From 92a0ed093153bfdad0a4b3a7836387a26c6acf40 Mon Sep 17 00:00:00 2001 From: armfazh Date: Mon, 28 Jun 2021 10:17:09 -0700 Subject: [PATCH] Replacing math/rand by crypto/rand. --- pke/kyber/internal/common/field_test.go | 27 ++++++++++++++++-- pke/kyber/internal/common/ntt_test.go | 13 +++++---- pke/kyber/internal/common/poly_test.go | 13 ++++++--- sign/dilithium/internal/common/field_test.go | 30 ++++++++++++++++---- sign/dilithium/internal/common/ntt_test.go | 9 +++--- sign/dilithium/internal/common/pack_test.go | 7 +++-- sign/dilithium/internal/common/poly_test.go | 15 ++++------ 7 files changed, 79 insertions(+), 35 deletions(-) diff --git a/pke/kyber/internal/common/field_test.go b/pke/kyber/internal/common/field_test.go index db2e4ebd1..1fd0d9c9d 100644 --- a/pke/kyber/internal/common/field_test.go +++ b/pke/kyber/internal/common/field_test.go @@ -1,8 +1,9 @@ package common import ( + "crypto/rand" + "encoding/binary" "flag" - mathRand "math/rand" "testing" ) @@ -35,9 +36,29 @@ func TestBarrettReduceFull(t *testing.T) { } } +func randSliceUint32(N uint) []uint32 { + bytes := make([]uint8, 4*N) + n, err := rand.Read(bytes) + if err != nil { + panic(err) + } else if n < len(bytes) { + panic("short read from RNG") + } + x := make([]uint32, N) + for i := range x { + x[i] = binary.LittleEndian.Uint32(bytes[4*i:]) + } + return x +} + func TestMontReduce(t *testing.T) { - for i := 0; i < 1000; i++ { - x := mathRand.Int31n(int32(Q)*(1<<16)) - int32(Q)*(1<<15) + N := 1000 + r := randSliceUint32(uint(N)) + max := uint32(Q) * (1 << 16) + mid := int32(Q) * (1 << 15) + + for i := 0; i < N; i++ { + x := int32(r[i]%max) - mid y := montReduce(x) if modQ32(x) != modQ32(int32(y)*(1<<16)) { t.Fatalf("%d", x) diff --git a/pke/kyber/internal/common/ntt_test.go b/pke/kyber/internal/common/ntt_test.go index 10ad08dbf..a678c4282 100644 --- a/pke/kyber/internal/common/ntt_test.go +++ b/pke/kyber/internal/common/ntt_test.go @@ -1,9 +1,6 @@ package common -import ( - mathRand "math/rand" - "testing" -) +import "testing" func BenchmarkNTT(b *testing.B) { var a Poly @@ -34,14 +31,18 @@ func BenchmarkInvNTTGeneric(b *testing.B) { } func (p *Poly) Rand() { + r := randSliceUint32(uint(N)) + max := uint32(Q) for i := 0; i < N; i++ { - p[i] = int16(mathRand.Intn(int(Q))) + p[i] = int16(r[i] % max) } } func (p *Poly) RandAbsLeQ() { + r := randSliceUint32(uint(N)) + max := 2 * uint32(Q) for i := 0; i < N; i++ { - p[i] = int16(mathRand.Intn(int(2*Q))) - Q + p[i] = int16(int32(r[i]%max) - int32(Q)) } } diff --git a/pke/kyber/internal/common/poly_test.go b/pke/kyber/internal/common/poly_test.go index 3bc56f964..d19633cc9 100644 --- a/pke/kyber/internal/common/poly_test.go +++ b/pke/kyber/internal/common/poly_test.go @@ -1,15 +1,16 @@ package common import ( - cryptoRand "crypto/rand" + "crypto/rand" "fmt" - mathRand "math/rand" "testing" ) func (p *Poly) RandAbsLe9Q() { + r := randSliceUint32(uint(N)) + max := 9 * uint32(Q) for i := 0; i < N; i++ { - p[i] = int16(mathRand.Intn(18*int(Q) - 9*int(Q))) + p[i] = int16(int32(r[i] % max)) } } @@ -26,7 +27,11 @@ func TestDecompressMessage(t *testing.T) { var m, m2 [PlaintextSize]byte var p Poly for i := 0; i < 1000; i++ { - _, _ = cryptoRand.Read(m[:]) + _, err := rand.Read(m[:]) + if err != nil { + t.Error(err) + } + p.DecompressMessage(m[:]) p.CompressMessageTo(m2[:]) if m != m2 { diff --git a/sign/dilithium/internal/common/field_test.go b/sign/dilithium/internal/common/field_test.go index 3be7f6abc..aa837e743 100644 --- a/sign/dilithium/internal/common/field_test.go +++ b/sign/dilithium/internal/common/field_test.go @@ -1,16 +1,34 @@ package common import ( + "crypto/rand" + "encoding/binary" "flag" - "math/rand" "testing" ) var runVeryLongTest = flag.Bool("very-long", false, "runs very long tests") +func randSliceUint32(N uint) []uint32 { + bytes := make([]uint8, 4*N) + n, err := rand.Read(bytes) + if err != nil { + panic(err) + } else if n < len(bytes) { + panic("short read from RNG") + } + x := make([]uint32, N) + for i := range x { + x[i] = binary.LittleEndian.Uint32(bytes[4*i:]) + } + return x +} + func TestModQ(t *testing.T) { - for i := 0; i < 1000; i++ { - x := rand.Uint32() + const testTimes = 1000 + r := randSliceUint32(testTimes) + for i := 0; i < testTimes; i++ { + x := r[i] y := modQ(x) if y > Q { t.Fatalf("modQ(%d) > Q", x) @@ -22,8 +40,10 @@ func TestModQ(t *testing.T) { } func TestReduceLe2Q(t *testing.T) { - for i := 0; i < 1000; i++ { - x := rand.Uint32() + const testTimes = 1000 + r := randSliceUint32(testTimes) + for i := 0; i < testTimes; i++ { + x := r[i] y := reduceLe2Q(x) if y > 2*Q { t.Fatalf("reduce_le2q(%d) > 2Q", x) diff --git a/sign/dilithium/internal/common/ntt_test.go b/sign/dilithium/internal/common/ntt_test.go index 3081dc092..e760ef99b 100644 --- a/sign/dilithium/internal/common/ntt_test.go +++ b/sign/dilithium/internal/common/ntt_test.go @@ -1,13 +1,12 @@ package common -import ( - "math/rand" - "testing" -) +import "testing" func (p *Poly) RandLe2Q() { + r := randSliceUint32(N) + max := 2 * uint32(Q) for i := uint(0); i < N; i++ { - p[i] = uint32(rand.Intn(int(2 * Q))) + p[i] = r[i] % max } } diff --git a/sign/dilithium/internal/common/pack_test.go b/sign/dilithium/internal/common/pack_test.go index 561d41ec2..715d9933d 100644 --- a/sign/dilithium/internal/common/pack_test.go +++ b/sign/dilithium/internal/common/pack_test.go @@ -1,16 +1,19 @@ package common import ( - "math/rand" + "crypto/rand" "testing" ) func TestPackLe16AgainstGeneric(t *testing.T) { var p Poly var buf1, buf2 [PolyLe16Size]byte + pp := make([]uint8, 256) + for j := 0; j < 1000; j++ { + _, _ = rand.Read(pp) for i := 0; i < 256; i++ { - p[i] = uint32(rand.Intn(16)) + p[i] = uint32(pp[i] & 0xF) } p.PackLe16(buf1[:]) p.packLe16Generic(buf2[:]) diff --git a/sign/dilithium/internal/common/poly_test.go b/sign/dilithium/internal/common/poly_test.go index 350de0c2a..4f5a96344 100644 --- a/sign/dilithium/internal/common/poly_test.go +++ b/sign/dilithium/internal/common/poly_test.go @@ -1,9 +1,6 @@ package common -import ( - "math/rand" - "testing" -) +import "testing" func TestExceeds(t *testing.T) { for i := 0; i < N; i++ { @@ -116,9 +113,8 @@ func TestMulHatAgainstGeneric(t *testing.T) { func TestReduceLe2QAgainstGeneric(t *testing.T) { for k := 0; k < 1000; k++ { var a Poly - for j := 0; j < N; j++ { - a[j] = rand.Uint32() - } + r := randSliceUint32(N) + copy(a[:], r) p1 := a p2 := a p1.reduceLe2QGeneric() @@ -132,9 +128,8 @@ func TestReduceLe2QAgainstGeneric(t *testing.T) { func TestNormalizeAgainstGeneric(t *testing.T) { for k := 0; k < 1000; k++ { var a Poly - for j := 0; j < N; j++ { - a[j] = rand.Uint32() - } + r := randSliceUint32(N) + copy(a[:], r) p1 := a p2 := a p1.normalizeGeneric()