key directly to its instructions. type blockExpanded struct { rounds int // Round keys, where only the first (rounds + 1) × (128 ÷ 32) words are used. enc [60]uint32 dec [60]uint32 } const ( // AES-128 has 128-bit keys, 10 rounds, and uses 11 128-bit round keys // (11×128÷32 = 44 32-bit words). // AES-192 has 192-bit keys, 12 rounds, and uses 13 128-bit round keys // (13×128÷32 = 52 32-bit words). // AES-256 has 256-bit keys, 14 rounds, and uses 15 128-bit round keys // (15×128÷32 = 60 32-bit words)....

inverseNTT(nttMul(c, t0[i])) // Reject if ||ct0||∞ ≥ γ2 if coefficientsExceedBo(ct0[i], γ2) { if testingOnlyRejection != nil { testingOnlyRejection("ct0") } continue sign } } count1s := 0 h := make([][n]byte, k, maxK) for i := range w { var count int h[i], count = makeHint(ct0[i], w[i], cs2[i], p) count1s += count } // Reject if number of hints > ω if count1s > p.ω { if testingOnlyRejection != nil { testingOnlyRejection("h") } continue sign } return sigEncode(ch, z, h, p) } } // testingOnlyRejection is set in tests,...

    `SparseDenseCwiseMul`
    ([CVE-2021-29567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29567))
*   Fixes a heap out of bounds read in `MaxPoolGradWithArgmax`
    ([CVE-2021-29570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29570))
*   Fixes a heap out of bounds read in `RequantizationRange`
    ([CVE-2021-29569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29569))