github/ml-kem
1
1
Fork 0
mirror of https://github.com/itzmeanjan/ml-kem.git synced 2026-01-08 23:27:54 -05:00
Code Issues Packages Projects Releases Wiki Activity

adopt new API for Zq

Browse Source 
Signed-off-by: Anjan Roy <hello@itzmeanjan.in>
This commit is contained in:
Anjan Roy
2023-11-10 22:34:38 +05:30
parent 85b0a3cee1
commit e91593e7e3
8 changed files with 109 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
include/compression.hpp
View File

@@ -13,19 +13,19 @@ namespace kyber_utils {
// See top of page 5 of Kyber specification
// https://pq-crystals.org/kyber/data/kyber-specification-round3-20210804.pdf
template<size_t d>
static inline field::zq_t
static inline constexpr field::zq_t
compress(const field::zq_t x)
requires(kyber_params::check_d(d))
{
constexpr uint16_t t0 = 1u << d;
constexpr uint32_t t1 = static_cast<uint32_t>(field::Q >> 1);
constexpr uint32_t t1 = field::Q >> 1;
const uint32_t t2 = x.to_canonical() << d;
const uint32_t t2 = x.raw() << d;
const uint32_t t3 = t2 + t1;
const uint16_t t4 = static_cast<uint16_t>(t3 / field::Q);
const uint16_t t5 = t4 & (t0 - 1);
return field::zq_t::from_canonical(t5);
return field::zq_t(t5);
}
// Given an element x ∈ [0, 2^d) | d < round(log2(q)), this routine decompresses
@@ -37,24 +37,24 @@ compress(const field::zq_t x)
// See top of page 5 of Kyber specification
// https://pq-crystals.org/kyber/data/kyber-specification-round3-20210804.pdf
template<size_t d>
static inline field::zq_t
static inline constexpr field::zq_t
decompress(const field::zq_t x)
requires(kyber_params::check_d(d))
{
constexpr uint32_t t0 = 1u << d;
constexpr uint32_t t1 = t0 >> 1;
const uint32_t t2 = static_cast<uint32_t>(field::Q * x.to_canonical());
const uint32_t t2 = field::Q * x.raw();
const uint32_t t3 = t2 + t1;
const uint16_t t4 = static_cast<uint16_t>(t3 >> d);
return field::zq_t::from_canonical(t4);
return field::zq_t(t4);
}
// Utility function to compress each of 256 coefficients of a degree-255
// polynomial s.t. input polynomial is mutated.
template<size_t d>
static inline void
static inline constexpr void
poly_compress(std::span<field::zq_t, ntt::N> poly)
requires(kyber_params::check_d(d))
{
@@ -66,7 +66,7 @@ poly_compress(std::span<field::zq_t, ntt::N> poly)
// Utility function to decompress each of 256 coefficients of a degree-255
// polynomial s.t. input polynomial is mutated.
template<size_t d>
static inline void
static inline constexpr void
poly_decompress(std::span<field::zq_t, ntt::N> poly)
requires(kyber_params::check_d(d))
{

5
include/field.hpp
View File

@@ -33,6 +33,7 @@ public:
this->v = barrett_reduce(static_cast<uint32_t>(a));
}
// Returns canonical value held under Zq type. Returned value must ∈ [0, Q).
inline constexpr uint32_t raw() const { return this->v; }
// Returns prime field element 1.
@@ -65,7 +66,9 @@ public:
// Modulo multiplication of two Zq elements.
inline constexpr zq_t operator*(const zq_t rhs) const
{
return zq_t(this->v * rhs.v);
auto res = zq_t();
res.v = barrett_reduce(this->v * rhs.v);
return res;
}
// Compound modulo multiplication of two Zq elements.

12
include/ntt.hpp
View File

@@ -13,12 +13,12 @@ constexpr size_t N = 1 << LOG2N;
// First primitive 256 -th root of unity modulo q | q = 3329
//
// Meaning, 17 ** 256 == 1 mod q
constexpr auto ζ = field::zq_t::from_canonical(17);
constexpr auto ζ = field::zq_t(17);
// Multiplicative inverse of N/ 2 over Z_q | q = 3329 and N = 256
//
// Meaning (N/ 2) * 3303 = 1 mod q
constexpr auto INV_N = field::zq_t::from_canonical(N / 2).inv();
constexpr auto INV_N = field::zq_t(N / 2).inv();
// Given a 64 -bit unsigned integer, this routine extracts specified many
// contiguous bits from ( least significant bits ) LSB side & reverses their bit
@@ -102,7 +102,7 @@ constexpr std::array<field::zq_t, N / 2> POLY_MUL_ζ_EXP = compute_mul_ζ();
//
// Implementation inspired from
// https://github.com/itzmeanjan/falcon/blob/45b0593/include/ntt.hpp#L69-L144
inline void
static inline constexpr void
ntt(std::span<field::zq_t, N> poly)
{
for (size_t l = LOG2N - 1; l >= 1; l--) {
@@ -139,7 +139,7 @@ ntt(std::span<field::zq_t, N> poly)
//
// Implementation inspired from
// https://github.com/itzmeanjan/falcon/blob/45b0593/include/ntt.hpp#L146-L224
inline void
static inline constexpr void
intt(std::span<field::zq_t, N> poly)
{
for (size_t l = 1; l < LOG2N; l++) {
@@ -184,7 +184,7 @@ intt(std::span<field::zq_t, N> poly)
//
// See page 6 of Kyber specification
// https://pq-crystals.org/kyber/data/kyber-specification-round3-20210804.pdf
static inline void
static inline constexpr void
basemul(std::span<const field::zq_t, 2> f, // degree-1 polynomial
std::span<const field::zq_t, 2> g, // degree-1 polynomial
std::span<field::zq_t, 2> h, // degree-1 polynomial
@@ -218,7 +218,7 @@ basemul(std::span<const field::zq_t, 2> f, // degree-1 polynomial
// g = (g0ˆ + g1ˆX, g2ˆ + g3ˆX, ..., g254ˆ + g255ˆX)
//
// h = f ◦ g
inline void
static inline constexpr void
polymul(std::span<const field::zq_t, N> f, // degree-255 polynomial
std::span<const field::zq_t, N> g, // degree-255 polynomial
std::span<field::zq_t, N> h // degree-255 polynomial

14
include/poly_vec.hpp
View File

@@ -14,7 +14,7 @@ namespace kyber_utils {
// matrix element is a degree-255 polynomial over Z_q | q = 3329, this routine
// attempts to multiply and compute resulting matrix
template<size_t a_rows, size_t a_cols, size_t b_rows, size_t b_cols>
static inline void
static inline constexpr void
matrix_multiply(std::span<const field::zq_t, a_rows * a_cols * ntt::N> a,
std::span<const field::zq_t, b_rows * b_cols * ntt::N> b,
std::span<field::zq_t, a_rows * b_cols * ntt::N> c)
@@ -49,7 +49,7 @@ matrix_multiply(std::span<const field::zq_t, a_rows * a_cols * ntt::N> a,
// polynomial coefficients are in non-NTT form ), this routine applies in-place
// polynomial NTT over k polynomials
template<size_t k>
static inline void
static inline constexpr void
poly_vec_ntt(std::span<field::zq_t, k * ntt::N> vec)
requires((k == 1) || kyber_params::check_k(k))
{
@@ -66,7 +66,7 @@ poly_vec_ntt(std::span<field::zq_t, k * ntt::N> vec)
// order ), this routine applies in-place polynomial iNTT over those k
// polynomials
template<size_t k>
static inline void
static inline constexpr void
poly_vec_intt(std::span<field::zq_t, k * ntt::N> vec)
requires((k == 1) || kyber_params::check_k(k))
{
@@ -81,7 +81,7 @@ poly_vec_intt(std::span<field::zq_t, k * ntt::N> vec)
// Given a vector ( of dimension k x 1 ) of degree-255 polynomials, this
// routine adds it to another polynomial vector of same dimension
template<size_t k>
static inline void
static inline constexpr void
poly_vec_add_to(std::span<const field::zq_t, k * ntt::N> src,
std::span<field::zq_t, k * ntt::N> dst)
requires((k == 1) || kyber_params::check_k(k))
@@ -96,7 +96,7 @@ poly_vec_add_to(std::span<const field::zq_t, k * ntt::N> src,
// Given a vector ( of dimension k x 1 ) of degree-255 polynomials, this
// routine subtracts it to another polynomial vector of same dimension
template<size_t k>
static inline void
static inline constexpr void
poly_vec_sub_from(std::span<const field::zq_t, k * ntt::N> src,
std::span<field::zq_t, k * ntt::N> dst)
requires((k == 1) || kyber_params::check_k(k))
@@ -153,7 +153,7 @@ poly_vec_decode(std::span<const uint8_t, k * 32 * l> src,
// Given a vector ( of dimension k x 1 ) of degree-255 polynomials, each of
// k * 256 coefficients are compressed, while mutating input.
template<size_t k, size_t d>
static inline void
static inline constexpr void
poly_vec_compress(std::span<field::zq_t, k * ntt::N> vec)
requires(kyber_params::check_k(k))
{
@@ -168,7 +168,7 @@ poly_vec_compress(std::span<field::zq_t, k * ntt::N> vec)
// Given a vector ( of dimension k x 1 ) of degree-255 polynomials, each of
// k * 256 coefficients are decompressed, while mutating input.
template<size_t k, size_t d>
static inline void
static inline constexpr void
poly_vec_decompress(std::span<field::zq_t, k * ntt::N> vec)
requires(kyber_params::check_k(k))
{

32
include/sampling.hpp
View File

@@ -37,12 +37,12 @@ parse(shake128::shake128_t& hasher, std::span<field::zq_t, ntt::N> poly)
(static_cast<uint16_t>(buf[off + 1] >> 4));
if (d1 < field::Q) {
poly[coeff_idx] = field::zq_t::from_canonical(d1);
poly[coeff_idx] = field::zq_t(d1);
coeff_idx++;
}
if ((d2 < field::Q) && (coeff_idx < n)) {
poly[coeff_idx] = field::zq_t::from_canonical(d2);
poly[coeff_idx] = field::zq_t(d2);
coeff_idx++;
}
}
@@ -76,7 +76,7 @@ generate_matrix(std::span<field::zq_t, k * k * ntt::N> mat,
xof_in[33] = static_cast<uint8_t>(i);
}
shake128::shake128_t hasher{};
shake128::shake128_t hasher;
hasher.absorb(xof_in);
hasher.finalize();
@@ -113,10 +113,10 @@ cbd(std::span<const uint8_t, 64 * eta> prf, std::span<field::zq_t, ntt::N> poly)
const uint8_t t1 = (word >> 1) & mask8;
const uint8_t t2 = t0 + t1;
poly[poff + 0] = field::zq_t::from_canonical((t2 >> 0) & mask2) -
field::zq_t::from_canonical((t2 >> 2) & mask2);
poly[poff + 1] = field::zq_t::from_canonical((t2 >> 4) & mask2) -
field::zq_t::from_canonical((t2 >> 6) & mask2);
poly[poff + 0] =
field::zq_t((t2 >> 0) & mask2) - field::zq_t((t2 >> 2) & mask2);
poly[poff + 1] =
field::zq_t((t2 >> 4) & mask2) - field::zq_t((t2 >> 6) & mask2);
}
} else {
static_assert(eta == 3, "η must be 3 !");
@@ -138,14 +138,14 @@ cbd(std::span<const uint8_t, 64 * eta> prf, std::span<field::zq_t, ntt::N> poly)
const uint32_t t2 = (word >> 2) & mask24;
const uint32_t t3 = t0 + t1 + t2;
poly[poff + 0] = field::zq_t::from_canonical((t3 >> 0) & mask3) -
field::zq_t::from_canonical((t3 >> 3) & mask3);
poly[poff + 1] = field::zq_t::from_canonical((t3 >> 6) & mask3) -
field::zq_t::from_canonical((t3 >> 9) & mask3);
poly[poff + 2] = field::zq_t::from_canonical((t3 >> 12) & mask3) -
field::zq_t::from_canonical((t3 >> 15) & mask3);
poly[poff + 3] = field::zq_t::from_canonical((t3 >> 18) & mask3) -
field::zq_t::from_canonical((t3 >> 21) & mask3);
poly[poff + 0] =
field::zq_t((t3 >> 0) & mask3) - field::zq_t((t3 >> 3) & mask3);
poly[poff + 1] =
field::zq_t((t3 >> 6) & mask3) - field::zq_t((t3 >> 9) & mask3);
poly[poff + 2] =
field::zq_t((t3 >> 12) & mask3) - field::zq_t((t3 >> 15) & mask3);
poly[poff + 3] =
field::zq_t((t3 >> 18) & mask3) - field::zq_t((t3 >> 21) & mask3);
}
}
}
@@ -169,7 +169,7 @@ generate_vector(std::span<field::zq_t, k * ntt::N> vec,
prf_in[32] = nonce + static_cast<uint8_t>(i);
shake256::shake256_t hasher{};
shake256::shake256_t hasher;
hasher.absorb(prf_in);
hasher.finalize();
hasher.squeeze(prf_out);

128
include/serialize.hpp
View File

@@ -27,14 +27,14 @@ encode(std::span<const field::zq_t, ntt::N> poly,
for (size_t i = 0; i < itr_cnt; i++) {
const size_t off = i << 3;
arr[i] = (static_cast<uint8_t>(poly[off + 7].to_canonical() & one) << 7) |
(static_cast<uint8_t>(poly[off + 6].to_canonical() & one) << 6) |
(static_cast<uint8_t>(poly[off + 5].to_canonical() & one) << 5) |
(static_cast<uint8_t>(poly[off + 4].to_canonical() & one) << 4) |
(static_cast<uint8_t>(poly[off + 3].to_canonical() & one) << 3) |
(static_cast<uint8_t>(poly[off + 2].to_canonical() & one) << 2) |
(static_cast<uint8_t>(poly[off + 1].to_canonical() & one) << 1) |
(static_cast<uint8_t>(poly[off + 0].to_canonical() & one) << 0);
arr[i] = (static_cast<uint8_t>(poly[off + 7].raw() & one) << 7) |
(static_cast<uint8_t>(poly[off + 6].raw() & one) << 6) |
(static_cast<uint8_t>(poly[off + 5].raw() & one) << 5) |
(static_cast<uint8_t>(poly[off + 4].raw() & one) << 4) |
(static_cast<uint8_t>(poly[off + 3].raw() & one) << 3) |
(static_cast<uint8_t>(poly[off + 2].raw() & one) << 2) |
(static_cast<uint8_t>(poly[off + 1].raw() & one) << 1) |
(static_cast<uint8_t>(poly[off + 0].raw() & one) << 0);
}
} else if constexpr (l == 4) {
constexpr size_t itr_cnt = ntt::N >> 1;
@@ -42,8 +42,8 @@ encode(std::span<const field::zq_t, ntt::N> poly,
for (size_t i = 0; i < itr_cnt; i++) {
const size_t off = i << 1;
arr[i] = (static_cast<uint8_t>(poly[off + 1].to_canonical() & msk) << 4) |
(static_cast<uint8_t>(poly[off + 0].to_canonical() & msk) << 0);
arr[i] = (static_cast<uint8_t>(poly[off + 1].raw() & msk) << 4) |
(static_cast<uint8_t>(poly[off + 0].raw() & msk) << 0);
}
} else if constexpr (l == 5) {
constexpr size_t itr_cnt = ntt::N >> 3;
@@ -57,14 +57,14 @@ encode(std::span<const field::zq_t, ntt::N> poly,
const size_t poff = i << 3;
const size_t boff = i * 5;
const auto t0 = poly[poff + 0].to_canonical();
const auto t1 = poly[poff + 1].to_canonical();
const auto t2 = poly[poff + 2].to_canonical();
const auto t3 = poly[poff + 3].to_canonical();
const auto t4 = poly[poff + 4].to_canonical();
const auto t5 = poly[poff + 5].to_canonical();
const auto t6 = poly[poff + 6].to_canonical();
const auto t7 = poly[poff + 7].to_canonical();
const auto t0 = poly[poff + 0].raw();
const auto t1 = poly[poff + 1].raw();
const auto t2 = poly[poff + 2].raw();
const auto t3 = poly[poff + 3].raw();
const auto t4 = poly[poff + 4].raw();
const auto t5 = poly[poff + 5].raw();
const auto t6 = poly[poff + 6].raw();
const auto t7 = poly[poff + 7].raw();
arr[boff + 0] = (static_cast<uint8_t>(t1 & mask3) << 5) |
(static_cast<uint8_t>(t0 & mask5) << 0);
@@ -89,10 +89,10 @@ encode(std::span<const field::zq_t, ntt::N> poly,
const size_t poff = i << 2;
const size_t boff = i * 5;
const auto t0 = poly[poff + 0].to_canonical();
const auto t1 = poly[poff + 1].to_canonical();
const auto t2 = poly[poff + 2].to_canonical();
const auto t3 = poly[poff + 3].to_canonical();
const auto t0 = poly[poff + 0].raw();
const auto t1 = poly[poff + 1].raw();
const auto t2 = poly[poff + 2].raw();
const auto t3 = poly[poff + 3].raw();
arr[boff + 0] = static_cast<uint8_t>(t0);
arr[boff + 1] = static_cast<uint8_t>((t1 & mask6) << 2) |
@@ -118,14 +118,14 @@ encode(std::span<const field::zq_t, ntt::N> poly,
const size_t poff = i << 3;
const size_t boff = i * 11;
const auto t0 = poly[poff + 0].to_canonical();
const auto t1 = poly[poff + 1].to_canonical();
const auto t2 = poly[poff + 2].to_canonical();
const auto t3 = poly[poff + 3].to_canonical();
const auto t4 = poly[poff + 4].to_canonical();
const auto t5 = poly[poff + 5].to_canonical();
const auto t6 = poly[poff + 6].to_canonical();
const auto t7 = poly[poff + 7].to_canonical();
const auto t0 = poly[poff + 0].raw();
const auto t1 = poly[poff + 1].raw();
const auto t2 = poly[poff + 2].raw();
const auto t3 = poly[poff + 3].raw();
const auto t4 = poly[poff + 4].raw();
const auto t5 = poly[poff + 5].raw();
const auto t6 = poly[poff + 6].raw();
const auto t7 = poly[poff + 7].raw();
arr[boff + 0] = static_cast<uint8_t>(t0 & mask8);
arr[boff + 1] = static_cast<uint8_t>((t1 & mask5) << 3) |
@@ -156,8 +156,8 @@ encode(std::span<const field::zq_t, ntt::N> poly,
const size_t poff = i << 1;
const size_t boff = i * 3;
const auto t0 = poly[poff + 0].to_canonical();
const auto t1 = poly[poff + 1].to_canonical();
const auto t0 = poly[poff + 0].raw();
const auto t1 = poly[poff + 1].raw();
arr[boff + 0] = static_cast<uint8_t>(t0);
arr[boff + 1] = static_cast<uint8_t>((t1 & mask4) << 4) |
@@ -187,14 +187,14 @@ decode(std::span<const uint8_t, 32 * l> arr,
const size_t off = i << 3;
const uint8_t byte = arr[i];
poly[off + 0] = field::zq_t::from_canonical((byte >> 0) & one);
poly[off + 1] = field::zq_t::from_canonical((byte >> 1) & one);
poly[off + 2] = field::zq_t::from_canonical((byte >> 2) & one);
poly[off + 3] = field::zq_t::from_canonical((byte >> 3) & one);
poly[off + 4] = field::zq_t::from_canonical((byte >> 4) & one);
poly[off + 5] = field::zq_t::from_canonical((byte >> 5) & one);
poly[off + 6] = field::zq_t::from_canonical((byte >> 6) & one);
poly[off + 7] = field::zq_t::from_canonical((byte >> 7) & one);
poly[off + 0] = field::zq_t((byte >> 0) & one);
poly[off + 1] = field::zq_t((byte >> 1) & one);
poly[off + 2] = field::zq_t((byte >> 2) & one);
poly[off + 3] = field::zq_t((byte >> 3) & one);
poly[off + 4] = field::zq_t((byte >> 4) & one);
poly[off + 5] = field::zq_t((byte >> 5) & one);
poly[off + 6] = field::zq_t((byte >> 6) & one);
poly[off + 7] = field::zq_t((byte >> 7) & one);
}
} else if constexpr (l == 4) {
constexpr size_t itr_cnt = ntt::N >> 1;
@@ -204,8 +204,8 @@ decode(std::span<const uint8_t, 32 * l> arr,
const size_t off = i << 1;
const uint8_t byte = arr[i];
poly[off + 0] = field::zq_t::from_canonical((byte >> 0) & mask);
poly[off + 1] = field::zq_t::from_canonical((byte >> 4) & mask);
poly[off + 0] = field::zq_t((byte >> 0) & mask);
poly[off + 1] = field::zq_t((byte >> 4) & mask);
}
} else if constexpr (l == 5) {
constexpr size_t itr_cnt = ntt::N >> 3;
@@ -232,14 +232,14 @@ decode(std::span<const uint8_t, 32 * l> arr,
static_cast<uint16_t>((arr[boff + 3] >> 6) & mask2);
const auto t7 = static_cast<uint16_t>((arr[boff + 4] >> 3) & mask5);
poly[poff + 0] = field::zq_t::from_canonical(t0);
poly[poff + 1] = field::zq_t::from_canonical(t1);
poly[poff + 2] = field::zq_t::from_canonical(t2);
poly[poff + 3] = field::zq_t::from_canonical(t3);
poly[poff + 4] = field::zq_t::from_canonical(t4);
poly[poff + 5] = field::zq_t::from_canonical(t5);
poly[poff + 6] = field::zq_t::from_canonical(t6);
poly[poff + 7] = field::zq_t::from_canonical(t7);
poly[poff + 0] = field::zq_t(t0);
poly[poff + 1] = field::zq_t(t1);
poly[poff + 2] = field::zq_t(t2);
poly[poff + 3] = field::zq_t(t3);
poly[poff + 4] = field::zq_t(t4);
poly[poff + 5] = field::zq_t(t5);
poly[poff + 6] = field::zq_t(t6);
poly[poff + 7] = field::zq_t(t7);
}
} else if constexpr (l == 10) {
constexpr size_t itr_cnt = ntt::N >> 2;
@@ -260,10 +260,10 @@ decode(std::span<const uint8_t, 32 * l> arr,
const auto t3 = (static_cast<uint16_t>(arr[boff + 4]) << 2) |
static_cast<uint16_t>(arr[boff + 3] >> 6);
poly[poff + 0] = field::zq_t::from_canonical(t0);
poly[poff + 1] = field::zq_t::from_canonical(t1);
poly[poff + 2] = field::zq_t::from_canonical(t2);
poly[poff + 3] = field::zq_t::from_canonical(t3);
poly[poff + 0] = field::zq_t(t0);
poly[poff + 1] = field::zq_t(t1);
poly[poff + 2] = field::zq_t(t2);
poly[poff + 3] = field::zq_t(t3);
}
} else if constexpr (l == 11) {
constexpr size_t itr_cnt = ntt::N >> 3;
@@ -298,14 +298,14 @@ decode(std::span<const uint8_t, 32 * l> arr,
const auto t7 = (static_cast<uint16_t>(arr[boff + 10]) << 3) |
static_cast<uint16_t>(arr[boff + 9] >> 5);
poly[poff + 0] = field::zq_t::from_canonical(t0);
poly[poff + 1] = field::zq_t::from_canonical(t1);
poly[poff + 2] = field::zq_t::from_canonical(t2);
poly[poff + 3] = field::zq_t::from_canonical(t3);
poly[poff + 4] = field::zq_t::from_canonical(t4);
poly[poff + 5] = field::zq_t::from_canonical(t5);
poly[poff + 6] = field::zq_t::from_canonical(t6);
poly[poff + 7] = field::zq_t::from_canonical(t7);
poly[poff + 0] = field::zq_t(t0);
poly[poff + 1] = field::zq_t(t1);
poly[poff + 2] = field::zq_t(t2);
poly[poff + 3] = field::zq_t(t3);
poly[poff + 4] = field::zq_t(t4);
poly[poff + 5] = field::zq_t(t5);
poly[poff + 6] = field::zq_t(t6);
poly[poff + 7] = field::zq_t(t7);
}
} else {
static_assert(l == 12, "l must be equal to 12 !");
@@ -322,8 +322,8 @@ decode(std::span<const uint8_t, 32 * l> arr,
const auto t1 = (static_cast<uint16_t>(arr[boff + 2]) << 4) |
static_cast<uint16_t>(arr[boff + 1] >> 4);
poly[poff + 0] = field::zq_t::from_canonical(t0);
poly[poff + 1] = field::zq_t::from_canonical(t1);
poly[poff + 0] = field::zq_t(t0);
poly[poff + 1] = field::zq_t(t1);
}
}
}

4
tests/test_compression.cpp
View File

@@ -44,8 +44,8 @@ test_zq_compression()
const auto b = kyber_utils::compress<d>(a);
const auto c = kyber_utils::decompress<d>(b);
const auto a_canon = a.to_canonical();
const auto c_canon = c.to_canonical();
const auto a_canon = a.raw();
const auto c_canon = c.raw();
const uint32_t br0[]{ static_cast<uint16_t>(field::Q - c_canon), c_canon };
const bool flg0 = c_canon <= (field::Q >> 1);

2
tests/test_serialize.cpp
View File

@@ -34,7 +34,7 @@ test_serialize_deserialize()
kyber_utils::decode<l>(serialized_t(bytes), poly_t(dst));
for (size_t i = 0; i < ntt::N; i++) {
EXPECT_EQ((src[i].to_canonical() & mask), (dst[i].to_canonical() & mask));
EXPECT_EQ((src[i].raw() & mask), (dst[i].raw() & mask));
}
}