1
2
3 package internal
4
5 import (
6 "encoding/binary"
7 "testing"
8
9 "github.com/cloudflare/circl/sign/dilithium/internal/common"
10 )
11
12 func TestVectorDeriveUniform(t *testing.T) {
13 var p, p2 common.Poly
14 var seed [32]byte
15 if UseAES {
16 p2 = common.Poly{
17 6724291, 310295, 6949524, 4464039, 1482136, 2522903,
18 7025059, 3006320, 7286364, 7516512, 3361305, 1955529,
19 4765954, 1725325, 6933066, 4299100, 6625173, 4272792,
20 583034, 4971409, 2259140, 7715362, 3975394, 2341624,
21 5481174, 8150082, 365246, 5491939, 1083120, 7517301,
22 3104783, 2475292, 184149, 6425226, 4591622, 5964030,
23 4729604, 5471092, 1828227, 1082044, 2516245, 1692580,
24 3274844, 5443294, 7256740, 4989638, 3191250, 7479519,
25 5124211, 5603858, 1230692, 2513454, 2828034, 4254312,
26 1512596, 5245430, 5517392, 2814840, 932545, 6826733,
27 3511094, 4075348, 3233981, 7268882, 2913733, 4870249,
28 4123492, 8124406, 4016949, 5478752, 2750895, 603525,
29 5724798, 3985430, 3483012, 6434230, 3136996, 8297976,
30 4107616, 7307748, 6962904, 7544473, 1193110, 3448595,
31 4814773, 5607932, 8221314, 1054046, 1541208, 1866050,
32 8227412, 2925778, 5293953, 2065416, 4972769, 3616283,
33 7990594, 1105530, 7121836, 1170740, 7417431, 633146,
34 253820, 7235019, 3539504, 6807707, 451390, 5481526,
35 2859902, 1063061, 4579730, 7126652, 7033767, 4294814,
36 1414604, 7620048, 1953268, 8304556, 1156814, 1182881,
37 5311519, 3057534, 5277666, 682843, 2070398, 2874278,
38 4859533, 6376664, 6694074, 1590242, 2620706, 8331066,
39 5643845, 5037538, 2891516, 7004879, 3754327, 5031296,
40 5463118, 2420870, 8116529, 5517696, 7435129, 3873963,
41 710407, 713806, 175647, 4274571, 2655021, 7319503,
42 3027243, 7129679, 4213435, 2429323, 4643873, 4568526,
43 649664, 1720514, 6497260, 2683517, 7672754, 7105190,
44 3148405, 5898369, 5667677, 8050874, 1587139, 7315260,
45 4337416, 2202680, 2338714, 557467, 6752058, 2469794,
46 485071, 1617604, 3590498, 2151466, 2005823, 7727956,
47 7776292, 6783433, 6787146, 1732833, 3596857, 7436284,
48 4483349, 4970142, 4472608, 6478342, 1236215, 5695744,
49 2280717, 2889355, 3233946, 5187812, 978685, 5177364,
50 2922353, 4824807, 5302883, 6739803, 8092453, 5883903,
51 816553, 6041174, 8317591, 1459178, 5332455, 1835058,
52 1368601, 2820950, 3479224, 2589540, 7992934, 3421045,
53 4657128, 8292902, 4153567, 3553988, 7830320, 6722913,
54 2555309, 4149801, 8328975, 1560545, 7757473, 3106458,
55 4310856, 7135453, 3481032, 652626, 1841361, 8126828,
56 6250018, 300536, 7380070, 8174419, 1418793, 6208185,
57 3906256, 6679016, 1605701, 3561489, 5819724, 5746996,
58 8044214, 7087187, 7102330, 4962927, 4253983, 7108567,
59 4119736, 6584065, 441634, 6941656,
60 }
61 } else {
62 p2 = common.Poly{
63 2901364, 562527, 5258502, 3885002, 4190126, 4460268, 6884052,
64 3514511, 5383040, 213206, 2155865, 5179607, 3551954, 2312357,
65 6066350, 8126097, 1179080, 4787182, 6552182, 6713644,
66 1561067, 7626063, 7859743, 5052321, 7032876, 7815031, 157938,
67 1865184, 490802, 5717642, 3451902, 7000218, 3743250, 1677431,
68 1875427, 5596150, 671623, 3819041, 6247594, 1014875, 4933545,
69 7122446, 6682963, 3388398, 3335295, 943002, 1145083, 3113071,
70 105967, 1916675, 7474561, 1107006, 700548, 2147909, 1603855,
71 5049181, 437882, 6118899, 5656914, 6731065, 3066622, 865453,
72 5427634, 981549, 4650873, 861291, 4003872, 5104220, 6171453,
73 3723302, 7426315, 6137283, 4874820, 6052561, 53441, 5032874,
74 5614778, 2248550, 1756499, 8280764, 8263880, 7600081,
75 5118374, 795344, 7543392, 6869925, 1841187, 4181568, 584562,
76 7483939, 4938664, 6863397, 5126354, 5218129, 6236086,
77 4149293, 379169, 4368487, 7490569, 3409215, 1580463, 3081737,
78 1278732, 7109719, 7371700, 2097931, 399836, 1700274, 7188595,
79 6830029, 1548850, 6593138, 6849097, 1518037, 2859442,
80 7772265, 7325153, 3281191, 7856131, 4995056, 4684325,
81 1351194, 8223904, 6817307, 2484146, 131782, 397032, 7436778,
82 7973479, 3171829, 5624626, 3540123, 7150120, 8313283,
83 3604714, 1043574, 117692, 7797783, 7909392, 903315, 7335342,
84 7501562, 5826142, 2709813, 8245473, 2369045, 2782257,
85 5762833, 6474114, 6862031, 424522, 594248, 2626630, 7659983,
86 5642869, 4075194, 1592129, 245547, 5271031, 3205046, 982375,
87 267873, 1286496, 7230481, 3208972, 7485411, 676111, 4944500,
88 2959742, 5934456, 1414847, 6067948, 1709895, 4648315, 126008,
89 8258986, 2183134, 2302072, 4674924, 4306056, 7465311,
90 6500270, 4247428, 4016815, 4973426, 294287, 2456847, 3289700,
91 2732169, 1159447, 5569724, 140001, 3237977, 8007761, 5874533,
92 255652, 3119586, 2102434, 6248250, 8152822, 8006066, 7708625,
93 6997719, 6260212, 6186962, 6636650, 7836834, 7998017,
94 2061516, 1197591, 1706544, 733027, 2392907, 2700000, 8254598,
95 4488002, 160495, 2985325, 2036837, 2703633, 6406550, 3579947,
96 6195178, 5552390, 6804584, 6305468, 5731980, 6095195,
97 3323409, 1322661, 6690942, 3374630, 5615167, 479044, 3136054,
98 4380418, 2833144, 7829577, 1770522, 6056687, 240415, 14780,
99 3740517, 5224226, 3547288, 2083124, 4699398, 3654239,
100 5624978, 585593, 3655369, 2281739, 3338565, 1908093, 7784706,
101 4352830,
102 }
103 }
104 for i := 0; i < 32; i++ {
105 seed[i] = byte(i)
106 }
107 PolyDeriveUniform(&p, &seed, 30000)
108 if p != p2 {
109 t.Fatalf("%v != %v", p, p2)
110 }
111 }
112
113 func TestDeriveUniform(t *testing.T) {
114 var p common.Poly
115 var seed [32]byte
116 for i := 0; i < 100; i++ {
117 binary.LittleEndian.PutUint64(seed[:], uint64(i))
118 PolyDeriveUniform(&p, &seed, uint16(i))
119 if !PolyNormalized(&p) {
120 t.Fatal()
121 }
122 }
123 }
124
125 func TestDeriveUniformLeqEta(t *testing.T) {
126 var p common.Poly
127 var seed [64]byte
128 for i := 0; i < 100; i++ {
129 binary.LittleEndian.PutUint64(seed[:], uint64(i))
130 PolyDeriveUniformLeqEta(&p, &seed, uint16(i))
131 for j := 0; j < common.N; j++ {
132 if p[j] < common.Q-Eta || p[j] > common.Q+Eta {
133 t.Fatal()
134 }
135 }
136 }
137 }
138
139 func TestDeriveUniformLeGamma1(t *testing.T) {
140 var p common.Poly
141 var seed [64]byte
142 for i := 0; i < 100; i++ {
143 binary.LittleEndian.PutUint64(seed[:], uint64(i))
144 PolyDeriveUniformLeGamma1(&p, &seed, uint16(i))
145 for j := 0; j < common.N; j++ {
146 if (p[j] > Gamma1 && p[j] <= common.Q-Gamma1) || p[j] >= common.Q {
147 t.Fatal()
148 }
149 }
150 }
151 }
152
153 func TestDeriveUniformBall(t *testing.T) {
154 var p common.Poly
155 var seed [32]byte
156 for i := 0; i < 100; i++ {
157 binary.LittleEndian.PutUint64(seed[:], uint64(i))
158 PolyDeriveUniformBall(&p, &seed)
159 nonzero := 0
160 for j := 0; j < common.N; j++ {
161 if p[j] != 0 {
162 if p[j] != 1 && p[j] != common.Q-1 {
163 t.Fatal()
164 }
165 nonzero++
166 }
167 }
168 if nonzero != Tau {
169 t.Fatal()
170 }
171 }
172 }
173
174 func TestDeriveUniformX4(t *testing.T) {
175 if !DeriveX4Available {
176 t.SkipNow()
177 }
178 var ps [4]common.Poly
179 var p common.Poly
180 var seed [32]byte
181 nonces := [4]uint16{12345, 54321, 13532, 37377}
182
183 for i := 0; i < len(seed); i++ {
184 seed[i] = byte(i)
185 }
186
187 PolyDeriveUniformX4([4]*common.Poly{&ps[0], &ps[1], &ps[2], &ps[3]}, &seed,
188 nonces)
189 for i := 0; i < 4; i++ {
190 PolyDeriveUniform(&p, &seed, nonces[i])
191 if ps[i] != p {
192 t.Fatal()
193 }
194 }
195 }
196
197 func TestDeriveUniformBallX4(t *testing.T) {
198 if !DeriveX4Available {
199 t.SkipNow()
200 }
201 var ps [4]common.Poly
202 var p common.Poly
203 var seed [32]byte
204 PolyDeriveUniformBallX4(
205 [4]*common.Poly{&ps[0], &ps[1], &ps[2], &ps[3]},
206 &seed,
207 )
208 for j := 0; j < 4; j++ {
209 PolyDeriveUniformBall(&p, &seed)
210 if ps[j] != p {
211 t.Fatalf("%d\n%v\n%v", j, ps[j], p)
212 }
213 }
214 }
215
216 func BenchmarkPolyDeriveUniformBall(b *testing.B) {
217 var seed [32]byte
218 var p common.Poly
219 var w1 VecK
220 for i := 0; i < b.N; i++ {
221 w1[0][0] = uint32(i)
222 PolyDeriveUniformBall(&p, &seed)
223 }
224 }
225
226 func BenchmarkPolyDeriveUniformBallX4(b *testing.B) {
227 var seed [32]byte
228 var p common.Poly
229 var w1 VecK
230 for i := 0; i < b.N; i++ {
231 w1[0][0] = uint32(i)
232 PolyDeriveUniformBallX4(
233 [4]*common.Poly{&p, &p, &p, &p},
234 &seed,
235 )
236 }
237 }
238
239 func BenchmarkPolyDeriveUniform(b *testing.B) {
240 var seed [32]byte
241 var p common.Poly
242 for i := 0; i < b.N; i++ {
243 PolyDeriveUniform(&p, &seed, uint16(i))
244 }
245 }
246
247 func BenchmarkPolyDeriveUniformX4(b *testing.B) {
248 if !DeriveX4Available {
249 b.SkipNow()
250 }
251 var seed [32]byte
252 var p [4]common.Poly
253 for i := 0; i < b.N; i++ {
254 nonce := uint16(4 * i)
255 PolyDeriveUniformX4([4]*common.Poly{&p[0], &p[1], &p[2], &p[3]},
256 &seed, [4]uint16{nonce, nonce + 1, nonce + 2, nonce + 3})
257 }
258 }
259
260 func BenchmarkPolyDeriveUniformLeGamma1(b *testing.B) {
261 var seed [64]byte
262 var p common.Poly
263 for i := 0; i < b.N; i++ {
264 PolyDeriveUniformLeGamma1(&p, &seed, uint16(i))
265 }
266 }
267
View as plain text