1 package internal
2
3 import (
4 "encoding/binary"
5 "testing"
6
7 "github.com/cloudflare/circl/sign/dilithium/internal/common"
8 )
9
10 func TestVectorDeriveUniform(t *testing.T) {
11 var p, p2 common.Poly
12 var seed [32]byte
13 if UseAES {
14 p2 = common.Poly{
15 6724291, 310295, 6949524, 4464039, 1482136, 2522903,
16 7025059, 3006320, 7286364, 7516512, 3361305, 1955529,
17 4765954, 1725325, 6933066, 4299100, 6625173, 4272792,
18 583034, 4971409, 2259140, 7715362, 3975394, 2341624,
19 5481174, 8150082, 365246, 5491939, 1083120, 7517301,
20 3104783, 2475292, 184149, 6425226, 4591622, 5964030,
21 4729604, 5471092, 1828227, 1082044, 2516245, 1692580,
22 3274844, 5443294, 7256740, 4989638, 3191250, 7479519,
23 5124211, 5603858, 1230692, 2513454, 2828034, 4254312,
24 1512596, 5245430, 5517392, 2814840, 932545, 6826733,
25 3511094, 4075348, 3233981, 7268882, 2913733, 4870249,
26 4123492, 8124406, 4016949, 5478752, 2750895, 603525,
27 5724798, 3985430, 3483012, 6434230, 3136996, 8297976,
28 4107616, 7307748, 6962904, 7544473, 1193110, 3448595,
29 4814773, 5607932, 8221314, 1054046, 1541208, 1866050,
30 8227412, 2925778, 5293953, 2065416, 4972769, 3616283,
31 7990594, 1105530, 7121836, 1170740, 7417431, 633146,
32 253820, 7235019, 3539504, 6807707, 451390, 5481526,
33 2859902, 1063061, 4579730, 7126652, 7033767, 4294814,
34 1414604, 7620048, 1953268, 8304556, 1156814, 1182881,
35 5311519, 3057534, 5277666, 682843, 2070398, 2874278,
36 4859533, 6376664, 6694074, 1590242, 2620706, 8331066,
37 5643845, 5037538, 2891516, 7004879, 3754327, 5031296,
38 5463118, 2420870, 8116529, 5517696, 7435129, 3873963,
39 710407, 713806, 175647, 4274571, 2655021, 7319503,
40 3027243, 7129679, 4213435, 2429323, 4643873, 4568526,
41 649664, 1720514, 6497260, 2683517, 7672754, 7105190,
42 3148405, 5898369, 5667677, 8050874, 1587139, 7315260,
43 4337416, 2202680, 2338714, 557467, 6752058, 2469794,
44 485071, 1617604, 3590498, 2151466, 2005823, 7727956,
45 7776292, 6783433, 6787146, 1732833, 3596857, 7436284,
46 4483349, 4970142, 4472608, 6478342, 1236215, 5695744,
47 2280717, 2889355, 3233946, 5187812, 978685, 5177364,
48 2922353, 4824807, 5302883, 6739803, 8092453, 5883903,
49 816553, 6041174, 8317591, 1459178, 5332455, 1835058,
50 1368601, 2820950, 3479224, 2589540, 7992934, 3421045,
51 4657128, 8292902, 4153567, 3553988, 7830320, 6722913,
52 2555309, 4149801, 8328975, 1560545, 7757473, 3106458,
53 4310856, 7135453, 3481032, 652626, 1841361, 8126828,
54 6250018, 300536, 7380070, 8174419, 1418793, 6208185,
55 3906256, 6679016, 1605701, 3561489, 5819724, 5746996,
56 8044214, 7087187, 7102330, 4962927, 4253983, 7108567,
57 4119736, 6584065, 441634, 6941656,
58 }
59 } else {
60 p2 = common.Poly{
61 2901364, 562527, 5258502, 3885002, 4190126, 4460268, 6884052,
62 3514511, 5383040, 213206, 2155865, 5179607, 3551954, 2312357,
63 6066350, 8126097, 1179080, 4787182, 6552182, 6713644,
64 1561067, 7626063, 7859743, 5052321, 7032876, 7815031, 157938,
65 1865184, 490802, 5717642, 3451902, 7000218, 3743250, 1677431,
66 1875427, 5596150, 671623, 3819041, 6247594, 1014875, 4933545,
67 7122446, 6682963, 3388398, 3335295, 943002, 1145083, 3113071,
68 105967, 1916675, 7474561, 1107006, 700548, 2147909, 1603855,
69 5049181, 437882, 6118899, 5656914, 6731065, 3066622, 865453,
70 5427634, 981549, 4650873, 861291, 4003872, 5104220, 6171453,
71 3723302, 7426315, 6137283, 4874820, 6052561, 53441, 5032874,
72 5614778, 2248550, 1756499, 8280764, 8263880, 7600081,
73 5118374, 795344, 7543392, 6869925, 1841187, 4181568, 584562,
74 7483939, 4938664, 6863397, 5126354, 5218129, 6236086,
75 4149293, 379169, 4368487, 7490569, 3409215, 1580463, 3081737,
76 1278732, 7109719, 7371700, 2097931, 399836, 1700274, 7188595,
77 6830029, 1548850, 6593138, 6849097, 1518037, 2859442,
78 7772265, 7325153, 3281191, 7856131, 4995056, 4684325,
79 1351194, 8223904, 6817307, 2484146, 131782, 397032, 7436778,
80 7973479, 3171829, 5624626, 3540123, 7150120, 8313283,
81 3604714, 1043574, 117692, 7797783, 7909392, 903315, 7335342,
82 7501562, 5826142, 2709813, 8245473, 2369045, 2782257,
83 5762833, 6474114, 6862031, 424522, 594248, 2626630, 7659983,
84 5642869, 4075194, 1592129, 245547, 5271031, 3205046, 982375,
85 267873, 1286496, 7230481, 3208972, 7485411, 676111, 4944500,
86 2959742, 5934456, 1414847, 6067948, 1709895, 4648315, 126008,
87 8258986, 2183134, 2302072, 4674924, 4306056, 7465311,
88 6500270, 4247428, 4016815, 4973426, 294287, 2456847, 3289700,
89 2732169, 1159447, 5569724, 140001, 3237977, 8007761, 5874533,
90 255652, 3119586, 2102434, 6248250, 8152822, 8006066, 7708625,
91 6997719, 6260212, 6186962, 6636650, 7836834, 7998017,
92 2061516, 1197591, 1706544, 733027, 2392907, 2700000, 8254598,
93 4488002, 160495, 2985325, 2036837, 2703633, 6406550, 3579947,
94 6195178, 5552390, 6804584, 6305468, 5731980, 6095195,
95 3323409, 1322661, 6690942, 3374630, 5615167, 479044, 3136054,
96 4380418, 2833144, 7829577, 1770522, 6056687, 240415, 14780,
97 3740517, 5224226, 3547288, 2083124, 4699398, 3654239,
98 5624978, 585593, 3655369, 2281739, 3338565, 1908093, 7784706,
99 4352830,
100 }
101 }
102 for i := 0; i < 32; i++ {
103 seed[i] = byte(i)
104 }
105 PolyDeriveUniform(&p, &seed, 30000)
106 if p != p2 {
107 t.Fatalf("%v != %v", p, p2)
108 }
109 }
110
111 func TestDeriveUniform(t *testing.T) {
112 var p common.Poly
113 var seed [32]byte
114 for i := 0; i < 100; i++ {
115 binary.LittleEndian.PutUint64(seed[:], uint64(i))
116 PolyDeriveUniform(&p, &seed, uint16(i))
117 if !PolyNormalized(&p) {
118 t.Fatal()
119 }
120 }
121 }
122
123 func TestDeriveUniformLeqEta(t *testing.T) {
124 var p common.Poly
125 var seed [64]byte
126 for i := 0; i < 100; i++ {
127 binary.LittleEndian.PutUint64(seed[:], uint64(i))
128 PolyDeriveUniformLeqEta(&p, &seed, uint16(i))
129 for j := 0; j < common.N; j++ {
130 if p[j] < common.Q-Eta || p[j] > common.Q+Eta {
131 t.Fatal()
132 }
133 }
134 }
135 }
136
137 func TestDeriveUniformLeGamma1(t *testing.T) {
138 var p common.Poly
139 var seed [64]byte
140 for i := 0; i < 100; i++ {
141 binary.LittleEndian.PutUint64(seed[:], uint64(i))
142 PolyDeriveUniformLeGamma1(&p, &seed, uint16(i))
143 for j := 0; j < common.N; j++ {
144 if (p[j] > Gamma1 && p[j] <= common.Q-Gamma1) || p[j] >= common.Q {
145 t.Fatal()
146 }
147 }
148 }
149 }
150
151 func TestDeriveUniformBall(t *testing.T) {
152 var p common.Poly
153 var seed [32]byte
154 for i := 0; i < 100; i++ {
155 binary.LittleEndian.PutUint64(seed[:], uint64(i))
156 PolyDeriveUniformBall(&p, &seed)
157 nonzero := 0
158 for j := 0; j < common.N; j++ {
159 if p[j] != 0 {
160 if p[j] != 1 && p[j] != common.Q-1 {
161 t.Fatal()
162 }
163 nonzero++
164 }
165 }
166 if nonzero != Tau {
167 t.Fatal()
168 }
169 }
170 }
171
172 func TestDeriveUniformX4(t *testing.T) {
173 if !DeriveX4Available {
174 t.SkipNow()
175 }
176 var ps [4]common.Poly
177 var p common.Poly
178 var seed [32]byte
179 nonces := [4]uint16{12345, 54321, 13532, 37377}
180
181 for i := 0; i < len(seed); i++ {
182 seed[i] = byte(i)
183 }
184
185 PolyDeriveUniformX4([4]*common.Poly{&ps[0], &ps[1], &ps[2], &ps[3]}, &seed,
186 nonces)
187 for i := 0; i < 4; i++ {
188 PolyDeriveUniform(&p, &seed, nonces[i])
189 if ps[i] != p {
190 t.Fatal()
191 }
192 }
193 }
194
195 func TestDeriveUniformBallX4(t *testing.T) {
196 if !DeriveX4Available {
197 t.SkipNow()
198 }
199 var ps [4]common.Poly
200 var p common.Poly
201 var seed [32]byte
202 PolyDeriveUniformBallX4(
203 [4]*common.Poly{&ps[0], &ps[1], &ps[2], &ps[3]},
204 &seed,
205 )
206 for j := 0; j < 4; j++ {
207 PolyDeriveUniformBall(&p, &seed)
208 if ps[j] != p {
209 t.Fatalf("%d\n%v\n%v", j, ps[j], p)
210 }
211 }
212 }
213
214 func BenchmarkPolyDeriveUniformBall(b *testing.B) {
215 var seed [32]byte
216 var p common.Poly
217 var w1 VecK
218 for i := 0; i < b.N; i++ {
219 w1[0][0] = uint32(i)
220 PolyDeriveUniformBall(&p, &seed)
221 }
222 }
223
224 func BenchmarkPolyDeriveUniformBallX4(b *testing.B) {
225 var seed [32]byte
226 var p common.Poly
227 var w1 VecK
228 for i := 0; i < b.N; i++ {
229 w1[0][0] = uint32(i)
230 PolyDeriveUniformBallX4(
231 [4]*common.Poly{&p, &p, &p, &p},
232 &seed,
233 )
234 }
235 }
236
237 func BenchmarkPolyDeriveUniform(b *testing.B) {
238 var seed [32]byte
239 var p common.Poly
240 for i := 0; i < b.N; i++ {
241 PolyDeriveUniform(&p, &seed, uint16(i))
242 }
243 }
244
245 func BenchmarkPolyDeriveUniformX4(b *testing.B) {
246 if !DeriveX4Available {
247 b.SkipNow()
248 }
249 var seed [32]byte
250 var p [4]common.Poly
251 for i := 0; i < b.N; i++ {
252 nonce := uint16(4 * i)
253 PolyDeriveUniformX4([4]*common.Poly{&p[0], &p[1], &p[2], &p[3]},
254 &seed, [4]uint16{nonce, nonce + 1, nonce + 2, nonce + 3})
255 }
256 }
257
258 func BenchmarkPolyDeriveUniformLeGamma1(b *testing.B) {
259 var seed [64]byte
260 var p common.Poly
261 for i := 0; i < b.N; i++ {
262 PolyDeriveUniformLeGamma1(&p, &seed, uint16(i))
263 }
264 }
265
View as plain text