00, 0x2C, 0xFE, 0x9C, 0xC9, 0xCD, - 0x24, 0x3F, 0x83, 0xE3, 0x62, 0x09, 0x4C, 0xFB, - 0xF7, 0x0E, 0x1A, 0x94, 0x79, 0xC5, 0x7E, 0x30, - 0xB4, 0xB9, 0xEB, 0x38, 0x31, 0x6F, 0xA9, 0xE9, - 0xBE, 0xE1, 0x90, 0xC6, 0xE8, 0xA8, 0xD4, 0x5C, - 0xA3, 0x40, 0x76, 0xF4, 0x84, 0x0D, 0xBC, 0x9F, - 0x42, 0x5C, 0xD5, 0x70, 0x98, 0x8E, 0x58, 0x86, - 0xC2, 0x7B, 0x64, 0xC2, 0x28, 0x15, 0x8D, 0xA7, - 0xE2, 0x82, 0xF6, 0xC0, 0x09, 0xC1, 0x61, 0xBA, - 0xC8, 0xE4, 0xDE, 0x67, 0xCD, 0x46, 0xAB, 0x9D, - 0x5A, 0xDC, 0xF7, 0xF5, 0xF6, 0xA0, 0x6D, 0x36, - 0xB5, 0xEC, 0xA3, 0x41, 0x7C, 0x40, 0xDA, 0xAC, - 0x80, 0x55, 0xFF, 0x3D, 0x77, 0x3D, 0x14, 0x1F, - 0x50, 0x40, 0x58, 0x74, 0x48, 0xF0, 0xA9, 0x10, - 0x7C, 0x44, 0xED, 0x67, 0x1A, 0x34, 0xF2, 0x5C, - 0x4F, 0x86, 0x6F, 0xCA, 0xA6, 0xC1, 0x42, 0x4F, - 0xE9, 0x59, 0x59, 0x9E, 0xFE, 0x31, 0x63, 0x56, - 0xF9, 0x05, 0xDD, 0xD6, 0x8B, 0x27, 0xA4, 0xA0, - 0xBB, 0x17, 0x28, 0x52, 0x0D, 0x5D, 0x36, 0x77, - 0x7E, 0x22, 0xF1, 0xFE, 0xDE, 0x19, 0x3B, 0x07, - 0xB3, 0xA2, 0xD2, 0x09, 0x9C, 0x41, 0x93, 0x1E, - 0xB4, 0xE0, 0xB0, 0xFA, 0x3F, 0xA7, 0xC6, 0x66, - 0xD8, 0xA7, 0xFD, 0x90, 0xCD, 0x49, 0xA2, 0xEE, - 0x25, 0x66, 0xCE, 0x31, 0x9E, 0x03, 0x35, 0x23, - 0x32, 0x2E, 0xDA, 0x7C, 0xD3, 0x14, 0x98, 0x88, - 0xBA, 0x9B, 0xEF, 0x0C, 0x5F, 0x82, 0x6F, 0x3C, - 0x5A, 0xB8, 0x6D, 0x2D, 0xD0, 0x84, 0xA3, 0xC3, - 0x16, 0xDE, 0x98, 0xCB, 0x42, 0x68, 0x4E, 0x0D, - 0x64, 0x41, 0xE0, 0x73, 0xA5, 0x9F, 0x27, 0x67, - 0x55, 0x1E, 0x56, 0x48, 0xBF, 0xBE, 0x49, 0x8E, - 0xF3, 0xC0, 0x3B, 0x65, 0xD2, 0x9F, 0x5F, 0xA8, - 0x4D, 0x99, 0x79, 0x9F, 0x1D, 0x32, 0xC2, 0x26, - 0xFB, 0xF7, 0x39, 0x65, 0x7F, 0x02, 0x61, 0xE8, - 0x96, 0x02, 0xF7, 0xBD, 0x07, 0x73, 0x41, 0x6D, - 0xFE, 0xEA, 0x80, 0x1C, 0xE1, 0xA7, 0x55, 0x3F, - 0x1E, 0xF9, 0x34, 0x1A, 0x5F, 0x74, 0x09, 0x25, - 0x80, 0x75, 0xBE, 0xF5, 0x82, 0x83, 0x35, 0x66, - 0x1A, 0x8C, 0xB1, 0x50, 0xD5, 0x37, 0x0B, 0xEC - }; - const byte kyber768_ss[] = { - 0x44, 0xF6, 0x94, 0xE4, 0x78, 0xEB, 0xAC, 0x4A, - 0x55, 0x6A, 0x38, 0xA2, 0x5C, 0x95, 0x9B, 0x62, - 0xAC, 0xC7, 0x2E, 0x17, 0xCF, 0x04, 0xB4, 0xD4, - 0x7E, 0x54, 0xB0, 0xB7, 0xFE, 0xAC, 0xEB, 0x56 - }; -#endif ret = wc_KyberKey_Init(KYBER768, &key, HEAP_HINT, INVALID_DEVID); if (ret != 0) @@ -32401,7 +31388,6 @@ static int kyber1024_kat(void) 0xc8, 0x0e, 0xfe, 0x79, 0xa3, 0xa9, 0xa8, 0x74, 0xcc, 0x09, 0xfe, 0x76, 0xf6, 0x99, 0x76, 0x15 }; -#ifndef WOLFSSL_KYBER_90S const byte kyber1024_pk[] = { 0xD2, 0x23, 0x02, 0xCB, 0xD3, 0x39, 0x9F, 0xAC, 0xC6, 0x30, 0x99, 0x1F, 0xC8, 0xF2, 0x8B, 0xDB, @@ -33202,808 +32188,6 @@ static int kyber1024_kat(void) 0x75, 0x75, 0x38, 0xBC, 0xC0, 0xDA, 0x9E, 0x55, 0x0D, 0x43, 0x8F, 0x1B, 0x61, 0xBD, 0x74, 0x19 }; -#else - const byte kyber1024_pk[] = { - 0x68, 0xE6, 0xBC, 0x26, 0x8B, 0x9E, 0x36, 0x1B, - 0x8F, 0x6E, 0x0A, 0xBC, 0xFE, 0x88, 0x93, 0x37, - 0x87, 0x53, 0x48, 0xE4, 0x16, 0x4D, 0x66, 0x15, - 0xF3, 0x82, 0xC6, 0xC7, 0xC4, 0x17, 0x8F, 0x75, - 0x1F, 0x72, 0x2B, 0x21, 0x27, 0x74, 0x64, 0xFB, - 0x83, 0x1F, 0x8A, 0xA9, 0xA0, 0x18, 0xC1, 0x9A, - 0x51, 0xB0, 0x7F, 0xA0, 0x93, 0x9B, 0xA5, 0xC2, - 0x06, 0x68, 0x63, 0x23, 0xAF, 0xF6, 0xCA, 0x83, - 0x0B, 0x76, 0xE3, 0x80, 0x02, 0x63, 0x54, 0x47, - 0x7A, 0xAC, 0x58, 0xD8, 0x93, 0x1D, 0x80, 0x3B, - 0x6F, 0xAB, 0xD7, 0x12, 0xD1, 0x72, 0x81, 0x4A, - 0x54, 0xB8, 0x12, 0xE7, 0x92, 0x47, 0x94, 0xAA, - 0x40, 0x02, 0x49, 0xD5, 0xC0, 0x46, 0x8E, 0xA3, - 0x2F, 0xB2, 0x15, 0x54, 0xC5, 0x93, 0x67, 0x90, - 0x3C, 0x60, 0xA8, 0xB4, 0x8E, 0x23, 0x40, 0x71, - 0x2F, 0x7A, 0x04, 0x5A, 0x67, 0xC2, 0x3C, 0x72, - 0x41, 0x3A, 0x64, 0x69, 0xFC, 0x83, 0x69, 0xA2, - 0x91, 0x03, 0x3C, 0x46, 0xCE, 0xA3, 0x96, 0x76, - 0x65, 0x6B, 0x6C, 0xD8, 0x57, 0x99, 0x7C, 0x04, - 0x5C, 0x5A, 0xF0, 0x34, 0xE1, 0xE1, 0x14, 0x8A, - 0x8B, 0x40, 0xCD, 0x16, 0x68, 0x31, 0x93, 0xA3, - 0x60, 0x0C, 0x84, 0xFC, 0xE3, 0xB9, 0x65, 0x10, - 0x88, 0xDD, 0x09, 0x44, 0x57, 0x6C, 0x7E, 0xA4, - 0x07, 0x2D, 0x25, 0xF0, 0x67, 0xD2, 0x42, 0x7E, - 0x26, 0xD1, 0x86, 0xF9, 0xB7, 0x7A, 0x32, 0x79, - 0x05, 0x03, 0x3B, 0xA9, 0x40, 0x85, 0xA8, 0xAB, - 0x6A, 0x8A, 0x2B, 0x86, 0x08, 0x0C, 0x45, 0x2B, - 0x10, 0x90, 0xAC, 0xC9, 0x5A, 0x2B, 0x9F, 0x5A, - 0x6E, 0x61, 0x84, 0x6D, 0x63, 0x45, 0x66, 0xFA, - 0xC0, 0xB0, 0xFF, 0x35, 0x11, 0x18, 0x06, 0x18, - 0xAF, 0x98, 0x34, 0x87, 0x12, 0x2C, 0xFB, 0x63, - 0x61, 0xFF, 0x66, 0x0D, 0x5C, 0xA0, 0x0B, 0x9D, - 0x88, 0xB1, 0xDA, 0x18, 0x36, 0xC9, 0x78, 0x6E, - 0x55, 0x27, 0x6C, 0x88, 0x53, 0x8C, 0xC1, 0xD3, - 0x05, 0xFA, 0xAA, 0xB7, 0x79, 0x9A, 0x35, 0x46, - 0xF0, 0xBE, 0x6C, 0xC7, 0x00, 0xB0, 0x65, 0xB9, - 0x03, 0x4A, 0x91, 0x63, 0x31, 0x74, 0x66, 0xD9, - 0x83, 0xDD, 0xC2, 0xAA, 0x5B, 0xB0, 0x3F, 0x5B, - 0x67, 0x33, 0x48, 0xD5, 0x76, 0x02, 0x8A, 0x02, - 0x55, 0x15, 0x6C, 0x6A, 0x29, 0x74, 0x46, 0x98, - 0x34, 0xFB, 0x15, 0x73, 0x23, 0x74, 0x60, 0x54, - 0xC4, 0xBA, 0x96, 0x40, 0x30, 0x4A, 0x11, 0x63, - 0x04, 0xF0, 0x18, 0x21, 0x72, 0xBA, 0x8D, 0x03, - 0xAE, 0xDA, 0x39, 0x91, 0x6A, 0xF1, 0x18, 0xB9, - 0x84, 0x22, 0xB7, 0x16, 0x3A, 0xB6, 0xE2, 0x47, - 0xFC, 0xAA, 0x9D, 0x7C, 0x7C, 0xAE, 0x96, 0xBB, - 0x60, 0xB1, 0xD7, 0x86, 0x0E, 0x4C, 0x7F, 0x1D, - 0x92, 0x0D, 0x31, 0xA5, 0x41, 0x38, 0x82, 0x29, - 0xEE, 0x84, 0x2C, 0xA1, 0x59, 0x43, 0x89, 0x4A, - 0x56, 0xE5, 0x14, 0x0D, 0x29, 0x59, 0xC3, 0x6E, - 0xA2, 0x6E, 0x2D, 0xE0, 0x51, 0x21, 0x36, 0x6B, - 0xE4, 0x14, 0x02, 0x7B, 0xD1, 0x47, 0x81, 0x47, - 0x2E, 0xDD, 0xA4, 0x71, 0x10, 0xD0, 0xB3, 0xAE, - 0x2A, 0xA2, 0x55, 0xAB, 0x6D, 0x6F, 0xE0, 0x1C, - 0x26, 0xC2, 0x87, 0x63, 0x97, 0x6B, 0xBF, 0xA9, - 0x2F, 0x4F, 0x09, 0xA5, 0xB7, 0x3C, 0x47, 0x1F, - 0x8C, 0x9E, 0x53, 0x26, 0x92, 0x55, 0xDA, 0xC1, - 0xE0, 0x71, 0x5E, 0x87, 0x00, 0x06, 0x09, 0x70, - 0x60, 0xFF, 0x23, 0xC3, 0xAB, 0x43, 0xC4, 0x19, - 0xE4, 0x48, 0xC7, 0x30, 0x40, 0x10, 0xC4, 0x0F, - 0x3D, 0xC0, 0xB7, 0x26, 0x39, 0x2E, 0x46, 0x03, - 0x7E, 0xB9, 0x49, 0x04, 0x55, 0xE3, 0x49, 0xA4, - 0x35, 0xCD, 0xA9, 0x0A, 0xA3, 0xB7, 0x47, 0x8C, - 0x32, 0xE8, 0x72, 0xB2, 0xB8, 0x5C, 0xEC, 0xF0, - 0x3D, 0xDC, 0xD6, 0x16, 0x33, 0x78, 0xBF, 0x73, - 0xB1, 0x3B, 0x2E, 0x1A, 0x7B, 0x6E, 0xBC, 0x39, - 0x29, 0xEC, 0x08, 0x63, 0x89, 0x3F, 0x73, 0x8C, - 0x38, 0x9F, 0x3B, 0x3B, 0x2B, 0xB5, 0x4F, 0xC1, - 0x5B, 0xB7, 0x8A, 0x25, 0x31, 0xEE, 0xBC, 0xB7, - 0xBC, 0x10, 0x81, 0x07, 0x96, 0x59, 0x81, 0xD2, - 0x0A, 0x7D, 0x1A, 0x87, 0x21, 0xBA, 0x36, 0x40, - 0x03, 0x13, 0x2F, 0x03, 0x6C, 0xE4, 0x0C, 0x9E, - 0x75, 0x5B, 0x2A, 0xB4, 0x86, 0x1D, 0x04, 0xC1, - 0xBE, 0x0D, 0x53, 0x97, 0x91, 0x4B, 0x6C, 0xD4, - 0xAA, 0x40, 0x8C, 0x62, 0x2B, 0x21, 0xB1, 0x1B, - 0xA0, 0xEB, 0xA6, 0x17, 0x29, 0x59, 0x6F, 0x8B, - 0x0E, 0x82, 0x14, 0xAA, 0x4A, 0xA6, 0x01, 0x86, - 0x51, 0x07, 0xA2, 0xA7, 0x6A, 0xD7, 0xCC, 0x2F, - 0x97, 0x43, 0x00, 0x18, 0x28, 0xB8, 0x0B, 0x24, - 0x80, 0x2B, 0x98, 0x9D, 0x98, 0x42, 0x5E, 0x14, - 0x7C, 0x6D, 0x93, 0x32, 0xBA, 0x08, 0x4B, 0x8F, - 0xFB, 0x96, 0x27, 0xE3, 0xFB, 0xC4, 0xBE, 0x65, - 0x38, 0xEB, 0xDA, 0x1D, 0x9D, 0xB9, 0xB6, 0x75, - 0xB0, 0x16, 0x66, 0x57, 0x23, 0xD4, 0x11, 0x71, - 0x54, 0xF8, 0x13, 0x3E, 0xA9, 0x00, 0xCB, 0x47, - 0x0B, 0x1D, 0xC5, 0xB5, 0x7A, 0x78, 0x11, 0x16, - 0x72, 0x9E, 0xD6, 0x29, 0x45, 0x6E, 0x1A, 0x7D, - 0x6A, 0x37, 0x9F, 0x2E, 0x01, 0x0A, 0xCB, 0xEC, - 0x21, 0xFC, 0xD1, 0xC2, 0xB0, 0xBB, 0x61, 0xC3, - 0xDA, 0x6C, 0x73, 0x70, 0x5F, 0xD7, 0xB0, 0xC3, - 0x61, 0x2A, 0xC3, 0xB4, 0xA1, 0x2E, 0xC5, 0xD3, - 0x7F, 0x4C, 0x1A, 0x4A, 0x4D, 0xF8, 0x16, 0x6E, - 0xF6, 0x68, 0x9C, 0x06, 0xB5, 0xD4, 0xA6, 0x1A, - 0x52, 0x14, 0xAE, 0x5E, 0x5C, 0x28, 0x07, 0x4C, - 0xC5, 0xFE, 0x2A, 0x41, 0x2A, 0xC5, 0x14, 0x15, - 0x94, 0x28, 0x54, 0x85, 0x15, 0x6E, 0xCA, 0x65, - 0x64, 0x28, 0x37, 0x20, 0xB0, 0xBA, 0xD1, 0xD9, - 0x74, 0x5B, 0xA5, 0x77, 0x71, 0x1A, 0xB6, 0xF2, - 0x14, 0xC5, 0x2F, 0xB5, 0xBA, 0xAF, 0x8A, 0x1F, - 0x85, 0x33, 0x5A, 0xEB, 0x44, 0x37, 0x0B, 0x39, - 0xC5, 0x6C, 0x4C, 0x3D, 0x32, 0x75, 0x55, 0x60, - 0xCB, 0x2C, 0xA9, 0x45, 0x87, 0x51, 0xF1, 0x65, - 0x4B, 0x82, 0xC5, 0xE7, 0xFB, 0x0D, 0xB5, 0x16, - 0xBE, 0x1E, 0x42, 0x43, 0x3A, 0xD4, 0x7B, 0x6B, - 0xCC, 0xB3, 0x63, 0x61, 0xC4, 0x34, 0xEB, 0x59, - 0xCF, 0xF3, 0x38, 0x49, 0x54, 0xBB, 0x76, 0xF1, - 0x44, 0x14, 0x91, 0x67, 0x91, 0x3B, 0x85, 0x0F, - 0x75, 0x28, 0xBD, 0x76, 0x87, 0xB8, 0x8B, 0x64, - 0x84, 0xA6, 0x82, 0x68, 0x39, 0x97, 0x08, 0x42, - 0xA5, 0x93, 0xBB, 0x93, 0x45, 0x5A, 0x73, 0xBC, - 0x2C, 0x74, 0x62, 0x55, 0xC1, 0x3B, 0xC8, 0x52, - 0x1C, 0x73, 0x54, 0xE9, 0x8B, 0x98, 0x76, 0xA9, - 0x58, 0x6F, 0xC3, 0x7C, 0x5F, 0x24, 0x8D, 0xA0, - 0x55, 0x75, 0x8B, 0xD9, 0x61, 0x5E, 0x68, 0xBF, - 0x93, 0xEA, 0x0B, 0xA1, 0xD0, 0x22, 0xE2, 0xD2, - 0x22, 0x04, 0xA4, 0x45, 0x8C, 0xB6, 0x12, 0xB0, - 0x29, 0x41, 0xE8, 0x7A, 0xAC, 0xF1, 0xA3, 0x29, - 0x07, 0xD9, 0x8B, 0x4B, 0x13, 0xC6, 0xC9, 0xB4, - 0xAB, 0xD6, 0xDC, 0xCF, 0x66, 0x21, 0x06, 0xF5, - 0xD5, 0x8C, 0x2F, 0xC7, 0x51, 0x97, 0x35, 0x5E, - 0xB8, 0xCC, 0x41, 0x74, 0x2C, 0x6D, 0xA0, 0x03, - 0x40, 0x6D, 0x13, 0x56, 0xF8, 0xA0, 0x7A, 0x37, - 0x97, 0x88, 0x00, 0x60, 0x67, 0xCB, 0xF5, 0x2F, - 0x22, 0xD5, 0x3D, 0x68, 0x71, 0x22, 0x41, 0x09, - 0x34, 0x6E, 0xA8, 0x3B, 0x45, 0xCA, 0x60, 0xAF, - 0xEC, 0xCA, 0x0F, 0xA5, 0x67, 0x2B, 0x36, 0x64, - 0x89, 0xEB, 0x8D, 0xD1, 0xF7, 0x20, 0x4C, 0xDB, - 0x7D, 0x9B, 0xE1, 0x87, 0xF4, 0x39, 0x7B, 0x9B, - 0x4C, 0xA0, 0x31, 0x34, 0x75, 0x0D, 0xD5, 0x7D, - 0xAD, 0xE1, 0x88, 0x91, 0xCC, 0xA9, 0x47, 0x4B, - 0x65, 0x32, 0x60, 0x52, 0x50, 0xBC, 0xBB, 0x6E, - 0x02, 0x94, 0xEF, 0x95, 0x32, 0x6D, 0x25, 0x9B, - 0x08, 0xB2, 0x93, 0x8D, 0x8C, 0x59, 0xE2, 0x58, - 0x4B, 0x69, 0x10, 0x71, 0x85, 0xF3, 0x45, 0x30, - 0x24, 0x07, 0x35, 0x17, 0xC9, 0x89, 0x00, 0x9E, - 0xBB, 0x6B, 0x22, 0xED, 0xE9, 0x70, 0x43, 0x66, - 0xC6, 0x23, 0x2A, 0x62, 0x82, 0xF3, 0xBB, 0x09, - 0x08, 0x74, 0xA6, 0xFB, 0x0D, 0x84, 0x53, 0x6D, - 0x3F, 0x61, 0x3A, 0x21, 0xD1, 0x9D, 0x98, 0x44, - 0x17, 0xFA, 0xF0, 0x84, 0x6C, 0xB4, 0x28, 0x7B, - 0x3C, 0x70, 0x9F, 0x22, 0x62, 0x26, 0xA0, 0x9E, - 0x94, 0xFA, 0x89, 0x85, 0x43, 0x87, 0x4A, 0xE2, - 0x08, 0x11, 0xE3, 0x90, 0x80, 0xE6, 0xB2, 0xCE, - 0x49, 0x92, 0x26, 0xF5, 0x13, 0x8C, 0x14, 0x38, - 0x72, 0xDB, 0x86, 0xFB, 0xC2, 0x9C, 0xFD, 0xA2, - 0x9F, 0xD2, 0x26, 0x0E, 0xC7, 0xB9, 0xA2, 0x37, - 0xD1, 0x9A, 0xAB, 0x1B, 0x93, 0xE1, 0xDA, 0x4E, - 0xBC, 0x58, 0x9D, 0x82, 0x4C, 0x58, 0x90, 0x96, - 0x99, 0xD3, 0xE8, 0xBC, 0x7F, 0x53, 0xB3, 0x55, - 0xFA, 0x31, 0xE9, 0x6B, 0x1E, 0x35, 0x4A, 0xA4, - 0xB3, 0xC8, 0x4D, 0xF3, 0xC4, 0x7F, 0x80, 0xF9, - 0x32, 0xEA, 0x68, 0x5D, 0x96, 0xC5, 0xA5, 0x96, - 0x08, 0x22, 0xC6, 0x43, 0x64, 0x5F, 0x1A, 0x63, - 0xDD, 0x60, 0x8A, 0x09, 0x71, 0xC7, 0xF2, 0x15, - 0x7C, 0xA5, 0x24, 0x4D, 0x49, 0x2C, 0x01, 0x0B, - 0x71, 0xB7, 0x74, 0xC1, 0x0C, 0x07, 0xD3, 0xC8, - 0x4C, 0xA5, 0x4D, 0xE5, 0x00, 0x1F, 0xE0, 0xAC, - 0x4E, 0x69, 0x52, 0x81, 0x4E, 0xC1, 0x0F, 0xF9, - 0x8B, 0x19, 0xE7, 0x89, 0xC1, 0xAC, 0x68, 0x45, - 0xC7, 0x62, 0x80, 0x55, 0x27, 0x5C, 0x33, 0x34, - 0x41, 0x87, 0x1B, 0x8C, 0x30, 0x99, 0x9B, 0x05, - 0x31, 0x34, 0xC0, 0xE7, 0xB1, 0xAC, 0x6A, 0xA6, - 0x63, 0x12, 0xC1, 0xA5, 0xE2, 0x97, 0x92, 0x97, - 0x02, 0x56, 0x88, 0x14, 0x38, 0xDC, 0x46, 0x29, - 0x37, 0x4D, 0xFB, 0x9A, 0x91, 0x48, 0x62, 0x9D, - 0x14, 0x8C, 0x60, 0x1D, 0x4B, 0x6A, 0xA2, 0xC2, - 0x9C, 0xCE, 0xE8, 0x94, 0x7A, 0x27, 0x87, 0x0E, - 0x4C, 0x65, 0xE4, 0x12, 0x46, 0xD6, 0x25, 0x3D, - 0xC4, 0xF1, 0x3A, 0xEB, 0x31, 0xCD, 0x7E, 0x36, - 0x2F, 0x0F, 0x28, 0x84, 0xB9, 0xF7, 0x3B, 0xA9, - 0x93, 0x50, 0xAA, 0xA4, 0x02, 0x4A, 0x73, 0x14, - 0xBE, 0x69, 0x3A, 0xE4, 0x13, 0xA5, 0xCE, 0xA0, - 0x9A, 0x27, 0x27, 0x3A, 0x0B, 0xF6, 0xA4, 0x53, - 0xF8, 0x63, 0x9B, 0x48, 0x26, 0x8D, 0x21, 0xC9, - 0xAE, 0xC2, 0x62, 0xBE, 0x28, 0xC0, 0x7E, 0xA4, - 0xB9, 0x35, 0xA8, 0x69, 0x63, 0x26, 0xAA, 0x18, - 0xA5, 0x91, 0xCE, 0xE9, 0xC9, 0xF2, 0xA7, 0x29, - 0xBC, 0x50, 0x33, 0xDD, 0xE6, 0x37, 0x27, 0x38, - 0x85, 0x92, 0x1B, 0x73, 0xB8, 0x58, 0xA1, 0x88, - 0x33, 0xA7, 0xB8, 0x3A, 0x82, 0xFE, 0x02, 0xCC, - 0x33, 0x54, 0xC3, 0x0B, 0x0C, 0x4D, 0x0D, 0x3B, - 0xA1, 0x33, 0x1C, 0x6E, 0xC7, 0xA7, 0x0B, 0x7E, - 0x50, 0x3F, 0x76, 0x47, 0xA9, 0x52, 0xB0, 0x03, - 0x86, 0xCC, 0x90, 0xB3, 0x4A, 0x51, 0x4F, 0x99, - 0x5A, 0x56, 0x92, 0x05, 0xEB, 0x2A, 0x3F, 0xA7, - 0x9A, 0x78, 0x65, 0x21, 0x18, 0xD4, 0xBC, 0x48, - 0x46, 0x27, 0xCD, 0x02, 0x33, 0xBC, 0x5A, 0x35, - 0x16, 0x15, 0x0B, 0xAF, 0x6E, 0x10, 0x66, 0x5D, - 0xA7, 0x61, 0x8F, 0x28, 0x41, 0xB5, 0x02, 0x61, - 0x72, 0x48, 0x89, 0x3B, 0xAA, 0xB7, 0xE9, 0x03, - 0x89, 0x0D, 0xF0, 0xCA, 0xC2, 0x84, 0xCD, 0x11, - 0x65, 0xB4, 0x64, 0xC1, 0x8F, 0x4C, 0xFA, 0x8F, - 0x69, 0x2D, 0x3C, 0x8E, 0x8C, 0x73, 0x9F, 0xB3, - 0x78, 0x27, 0x74, 0x15, 0x61, 0xD5, 0xE7, 0x66, - 0x67, 0x51, 0x82, 0xFF, 0x83, 0xC9, 0x1C, 0xF0, - 0x33, 0x65, 0x88, 0x23, 0xD8, 0xFA, 0x91, 0xE1 - }; - const byte kyber1024_sk[] = { - 0x1B, 0xD1, 0x97, 0x95, 0x10, 0xBC, 0xE5, 0x03, - 0x1C, 0x0F, 0x99, 0x1D, 0xE0, 0x82, 0xC3, 0x89, - 0xA1, 0xBD, 0x15, 0x57, 0x19, 0x1D, 0x81, 0x03, - 0xBD, 0xCC, 0x04, 0xC1, 0x98, 0xAE, 0x3E, 0x95, - 0x95, 0xFD, 0xB6, 0x57, 0xB5, 0xC6, 0x39, 0x97, - 0x95, 0x79, 0xAE, 0x13, 0x5B, 0x11, 0xE2, 0x4D, - 0x36, 0xE5, 0x49, 0x44, 0x67, 0x83, 0x2E, 0x6A, - 0x8A, 0x46, 0xAA, 0x8F, 0x9F, 0xF9, 0x87, 0x4A, - 0x16, 0x00, 0x27, 0x84, 0x07, 0x71, 0x56, 0x2D, - 0x74, 0x61, 0xB1, 0x6C, 0x61, 0x87, 0xF3, 0xC2, - 0xC1, 0x9C, 0x9C, 0x8F, 0xE6, 0x41, 0x49, 0x7D, - 0x8A, 0x15, 0x5C, 0x51, 0x15, 0x7D, 0x91, 0x35, - 0xD9, 0xB4, 0x5D, 0x3C, 0x7C, 0x4C, 0xB1, 0x82, - 0x31, 0x8C, 0x11, 0xAD, 0x08, 0xB3, 0x9F, 0xAC, - 0x04, 0x15, 0xE6, 0xE2, 0x6D, 0xB3, 0x43, 0x91, - 0xDE, 0xC2, 0x47, 0x1B, 0x30, 0x3C, 0x05, 0x05, - 0xB6, 0xFE, 0x45, 0x6E, 0x81, 0x50, 0x21, 0xE8, - 0x2B, 0x5F, 0x2D, 0x16, 0x6F, 0xDF, 0xB5, 0xB9, - 0x23, 0xC8, 0x3A, 0x61, 0x67, 0x30, 0x28, 0xF0, - 0xBA, 0xE0, 0x28, 0x08, 0x9F, 0x47, 0x61, 0x67, - 0xE5, 0x75, 0x6C, 0xAA, 0x3E, 0xE0, 0xF1, 0x89, - 0xC6, 0x47, 0x81, 0xC7, 0x49, 0x27, 0xBC, 0xDB, - 0x67, 0xE7, 0x75, 0xCC, 0xA8, 0x5B, 0x44, 0xB8, - 0x8B, 0x10, 0x61, 0xD8, 0x96, 0x3F, 0xE4, 0x0B, - 0x1F, 0xB4, 0x34, 0x68, 0x20, 0x09, 0x0E, 0x5C, - 0x0B, 0x7C, 0x49, 0x08, 0x89, 0x33, 0xAD, 0xE3, - 0x82, 0x96, 0x88, 0x6C, 0x43, 0x45, 0x65, 0x7C, - 0x3F, 0x07, 0xCF, 0x1A, 0xE9, 0x76, 0xE6, 0xBA, - 0x77, 0x7E, 0xF0, 0x1F, 0xB9, 0xC3, 0xB0, 0xDC, - 0xF0, 0x58, 0x3A, 0xE5, 0x44, 0xCD, 0x80, 0x3A, - 0xC1, 0x39, 0xCA, 0x61, 0x9B, 0x8D, 0xCA, 0x13, - 0x1C, 0xD2, 0x73, 0xCE, 0xCB, 0x65, 0xBC, 0xEF, - 0x00, 0x29, 0x95, 0x12, 0xB0, 0x21, 0xBA, 0x1B, - 0x2F, 0xF2, 0x08, 0xEE, 0xBB, 0x08, 0xA6, 0x28, - 0x7E, 0xC4, 0x4C, 0x21, 0x7D, 0x94, 0x76, 0x40, - 0x42, 0x5C, 0x0E, 0x97, 0x13, 0x44, 0x5B, 0xC5, - 0x2B, 0xC3, 0xCD, 0x66, 0x01, 0x2C, 0x8C, 0xB7, - 0x10, 0xA2, 0xE8, 0xAD, 0x5F, 0xC5, 0x1C, 0x5B, - 0x71, 0xCE, 0x69, 0xE9, 0x6A, 0x22, 0x06, 0x6F, - 0x74, 0x4B, 0xBA, 0xB6, 0x47, 0x2F, 0xEF, 0x3A, - 0x5B, 0xCF, 0xD6, 0x1D, 0xF1, 0xF8, 0x6A, 0x95, - 0x64, 0x80, 0x03, 0x1A, 0x99, 0x0E, 0xE0, 0x7D, - 0xE5, 0x04, 0x5E, 0xBC, 0x49, 0x8F, 0x2D, 0x3A, - 0xBD, 0xE3, 0x28, 0xC4, 0x2A, 0xCB, 0x21, 0xAD, - 0x62, 0x5D, 0x7B, 0xCB, 0x85, 0x5A, 0x8A, 0x0A, - 0xCB, 0xA2, 0x85, 0x16, 0xD3, 0x5A, 0xAF, 0x92, - 0xBE, 0xB3, 0x9C, 0x46, 0xD8, 0xF4, 0xA0, 0x1F, - 0x73, 0x20, 0x40, 0xF2, 0x7C, 0x40, 0x9B, 0xA4, - 0x9A, 0x80, 0xCF, 0x95, 0x55, 0x7C, 0x73, 0x7C, - 0x4A, 0x45, 0x11, 0x2C, 0x52, 0x2C, 0x78, 0x04, - 0xC7, 0x7A, 0x3D, 0x44, 0x53, 0xBA, 0x82, 0xC1, - 0x49, 0x08, 0xBC, 0xC0, 0x47, 0x13, 0x7E, 0x5A, - 0x7B, 0x23, 0x92, 0xC8, 0x31, 0x25, 0x4C, 0x1A, - 0x59, 0x54, 0xC8, 0x8C, 0xCF, 0xA5, 0xD8, 0x8B, - 0x3B, 0x93, 0x31, 0xBE, 0xF4, 0x62, 0x55, 0x09, - 0x14, 0xD1, 0x84, 0x17, 0x59, 0x40, 0xB4, 0xE9, - 0xB7, 0xAD, 0x3D, 0x44, 0x2E, 0xA9, 0x68, 0xB6, - 0xA4, 0x0A, 0x19, 0x72, 0x71, 0x5B, 0xCB, 0x72, - 0x82, 0x14, 0xA1, 0xBE, 0x8E, 0x04, 0x1D, 0xF5, - 0x72, 0xCC, 0x2D, 0x01, 0x6F, 0xFD, 0x6B, 0x0A, - 0xFA, 0xC8, 0x02, 0xBA, 0x97, 0x5A, 0x4A, 0x31, - 0xA4, 0x18, 0x40, 0x2E, 0x6B, 0x01, 0x41, 0xFA, - 0xD6, 0x48, 0x49, 0xE1, 0x6C, 0x80, 0x37, 0x23, - 0xA7, 0x74, 0x2B, 0x08, 0x2A, 0x7A, 0x56, 0x26, - 0x4E, 0x02, 0x60, 0xA2, 0x4A, 0x66, 0x42, 0x3D, - 0x52, 0x64, 0x82, 0x07, 0x04, 0x06, 0x5C, 0xAC, - 0x41, 0x10, 0x72, 0x48, 0x64, 0x37, 0xCA, 0xA5, - 0x47, 0x2D, 0x73, 0x3C, 0x64, 0x14, 0x5F, 0x10, - 0x0B, 0x0B, 0x16, 0xC0, 0xAB, 0x0D, 0xB8, 0x7C, - 0xC5, 0x64, 0x26, 0xC1, 0x1A, 0x69, 0x45, 0x25, - 0x95, 0x8D, 0xB8, 0x31, 0x59, 0x31, 0xC5, 0x09, - 0xD6, 0x3C, 0x48, 0x10, 0xBB, 0xA7, 0x68, 0xCA, - 0xCB, 0xF9, 0xCD, 0x85, 0x7B, 0x0D, 0x66, 0xD6, - 0x5A, 0xF7, 0xEB, 0xAC, 0x18, 0xB7, 0x9C, 0xBE, - 0xBC, 0x0A, 0x49, 0xB5, 0xC0, 0x5A, 0xA8, 0x7F, - 0x8D, 0xE8, 0x25, 0xA6, 0xA1, 0x13, 0x5F, 0xE8, - 0x64, 0xCF, 0x6C, 0x99, 0x8D, 0xDC, 0x37, 0xFC, - 0x01, 0x56, 0xBB, 0x52, 0xA7, 0x8E, 0xC2, 0x99, - 0xCA, 0x53, 0x1C, 0xF8, 0x75, 0xBE, 0xFA, 0x48, - 0x75, 0x72, 0x60, 0x28, 0xED, 0x37, 0x91, 0xBA, - 0x31, 0xC0, 0x0E, 0xC7, 0x40, 0x20, 0xCA, 0xA1, - 0x7F, 0x91, 0x19, 0x63, 0x96, 0xCF, 0xE5, 0x88, - 0x6E, 0x51, 0x1A, 0x52, 0xD0, 0xCA, 0x8D, 0xEE, - 0x25, 0xBF, 0x4E, 0x77, 0xCB, 0x92, 0xE6, 0x36, - 0x40, 0x64, 0x6D, 0xE2, 0x58, 0x6D, 0xCD, 0x00, - 0x14, 0x16, 0xCC, 0xC1, 0xEC, 0x30, 0x7C, 0xA2, - 0x75, 0x6D, 0xBE, 0xA8, 0x26, 0x36, 0x14, 0x51, - 0x3C, 0xA0, 0x5E, 0x70, 0xC7, 0x54, 0xF5, 0x6A, - 0x2C, 0x3F, 0xF7, 0x42, 0x94, 0x8C, 0x34, 0xAF, - 0x49, 0x34, 0x2F, 0x55, 0x03, 0x4C, 0x1C, 0x70, - 0xE0, 0x79, 0x6D, 0x26, 0xB2, 0x30, 0x35, 0x6B, - 0x1B, 0x74, 0xA1, 0x6C, 0x0B, 0x28, 0x37, 0x4B, - 0x79, 0xC1, 0x6B, 0x04, 0x96, 0xCA, 0x20, 0x12, - 0x3E, 0x6C, 0x67, 0x62, 0xD9, 0x01, 0xE2, 0x76, - 0x08, 0x5D, 0x81, 0x2A, 0xE9, 0xC3, 0x45, 0xAD, - 0xF5, 0x09, 0xDD, 0xC7, 0x87, 0x61, 0x62, 0xCE, - 0x34, 0xA6, 0x00, 0x3F, 0xB4, 0x5C, 0xD8, 0x66, - 0x0F, 0xDD, 0x46, 0x71, 0x6E, 0x82, 0x55, 0x06, - 0x62, 0x37, 0x5D, 0xB5, 0x5E, 0x63, 0xA2, 0x0F, - 0x01, 0x2A, 0x71, 0xE3, 0xD9, 0x72, 0x25, 0xC5, - 0x8F, 0x52, 0x34, 0xC6, 0xB5, 0x3A, 0x8A, 0xA0, - 0x33, 0x9C, 0xEF, 0xD4, 0x84, 0xE4, 0x7A, 0x3D, - 0xE6, 0x49, 0x88, 0x05, 0xC2, 0x82, 0xE0, 0x76, - 0x8E, 0x35, 0xC7, 0x5C, 0x20, 0x07, 0x76, 0x5C, - 0xA1, 0x7F, 0x01, 0xD2, 0x85, 0xA7, 0xC3, 0x04, - 0x8B, 0xC7, 0x2B, 0xA3, 0xAA, 0x57, 0x7C, 0x1C, - 0x43, 0x2A, 0x3C, 0x76, 0x9D, 0x21, 0xB8, 0x6C, - 0x01, 0x8F, 0x81, 0x7A, 0x26, 0x67, 0x35, 0x1C, - 0x2B, 0xC8, 0x5F, 0xA5, 0x53, 0x6F, 0xA7, 0xA6, - 0xCD, 0xEF, 0xCC, 0x0D, 0xD6, 0xF9, 0x1B, 0xDD, - 0xE8, 0x9D, 0x4E, 0x51, 0x6C, 0x8B, 0x75, 0x40, - 0xA7, 0xDC, 0x3F, 0xC4, 0x89, 0x8A, 0xB3, 0x30, - 0x08, 0xBC, 0xC1, 0x9F, 0x9E, 0x46, 0x3D, 0xE9, - 0x36, 0x26, 0x99, 0x4C, 0xC9, 0x27, 0xA3, 0x4A, - 0x9D, 0x70, 0x40, 0xC1, 0x31, 0xC8, 0x1F, 0x07, - 0x83, 0xDD, 0x68, 0x84, 0x29, 0x43, 0xC5, 0x5D, - 0xC5, 0x77, 0xD3, 0x67, 0xA4, 0x01, 0x83, 0x94, - 0xBB, 0x11, 0x60, 0x72, 0xAC, 0x65, 0xF2, 0xEB, - 0x9B, 0x4F, 0xF5, 0x8F, 0x41, 0x15, 0x40, 0x1B, - 0x11, 0x7D, 0x91, 0x3B, 0x75, 0x75, 0x57, 0x57, - 0x19, 0x39, 0x0C, 0x9E, 0x80, 0x06, 0x97, 0xA8, - 0x28, 0xB1, 0x25, 0x83, 0xF9, 0x4A, 0x2F, 0x8F, - 0x72, 0x0A, 0x6E, 0x87, 0x00, 0xFD, 0x40, 0x7D, - 0x73, 0xA4, 0xC7, 0x97, 0x55, 0x2B, 0x98, 0x75, - 0x7A, 0x5F, 0x57, 0x82, 0xA9, 0x50, 0x95, 0xDF, - 0xA5, 0xAC, 0xB7, 0xD9, 0x3A, 0x80, 0x5C, 0x30, - 0x18, 0x30, 0x4E, 0x5D, 0x22, 0xB7, 0x6F, 0xA5, - 0xAA, 0x51, 0x96, 0xB7, 0xEB, 0xDB, 0x7A, 0xA0, - 0xA5, 0x2D, 0x06, 0xAC, 0x4B, 0x9E, 0x4C, 0x00, - 0xC0, 0xF8, 0x5C, 0xEC, 0xB0, 0xBD, 0x95, 0x56, - 0x2D, 0x56, 0x23, 0x30, 0x78, 0x51, 0x43, 0xC7, - 0xF1, 0x29, 0xFA, 0xF9, 0x19, 0x48, 0xB0, 0xC8, - 0x8C, 0x60, 0x82, 0xE0, 0xF3, 0x03, 0x54, 0x74, - 0x12, 0x6E, 0x23, 0x6B, 0x80, 0xD2, 0x22, 0xD2, - 0x81, 0x4F, 0x6A, 0xF2, 0x4B, 0xD5, 0xD1, 0x19, - 0x86, 0x33, 0x1F, 0xAF, 0xC2, 0x1E, 0xC8, 0x4C, - 0x93, 0xA8, 0x81, 0x24, 0x72, 0x51, 0x10, 0x5A, - 0x6A, 0xB4, 0x35, 0xD7, 0x6E, 0xFD, 0x88, 0x9D, - 0x27, 0xC0, 0x0C, 0x2A, 0x14, 0xBD, 0x04, 0xA6, - 0xBD, 0x0B, 0x20, 0x07, 0xB5, 0x51, 0x5A, 0x75, - 0xF1, 0x14, 0xD1, 0x92, 0x10, 0xBC, 0x70, 0x50, - 0x85, 0x33, 0x53, 0x2F, 0x1B, 0x0A, 0x30, 0x0C, - 0x8B, 0x12, 0xF0, 0x0A, 0xC4, 0xFC, 0x46, 0x0F, - 0xA8, 0x4A, 0x2D, 0x15, 0x21, 0xBD, 0x0B, 0x42, - 0x88, 0xD9, 0x2D, 0xD1, 0x2B, 0x17, 0x3E, 0x28, - 0x8B, 0x8A, 0x30, 0xC4, 0x9C, 0xA3, 0x56, 0x21, - 0x3C, 0x22, 0x4A, 0x03, 0x64, 0xDC, 0xF1, 0x8F, - 0xF0, 0x70, 0x0E, 0xAE, 0xBB, 0xB6, 0xD2, 0x02, - 0x03, 0x71, 0x14, 0x5A, 0x8A, 0xE8, 0x79, 0x59, - 0x72, 0x2D, 0x34, 0xF3, 0x3F, 0xAE, 0x00, 0x57, - 0x2D, 0xB3, 0xAC, 0x9A, 0x7B, 0xBD, 0xD4, 0x0B, - 0x75, 0x3C, 0x57, 0xA7, 0x3B, 0xA1, 0xB5, 0x43, - 0x12, 0x8A, 0x20, 0xDC, 0x98, 0x31, 0x69, 0x39, - 0xFE, 0xB8, 0x14, 0xCB, 0x17, 0x6C, 0x41, 0x64, - 0x77, 0x01, 0x2A, 0x97, 0x23, 0x67, 0x83, 0x46, - 0x7C, 0x0E, 0x15, 0x97, 0x33, 0xC5, 0xA0, 0x31, - 0x3C, 0xB2, 0x78, 0xD2, 0x31, 0x41, 0x2C, 0xB0, - 0x42, 0xC8, 0xE1, 0x16, 0xD6, 0x65, 0xA3, 0x7E, - 0xA4, 0x86, 0xEE, 0x07, 0x75, 0x44, 0xFC, 0x09, - 0xD5, 0x71, 0x56, 0x46, 0x3C, 0x1B, 0x10, 0xDC, - 0x49, 0x41, 0x0A, 0x3C, 0x0F, 0xE4, 0xB2, 0xEF, - 0x57, 0x1F, 0xAA, 0x56, 0x7A, 0xB5, 0x01, 0x59, - 0x58, 0xDB, 0xCF, 0x2C, 0xFA, 0x2C, 0xA7, 0x33, - 0x96, 0x3C, 0x34, 0x45, 0x7F, 0x85, 0x99, 0xCA, - 0x3A, 0xC8, 0xD2, 0xCB, 0x99, 0xA4, 0x57, 0x11, - 0x4E, 0x55, 0x9A, 0x9F, 0x82, 0xC4, 0x28, 0x47, - 0x99, 0xDE, 0x66, 0x15, 0x0A, 0x26, 0x56, 0x8F, - 0x95, 0xAF, 0x70, 0x65, 0x78, 0x8E, 0x62, 0x86, - 0x84, 0x60, 0x8C, 0x74, 0xDA, 0x57, 0x17, 0xB8, - 0x1F, 0x5D, 0x5C, 0x2F, 0x7D, 0x1A, 0x6C, 0xC0, - 0x71, 0x7C, 0xAB, 0xD2, 0xBA, 0xD2, 0x49, 0xB0, - 0x87, 0x58, 0x8F, 0x75, 0x65, 0x23, 0xFD, 0xF0, - 0x4E, 0x7F, 0x31, 0x76, 0x1B, 0x01, 0xAC, 0xB7, - 0xF6, 0x7E, 0xBF, 0x87, 0x62, 0xF5, 0xCB, 0x0B, - 0xC3, 0x72, 0xB4, 0xDD, 0x08, 0x3B, 0x06, 0x66, - 0x74, 0x02, 0x20, 0x4D, 0x08, 0x73, 0x9E, 0xB7, - 0x95, 0x20, 0xA9, 0x2C, 0x87, 0xC7, 0xE2, 0x2C, - 0x78, 0x77, 0x97, 0x3A, 0x0B, 0x79, 0xB0, 0xC7, - 0xAC, 0xCB, 0xBB, 0xAF, 0x88, 0xFB, 0xB0, 0x3D, - 0x4B, 0x6F, 0x5B, 0xB9, 0x87, 0x8A, 0xAB, 0x81, - 0x02, 0xF6, 0xB9, 0x1A, 0x27, 0x00, 0xD0, 0xEA, - 0xC3, 0x1D, 0x26, 0x03, 0x5B, 0xC1, 0x8A, 0x66, - 0xCB, 0x90, 0xEA, 0x24, 0x3F, 0xCF, 0x1A, 0x9A, - 0x1D, 0x24, 0x0C, 0x29, 0x0A, 0x54, 0x82, 0xA1, - 0x55, 0xC8, 0x00, 0x91, 0x13, 0xA0, 0x82, 0xDA, - 0xD5, 0xCE, 0x5C, 0xD2, 0x53, 0x03, 0x37, 0x02, - 0x51, 0x59, 0x3C, 0x12, 0x11, 0xAA, 0xB6, 0xC8, - 0x44, 0xC2, 0xC4, 0xB7, 0x99, 0xD4, 0x92, 0x80, - 0x00, 0x74, 0x63, 0x89, 0x48, 0xCB, 0x64, 0x31, - 0x0F, 0x38, 0xB4, 0x88, 0x51, 0xA6, 0x9E, 0x22, - 0x28, 0x70, 0x3C, 0x97, 0xFC, 0x20, 0x4E, 0x54, - 0x37, 0x21, 0x79, 0xAA, 0x84, 0xDE, 0xC1, 0xAC, - 0x68, 0xE6, 0xBC, 0x26, 0x8B, 0x9E, 0x36, 0x1B, - 0x8F, 0x6E, 0x0A, 0xBC, 0xFE, 0x88, 0x93, 0x37, - 0x87, 0x53, 0x48, 0xE4, 0x16, 0x4D, 0x66, 0x15, - 0xF3, 0x82, 0xC6, 0xC7, 0xC4, 0x17, 0x8F, 0x75, - 0x1F, 0x72, 0x2B, 0x21, 0x27, 0x74, 0x64, 0xFB, - 0x83, 0x1F, 0x8A, 0xA9, 0xA0, 0x18, 0xC1, 0x9A, - 0x51, 0xB0, 0x7F, 0xA0, 0x93, 0x9B, 0xA5, 0xC2, - 0x06, 0x68, 0x63, 0x23, 0xAF, 0xF6, 0xCA, 0x83, - 0x0B, 0x76, 0xE3, 0x80, 0x02, 0x63, 0x54, 0x47, - 0x7A, 0xAC, 0x58, 0xD8, 0x93, 0x1D, 0x80, 0x3B, - 0x6F, 0xAB, 0xD7, 0x12, 0xD1, 0x72, 0x81, 0x4A, - 0x54, 0xB8, 0x12, 0xE7, 0x92, 0x47, 0x94, 0xAA, - 0x40, 0x02, 0x49, 0xD5, 0xC0, 0x46, 0x8E, 0xA3, - 0x2F, 0xB2, 0x15, 0x54, 0xC5, 0x93, 0x67, 0x90, - 0x3C, 0x60, 0xA8, 0xB4, 0x8E, 0x23, 0x40, 0x71, - 0x2F, 0x7A, 0x04, 0x5A, 0x67, 0xC2, 0x3C, 0x72, - 0x41, 0x3A, 0x64, 0x69, 0xFC, 0x83, 0x69, 0xA2, - 0x91, 0x03, 0x3C, 0x46, 0xCE, 0xA3, 0x96, 0x76, - 0x65, 0x6B, 0x6C, 0xD8, 0x57, 0x99, 0x7C, 0x04, - 0x5C, 0x5A, 0xF0, 0x34, 0xE1, 0xE1, 0x14, 0x8A, - 0x8B, 0x40, 0xCD, 0x16, 0x68, 0x31, 0x93, 0xA3, - 0x60, 0x0C, 0x84, 0xFC, 0xE3, 0xB9, 0x65, 0x10, - 0x88, 0xDD, 0x09, 0x44, 0x57, 0x6C, 0x7E, 0xA4, - 0x07, 0x2D, 0x25, 0xF0, 0x67, 0xD2, 0x42, 0x7E, - 0x26, 0xD1, 0x86, 0xF9, 0xB7, 0x7A, 0x32, 0x79, - 0x05, 0x03, 0x3B, 0xA9, 0x40, 0x85, 0xA8, 0xAB, - 0x6A, 0x8A, 0x2B, 0x86, 0x08, 0x0C, 0x45, 0x2B, - 0x10, 0x90, 0xAC, 0xC9, 0x5A, 0x2B, 0x9F, 0x5A, - 0x6E, 0x61, 0x84, 0x6D, 0x63, 0x45, 0x66, 0xFA, - 0xC0, 0xB0, 0xFF, 0x35, 0x11, 0x18, 0x06, 0x18, - 0xAF, 0x98, 0x34, 0x87, 0x12, 0x2C, 0xFB, 0x63, - 0x61, 0xFF, 0x66, 0x0D, 0x5C, 0xA0, 0x0B, 0x9D, - 0x88, 0xB1, 0xDA, 0x18, 0x36, 0xC9, 0x78, 0x6E, - 0x55, 0x27, 0x6C, 0x88, 0x53, 0x8C, 0xC1, 0xD3, - 0x05, 0xFA, 0xAA, 0xB7, 0x79, 0x9A, 0x35, 0x46, - 0xF0, 0xBE, 0x6C, 0xC7, 0x00, 0xB0, 0x65, 0xB9, - 0x03, 0x4A, 0x91, 0x63, 0x31, 0x74, 0x66, 0xD9, - 0x83, 0xDD, 0xC2, 0xAA, 0x5B, 0xB0, 0x3F, 0x5B, - 0x67, 0x33, 0x48, 0xD5, 0x76, 0x02, 0x8A, 0x02, - 0x55, 0x15, 0x6C, 0x6A, 0x29, 0x74, 0x46, 0x98, - 0x34, 0xFB, 0x15, 0x73, 0x23, 0x74, 0x60, 0x54, - 0xC4, 0xBA, 0x96, 0x40, 0x30, 0x4A, 0x11, 0x63, - 0x04, 0xF0, 0x18, 0x21, 0x72, 0xBA, 0x8D, 0x03, - 0xAE, 0xDA, 0x39, 0x91, 0x6A, 0xF1, 0x18, 0xB9, - 0x84, 0x22, 0xB7, 0x16, 0x3A, 0xB6, 0xE2, 0x47, - 0xFC, 0xAA, 0x9D, 0x7C, 0x7C, 0xAE, 0x96, 0xBB, - 0x60, 0xB1, 0xD7, 0x86, 0x0E, 0x4C, 0x7F, 0x1D, - 0x92, 0x0D, 0x31, 0xA5, 0x41, 0x38, 0x82, 0x29, - 0xEE, 0x84, 0x2C, 0xA1, 0x59, 0x43, 0x89, 0x4A, - 0x56, 0xE5, 0x14, 0x0D, 0x29, 0x59, 0xC3, 0x6E, - 0xA2, 0x6E, 0x2D, 0xE0, 0x51, 0x21, 0x36, 0x6B, - 0xE4, 0x14, 0x02, 0x7B, 0xD1, 0x47, 0x81, 0x47, - 0x2E, 0xDD, 0xA4, 0x71, 0x10, 0xD0, 0xB3, 0xAE, - 0x2A, 0xA2, 0x55, 0xAB, 0x6D, 0x6F, 0xE0, 0x1C, - 0x26, 0xC2, 0x87, 0x63, 0x97, 0x6B, 0xBF, 0xA9, - 0x2F, 0x4F, 0x09, 0xA5, 0xB7, 0x3C, 0x47, 0x1F, - 0x8C, 0x9E, 0x53, 0x26, 0x92, 0x55, 0xDA, 0xC1, - 0xE0, 0x71, 0x5E, 0x87, 0x00, 0x06, 0x09, 0x70, - 0x60, 0xFF, 0x23, 0xC3, 0xAB, 0x43, 0xC4, 0x19, - 0xE4, 0x48, 0xC7, 0x30, 0x40, 0x10, 0xC4, 0x0F, - 0x3D, 0xC0, 0xB7, 0x26, 0x39, 0x2E, 0x46, 0x03, - 0x7E, 0xB9, 0x49, 0x04, 0x55, 0xE3, 0x49, 0xA4, - 0x35, 0xCD, 0xA9, 0x0A, 0xA3, 0xB7, 0x47, 0x8C, - 0x32, 0xE8, 0x72, 0xB2, 0xB8, 0x5C, 0xEC, 0xF0, - 0x3D, 0xDC, 0xD6, 0x16, 0x33, 0x78, 0xBF, 0x73, - 0xB1, 0x3B, 0x2E, 0x1A, 0x7B, 0x6E, 0xBC, 0x39, - 0x29, 0xEC, 0x08, 0x63, 0x89, 0x3F, 0x73, 0x8C, - 0x38, 0x9F, 0x3B, 0x3B, 0x2B, 0xB5, 0x4F, 0xC1, - 0x5B, 0xB7, 0x8A, 0x25, 0x31, 0xEE, 0xBC, 0xB7, - 0xBC, 0x10, 0x81, 0x07, 0x96, 0x59, 0x81, 0xD2, - 0x0A, 0x7D, 0x1A, 0x87, 0x21, 0xBA, 0x36, 0x40, - 0x03, 0x13, 0x2F, 0x03, 0x6C, 0xE4, 0x0C, 0x9E, - 0x75, 0x5B, 0x2A, 0xB4, 0x86, 0x1D, 0x04, 0xC1, - 0xBE, 0x0D, 0x53, 0x97, 0x91, 0x4B, 0x6C, 0xD4, - 0xAA, 0x40, 0x8C, 0x62, 0x2B, 0x21, 0xB1, 0x1B, - 0xA0, 0xEB, 0xA6, 0x17, 0x29, 0x59, 0x6F, 0x8B, - 0x0E, 0x82, 0x14, 0xAA, 0x4A, 0xA6, 0x01, 0x86, - 0x51, 0x07, 0xA2, 0xA7, 0x6A, 0xD7, 0xCC, 0x2F, - 0x97, 0x43, 0x00, 0x18, 0x28, 0xB8, 0x0B, 0x24, - 0x80, 0x2B, 0x98, 0x9D, 0x98, 0x42, 0x5E, 0x14, - 0x7C, 0x6D, 0x93, 0x32, 0xBA, 0x08, 0x4B, 0x8F, - 0xFB, 0x96, 0x27, 0xE3, 0xFB, 0xC4, 0xBE, 0x65, - 0x38, 0xEB, 0xDA, 0x1D, 0x9D, 0xB9, 0xB6, 0x75, - 0xB0, 0x16, 0x66, 0x57, 0x23, 0xD4, 0x11, 0x71, - 0x54, 0xF8, 0x13, 0x3E, 0xA9, 0x00, 0xCB, 0x47, - 0x0B, 0x1D, 0xC5, 0xB5, 0x7A, 0x78, 0x11, 0x16, - 0x72, 0x9E, 0xD6, 0x29, 0x45, 0x6E, 0x1A, 0x7D, - 0x6A, 0x37, 0x9F, 0x2E, 0x01, 0x0A, 0xCB, 0xEC, - 0x21, 0xFC, 0xD1, 0xC2, 0xB0, 0xBB, 0x61, 0xC3, - 0xDA, 0x6C, 0x73, 0x70, 0x5F, 0xD7, 0xB0, 0xC3, - 0x61, 0x2A, 0xC3, 0xB4, 0xA1, 0x2E, 0xC5, 0xD3, - 0x7F, 0x4C, 0x1A, 0x4A, 0x4D, 0xF8, 0x16, 0x6E, - 0xF6, 0x68, 0x9C, 0x06, 0xB5, 0xD4, 0xA6, 0x1A, - 0x52, 0x14, 0xAE, 0x5E, 0x5C, 0x28, 0x07, 0x4C, - 0xC5, 0xFE, 0x2A, 0x41, 0x2A, 0xC5, 0x14, 0x15, - 0x94, 0x28, 0x54, 0x85, 0x15, 0x6E, 0xCA, 0x65, - 0x64, 0x28, 0x37, 0x20, 0xB0, 0xBA, 0xD1, 0xD9, - 0x74, 0x5B, 0xA5, 0x77, 0x71, 0x1A, 0xB6, 0xF2, - 0x14, 0xC5, 0x2F, 0xB5, 0xBA, 0xAF, 0x8A, 0x1F, - 0x85, 0x33, 0x5A, 0xEB, 0x44, 0x37, 0x0B, 0x39, - 0xC5, 0x6C, 0x4C, 0x3D, 0x32, 0x75, 0x55, 0x60, - 0xCB, 0x2C, 0xA9, 0x45, 0x87, 0x51, 0xF1, 0x65, - 0x4B, 0x82, 0xC5, 0xE7, 0xFB, 0x0D, 0xB5, 0x16, - 0xBE, 0x1E, 0x42, 0x43, 0x3A, 0xD4, 0x7B, 0x6B, - 0xCC, 0xB3, 0x63, 0x61, 0xC4, 0x34, 0xEB, 0x59, - 0xCF, 0xF3, 0x38, 0x49, 0x54, 0xBB, 0x76, 0xF1, - 0x44, 0x14, 0x91, 0x67, 0x91, 0x3B, 0x85, 0x0F, - 0x75, 0x28, 0xBD, 0x76, 0x87, 0xB8, 0x8B, 0x64, - 0x84, 0xA6, 0x82, 0x68, 0x39, 0x97, 0x08, 0x42, - 0xA5, 0x93, 0xBB, 0x93, 0x45, 0x5A, 0x73, 0xBC, - 0x2C, 0x74, 0x62, 0x55, 0xC1, 0x3B, 0xC8, 0x52, - 0x1C, 0x73, 0x54, 0xE9, 0x8B, 0x98, 0x76, 0xA9, - 0x58, 0x6F, 0xC3, 0x7C, 0x5F, 0x24, 0x8D, 0xA0, - 0x55, 0x75, 0x8B, 0xD9, 0x61, 0x5E, 0x68, 0xBF, - 0x93, 0xEA, 0x0B, 0xA1, 0xD0, 0x22, 0xE2, 0xD2, - 0x22, 0x04, 0xA4, 0x45, 0x8C, 0xB6, 0x12, 0xB0, - 0x29, 0x41, 0xE8, 0x7A, 0xAC, 0xF1, 0xA3, 0x29, - 0x07, 0xD9, 0x8B, 0x4B, 0x13, 0xC6, 0xC9, 0xB4, - 0xAB, 0xD6, 0xDC, 0xCF, 0x66, 0x21, 0x06, 0xF5, - 0xD5, 0x8C, 0x2F, 0xC7, 0x51, 0x97, 0x35, 0x5E, - 0xB8, 0xCC, 0x41, 0x74, 0x2C, 0x6D, 0xA0, 0x03, - 0x40, 0x6D, 0x13, 0x56, 0xF8, 0xA0, 0x7A, 0x37, - 0x97, 0x88, 0x00, 0x60, 0x67, 0xCB, 0xF5, 0x2F, - 0x22, 0xD5, 0x3D, 0x68, 0x71, 0x22, 0x41, 0x09, - 0x34, 0x6E, 0xA8, 0x3B, 0x45, 0xCA, 0x60, 0xAF, - 0xEC, 0xCA, 0x0F, 0xA5, 0x67, 0x2B, 0x36, 0x64, - 0x89, 0xEB, 0x8D, 0xD1, 0xF7, 0x20, 0x4C, 0xDB, - 0x7D, 0x9B, 0xE1, 0x87, 0xF4, 0x39, 0x7B, 0x9B, - 0x4C, 0xA0, 0x31, 0x34, 0x75, 0x0D, 0xD5, 0x7D, - 0xAD, 0xE1, 0x88, 0x91, 0xCC, 0xA9, 0x47, 0x4B, - 0x65, 0x32, 0x60, 0x52, 0x50, 0xBC, 0xBB, 0x6E, - 0x02, 0x94, 0xEF, 0x95, 0x32, 0x6D, 0x25, 0x9B, - 0x08, 0xB2, 0x93, 0x8D, 0x8C, 0x59, 0xE2, 0x58, - 0x4B, 0x69, 0x10, 0x71, 0x85, 0xF3, 0x45, 0x30, - 0x24, 0x07, 0x35, 0x17, 0xC9, 0x89, 0x00, 0x9E, - 0xBB, 0x6B, 0x22, 0xED, 0xE9, 0x70, 0x43, 0x66, - 0xC6, 0x23, 0x2A, 0x62, 0x82, 0xF3, 0xBB, 0x09, - 0x08, 0x74, 0xA6, 0xFB, 0x0D, 0x84, 0x53, 0x6D, - 0x3F, 0x61, 0x3A, 0x21, 0xD1, 0x9D, 0x98, 0x44, - 0x17, 0xFA, 0xF0, 0x84, 0x6C, 0xB4, 0x28, 0x7B, - 0x3C, 0x70, 0x9F, 0x22, 0x62, 0x26, 0xA0, 0x9E, - 0x94, 0xFA, 0x89, 0x85, 0x43, 0x87, 0x4A, 0xE2, - 0x08, 0x11, 0xE3, 0x90, 0x80, 0xE6, 0xB2, 0xCE, - 0x49, 0x92, 0x26, 0xF5, 0x13, 0x8C, 0x14, 0x38, - 0x72, 0xDB, 0x86, 0xFB, 0xC2, 0x9C, 0xFD, 0xA2, - 0x9F, 0xD2, 0x26, 0x0E, 0xC7, 0xB9, 0xA2, 0x37, - 0xD1, 0x9A, 0xAB, 0x1B, 0x93, 0xE1, 0xDA, 0x4E, - 0xBC, 0x58, 0x9D, 0x82, 0x4C, 0x58, 0x90, 0x96, - 0x99, 0xD3, 0xE8, 0xBC, 0x7F, 0x53, 0xB3, 0x55, - 0xFA, 0x31, 0xE9, 0x6B, 0x1E, 0x35, 0x4A, 0xA4, - 0xB3, 0xC8, 0x4D, 0xF3, 0xC4, 0x7F, 0x80, 0xF9, - 0x32, 0xEA, 0x68, 0x5D, 0x96, 0xC5, 0xA5, 0x96, - 0x08, 0x22, 0xC6, 0x43, 0x64, 0x5F, 0x1A, 0x63, - 0xDD, 0x60, 0x8A, 0x09, 0x71, 0xC7, 0xF2, 0x15, - 0x7C, 0xA5, 0x24, 0x4D, 0x49, 0x2C, 0x01, 0x0B, - 0x71, 0xB7, 0x74, 0xC1, 0x0C, 0x07, 0xD3, 0xC8, - 0x4C, 0xA5, 0x4D, 0xE5, 0x00, 0x1F, 0xE0, 0xAC, - 0x4E, 0x69, 0x52, 0x81, 0x4E, 0xC1, 0x0F, 0xF9, - 0x8B, 0x19, 0xE7, 0x89, 0xC1, 0xAC, 0x68, 0x45, - 0xC7, 0x62, 0x80, 0x55, 0x27, 0x5C, 0x33, 0x34, - 0x41, 0x87, 0x1B, 0x8C, 0x30, 0x99, 0x9B, 0x05, - 0x31, 0x34, 0xC0, 0xE7, 0xB1, 0xAC, 0x6A, 0xA6, - 0x63, 0x12, 0xC1, 0xA5, 0xE2, 0x97, 0x92, 0x97, - 0x02, 0x56, 0x88, 0x14, 0x38, 0xDC, 0x46, 0x29, - 0x37, 0x4D, 0xFB, 0x9A, 0x91, 0x48, 0x62, 0x9D, - 0x14, 0x8C, 0x60, 0x1D, 0x4B, 0x6A, 0xA2, 0xC2, - 0x9C, 0xCE, 0xE8, 0x94, 0x7A, 0x27, 0x87, 0x0E, - 0x4C, 0x65, 0xE4, 0x12, 0x46, 0xD6, 0x25, 0x3D, - 0xC4, 0xF1, 0x3A, 0xEB, 0x31, 0xCD, 0x7E, 0x36, - 0x2F, 0x0F, 0x28, 0x84, 0xB9, 0xF7, 0x3B, 0xA9, - 0x93, 0x50, 0xAA, 0xA4, 0x02, 0x4A, 0x73, 0x14, - 0xBE, 0x69, 0x3A, 0xE4, 0x13, 0xA5, 0xCE, 0xA0, - 0x9A, 0x27, 0x27, 0x3A, 0x0B, 0xF6, 0xA4, 0x53, - 0xF8, 0x63, 0x9B, 0x48, 0x26, 0x8D, 0x21, 0xC9, - 0xAE, 0xC2, 0x62, 0xBE, 0x28, 0xC0, 0x7E, 0xA4, - 0xB9, 0x35, 0xA8, 0x69, 0x63, 0x26, 0xAA, 0x18, - 0xA5, 0x91, 0xCE, 0xE9, 0xC9, 0xF2, 0xA7, 0x29, - 0xBC, 0x50, 0x33, 0xDD, 0xE6, 0x37, 0x27, 0x38, - 0x85, 0x92, 0x1B, 0x73, 0xB8, 0x58, 0xA1, 0x88, - 0x33, 0xA7, 0xB8, 0x3A, 0x82, 0xFE, 0x02, 0xCC, - 0x33, 0x54, 0xC3, 0x0B, 0x0C, 0x4D, 0x0D, 0x3B, - 0xA1, 0x33, 0x1C, 0x6E, 0xC7, 0xA7, 0x0B, 0x7E, - 0x50, 0x3F, 0x76, 0x47, 0xA9, 0x52, 0xB0, 0x03, - 0x86, 0xCC, 0x90, 0xB3, 0x4A, 0x51, 0x4F, 0x99, - 0x5A, 0x56, 0x92, 0x05, 0xEB, 0x2A, 0x3F, 0xA7, - 0x9A, 0x78, 0x65, 0x21, 0x18, 0xD4, 0xBC, 0x48, - 0x46, 0x27, 0xCD, 0x02, 0x33, 0xBC, 0x5A, 0x35, - 0x16, 0x15, 0x0B, 0xAF, 0x6E, 0x10, 0x66, 0x5D, - 0xA7, 0x61, 0x8F, 0x28, 0x41, 0xB5, 0x02, 0x61, - 0x72, 0x48, 0x89, 0x3B, 0xAA, 0xB7, 0xE9, 0x03, - 0x89, 0x0D, 0xF0, 0xCA, 0xC2, 0x84, 0xCD, 0x11, - 0x65, 0xB4, 0x64, 0xC1, 0x8F, 0x4C, 0xFA, 0x8F, - 0x69, 0x2D, 0x3C, 0x8E, 0x8C, 0x73, 0x9F, 0xB3, - 0x78, 0x27, 0x74, 0x15, 0x61, 0xD5, 0xE7, 0x66, - 0x67, 0x51, 0x82, 0xFF, 0x83, 0xC9, 0x1C, 0xF0, - 0x33, 0x65, 0x88, 0x23, 0xD8, 0xFA, 0x91, 0xE1, - 0xE8, 0xD6, 0x62, 0xEA, 0xD3, 0x75, 0x0D, 0x71, - 0x6B, 0x91, 0x8D, 0x26, 0x78, 0x26, 0x59, 0xA5, - 0xB3, 0xD7, 0x99, 0xE4, 0x26, 0x58, 0xE1, 0x49, - 0x5F, 0x90, 0x84, 0xFF, 0xD4, 0xD1, 0x00, 0xB8, - 0x86, 0x26, 0xED, 0x79, 0xD4, 0x51, 0x14, 0x08, - 0x00, 0xE0, 0x3B, 0x59, 0xB9, 0x56, 0xF8, 0x21, - 0x0E, 0x55, 0x60, 0x67, 0x40, 0x7D, 0x13, 0xDC, - 0x90, 0xFA, 0x9E, 0x8B, 0x87, 0x2B, 0xFB, 0x8F - }; - const byte kyber1024_ct[] = { - 0x17, 0x50, 0x59, 0x78, 0xD5, 0xCA, 0x04, 0x62, - 0x81, 0xC9, 0x7C, 0xA1, 0xFE, 0x89, 0xBA, 0xB3, - 0x99, 0xC1, 0xC9, 0xF8, 0xED, 0x27, 0x1D, 0xC5, - 0x1B, 0x30, 0x09, 0x43, 0xDB, 0x2E, 0xA9, 0x49, - 0x08, 0xEE, 0x94, 0x64, 0x61, 0x96, 0x02, 0xA7, - 0xF8, 0xCD, 0x38, 0xB5, 0xA3, 0x12, 0x5F, 0x46, - 0x7B, 0xF1, 0xA7, 0xA9, 0x67, 0xEE, 0xE0, 0x84, - 0x20, 0x98, 0x80, 0x14, 0x33, 0x88, 0x38, 0x92, - 0xAD, 0x0A, 0xD2, 0x99, 0x6F, 0x76, 0xCE, 0x49, - 0xA1, 0x79, 0x0A, 0x7A, 0x23, 0x0E, 0xB0, 0xDA, - 0x07, 0x72, 0xC6, 0xFC, 0x06, 0x0E, 0x75, 0x51, - 0x8C, 0x94, 0xA1, 0xA6, 0x52, 0xD8, 0x66, 0x0F, - 0xBA, 0x70, 0x1E, 0xF4, 0x82, 0xF4, 0xFA, 0x26, - 0xA7, 0xC4, 0xDB, 0x86, 0x02, 0xB7, 0x89, 0x49, - 0xB2, 0x8D, 0x99, 0xC7, 0x3B, 0x84, 0xD5, 0x5C, - 0xF6, 0x80, 0xA5, 0x90, 0x89, 0x3C, 0x63, 0xEA, - 0x8F, 0x85, 0x45, 0x8B, 0x85, 0xF7, 0x39, 0x2C, - 0x11, 0xB8, 0x90, 0x02, 0x02, 0x73, 0xB7, 0x48, - 0x33, 0xA8, 0x0C, 0xD6, 0xC7, 0x8C, 0x75, 0x51, - 0xD7, 0xCC, 0x8A, 0xA1, 0xB4, 0xC5, 0x42, 0x8D, - 0x2A, 0xA3, 0xE7, 0x43, 0x5E, 0x23, 0xDD, 0x9B, - 0x4F, 0xFA, 0xB0, 0xD0, 0x21, 0x90, 0xBB, 0xA1, - 0x36, 0x89, 0xF0, 0x15, 0xC1, 0x9A, 0x3A, 0xD9, - 0xD6, 0x62, 0x69, 0x77, 0xD1, 0xA3, 0x35, 0x58, - 0xAB, 0x6C, 0xF4, 0x6F, 0x76, 0xBD, 0x5A, 0x30, - 0xED, 0x94, 0x6D, 0x04, 0x03, 0x38, 0x8B, 0x13, - 0xA5, 0xB4, 0x95, 0x83, 0xCF, 0xB9, 0x3D, 0xEB, - 0x30, 0xC4, 0x63, 0x82, 0xAF, 0xC1, 0x28, 0x62, - 0xF0, 0x69, 0xF1, 0x36, 0xD5, 0xCF, 0x5F, 0x30, - 0x06, 0x4D, 0x90, 0xDE, 0x12, 0xF7, 0xD7, 0x6E, - 0xD7, 0xF4, 0xA5, 0x93, 0x13, 0x9C, 0xB6, 0x77, - 0x93, 0xF2, 0xAD, 0x94, 0xDB, 0xE1, 0xBA, 0xD2, - 0x3B, 0xC1, 0x7C, 0x72, 0x66, 0x9C, 0x25, 0x14, - 0x9A, 0xC8, 0xA2, 0x5C, 0x50, 0xE0, 0xE0, 0x8F, - 0x5D, 0x76, 0x4B, 0x30, 0xF2, 0x87, 0x07, 0x47, - 0x0C, 0x5E, 0xC0, 0x9E, 0xDD, 0x21, 0x4C, 0x8A, - 0x0A, 0x82, 0x8C, 0x2C, 0x8B, 0x6F, 0xCF, 0x74, - 0xE9, 0x47, 0x36, 0x62, 0xFC, 0x61, 0xC7, 0x28, - 0x1E, 0x9B, 0xA7, 0x23, 0x04, 0x6A, 0x0A, 0xE7, - 0x0D, 0x7F, 0xEB, 0x86, 0xFC, 0xFF, 0x4D, 0x87, - 0x6B, 0x10, 0xEF, 0x2B, 0x67, 0x73, 0xE2, 0x6C, - 0xB2, 0x52, 0xDF, 0x75, 0x73, 0x07, 0x68, 0x0E, - 0xCC, 0x47, 0xD8, 0xEC, 0x07, 0xB6, 0xA5, 0x09, - 0xE2, 0x74, 0x51, 0x31, 0x77, 0xC6, 0xEE, 0x1B, - 0x91, 0x7B, 0x0C, 0x3E, 0x77, 0xCC, 0xF6, 0x2F, - 0x41, 0x2A, 0x95, 0x69, 0x57, 0x3B, 0xEB, 0xA1, - 0x54, 0xB1, 0x51, 0x47, 0xEF, 0x2E, 0x52, 0xA3, - 0x9C, 0xD0, 0xC6, 0x4B, 0xFD, 0x81, 0xEA, 0xA2, - 0x1B, 0x50, 0xAB, 0x9A, 0x11, 0x56, 0xBD, 0x41, - 0xDD, 0xB9, 0x93, 0x87, 0x24, 0xD1, 0x71, 0x39, - 0x39, 0x3F, 0x2D, 0x36, 0x1A, 0xAE, 0xE6, 0x76, - 0xB7, 0xF5, 0xA2, 0xBB, 0x45, 0x6B, 0xB5, 0x9C, - 0xF0, 0x4A, 0xC1, 0x7F, 0x0B, 0xD3, 0x14, 0x83, - 0xCD, 0x45, 0xC7, 0x5B, 0xF7, 0xD5, 0xD2, 0x7D, - 0x9A, 0x3A, 0x5D, 0x4E, 0x49, 0x1F, 0x1E, 0x3C, - 0x73, 0xE9, 0xD5, 0xC3, 0x46, 0x02, 0x3F, 0x5E, - 0xAC, 0x39, 0x1B, 0xBE, 0xE3, 0x2A, 0xD8, 0x01, - 0xA5, 0x9D, 0xFC, 0x03, 0x58, 0x26, 0x51, 0x11, - 0xE0, 0x3D, 0xD6, 0x01, 0xA8, 0x66, 0x5C, 0xE3, - 0xEC, 0xE5, 0x23, 0x1F, 0x1F, 0x5F, 0x5B, 0x47, - 0xEF, 0x38, 0x1B, 0x47, 0xBC, 0x18, 0xE4, 0xDE, - 0x73, 0xD0, 0xD5, 0x68, 0x10, 0x91, 0x33, 0x5E, - 0x8A, 0xF7, 0xE1, 0x2C, 0x0E, 0xA8, 0x92, 0x24, - 0xA2, 0x0F, 0x5F, 0x18, 0x66, 0x64, 0x31, 0x9B, - 0xFB, 0x55, 0x5F, 0x5F, 0x5D, 0x07, 0x41, 0x33, - 0x77, 0xB3, 0x41, 0x6F, 0x91, 0x35, 0x66, 0xB8, - 0xFF, 0x31, 0x48, 0x11, 0xD3, 0x3D, 0x42, 0xE4, - 0xFE, 0xE5, 0x17, 0xF3, 0xD2, 0xB9, 0x82, 0x8F, - 0x76, 0x81, 0x18, 0x03, 0x67, 0x3E, 0x86, 0x5A, - 0xFB, 0xA6, 0x64, 0xB7, 0x5D, 0x4A, 0x8B, 0xC7, - 0xA1, 0x36, 0xA6, 0x8C, 0x81, 0x39, 0x1E, 0x43, - 0x20, 0x87, 0xDE, 0x28, 0x51, 0xE5, 0xCB, 0x26, - 0xBF, 0xF6, 0x5D, 0x70, 0xBC, 0x0C, 0xDC, 0x35, - 0x9F, 0xE5, 0xFA, 0x0A, 0x45, 0x94, 0x80, 0x9C, - 0xFC, 0x0F, 0xC6, 0x4F, 0x0A, 0x46, 0x98, 0x2E, - 0xA1, 0xEA, 0x78, 0xA1, 0x8E, 0x1D, 0xCE, 0x00, - 0xCD, 0x2F, 0xE0, 0x7D, 0xC4, 0xE6, 0xC7, 0x04, - 0x50, 0x4B, 0x08, 0x33, 0xAA, 0x16, 0xD3, 0xB1, - 0x5D, 0xA5, 0x68, 0x26, 0x35, 0x70, 0x46, 0x66, - 0x0D, 0x47, 0x2C, 0x66, 0xAB, 0xEB, 0xD7, 0xFD, - 0x48, 0xFD, 0x62, 0x0D, 0x37, 0x9F, 0x2A, 0xEF, - 0x93, 0x99, 0x3B, 0xB8, 0xAA, 0x56, 0x7D, 0x9A, - 0x5A, 0x12, 0x94, 0xB4, 0x69, 0x80, 0xC0, 0x02, - 0x3B, 0xB8, 0x94, 0xD3, 0x70, 0x94, 0xF2, 0x95, - 0x6C, 0x8D, 0x1D, 0x8F, 0xC3, 0xF1, 0x98, 0x09, - 0x93, 0x54, 0x7E, 0xA4, 0x8F, 0xD4, 0xCB, 0xDB, - 0xD0, 0x97, 0xB3, 0xEE, 0xFA, 0xF8, 0x65, 0x75, - 0xEB, 0xBD, 0x23, 0xDB, 0xB2, 0x63, 0x04, 0xA0, - 0x9B, 0x1D, 0xE0, 0x55, 0xB7, 0x8A, 0x5F, 0xC4, - 0xBD, 0x41, 0x13, 0x27, 0x41, 0xD3, 0x87, 0xAC, - 0x3A, 0x58, 0x22, 0x19, 0xFE, 0x39, 0xC5, 0x33, - 0x2F, 0x8A, 0xD8, 0x8E, 0xB4, 0x9F, 0x9E, 0xEA, - 0xCB, 0x7C, 0xD7, 0xD5, 0x34, 0x47, 0xAB, 0x62, - 0x48, 0xBA, 0xA8, 0x22, 0x7F, 0xA1, 0xB2, 0x4D, - 0x60, 0xE8, 0xBA, 0xAC, 0xB1, 0x9D, 0x00, 0x40, - 0x24, 0xAF, 0x18, 0x6C, 0xAD, 0x86, 0xAC, 0xA0, - 0xD6, 0xAA, 0x8E, 0x8C, 0x36, 0x4E, 0xBD, 0xCB, - 0x43, 0x27, 0xC3, 0x6D, 0x30, 0x88, 0xDC, 0x80, - 0xCE, 0x04, 0xF3, 0xA0, 0xA7, 0x9C, 0x32, 0xAB, - 0x6C, 0x3F, 0x14, 0xF4, 0xD6, 0x29, 0x14, 0x69, - 0x2E, 0x4A, 0x9A, 0xFF, 0xD1, 0x96, 0x09, 0x14, - 0x05, 0x62, 0x33, 0x3A, 0x05, 0x65, 0x96, 0x2B, - 0xD8, 0xAC, 0xD2, 0x59, 0x50, 0xF5, 0x6C, 0x94, - 0x2C, 0xE1, 0x5C, 0x38, 0x1C, 0x95, 0x03, 0xD7, - 0x1C, 0xF1, 0x7C, 0x5E, 0x97, 0xA6, 0xAE, 0xFB, - 0x3F, 0xCF, 0x48, 0x80, 0x4E, 0x3F, 0x07, 0x5D, - 0x71, 0xD5, 0x6F, 0x44, 0x49, 0x93, 0x9A, 0xF0, - 0x47, 0x86, 0xD6, 0x2D, 0x12, 0xAD, 0x67, 0x06, - 0x65, 0x3E, 0xE9, 0x68, 0x84, 0x0E, 0xFC, 0xCE, - 0x28, 0x72, 0x57, 0x64, 0xE3, 0x07, 0xC0, 0x0F, - 0x0C, 0xBA, 0x57, 0x5A, 0x33, 0xC9, 0x6C, 0x6F, - 0x5A, 0x74, 0x9E, 0x59, 0x94, 0x5B, 0x92, 0xB3, - 0x0F, 0xC8, 0x99, 0xDE, 0x61, 0xD1, 0x1C, 0xCF, - 0xBF, 0xEF, 0x98, 0x3B, 0xF8, 0x54, 0xC8, 0xF5, - 0x41, 0x06, 0xB3, 0x03, 0x62, 0x4D, 0x79, 0xF0, - 0x66, 0x58, 0xFB, 0x4B, 0xDC, 0x69, 0x6C, 0xE0, - 0x59, 0x77, 0xDE, 0x4A, 0x11, 0x5D, 0x83, 0x8D, - 0x83, 0x50, 0xF3, 0xC2, 0xBE, 0x35, 0xA6, 0x54, - 0xCA, 0xBB, 0x1E, 0xBD, 0x46, 0xA9, 0xF0, 0x79, - 0xBA, 0xE4, 0x6B, 0x31, 0xEE, 0x45, 0x74, 0x26, - 0xF3, 0x97, 0x9E, 0x36, 0x61, 0x1F, 0xAF, 0x16, - 0x87, 0x0A, 0xBE, 0x9D, 0x8F, 0x93, 0xB5, 0x0A, - 0xC1, 0x49, 0x98, 0xE1, 0xA4, 0x95, 0xF5, 0x1A, - 0x1B, 0x02, 0x05, 0x6A, 0x2F, 0xFB, 0x17, 0x11, - 0x4C, 0xA7, 0x21, 0xAC, 0x24, 0x6C, 0x29, 0x20, - 0xBC, 0xEA, 0x3A, 0x72, 0x36, 0x7A, 0x0D, 0xA5, - 0x02, 0xE3, 0xF2, 0x5F, 0xFB, 0x3A, 0x58, 0x10, - 0x01, 0xAC, 0xFC, 0xDD, 0x91, 0x7E, 0xA7, 0x89, - 0xE4, 0xEF, 0x88, 0x43, 0x4D, 0xFE, 0x20, 0xBC, - 0x54, 0x78, 0x42, 0x8D, 0xD0, 0x80, 0xA0, 0xCA, - 0xDD, 0xC6, 0x1F, 0x02, 0x32, 0x03, 0x15, 0x1C, - 0x5A, 0x82, 0xD4, 0x95, 0x21, 0x8F, 0xF3, 0xFB, - 0x1E, 0x22, 0x7D, 0xBF, 0xCA, 0x1B, 0x5A, 0xBC, - 0xE6, 0x39, 0xC4, 0x9C, 0xD8, 0xEC, 0x12, 0x95, - 0x83, 0xC5, 0x73, 0xC5, 0x17, 0x02, 0xA1, 0xB5, - 0xC1, 0x01, 0x72, 0x13, 0x7C, 0x36, 0xDD, 0x66, - 0xD1, 0x84, 0x99, 0xB0, 0x78, 0x7D, 0xAB, 0xA9, - 0x78, 0xAC, 0x76, 0xC1, 0x14, 0xD0, 0x17, 0x8C, - 0xCB, 0xF7, 0xE6, 0xE1, 0x31, 0xBD, 0x9E, 0x53, - 0x3A, 0x13, 0x33, 0xD2, 0x2B, 0xD1, 0x7B, 0x99, - 0x6F, 0x76, 0x22, 0x57, 0x5C, 0xF9, 0x8B, 0x37, - 0x0D, 0x77, 0x17, 0xB7, 0x24, 0x48, 0x7B, 0xFB, - 0x27, 0x74, 0x62, 0xC8, 0x3C, 0x1C, 0xAA, 0xF6, - 0x28, 0x85, 0x7E, 0x71, 0xD6, 0x16, 0xDD, 0x5D, - 0x52, 0x87, 0xBD, 0xF3, 0x7B, 0x19, 0xDA, 0xAA, - 0xE4, 0xD2, 0x4C, 0xCC, 0xEC, 0xB1, 0x26, 0xAE, - 0x74, 0x25, 0x19, 0x7A, 0x21, 0x51, 0x13, 0x91, - 0xBA, 0x1E, 0x7D, 0x13, 0x08, 0x49, 0x82, 0xED, - 0x29, 0x1D, 0xDD, 0x51, 0x6A, 0x60, 0xED, 0xCD, - 0x86, 0x26, 0xF0, 0x0E, 0xEF, 0x6A, 0xA4, 0xD3, - 0x76, 0xE1, 0x53, 0x90, 0x64, 0x88, 0x46, 0x64, - 0x09, 0xCC, 0x26, 0x50, 0x82, 0xAA, 0xB0, 0x4E, - 0x5E, 0xDC, 0x8B, 0xE2, 0x45, 0xF5, 0x38, 0xC3, - 0x6E, 0x7E, 0x0A, 0xE3, 0xE7, 0x10, 0x9E, 0x25, - 0xDA, 0xF8, 0x09, 0x19, 0xCE, 0xD7, 0x30, 0xA6, - 0x93, 0xFF, 0xF8, 0xD2, 0x71, 0x6F, 0xB2, 0x27, - 0x15, 0x93, 0x17, 0xE0, 0x7D, 0x9D, 0xAE, 0x5B, - 0xDA, 0x9B, 0x01, 0x05, 0xB1, 0x7B, 0xAE, 0x55, - 0xA7, 0x37, 0x56, 0x6D, 0xC4, 0x4E, 0x63, 0xA4, - 0x7E, 0xBC, 0xA5, 0xA4, 0xE9, 0xB2, 0xB8, 0x06, - 0x8C, 0xB8, 0x13, 0xBD, 0xD2, 0xC3, 0xFD, 0x73, - 0x90, 0x81, 0x0C, 0xCC, 0x2C, 0xA1, 0x48, 0xEF, - 0xAF, 0x14, 0x59, 0xD7, 0x39, 0xD2, 0x2A, 0x12, - 0x14, 0x83, 0x92, 0xEA, 0x0D, 0x9A, 0xC3, 0x76, - 0x10, 0xD5, 0x61, 0x29, 0x1E, 0xE3, 0x88, 0x06, - 0x09, 0x42, 0xB0, 0xD0, 0x12, 0xB1, 0xBC, 0x52, - 0x34, 0xF5, 0x77, 0xF5, 0xF3, 0xF3, 0x4A, 0xFA, - 0x77, 0x9C, 0x15, 0x5E, 0x72, 0x9A, 0x57, 0xD6, - 0x45, 0xF8, 0x8E, 0x88, 0x23, 0xC1, 0xE7, 0xC5, - 0x5B, 0x87, 0xB7, 0xEE, 0x06, 0x89, 0x0B, 0x9E, - 0xD8, 0x13, 0x04, 0x33, 0xC7, 0x57, 0x93, 0x2C, - 0x4A, 0xAA, 0x8E, 0x7A, 0x26, 0x3E, 0x59, 0x8C, - 0x87, 0xEE, 0x0D, 0xFE, 0x7E, 0x12, 0x0E, 0x60, - 0x7C, 0x0F, 0xED, 0x41, 0x72, 0x11, 0xC5, 0x3B, - 0x10, 0xA7, 0x12, 0x24, 0x61, 0x56, 0xCA, 0xB4, - 0xBB, 0xCB, 0x46, 0xF2, 0xA4, 0x1F, 0xBB, 0x6B, - 0xD3, 0x67, 0x3D, 0x4E, 0x89, 0xDA, 0xE8, 0x88, - 0xD0, 0x35, 0xF8, 0xE5, 0x2A, 0xEA, 0x4D, 0x58, - 0x41, 0x1D, 0x5E, 0x24, 0xFA, 0x6C, 0x4A, 0x72, - 0x17, 0x4A, 0xDA, 0xA0, 0xD8, 0x85, 0xFA, 0x64, - 0xB1, 0x2B, 0x16, 0xEF, 0x85, 0x65, 0xDD, 0xE9, - 0x84, 0x56, 0xD6, 0x72, 0xBB, 0x52, 0xF6, 0x00, - 0x7B, 0x23, 0xF4, 0x74, 0x8F, 0x63, 0xA2, 0x48, - 0xAF, 0x1A, 0xB1, 0x86, 0xEA, 0xAC, 0xBD, 0xA1, - 0xC2, 0xB0, 0xB4, 0x77, 0xC6, 0x25, 0xA0, 0x0C, - 0xFF, 0x14, 0xFA, 0xD3, 0xCF, 0xC9, 0xFC, 0x2C, - 0xF2, 0xAE, 0x7E, 0x4B, 0x55, 0xE0, 0x41, 0xF8, - 0x5E, 0x2D, 0x03, 0xD3, 0x60, 0x25, 0xAB, 0x4D, - 0xF6, 0x65, 0x12, 0xBC, 0xE9, 0x66, 0x7F, 0x2A, - 0x2D, 0xF9, 0xC9, 0xAA, 0xE2, 0x80, 0x39, 0x7F, - 0xEF, 0x0C, 0x03, 0x8B, 0x54, 0x7A, 0xE5, 0x87, - 0xE7, 0xBE, 0x80, 0x22, 0x37, 0x96, 0xE3, 0x9A, - 0x93, 0x99, 0x99, 0x9A, 0xE5, 0x7A, 0xD6, 0x80, - 0x26, 0xF1, 0x3F, 0xCA, 0x9E, 0xE6, 0x33, 0x79, - 0xC9, 0x09, 0x9A, 0xCB, 0x2A, 0x61, 0x19, 0x04, - 0x74, 0x40, 0x5B, 0x57, 0xE3, 0x48, 0x4A, 0x52 - }; - const byte kyber1024_ss[] = { - 0xC1, 0x4E, 0xBD, 0x6E, 0x37, 0x88, 0xA6, 0x41, - 0xD1, 0x75, 0x5B, 0x4C, 0x86, 0x9C, 0x46, 0x99, - 0x4F, 0x75, 0xAF, 0x16, 0xB4, 0x0F, 0x8F, 0x64, - 0x92, 0xCC, 0xBE, 0xC7, 0xA3, 0xDA, 0x9B, 0xFE - }; -#endif ret = wc_KyberKey_Init(KYBER1024, &key, HEAP_HINT, INVALID_DEVID); if (ret != 0) diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 91691b4d0..ba8c433af 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -3945,20 +3945,14 @@ enum { WOLFSSL_KYBER_LEVEL1 = 570, /* KYBER_512 */ WOLFSSL_KYBER_LEVEL3 = 572, /* KYBER_768 */ WOLFSSL_KYBER_LEVEL5 = 573, /* KYBER_1024 */ - WOLFSSL_KYBER_90S_LEVEL1 = 574, /* KYBER_90S_512 */ - WOLFSSL_KYBER_90S_LEVEL3 = 575, /* KYBER_90S_768 */ - WOLFSSL_KYBER_90S_LEVEL5 = 576, /* KYBER_90S_1024 */ - WOLFSSL_PQC_SIMPLE_MAX = 576, + WOLFSSL_PQC_SIMPLE_MAX = 573, WOLFSSL_PQC_HYBRID_MIN = 12052, WOLFSSL_P256_KYBER_LEVEL1 = 12090, WOLFSSL_P384_KYBER_LEVEL3 = 12092, WOLFSSL_P521_KYBER_LEVEL5 = 12093, - WOLFSSL_P256_KYBER_90S_LEVEL1 = 12094, - WOLFSSL_P384_KYBER_90S_LEVEL3 = 12095, - WOLFSSL_P521_KYBER_90S_LEVEL5 = 12096, - WOLFSSL_PQC_HYBRID_MAX = 12096, - WOLFSSL_PQC_MAX = 12096, + WOLFSSL_PQC_HYBRID_MAX = 12093, + WOLFSSL_PQC_MAX = 12093, #endif }; diff --git a/wolfssl/wolfcrypt/ext_kyber.h b/wolfssl/wolfcrypt/ext_kyber.h index 3e66d8aaf..f2ef9f8b4 100644 --- a/wolfssl/wolfcrypt/ext_kyber.h +++ b/wolfssl/wolfcrypt/ext_kyber.h @@ -22,7 +22,6 @@ #ifndef EXT_KYBER_H #define EXT_KYBER_H - #ifdef WOLFSSL_HAVE_KYBER #include @@ -61,5 +60,8 @@ struct KyberKey { byte pub[EXT_KYBER_MAX_PUB_SZ]; }; +#if defined (HAVE_LIBOQS) +WOLFSSL_LOCAL int ext_kyber_enabled(int id); +#endif #endif /* WOLFSSL_HAVE_KYBER */ #endif /* EXT_KYBER_H */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 79fe7c2e2..5be4c1876 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -2786,11 +2786,15 @@ extern void uITRON4_free(void *p) ; #define HAVE_DILITHIUM #define HAVE_SPHINCS #define HAVE_KYBER +#define WOLFSSL_KYBER512 +#define WOLFSSL_KYBER768 +#define WOLFSSL_KYBER1024 #endif #ifdef HAVE_PQM4 #define HAVE_PQC #define HAVE_KYBER +#define WOLFSSL_KYBER512 #endif #if defined(HAVE_PQC) && !defined(HAVE_LIBOQS) && !defined(HAVE_PQM4) && \