Fix windows build and package installation

3 years ago · aa9c5c9b7e
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -15,7 +15,7 @@ find_package( PythonInterp 2.7 REQUIRED )
 option(ENABLE_SHARED "Build shared library." ON)
 option(ENABLE_STATIC "Build static library." ON)
 option(ENABLE_STRICT "Build with strict compile options." YES)
 option(ENABLE_TESTS  "Enable compilation of tests." YES)
 option(ENABLE_TESTS  "Enable compilation of tests." OFF)
 option(GENERATED_SOURCE_PATH "Where the generated source code is stored, default in the building tree" OFF)

 if (GENERATED_SOURCE_PATH)
@@ -23,7 +23,7 @@ if (GENERATED_SOURCE_PATH)
 else()
 	set(GSOURCE_PATH ${PROJECT_BINARY_DIR}/src/GENERATED)
 endif()
 message("Generated source code will be in ${GSOURCE_PATH}")
 message("Generated source code in ${GSOURCE_PATH}")

 if(NOT CPACK_GENERATOR AND NOT CMAKE_INSTALL_RPATH AND CMAKE_INSTALL_PREFIX)
 	set(CMAKE_INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR})
@@ -49,40 +49,39 @@ if(MSVC)
 		set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} /WX")
 	endif()
 else()
        set(STRICT_OPTIONS_CXX "${STRICT_OPTIONS_CXX}  -std=c++11 -O2 ")
 	set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP}  -Wall -Wuninitialized -Wno-deprecated-declarations -Wno-missing-field-initializers ")
 	set(STRICT_OPTIONS_C "${STRICT_OPTIONS_C}  -std=c99 -O2 -Wstrict-prototypes -Wno-error=strict-prototypes -ffunction-sections -fdata-sections -fvisibility=hidden -fomit-frame-pointer ")
 	if(CMAKE_C_COMPILER_ID STREQUAL "Clang")
 		set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Qunused-arguments -Wno-array-bounds ")
 	endif()
 	if(APPLE)
 		set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Wno-error=unknown-warning-option -Qunused-arguments -Wno-tautological-compare -Wno-unused-function -Wno-array-bounds ")
 		set(STRICT_OPTIONS_CXX "${STRICT_OPTIONS_CXX} -stdlib=libc++ ")
 	set(STRICT_OPTIONS_CXX "${STRICT_OPTIONS_CXX} -std=c++11 -O2")
 	set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Wall -Wuninitialized -Wno-deprecated-declarations -Wno-missing-field-initializers")
 	set(STRICT_OPTIONS_C "${STRICT_OPTIONS_C} -std=c99 -O2 -Wstrict-prototypes -Wno-error=strict-prototypes -fvisibility=hidden")
 	if(CMAKE_C_COMPILER_ID MATCHES "Clang")
 		set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Wno-error=unknown-warning-option -Qunused-arguments -Wno-tautological-compare")
 		set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Wno-unused-function -Wno-array-bounds -Wno-pass-failed -Wno-error=sizeof-array-div")
 	endif()
 	if(ENABLE_STRICT)
 		set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Werror -Wextra -Wno-unused-parameter -fno-strict-aliasing ")
 		set(STRICT_OPTIONS_CPP "${STRICT_OPTIONS_CPP} -Werror -Wextra -Wno-unused-parameter -fno-strict-aliasing")
 	endif()
 endif()

 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${STRICT_OPTIONS_C}")
 set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${STRICT_OPTIONS_CXX}")
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${STRICT_OPTIONS_C} ${STRICT_OPTIONS_CPP}")
 set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${STRICT_OPTIONS_CXX} ${STRICT_OPTIONS_CPP}")

 add_subdirectory(src)

 if(ENABLE_TESTS)
        enable_testing()
 	enable_testing()
 	add_subdirectory(test)
 endif()

 include(CMakePackageConfigHelpers)
 set(ConfigPackageLocation share/decaf/cmake)
 export(EXPORT ${EXPORT_TARGETS_NAME}Targets
 	FILE "${CMAKE_CURRENT_BINARY_DIR}/DecafTargets.cmake"
 )
 configure_file(cmake/DecafConfig.cmake.in
 configure_package_config_file(cmake/DecafConfig.cmake.in
 	"${CMAKE_CURRENT_BINARY_DIR}/DecafConfig.cmake"
 	@ONLY
 	INSTALL_DESTINATION ${ConfigPackageLocation}
 	NO_SET_AND_CHECK_MACRO
 )
 set(ConfigPackageLocation share/decaf/cmake)

 install(EXPORT ${EXPORT_TARGETS_NAME}Targets
 	FILE DecafTargets.cmake
 	DESTINATION ${ConfigPackageLocation}
@@ -109,7 +108,7 @@ set(CPACK_PACKAGE_NAME "decaf")
 set(CPACK_PACKAGE_VERSION ${PROJECT_VERSION})
 set(CPACK_SOURCE_GENERATOR "TGZ")
 set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}")
 set(CPACK_SOURCE_IGNORE_FILES
 set(CPACK_SOURCE_IGnore_FILES
        "^${CMAKE_BINARY_DIR}"
        "/\\\\..+"
 )
--- a/cmake/DecafConfig.cmake.in
+++ b/cmake/DecafConfig.cmake.in
@@ -28,23 +28,25 @@
 #  DECAF_LIBRARIES - The libraries needed to use decaf
 #  DECAF_CPPFLAGS - The compilation flags needed to use decaf

@PACKAGE_INIT@

 include("${CMAKE_CURRENT_LIST_DIR}/DecafTargets.cmake")

 if(@ENABLE_SHARED@)
 	set(DECAF_TARGETNAME decaf)
 	set(DECAF_LIBRARIES ${DECAF_TARGETNAME})
 else()
 	set(DECAF_TARGETNAME decaf-static)
 	if(TARGET ${DECAF_TARGETNAME})
 		get_target_property(DECAF_LIBRARIES ${DECAF_TARGETNAME} LOCATION)
 		get_target_property(DECAF_LINK_LIBRARIES ${DECAF_TARGETNAME} INTERFACE_LINK_LIBRARIES)
 		if(DECAF_LINK_LIBRARIES)
 			list(APPEND DECAF_LIBRARIES ${DECAF_LINK_LIBRARIES})
 		endif()
 	endif()
 endif()

 get_target_property(DECAF_INCLUDE_DIRS ${DECAF_TARGETNAME} INTERFACE_INCLUDE_DIRECTORIES)
 list(INSERT DECAF_INCLUDE_DIRS 0 "@CMAKE_INSTALL_FULL_INCLUDEDIR@")
 list(REMOVE_DUPLICATES DECAF_INCLUDE_DIRS)

 if(TARGET ${DECAF_TARGETNAME})
 	get_target_property(DECAF_LIBRARIES ${DECAF_TARGETNAME} LOCATION)
 	get_target_property(DECAF_LINK_LIBRARIES ${DECAF_TARGETNAME} INTERFACE_LINK_LIBRARIES)
 	if(DECAF_LINK_LIBRARIES)
 		list(APPEND DECAF_LIBRARIES ${DECAF_LINK_LIBRARIES})
 	endif()
 endif()

 set(DECAF_CPPFLAGS @DECAF_CPPFLAGS@)
 set(DECAF_FOUND 1)
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -5,6 +5,10 @@
 #
 ############################################################################

 if(MSVC)
    add_definitions(-D_CRT_SECURE_NO_WARNINGS)
 endif()

 set(DECAF_HEADER_FILES
 	include/constant_time.h
 	include/field.h
@@ -79,21 +83,18 @@ if(ENABLE_STATIC)
 	add_library(decaf-static STATIC ${DECAF_HEADER_FILES} ${DECAF_SOURCE_FILES_C} ${DECAF_SOURCE_FILES_CXX} $<TARGET_OBJECTS:p25519> $<TARGET_OBJECTS:p448> $<TARGET_OBJECTS:CURVE25519> $<TARGET_OBJECTS:CURVE448>)
 	add_dependencies(decaf-static generatedCode)
 	set_target_properties(decaf-static PROPERTIES OUTPUT_NAME decaf)
 	target_include_directories(decaf-static PUBLIC)
 	target_include_directories(decaf-static INTERFACE $<INSTALL_INTERFACE:include/decaf>)
 	target_link_libraries(decaf-static INTERFACE)
 endif()
 if(ENABLE_SHARED)
 	add_library(decaf SHARED ${DECAF_HEADER_FILES} ${DECAF_SOURCE_FILES_C} ${DECAF_SOURCE_FILES_CXX} $<TARGET_OBJECTS:p25519> $<TARGET_OBJECTS:p448> $<TARGET_OBJECTS:CURVE25519> $<TARGET_OBJECTS:CURVE448>)
 	add_dependencies(decaf generatedCode)
 	if(APPLE)
 		set_target_properties(decaf PROPERTIES LINK_FLAGS "-stdlib=libc++")
 	endif()
 	set_target_properties(decaf PROPERTIES VERSION ${DECAF_SO_VERSION})
 	target_include_directories(decaf PUBLIC)
 	target_include_directories(decaf INTERFACE $<INSTALL_INTERFACE:include/decaf>)
 	target_link_libraries(decaf PRIVATE)
 	if(MSVC)
 		if(CMAKE_BUILD_TYPE STREQUAL "Debug" OR CMAKE_BUILD_TYPE STREQUAL "RelWithDebInfo")
 			install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_BUILD_TYPE}/decaf.pdb
 			install(FILES $<TARGET_PDB_FILE:decaf>
 				DESTINATION ${CMAKE_INSTALL_BINDIR}
 				PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
 			)
--- a/src/include/word.h
+++ b/src/include/word.h
@@ -50,12 +50,16 @@ extern int posix_memalign(void **, size_t, size_t);

 #if (ARCH_WORD_BITS == 64)
    typedef uint64_t word_t, mask_t;
    static const mask_t DECAF_MASK_ALL_SET = (mask_t)0xFFFFFFFFFFFFFFFF;
    static const mask_t DECAF_MASK_ALL_UNSET = (mask_t)0x0;
    typedef __uint128_t dword_t;
    typedef int32_t hsword_t;
    typedef int64_t sword_t;
    typedef __int128_t dsword_t;
 #elif (ARCH_WORD_BITS == 32)
    typedef uint32_t word_t, mask_t;
    static const mask_t DECAF_MASK_ALL_SET = (mask_t)0xFFFFFFFF;
    static const mask_t DECAF_MASK_ALL_UNSET = (mask_t)0x0;
    typedef uint64_t dword_t;
    typedef int16_t hsword_t;
    typedef int32_t sword_t;
--- a/src/p25519/arch_32/f_impl.c
+++ b/src/p25519/arch_32/f_impl.c
@@ -48,7 +48,7 @@ void gf_mul (gf_s *__restrict__ cs, const gf as, const gf bs) {
    accum >>= 26;
    
    assert(accum < masko);
    c[1] += accum;
    c[1] += (uint32_t)accum;
 }

 void gf_mulw_unsigned (gf_s *__restrict__ cs, const gf as, uint32_t b) {
@@ -80,7 +80,7 @@ void gf_mulw_unsigned (gf_s *__restrict__ cs, const gf as, uint32_t b) {
    accum >>= 26;
    
    assert(accum < masko);
    c[1] += accum;
    c[1] += (uint32_t)accum;
 }

 void gf_sqr (gf_s *__restrict__ cs, const gf as) {
--- a/src/p448/arch_32/f_impl.c
+++ b/src/p448/arch_32/f_impl.c
@@ -88,11 +88,11 @@ void gf_mulw_unsigned (gf_s *__restrict__ cs, const gf as, uint32_t b) {

    accum0 += accum8 + c[8];
    c[8] = accum0 & mask;
    c[9] += accum0 >> 28;
    c[9] += (uint32_t)(accum0 >> 28);

    accum8 += c[0];
    c[0] = accum8 & mask;
    c[1] += accum8 >> 28;
    c[1] += (uint32_t)(accum8 >> 28);
 }

 void gf_sqr (gf_s *__restrict__ cs, const gf as) {
--- a/src/per_curve/decaf.tmpl.c
+++ b/src/per_curve/decaf.tmpl.c
@@ -1273,7 +1273,7 @@ decaf_error_t decaf_x$(gf_shortname) (
        else if (t == X_PRIVATE_BITS-1) sb = -1;
        
        mask_t k_t = (sb>>(t%8)) & 1;
        k_t = -k_t; /* set to all 0s or all 1s */
        k_t = k_t?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET; /* set to all 0s or all 1s */
        
        swap ^= k_t;
        gf_cond_swap(x2,x3,swap);
@@ -1394,7 +1394,7 @@ void decaf_x$(gf_shortname)_derive_public_key (
    memcpy(scalar2,scalar,sizeof(scalar2));
    scalar2[0] &= -(uint8_t)COFACTOR;
    
    scalar2[X_PRIVATE_BYTES-1] &= ~(-1u<<((X_PRIVATE_BITS+7)%8));
    scalar2[X_PRIVATE_BYTES-1] &= ~(0xFF<<((X_PRIVATE_BITS+7)%8));
    scalar2[X_PRIVATE_BYTES-1] |= 1<<((X_PRIVATE_BITS+7)%8);
    
    scalar_t the_scalar;
--- a/src/per_curve/elligator.tmpl.c
+++ b/src/per_curve/elligator.tmpl.c
@@ -109,13 +109,13 @@ API_NS(invert_elligator_nonuniform) (
    uint32_t hint_
 ) {
    mask_t hint = hint_;
    mask_t sgn_s = -(hint & 1),
        sgn_altx = -(hint>>1 & 1),
        sgn_r0 = -(hint>>2 & 1),
    mask_t sgn_s = ((hint & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET),
        sgn_altx = ((hint>>1 & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET),
        sgn_r0 = ((hint>>2 & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET),
        /* FUTURE MAGIC: eventually if there's a curve which needs sgn_ed_T but not sgn_r0,
         * change this mask extraction.
         */
        sgn_ed_T = -(hint>>3 & 1);
        sgn_ed_T = ((hint>>3 & 1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET);
    gf a,b,c;
    API_NS(deisogenize)(a,b,c,p,sgn_s,sgn_altx,sgn_ed_T);
    
--- a/src/per_curve/scalar.tmpl.c
+++ b/src/per_curve/scalar.tmpl.c
@@ -37,15 +37,15 @@ static DECAF_NOINLINE void sc_subx(
    unsigned int i;
    for (i=0; i<SCALAR_LIMBS; i++) {
        chain = (chain + accum[i]) - sub->limb[i];
        out->limb[i] = chain;
        out->limb[i] = (decaf_word_t)chain;
        chain >>= WBITS;
    }
    decaf_word_t borrow = chain+extra; /* = 0 or -1 */
    decaf_word_t borrow = (decaf_word_t)chain+extra; /* = 0 or -1 */
    
    chain = 0;
    for (i=0; i<SCALAR_LIMBS; i++) {
        chain = (chain + out->limb[i]) + (p->limb[i] & borrow);
        out->limb[i] = chain;
        out->limb[i] = (decaf_word_t)chain;
        chain >>= WBITS;
    }
 }
@@ -66,22 +66,22 @@ static DECAF_NOINLINE void sc_montmul (
        decaf_dword_t chain = 0;
        for (j=0; j<SCALAR_LIMBS; j++) {
            chain += ((decaf_dword_t)mand)*mier[j] + accum[j];
            accum[j] = chain;
            accum[j] = (decaf_word_t)chain;
            chain >>= WBITS;
        }
        accum[j] = chain;
        accum[j] = (decaf_word_t)chain;
        
        mand = accum[0] * MONTGOMERY_FACTOR;
        chain = 0;
        mier = sc_p->limb;
        for (j=0; j<SCALAR_LIMBS; j++) {
            chain += (decaf_dword_t)mand*mier[j] + accum[j];
            if (j) accum[j-1] = chain;
            if (j) accum[j-1] = (decaf_word_t)chain;
            chain >>= WBITS;
        }
        chain += accum[j];
        chain += hi_carry;
        accum[j-1] = chain;
        accum[j-1] = (decaf_word_t)chain;
        hi_carry = chain >> WBITS;
    }
    
@@ -179,10 +179,10 @@ void API_NS(scalar_add) (
    unsigned int i;
    for (i=0; i<SCALAR_LIMBS; i++) {
        chain = (chain + a->limb[i]) + b->limb[i];
        out->limb[i] = chain;
        out->limb[i] = (decaf_word_t)chain;
        chain >>= WBITS;
    }
    sc_subx(out, out->limb, sc_p, sc_p, chain);
    sc_subx(out, out->limb, sc_p, sc_p, (decaf_word_t)chain);
 }

 void
@@ -193,7 +193,7 @@ API_NS(scalar_set_unsigned) (
    memset(out,0,sizeof(scalar_t));
    unsigned int i = 0;
    for (; i<sizeof(uint64_t)/sizeof(decaf_word_t); i++) {
        out->limb[i] = w;
        out->limb[i] = (decaf_word_t)w;
 #if DECAF_WORD_BITS < 64
        w >>= 8*sizeof(decaf_word_t);
 #endif
@@ -242,7 +242,7 @@ decaf_error_t API_NS(scalar_decode)(
    
    API_NS(scalar_mul)(s,s,API_NS(scalar_one)); /* ham-handed reduce */
    
    return decaf_succeed_if(~word_is_zero(accum));
    return decaf_succeed_if(~word_is_zero((decaf_word_t)accum));
 }

 void API_NS(scalar_destroy) (
@@ -314,17 +314,17 @@ void API_NS(scalar_halve) (
    scalar_t out,
    const scalar_t a
 ) {
    decaf_word_t mask = -(a->limb[0] & 1);
    decaf_word_t mask = (a->limb[0] & 1)?DECAF_WORD_ALL_SET:DECAF_WORD_ALL_UNSET;
    decaf_dword_t chain = 0;
    unsigned int i;
    for (i=0; i<SCALAR_LIMBS; i++) {
        chain = (chain + a->limb[i]) + (sc_p->limb[i] & mask);
        out->limb[i] = chain;
        out->limb[i] = (decaf_word_t)chain;
        chain >>= DECAF_WORD_BITS;
    }
    for (i=0; i<SCALAR_LIMBS-1; i++) {
        out->limb[i] = out->limb[i]>>1 | out->limb[i+1]<<(WBITS-1);
    }
    out->limb[i] = out->limb[i]>>1 | chain<<(WBITS-1);
    out->limb[i] = out->limb[i]>>1 | (decaf_word_t)(chain<<(WBITS-1));
 }

--- a/src/per_field/f_generic.tmpl.c
+++ b/src/per_field/f_generic.tmpl.c
@@ -26,7 +26,7 @@ void gf_serialize (uint8_t serial[SER_BYTES], const gf x) {
            fill += LIMB_PLACE_VALUE(LIMBPERM(j));
            j++;
        }
        serial[i] = buffer;
        serial[i] = (uint8_t)buffer;
        fill -= 8;
        buffer >>= 8;
    }
@@ -37,7 +37,7 @@ mask_t gf_lobit(const gf x) {
    gf y;
    gf_copy(y,x);
    gf_strong_reduce(y);
    return -(y->limb[0]&1);
    return (y->limb[0]&1)?DECAF_MASK_ALL_SET:DECAF_MASK_ALL_UNSET;
 }

 /** Deserialize from wire format; return -1 on success and 0 on failure. */
@@ -46,19 +46,19 @@ mask_t gf_deserialize (gf x, const uint8_t serial[SER_BYTES], uint8_t hi_nmask)
    dword_t buffer = 0;
    dsword_t scarry = 0;
    UNROLL for (unsigned int i=0; i<NLIMBS; i++) {
        UNROLL while (fill < LIMB_PLACE_VALUE(LIMBPERM(i)) && j < SER_BYTES) {
        UNROLL while (fill < (unsigned int)(LIMB_PLACE_VALUE(LIMBPERM(i))) && j < SER_BYTES) {
            uint8_t sj = serial[j];
            if (j==SER_BYTES-1) sj &= ~hi_nmask;
            buffer |= ((dword_t)sj) << fill;
            fill += 8;
            j++;
        }
        x->limb[LIMBPERM(i)] = (i<NLIMBS-1) ? buffer & LIMB_MASK(LIMBPERM(i)) : buffer;
        x->limb[LIMBPERM(i)] = (word_t)((i<NLIMBS-1) ? buffer & LIMB_MASK(LIMBPERM(i)) : buffer);
        fill -= LIMB_PLACE_VALUE(LIMBPERM(i));
        buffer >>= LIMB_PLACE_VALUE(LIMBPERM(i));
        scarry = (scarry + x->limb[LIMBPERM(i)] - MODULUS->limb[LIMBPERM(i)]) >> (8*sizeof(word_t));
    }
    return word_is_zero(buffer) & ~word_is_zero(scarry);
    return word_is_zero((word_t)buffer) & ~word_is_zero((word_t)scarry);
 }

 /** Reduce to canonical form. */
@@ -80,9 +80,9 @@ void gf_strong_reduce (gf a) {
     * common case: it was < p, so now scarry = -1 and this = x - p + 2^255
     * so let's add back in p.  will carry back off the top for 2^255.
     */
    assert(word_is_zero(scarry) | word_is_zero(scarry+1));
    assert(word_is_zero((word_t)scarry) | word_is_zero((word_t)scarry+1));

    word_t scarry_0 = scarry;
    word_t scarry_0 = (word_t)scarry;
    dword_t carry = 0;

    /* add it back */
@@ -92,7 +92,7 @@ void gf_strong_reduce (gf a) {
        carry >>= LIMB_PLACE_VALUE(LIMBPERM(i));
    }

    assert(word_is_zero(carry + scarry_0));
    assert(word_is_zero((word_t)(carry) + scarry_0));
 }

 /** Subtract two gf elements d=a-b */
--- a/src/public_include/decaf/common.h
+++ b/src/public_include/decaf/common.h
@@ -93,8 +93,25 @@ typedef int64_t decaf_dsword_t;     /**< Signed double-word size for internal co
 #error "Only supporting DECAF_WORD_BITS = 32 or 64 for now"
 #endif
    
 /** DECAF_TRUE = -1 so that DECAF_TRUE & x = x */
 static const decaf_bool_t DECAF_TRUE = -(decaf_bool_t)1;
 /* MSCV compiler doesn't like the trick to have -1 assigned to an unsigned int to
 * set it to all ones, so do it openly */
 #if DECAF_WORD_BITS == 64
 /** DECAF_TRUE = all ones so that DECAF_TRUE & x = x */
 static const decaf_bool_t DECAF_TRUE = (decaf_bool_t)0xFFFFFFFFFFFFFFFF;
 /** DECAF_WORD_ALL_SET : all ones */
 static const decaf_word_t DECAF_WORD_ALL_SET = (decaf_word_t)0xFFFFFFFFFFFFFFFF;
 /** DECAF_WORD_ALL_UNSET : all zeros */
 static const decaf_word_t DECAF_WORD_ALL_UNSET = (decaf_word_t)0x0;
 #elif DECAF_WORD_BITS == 32         /**< The number of bits in a word */
 /** DECAF_TRUE = all ones so that DECAF_TRUE & x = x */
 static const decaf_bool_t DECAF_TRUE = (decaf_bool_t)0xFFFFFFFF;
 /** DECAF_WORD_ALL_SET : all ones */
 static const decaf_word_t DECAF_WORD_ALL_SET = (decaf_word_t)0xFFFFFFFF;
 /** DECAF_WORD_ALL_UNSET : all zeros */
 static const decaf_word_t DECAF_WORD_ALL_UNSET = (decaf_word_t)0x0;
 #else
 #error "Only supporting DECAF_WORD_BITS = 32 or 64 for now"
 #endif

 /** DECAF_FALSE = 0 so that DECAF_FALSE & x = 0 */
 static const decaf_bool_t DECAF_FALSE = 0;
--- a/src/sha512.c
+++ b/src/sha512.c
@@ -243,11 +243,11 @@ void decaf_sha512_final(decaf_sha512_ctx_t ctx, uint8_t *out, size_t length) {
    }
    
    for (size_t i=0; i<8; i++)
        ctx->block[120 + i] = bp >> (56 - 8*i);
        ctx->block[120 + i] = (uint8_t)(bp >> (56 - 8*i));
    hashblock(ctx);
    
    for (size_t i=0; i<length; i++) {
        out[i] = ctx->state[i/8] >> (56 - 8*(i%8));
        out[i] = (uint8_t)(ctx->state[i/8] >> (56 - 8*(i%8)));
    }
    
    decaf_sha512_init(ctx);
--- a/src/shake.c
+++ b/src/shake.c
@@ -98,7 +98,7 @@ decaf_error_t decaf_sha3_update (
        uint8_t* state = &decaf_sponge->state->b[decaf_sponge->params->position];
        if (cando > len) {
            for (i = 0; i < len; i += 1) state[i] ^= in[i];
            decaf_sponge->params->position += len;
            decaf_sponge->params->position += (uint8_t)len;
            break;
        } else {
            for (i = 0; i < cando; i += 1) state[i] ^= in[i];
@@ -121,7 +121,7 @@ decaf_error_t decaf_sha3_output (
    
    if (decaf_sponge->params->max_out != 0xFF) {
        if (decaf_sponge->params->remaining >= len) {
            decaf_sponge->params->remaining -= len;
            decaf_sponge->params->remaining -= (uint8_t)len;
        } else {
            decaf_sponge->params->remaining = 0;
            ret = DECAF_FAILURE;
@@ -148,7 +148,7 @@ decaf_error_t decaf_sha3_output (
        uint8_t* state = &decaf_sponge->state->b[decaf_sponge->params->position];
        if (cando > len) {
            memcpy(out, state, len);
            decaf_sponge->params->position += len;
            decaf_sponge->params->position += (uint8_t)len;
            return ret;
        } else {
            memcpy(out, state, cando);
--- a/src/spongerng.c
+++ b/src/spongerng.c
@@ -25,6 +25,9 @@
 #if defined(_MSC_VER)
 #   include <io.h>
 #include <BaseTsd.h>
 #define open _open
 #define read _read
 #define close _close
 typedef SSIZE_T ssize_t;
 #else
 #   include <unistd.h>
@@ -110,7 +113,7 @@ void decaf_spongerng_next (
    uint8_t lenx[8];
    size_t len1 = len;
    for (unsigned i=0; i<sizeof(lenx); i++) {
        lenx[i] = len1;
        lenx[i] = (uint8_t)len1;
        len1 >>= 8;
    }
    decaf_sha3_update(prng->sponge,lenx,sizeof(lenx));
--- a/test/shakesum.c
+++ b/test/shakesum.c
@@ -20,7 +20,7 @@ typedef SSIZE_T ssize_t;
 #include <decaf/shake.h>
 #include <decaf/sha512.h>

 static void usage() {
 static void usage(void) {
    fprintf(
        stderr,
        "decaf_shakesum [shake256|shake128|sha3-224|sha3-384|sha3-512|sha512] < infile > outfile\n"