v0.4.5 RC1

Author: eschorn1

CHANGELOG.md

@@ -5,10 +5,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## 0.4.5 (2024-11-07)
+## 0.4.5 (2024-11-08)
 
 - Bug fix in Hash-ML-DSA - thank you @codespree
-- Two new fuzzers with tons of coverage: fuzz_sign and fuzz_verify
+- Two new fuzzers with tons of new coverage: fuzz_sign and fuzz_verify
 
 ## 0.4.4 (2024-10-29)
 

README.md

@@ -8,7 +8,7 @@
 
 [FIPS 204] Module-Lattice-Based Digital Signature Standard written in pure/safe Rust for server, 
 desktop, browser and embedded applications. The source repository includes examples demonstrating benchmarking,
-an embedded target, constant-time statistical measurements, fuzzing, and WASM execution.
+an embedded target, constant-time statistical measurements, fuzzing, WASM execution, and robust test coverage.
 
 This crate implements the FIPS 204 **released** standard in pure Rust with minimal and mainstream dependencies, and
 without any unsafe code. All three security parameter sets are fully functional and tested. The implementation's 
@@ -58,7 +58,7 @@ The Rust [Documentation][docs-link] lives under each **Module** corresponding to
 ## Notes
 
 * This crate is fully functional and corresponds to the final released FIPS 204 (August 13, 2024).
-* **BEWARE:** As of October 29, 2024 NIST has not released external/hash test vectors!
+* **BEWARE:** As of November 8, 2024 NIST has not released top-level/external/hash test vectors!
 * Constant-time assurances target the source-code level only, with confirmation via
   manual review/inspection, the embedded target, and the `dudect` dynamic/statistical measurements.
 * Note that FIPS 204 places specific requirements on randomness per section 3.6.1, hence the exposed `RNG`.

src/helpers.rs

@@ -46,7 +46,6 @@ pub(crate) const fn partial_reduce64(a: i64) -> i32 {
 #[allow(dead_code, clippy::cast_possible_truncation)]  // I may come back to this and experiment more
 pub(crate) const fn partial_reduce64b(a: i64) -> i32 {
     const MM: i64 = ((1 << 64) / (Q as i128)) as i64;
-    debug_assert!(a < (i64::MAX / 64), "partial_reduce64b input"); // actually, works for all 64b inputs!!
     let q = (a as i128 * MM as i128) >> 64; // only top half is relevant
     let res = a - (q as i64 * Q as i64);
     debug_assert!(res.abs() < 2 * Q as i64, "partial_reduce64b output");
@@ -192,9 +191,26 @@ mod tests {
     #[test]
     fn check_zeta() {
         let val = gen_zeta_table_mont();
-        assert_eq!(val[0], 4193792);
-        assert_eq!(val[1], 25847);
-        assert_eq!(val[2], 5771523);
+        assert_eq!(val[0], 4_193_792);
+        assert_eq!(val[1], 25_847);
+        assert_eq!(val[2], 5_771_523);
+    }
 
+    #[test]
+    fn test_partial_reduce64b() {
+        // Test with various input values
+        assert_eq!(partial_reduce64b(0), 0);
+        assert_eq!(partial_reduce64b(Q as i64), partial_reduce64(Q as i64));
+        assert_eq!(partial_reduce64b(-Q as i64), partial_reduce64b(-Q as i64));
+
+        // Test with large positive and negative values
+        let large_pos = i64::MAX / 64;
+        let large_neg = -i64::MAX / 64;
+        assert!(partial_reduce64b(large_pos).abs() < 2 * Q);
+        assert!(partial_reduce64b(large_neg).abs() < 2 * Q);
+
+        // Test with some specific values
+        assert_eq!(partial_reduce64b(12345678), partial_reduce64(12345678));
+        assert_eq!(partial_reduce64b(-12345678), partial_reduce64(-12345678));
     }
 }