bcgit
diff --git a/‎core/src/main/java/org/bouncycastle/pqc/crypto/gemss/GeMSSEngine.java‎
Lines changed: 24 additions & 15 deletions b/‎core/src/main/java/org/bouncycastle/pqc/crypto/gemss/GeMSSEngine.java‎
Lines changed: 24 additions & 15 deletions
@@ -93,6 +93,7 @@ public GeMSSEngine(int K, int HFEn, int HFEv, int HFEDELTA, int NB_ITE, int HFED
         this.HFEDeg = HFEDeg;
         this.HFEDegI = HFEDegI;
         this.HFEDegJ = HFEDegJ;
+        NB_BYTES_GFqn = (HFEn >>> 3) + (((HFEn & 7) != 0) ? 1 : 0);
         SIZE_ROW = HFEDegI + 1;
         HFEnv = HFEn + HFEv;
         HFEnq = HFEn >>> 6;
@@ -104,18 +105,23 @@ public GeMSSEngine(int K, int HFEn, int HFEv, int HFEDELTA, int NB_ITE, int HFED
         switch (NB_WORD_MUL)
         {
         case 6:
+            //gemss128, bluegemss128, redgemss128, whitegemss128, cyangemss128, magentagemss128
             mul = new Mul_GF2x.Mul6();
             break;
         case 9:
+            //gemss192, bluegemss192, redgemss192, whitegemss192, cyangemss192, magentagemss192, fgemss128, dualmodems128
             mul = new Mul_GF2x.Mul9();
             break;
         case 12:
+            //gemss256, bluegemss256, redgemss256, whitegemss256, cyangemss256, magentagemss256
             mul = new Mul_GF2x.Mul12();
             break;
         case 13:
+            //fgemss192, dualmodems192
             mul = new Mul_GF2x.Mul13();
             break;
         case 17:
+            //fgemss256, dualmodems256
             mul = new Mul_GF2x.Mul17();
             break;
         }
@@ -131,12 +137,11 @@ public GeMSSEngine(int K, int HFEn, int HFEv, int HFEDELTA, int NB_ITE, int HFED
         HFEmr8 = HFEm & 7;
         NB_BYTES_GFqm = HFEmq8 + (HFEmr8 != 0 ? 1 : 0);
         NB_WORD_UNCOMP_EQ = ((((HFEnvq * (HFEnvq + 1)) >>> 1) * NB_BITS_UINT) + (HFEnvq + 1) * HFEnvr);
-        HFEnvr8 = (HFEnv & 7);
-        NB_BYTES_GFqnv = ((HFEnv >>> 3) + ((HFEnvr8 != 0) ? 1 : 0));
+        HFEnvr8 = HFEnv & 7;
+        NB_BYTES_GFqnv = (HFEnv >>> 3) + ((HFEnvr8 != 0) ? 1 : 0);
         VAL_BITS_M = Math.min(HFEDELTA + HFEv, 8 - HFEmr8);
         MASK_GF2m = GeMSSUtils.maskUINT(HFEmr);
         MASK_GF2n = GeMSSUtils.maskUINT(HFEnr);
-        NB_BYTES_GFqn = (HFEn >>> 3) + (((HFEn & 7) != 0) ? 1 : 0);
         if (K <= 128)
         {
             ShakeBitStrength = 128;
@@ -698,8 +703,7 @@ void mul_rem_move(Pointer res, Pointer A, Pointer B)
 
     void mul_xorrange_move(Pointer res, Pointer A, Pointer B)
     {
-        mul.mul_gf2x(Buffer_NB_WORD_MUL, A, B);
-        res.setXorRange(Buffer_NB_WORD_MUL, NB_WORD_MMUL);
+        mul.mul_gf2x_xor(res, A, B);
         A.move(NB_WORD_GFqn);
         B.move(NB_WORD_GFqn);
     }
@@ -713,8 +717,7 @@ void mul_move(Pointer res, Pointer A, Pointer B)
 
     public void mul_xorrange(Pointer res, Pointer A, Pointer B)
     {
-        mul.mul_gf2x(Buffer_NB_WORD_MUL, A, B);
-        res.setXorRange(Buffer_NB_WORD_MUL, NB_WORD_MMUL);
+        mul.mul_gf2x_xor(res, A, B);
     }
 
     public void mul_rem_xorrange(Pointer res, Pointer A, Pointer B)
@@ -859,7 +862,7 @@ void invMatrixLU_gf2(Pointer S, Pointer L_orig, Pointer U_orig, FunctionParams i
         else if (ifCondition == 1)
         {
             /* ir = 0 */
-            Sinv_cpi.set(iq, 1);
+            Sinv_cpi.set(iq, 1L);
             Sinv_cpi.move(nextrow);
         }
         /* Here, Sinv_cpi is at the end of S_inv */
@@ -1055,7 +1058,6 @@ private int setPk2Value(Pointer pk2, PointerUnion pk64, int nb_bits, int iq, int
             if ((nb_bits & 63) != 0)
             {
                 setPk2_loop(pk2, pk64, nb_bits, iq);
-                //pk2.set(k, pk64.get(k) >>> (nb_bits & 63));
                 pk2.set(iq, pk64.get(iq) >>> (nb_bits & 63));
                 if (((nb_bits & 63) + ir) > 64)
                 {
@@ -1068,6 +1070,7 @@ private int setPk2Value(Pointer pk2, PointerUnion pk64, int nb_bits, int iq, int
             }
             else
             {
+                //TODO Pointer.for_set
                 for (k = 0; k <= iq; ++k)
                 {
                     pk2.set(k, pk64.get(k));
@@ -1092,6 +1095,7 @@ private void setPk2_endValue(Pointer pk2, Pointer pk64, int nb_bits, int iq)
         }
         else
         {
+            ////TODO Pointer.for_set
             for (k = 0; k <= iq; ++k)
             {
                 pk2.set(k, pk64.get(k));
@@ -1101,6 +1105,7 @@ private void setPk2_endValue(Pointer pk2, Pointer pk64, int nb_bits, int iq)
 
     private void setPk2_loop(Pointer pk2, Pointer pk64, int nb_bits, int iq)
     {
+        //TODO:
         for (int k = 0; k < iq; ++k)
         {
             pk2.set(k, (pk64.get(k) >>> (nb_bits & 63)) ^ (pk64.get(k + 1) << (64 - (nb_bits & 63))));
@@ -1156,6 +1161,7 @@ private long convMQ_last_uncompressL_gf2(Pointer pk2, PointerUnion pk)
                 if ((((NB_MONOMIAL_PK - LOST_BITS + 7) >>> 3) & 7) != 0)//Except cyangemss192, magentagemss192
                 {
                     final int NB_WHOLE_BLOCKS = ((HFEnv - ((64 - ((NB_MONOMIAL_PK - LOST_BITS - HFEnvr) & 63)) & 63)) >>> 6);
+                    //TODO:
                     for (k = 0; k < NB_WHOLE_BLOCKS; ++k)
                     {
                         pk2.set(k, (pk64.get(k) >>> (nb_bits & 63)) ^ (pk64.getWithCheck(k + 1) << (64 - (nb_bits & 63))));
@@ -1189,6 +1195,7 @@ private long convMQ_last_uncompressL_gf2(Pointer pk2, PointerUnion pk)
             {
                 if ((((NB_MONOMIAL_PK - LOST_BITS + 7) >>> 3) & 7) != 0)
                 {
+                    //TODO Pointer.for_set
                     for (k = 0; k < iq; ++k)
                     {
                         pk2.set(k, pk64.get(k));
@@ -1197,6 +1204,7 @@ private long convMQ_last_uncompressL_gf2(Pointer pk2, PointerUnion pk)
                 }
                 else
                 {
+                    //TODO Pointer.for_set
                     for (k = 0; k <= iq; ++k)
                     {
                         pk2.set(k, pk64.get(k));
@@ -1222,6 +1230,7 @@ else if (LAST_ROW_Q != 0)
             }
             else
             {
+                //TODO Pointer.for_set
                 for (k = 0; k < iq; ++k)
                 {
                     pk2.set(k, pk64.get(k));
@@ -1896,7 +1905,7 @@ private void LOOPIR(Pointer S, Pointer L_cp, Pointer U, int NB_IT, int nq, int n
     private void LOOPJR(Pointer S, Pointer L, Pointer U, int NB_IT, int iq, int jq)
     {
         int mini = Math.min(iq, jq);
-        S.set(0, 0);
+        S.set(0L);
         long tmp;
         for (int jr = 0; jr < NB_IT; ++jr)
         {
@@ -2162,7 +2171,7 @@ private int frobeniusMap_HFE_gf2nx(Pointer Xqn, SecretKeyHFE.complete_sparse_mon
         /* Step 1: compute X^(2^(HFEDegI+1)) */
         d = 2 << HFEDegI;
         /* Xqn is initialized to 0 with calloc, so the multiprecision word is initialized to 1 just by setting the first word */
-        Xqn.set(d * NB_WORD_GFqn, 1);
+        Xqn.set(d * NB_WORD_GFqn, 1L);
         /* Step 2: reduction of X^(2^(HFEDegI+1)) modulo (F-U) */
         divsqr_r_HFE_cstdeg_gf2nx(Xqn, d, F, cst);
         for (i = HFEDegI + 1; i < HFEn; ++i)
@@ -2173,7 +2182,7 @@ private int frobeniusMap_HFE_gf2nx(Pointer Xqn, SecretKeyHFE.complete_sparse_mon
             divsqr_r_HFE_cstdeg_gf2nx(Xqn, (HFEDeg - 1) << 1, F, cst);
         }
         /* (X^(2^n) mod (F-U)) - X */
-        Xqn.setXor(NB_WORD_GFqn, 1);
+        Xqn.setXor(NB_WORD_GFqn, 1L);
         return getD_for_not0_or_plus(Xqn);
     }
 
@@ -2450,7 +2459,7 @@ private void convHFEpolynomialSparseToDense_gf2nx(Pointer F_dense, SecretKeyHFE.
         }
         F_dense.changeIndex(F_dense_orig);
         /* Leading term: 1 */
-        F_dense.set(HFEDeg * NB_WORD_GFqn, 1);
+        F_dense.set(HFEDeg * NB_WORD_GFqn, 1L);
     }
 
     int div_r_gf2nx(Pointer A, int da, Pointer B, int db)
@@ -3589,7 +3598,6 @@ int interpolateHFE_FS_ref(Pointer MQS, Pointer F, Pointer S)
     void evalHFEv_gf2nx(Pointer Fxv, Pointer F, Pointer xv)
     {
         Pointer cur_acc = new Pointer(NB_WORD_MUL);
-        //Pointer prod = new Pointer(NB_WORD_MUL);
         Pointer acc = new Pointer(NB_WORD_MUL);
         Pointer tab_Xqj = new Pointer((HFEDegI + 1) * NB_WORD_GFqn);
         Pointer tab_Xqj_cp2 = new Pointer();
@@ -3608,6 +3616,7 @@ void evalHFEv_gf2nx(Pointer Fxv, Pointer F, Pointer xv)
         }
         /* Evaluation of the constant, quadratic in the vinegars */
         int endloop = (NB_WORD_GFqn + NB_WORD_GFqv) == NB_WORD_GF2nv ? NB_WORD_GFqv : NB_WORD_GFqv - 1;
+        //TODO setRangeRotate
         for (j = 0; j < endloop; ++j)
         {
             V.set(j, (xv.get(NB_WORD_GFqn - 1 + j) >>> HFEnr) ^ (xv.get(NB_WORD_GFqn + j) << (64 - HFEnr)));
@@ -3702,7 +3711,7 @@ int sign_openHFE_uncomp_pk(byte[] m, int len, byte[] sm8, PointerUnion pk)
         /* Copy of pointer */
         Pointer Si = new Pointer(Si_tab);
         /* Vector of D_1, ..., D_(NB_ITE) */
-        Pointer D = new Pointer(SIZE_DIGEST_UINT);//NB_ITE * SIZE_DIGEST_UINT
+        Pointer D = new Pointer(SIZE_DIGEST_UINT);
         /* Take the (n+v) first bits */
         sm.fill(0, sm8, 0, NB_BYTES_GFqnv);
         byte[] hashbuffer = new byte[64];
Original file line number	Diff line number	Diff line change
`@@ -93,6 +93,7 @@ public GeMSSEngine(int K, int HFEn, int HFEv, int HFEDELTA, int NB_ITE, int HFED`
`93`	`93`	`this.HFEDeg = HFEDeg;`
`94`	`94`	`this.HFEDegI = HFEDegI;`
`95`	`95`	`this.HFEDegJ = HFEDegJ;`
	`96`	`+ NB_BYTES_GFqn = (HFEn >>> 3) + (((HFEn & 7) != 0) ? 1 : 0);`
`96`	`97`	`SIZE_ROW = HFEDegI + 1;`
`97`	`98`	`HFEnv = HFEn + HFEv;`
`98`	`99`	`HFEnq = HFEn >>> 6;`
`@@ -104,18 +105,23 @@ public GeMSSEngine(int K, int HFEn, int HFEv, int HFEDELTA, int NB_ITE, int HFED`
`104`	`105`	`switch (NB_WORD_MUL)`
`105`	`106`	`{`
`106`	`107`	`case 6:`
	`108`	`+ //gemss128, bluegemss128, redgemss128, whitegemss128, cyangemss128, magentagemss128`
`107`	`109`	`mul = new Mul_GF2x.Mul6();`
`108`	`110`	`break;`
`109`	`111`	`case 9:`
	`112`	`+ //gemss192, bluegemss192, redgemss192, whitegemss192, cyangemss192, magentagemss192, fgemss128, dualmodems128`
`110`	`113`	`mul = new Mul_GF2x.Mul9();`
`111`	`114`	`break;`
`112`	`115`	`case 12:`
	`116`	`+ //gemss256, bluegemss256, redgemss256, whitegemss256, cyangemss256, magentagemss256`
`113`	`117`	`mul = new Mul_GF2x.Mul12();`
`114`	`118`	`break;`
`115`	`119`	`case 13:`
	`120`	`+ //fgemss192, dualmodems192`
`116`	`121`	`mul = new Mul_GF2x.Mul13();`
`117`	`122`	`break;`
`118`	`123`	`case 17:`
	`124`	`+ //fgemss256, dualmodems256`
`119`	`125`	`mul = new Mul_GF2x.Mul17();`
`120`	`126`	`break;`
`121`	`127`	`}`
`@@ -131,12 +137,11 @@ public GeMSSEngine(int K, int HFEn, int HFEv, int HFEDELTA, int NB_ITE, int HFED`
`131`	`137`	`HFEmr8 = HFEm & 7;`
`132`	`138`	`NB_BYTES_GFqm = HFEmq8 + (HFEmr8 != 0 ? 1 : 0);`
`133`	`139`	`NB_WORD_UNCOMP_EQ = ((((HFEnvq * (HFEnvq + 1)) >>> 1) * NB_BITS_UINT) + (HFEnvq + 1) * HFEnvr);`
`134`		`- HFEnvr8 = (HFEnv & 7);`
`135`		`- NB_BYTES_GFqnv = ((HFEnv >>> 3) + ((HFEnvr8 != 0) ? 1 : 0));`
	`140`	`+ HFEnvr8 = HFEnv & 7;`
	`141`	`+ NB_BYTES_GFqnv = (HFEnv >>> 3) + ((HFEnvr8 != 0) ? 1 : 0);`
`136`	`142`	`VAL_BITS_M = Math.min(HFEDELTA + HFEv, 8 - HFEmr8);`
`137`	`143`	`MASK_GF2m = GeMSSUtils.maskUINT(HFEmr);`
`138`	`144`	`MASK_GF2n = GeMSSUtils.maskUINT(HFEnr);`
`139`		`- NB_BYTES_GFqn = (HFEn >>> 3) + (((HFEn & 7) != 0) ? 1 : 0);`
`140`	`145`	`if (K <= 128)`
`141`	`146`	`{`
`142`	`147`	`ShakeBitStrength = 128;`
`@@ -698,8 +703,7 @@ void mul_rem_move(Pointer res, Pointer A, Pointer B)`
`698`	`703`
`699`	`704`	`void mul_xorrange_move(Pointer res, Pointer A, Pointer B)`
`700`	`705`	`{`
`701`		`- mul.mul_gf2x(Buffer_NB_WORD_MUL, A, B);`
`702`		`- res.setXorRange(Buffer_NB_WORD_MUL, NB_WORD_MMUL);`
	`706`	`+ mul.mul_gf2x_xor(res, A, B);`
`703`	`707`	`A.move(NB_WORD_GFqn);`
`704`	`708`	`B.move(NB_WORD_GFqn);`
`705`	`709`	`}`
`@@ -713,8 +717,7 @@ void mul_move(Pointer res, Pointer A, Pointer B)`
`713`	`717`
`714`	`718`	`public void mul_xorrange(Pointer res, Pointer A, Pointer B)`
`715`	`719`	`{`
`716`		`- mul.mul_gf2x(Buffer_NB_WORD_MUL, A, B);`
`717`		`- res.setXorRange(Buffer_NB_WORD_MUL, NB_WORD_MMUL);`
	`720`	`+ mul.mul_gf2x_xor(res, A, B);`
`718`	`721`	`}`
`719`	`722`
`720`	`723`	`public void mul_rem_xorrange(Pointer res, Pointer A, Pointer B)`
`@@ -859,7 +862,7 @@ void invMatrixLU_gf2(Pointer S, Pointer L_orig, Pointer U_orig, FunctionParams i`
`859`	`862`	`else if (ifCondition == 1)`
`860`	`863`	`{`
`861`	`864`	`/* ir = 0 */`
`862`		`- Sinv_cpi.set(iq, 1);`
	`865`	`+ Sinv_cpi.set(iq, 1L);`
`863`	`866`	`Sinv_cpi.move(nextrow);`
`864`	`867`	`}`
`865`	`868`	`/* Here, Sinv_cpi is at the end of S_inv */`
`@@ -1055,7 +1058,6 @@ private int setPk2Value(Pointer pk2, PointerUnion pk64, int nb_bits, int iq, int`
`1055`	`1058`	`if ((nb_bits & 63) != 0)`
`1056`	`1059`	`{`
`1057`	`1060`	`setPk2_loop(pk2, pk64, nb_bits, iq);`
`1058`		`- //pk2.set(k, pk64.get(k) >>> (nb_bits & 63));`
`1059`	`1061`	`pk2.set(iq, pk64.get(iq) >>> (nb_bits & 63));`
`1060`	`1062`	`if (((nb_bits & 63) + ir) > 64)`
`1061`	`1063`	`{`
`@@ -1068,6 +1070,7 @@ private int setPk2Value(Pointer pk2, PointerUnion pk64, int nb_bits, int iq, int`
`1068`	`1070`	`}`
`1069`	`1071`	`else`
`1070`	`1072`	`{`
	`1073`	`+ //TODO Pointer.for_set`
`1071`	`1074`	`for (k = 0; k <= iq; ++k)`
`1072`	`1075`	`{`
`1073`	`1076`	`pk2.set(k, pk64.get(k));`
`@@ -1092,6 +1095,7 @@ private void setPk2_endValue(Pointer pk2, Pointer pk64, int nb_bits, int iq)`
`1092`	`1095`	`}`
`1093`	`1096`	`else`
`1094`	`1097`	`{`
	`1098`	`+ ////TODO Pointer.for_set`
`1095`	`1099`	`for (k = 0; k <= iq; ++k)`
`1096`	`1100`	`{`
`1097`	`1101`	`pk2.set(k, pk64.get(k));`
`@@ -1101,6 +1105,7 @@ private void setPk2_endValue(Pointer pk2, Pointer pk64, int nb_bits, int iq)`
`1101`	`1105`
`1102`	`1106`	`private void setPk2_loop(Pointer pk2, Pointer pk64, int nb_bits, int iq)`
`1103`	`1107`	`{`
	`1108`	`+ //TODO:`
`1104`	`1109`	`for (int k = 0; k < iq; ++k)`
`1105`	`1110`	`{`
`1106`	`1111`	`pk2.set(k, (pk64.get(k) >>> (nb_bits & 63)) ^ (pk64.get(k + 1) << (64 - (nb_bits & 63))));`
`@@ -1156,6 +1161,7 @@ private long convMQ_last_uncompressL_gf2(Pointer pk2, PointerUnion pk)`
`1156`	`1161`	`if ((((NB_MONOMIAL_PK - LOST_BITS + 7) >>> 3) & 7) != 0)//Except cyangemss192, magentagemss192`
`1157`	`1162`	`{`
`1158`	`1163`	`final int NB_WHOLE_BLOCKS = ((HFEnv - ((64 - ((NB_MONOMIAL_PK - LOST_BITS - HFEnvr) & 63)) & 63)) >>> 6);`
	`1164`	`+ //TODO:`
`1159`	`1165`	`for (k = 0; k < NB_WHOLE_BLOCKS; ++k)`
`1160`	`1166`	`{`
`1161`	`1167`	`pk2.set(k, (pk64.get(k) >>> (nb_bits & 63)) ^ (pk64.getWithCheck(k + 1) << (64 - (nb_bits & 63))));`
`@@ -1189,6 +1195,7 @@ private long convMQ_last_uncompressL_gf2(Pointer pk2, PointerUnion pk)`
`1189`	`1195`	`{`
`1190`	`1196`	`if ((((NB_MONOMIAL_PK - LOST_BITS + 7) >>> 3) & 7) != 0)`
`1191`	`1197`	`{`
	`1198`	`+ //TODO Pointer.for_set`
`1192`	`1199`	`for (k = 0; k < iq; ++k)`
`1193`	`1200`	`{`
`1194`	`1201`	`pk2.set(k, pk64.get(k));`
`@@ -1197,6 +1204,7 @@ private long convMQ_last_uncompressL_gf2(Pointer pk2, PointerUnion pk)`
`1197`	`1204`	`}`
`1198`	`1205`	`else`
`1199`	`1206`	`{`
	`1207`	`+ //TODO Pointer.for_set`
`1200`	`1208`	`for (k = 0; k <= iq; ++k)`
`1201`	`1209`	`{`
`1202`	`1210`	`pk2.set(k, pk64.get(k));`
`@@ -1222,6 +1230,7 @@ else if (LAST_ROW_Q != 0)`
`1222`	`1230`	`}`
`1223`	`1231`	`else`
`1224`	`1232`	`{`
	`1233`	`+ //TODO Pointer.for_set`
`1225`	`1234`	`for (k = 0; k < iq; ++k)`
`1226`	`1235`	`{`
`1227`	`1236`	`pk2.set(k, pk64.get(k));`
`@@ -1896,7 +1905,7 @@ private void LOOPIR(Pointer S, Pointer L_cp, Pointer U, int NB_IT, int nq, int n`
`1896`	`1905`	`private void LOOPJR(Pointer S, Pointer L, Pointer U, int NB_IT, int iq, int jq)`
`1897`	`1906`	`{`
`1898`	`1907`	`int mini = Math.min(iq, jq);`
`1899`		`- S.set(0, 0);`
	`1908`	`+ S.set(0L);`
`1900`	`1909`	`long tmp;`
`1901`	`1910`	`for (int jr = 0; jr < NB_IT; ++jr)`
`1902`	`1911`	`{`
`@@ -2162,7 +2171,7 @@ private int frobeniusMap_HFE_gf2nx(Pointer Xqn, SecretKeyHFE.complete_sparse_mon`
`2162`	`2171`	`/* Step 1: compute X^(2^(HFEDegI+1)) */`
`2163`	`2172`	`d = 2 << HFEDegI;`
`2164`	`2173`	`/* Xqn is initialized to 0 with calloc, so the multiprecision word is initialized to 1 just by setting the first word */`
`2165`		`- Xqn.set(d * NB_WORD_GFqn, 1);`
	`2174`	`+ Xqn.set(d * NB_WORD_GFqn, 1L);`
`2166`	`2175`	`/* Step 2: reduction of X^(2^(HFEDegI+1)) modulo (F-U) */`
`2167`	`2176`	`divsqr_r_HFE_cstdeg_gf2nx(Xqn, d, F, cst);`
`2168`	`2177`	`for (i = HFEDegI + 1; i < HFEn; ++i)`
`@@ -2173,7 +2182,7 @@ private int frobeniusMap_HFE_gf2nx(Pointer Xqn, SecretKeyHFE.complete_sparse_mon`
`2173`	`2182`	`divsqr_r_HFE_cstdeg_gf2nx(Xqn, (HFEDeg - 1) << 1, F, cst);`
`2174`	`2183`	`}`
`2175`	`2184`	`/* (X^(2^n) mod (F-U)) - X */`
`2176`		`- Xqn.setXor(NB_WORD_GFqn, 1);`
	`2185`	`+ Xqn.setXor(NB_WORD_GFqn, 1L);`
`2177`	`2186`	`return getD_for_not0_or_plus(Xqn);`
`2178`	`2187`	`}`
`2179`	`2188`
`@@ -2450,7 +2459,7 @@ private void convHFEpolynomialSparseToDense_gf2nx(Pointer F_dense, SecretKeyHFE.`
`2450`	`2459`	`}`
`2451`	`2460`	`F_dense.changeIndex(F_dense_orig);`
`2452`	`2461`	`/* Leading term: 1 */`
`2453`		`- F_dense.set(HFEDeg * NB_WORD_GFqn, 1);`
	`2462`	`+ F_dense.set(HFEDeg * NB_WORD_GFqn, 1L);`
`2454`	`2463`	`}`
`2455`	`2464`
`2456`	`2465`	`int div_r_gf2nx(Pointer A, int da, Pointer B, int db)`
`@@ -3589,7 +3598,6 @@ int interpolateHFE_FS_ref(Pointer MQS, Pointer F, Pointer S)`
`3589`	`3598`	`void evalHFEv_gf2nx(Pointer Fxv, Pointer F, Pointer xv)`
`3590`	`3599`	`{`
`3591`	`3600`	`Pointer cur_acc = new Pointer(NB_WORD_MUL);`
`3592`		`- //Pointer prod = new Pointer(NB_WORD_MUL);`
`3593`	`3601`	`Pointer acc = new Pointer(NB_WORD_MUL);`
`3594`	`3602`	`Pointer tab_Xqj = new Pointer((HFEDegI + 1) * NB_WORD_GFqn);`
`3595`	`3603`	`Pointer tab_Xqj_cp2 = new Pointer();`
`@@ -3608,6 +3616,7 @@ void evalHFEv_gf2nx(Pointer Fxv, Pointer F, Pointer xv)`
`3608`	`3616`	`}`
`3609`	`3617`	`/* Evaluation of the constant, quadratic in the vinegars */`
`3610`	`3618`	`int endloop = (NB_WORD_GFqn + NB_WORD_GFqv) == NB_WORD_GF2nv ? NB_WORD_GFqv : NB_WORD_GFqv - 1;`
	`3619`	`+ //TODO setRangeRotate`
`3611`	`3620`	`for (j = 0; j < endloop; ++j)`
`3612`	`3621`	`{`
`3613`	`3622`	`V.set(j, (xv.get(NB_WORD_GFqn - 1 + j) >>> HFEnr) ^ (xv.get(NB_WORD_GFqn + j) << (64 - HFEnr)));`
`@@ -3702,7 +3711,7 @@ int sign_openHFE_uncomp_pk(byte[] m, int len, byte[] sm8, PointerUnion pk)`
`3702`	`3711`	`/* Copy of pointer */`
`3703`	`3712`	`Pointer Si = new Pointer(Si_tab);`
`3704`	`3713`	`/* Vector of D_1, ..., D_(NB_ITE) */`
`3705`		`- Pointer D = new Pointer(SIZE_DIGEST_UINT);//NB_ITE * SIZE_DIGEST_UINT`
	`3714`	`+ Pointer D = new Pointer(SIZE_DIGEST_UINT);`
`3706`	`3715`	`/* Take the (n+v) first bits */`
`3707`	`3716`	`sm.fill(0, sm8, 0, NB_BYTES_GFqnv);`
`3708`	`3717`	`byte[] hashbuffer = new byte[64];`