adds indcpa keygen

supinie · Apr 11, 2024 · 4d9538e · 4d9538e
1 parent 82bdfdc
commit 4d9538e
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 20 deletions.
diff --git a/src/indcpa.rs b/src/indcpa.rs
@@ -2,10 +2,11 @@ use crate::{
     errors::{CrystalsError, PackingError, KeyGenerationError},
     matrix::Matrix,
     params::{SecurityLevel, K, POLYBYTES, SYMBYTES},
-    polynomials::{Normalised, Montgomery},
+    polynomials::{Normalised, Montgomery, Poly},
     vectors::PolyVec,
 };
 use sha3::{Digest, Sha3_512};
+use tinyvec::ArrayVec;
 
 #[derive(Default, PartialEq, Debug, Eq)]
 pub struct PrivateKey {
@@ -69,25 +70,51 @@ fn unpack_to_public_key(buf: &[u8]) -> Result<PublicKey, PackingError> {
     Ok(PublicKey { rho, noise, a_t })
 }
 
-// fn generate_key_pair(seed: &[u8], sec_level: SecurityLevel) -> Result<(PrivateKey, PublicKey), KeyGenerationError> {
-//     let mut expanded_seed = [0u8; 2 * SYMBYTES];
-//     let mut hash = Sha3_512::new();
-//     hash.update(seed);
+fn generate_key_pair(seed: &[u8], sec_level: SecurityLevel) -> Result<(PrivateKey, PublicKey), KeyGenerationError> {
+    let mut expanded_seed = [0u8; 2 * SYMBYTES];
+    let mut hash = Sha3_512::new();
+    hash.update(seed);
 
-//     expanded_seed.copy_from_slice(&hash.finalize());
+    expanded_seed.copy_from_slice(&hash.finalize());
 
-//     let rho: [u8; SYMBYTES] = expanded_seed[..SYMBYTES].try_into()?;
-//     let a = Matrix::derive(&rho, false, sec_level.k())?;
+    let rho: [u8; SYMBYTES] = expanded_seed[..SYMBYTES].try_into()?;
+    let a = Matrix::derive(&rho, false, sec_level.k())?;
 
-//     let sigma = &expanded_seed[32..];   // seed for noise
+    let sigma = &expanded_seed[32..];   // seed for noise
 
-//     let secret = PolyVec::derive_noise(sec_level, sigma, 0)
-//         .ntt()
-//         .normalise();
-
-
-
-// }
+    let secret = PolyVec::derive_noise(sec_level, sigma, 0)
+        .ntt()
+        .normalise();
+
+    let k_value: usize = sec_level.k().into();
+    #[allow(clippy::cast_possible_truncation)]  // k_value can only be 2, 3, 4
+    let error = PolyVec::derive_noise(sec_level, sigma, k_value as u8)
+        .ntt();
+
+    let noise_arr: ArrayVec<[Poly<Montgomery>; 4]> = a
+        .vectors()
+        .iter()
+        .map(|row| row.inner_product_pointwise(&secret))
+        .map(|poly| poly.mont_form())
+        .collect::<ArrayVec<[Poly<Montgomery>; 4]>>();
+
+    let noise = PolyVec::from(noise_arr)?
+        .add(&error)?
+        .normalise();
+
+    let a_t = a.transpose()?;
+
+    Ok((
+        PrivateKey {
+            secret,
+        },
+        PublicKey {
+            rho,
+            noise,
+            a_t,
+        }
+    ))
+}
 
 // pub fn generate_key_pair<PV, M>(seed: &[u8]) -> (PrivateKey<PV>, PublicKey<PV, M>)
 // where

diff --git a/src/matrix.rs b/src/matrix.rs
@@ -21,7 +21,7 @@ impl<S: State + Copy> Matrix<S> {
         &self.polyvecs.as_slice()[..self.sec_level.into()]
     }
 
-    fn transpose(&self) -> Result<Self, CrystalsError> {
+    pub(crate) fn transpose(&self) -> Result<Self, CrystalsError> {
         let mut raw_matrix = [ArrayVec::<[Poly<S>; 4]>::new(); 4];
         self.vectors()
             .iter()

diff --git a/src/vectors.rs b/src/vectors.rs
@@ -8,7 +8,7 @@ use crate::{
 };
 use tinyvec::{array_vec, ArrayVec};
 
-#[derive(Default, PartialEq, Debug, Eq)]
+#[derive(Copy, Clone, Default, PartialEq, Debug, Eq)]
 pub struct PolyVec<S: State> {
     polynomials: ArrayVec<[Poly<S>; 4]>,
     sec_level: K,
@@ -40,7 +40,7 @@ impl<S: State> PolyVec<S> {
 
     // Add two polyvecs pointwise.
     // They must be the same security level.
-    fn add<T: State>(&self, addend: &PolyVec<T>) -> Result<PolyVec<Unreduced>, CrystalsError> {
+    pub(crate) fn add<T: State>(&self, addend: &PolyVec<T>) -> Result<PolyVec<Unreduced>, CrystalsError> {
         if self.sec_level == addend.sec_level {
             let mut polynomials = ArrayVec::<[Poly<Unreduced>; 4]>::new();
             for (augend_poly, addend_poly) in self.polynomials.iter().zip(addend.polynomials.iter())
@@ -236,8 +236,10 @@ impl PolyVec<Montgomery> {
             sec_level: sec_level.k(),
         }
     }
+}
 
-    pub(crate) fn inner_product_pointwise(&self, polyvec: &Self) -> Poly<Unreduced> {
+impl<S: State + Reduced + Copy> PolyVec<S> {
+    pub(crate) fn inner_product_pointwise<T: State + Reduced>(&self, polyvec: &PolyVec<T>) -> Poly<Unreduced> {
         let poly = self
             .polynomials()
             .iter()