v0.2.2 RC

eschorn1 · eschorn1 · commit a33cce517591 · 2024-08-02T17:39:05.000-05:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.2.2 (2024-08-02)
+
+- Bug fix to debug_assert in `power2round` and t_not_reduced in `keygen`; thank you @skilo-sh !! 
+
+
 ## 0.2.1 (2024-06-19)
 
 - Internal revision based on review 2 feedback
diff --git a/Cargo.toml b/Cargo.toml
@@ -2,7 +2,7 @@ workspace = { exclude = ["ct_cm4", "dudect", "fuzz", "wasm"] }
 
 [package]
 name = "fips204"
-version = "0.2.1"
+version = "0.2.2"
 authors = ["Eric Schorn <eschorn@integritychain.com>"]
 description = "FIPS 204 (draft): Module-Lattice-Based Digital Signature"
 categories = ["cryptography", "no-std"]
diff --git a/ct_cm4/Cargo.toml b/ct_cm4/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "fips204-ct_cm4"
-version = "0.2.1"
+version = "0.2.2"
 authors = ["Eric Schorn <eschorn@integritychain.com>"]
 description = "Cortex-M4 testbench for FIPS 204 (draft) ML-DSA"
 edition = "2021"
diff --git a/dudect/Cargo.toml b/dudect/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "fips204-dudect"
-version = "0.2.1"
+version = "0.2.2"
 authors = ["Eric Schorn <eschorn@integritychain.com>"]
 description = "Dudect testbench for FIPS 204 (draft) ML-DSA"
 edition = "2021"
diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "fips204-fuzz"
-version = "0.2.1"
+version = "0.2.2"
 authors = ["Eric Schorn <eschorn@integritychain.com>"]
 description = "Fuzz harness for FIPS 204 (draft) ML-DSA"
 edition = "2021"
diff --git a/rustfmt.toml b/rustfmt.toml
@@ -66,7 +66,7 @@ use_field_init_shorthand = false
 force_explicit_abi = true
 condense_wildcard_suffixes = false
 color = "Auto"
-required_version = "1.7.0"
+required_version = "1.7.1"
 unstable_features = false
 disable_all_formatting = false
 skip_children = false
diff --git a/src/high_low.rs b/src/high_low.rs
@@ -17,7 +17,7 @@ pub(crate) fn power2round<const K: usize>(r: &[R; K]) -> ([R; K], [R; K]) {
     // 2: r0 ← r+ mod±2^d
     // 3: return ((r+ − r0)/2^d, r0)
     debug_assert!(
-        r.iter().flat_map(|row| row.0).all(|element| element < (i32::MAX - (1 << D))),
+        r.iter().flat_map(|row| row.0).all(|element| 0 <= element && element < Q),
         "power2round input"
     );
     let r_1: [R; K] = core::array::from_fn(|k| {
diff --git a/src/lib.rs b/src/lib.rs
@@ -253,9 +253,7 @@ macro_rules! functionality {
         impl Verifier for PublicKey {
             type Signature = [u8; SIG_LEN];
 
-            fn verify(
-                &self, message: &[u8], sig: &Self::Signature,
-            ) -> bool {
+            fn verify(&self, message: &[u8], sig: &Self::Signature) -> bool {
                 let epk = ml_dsa::verify_start(&self.0);
                 if epk.is_err() { return false };
                 let res = ml_dsa::verify_finish::<K, L, LAMBDA_DIV4, PK_LEN, SIG_LEN, W1_LEN>(
@@ -270,9 +268,7 @@ macro_rules! functionality {
         impl Verifier for ExpandedPublicKey {
             type Signature = [u8; SIG_LEN];
 
-            fn verify(
-                &self, message: &[u8], sig: &Self::Signature,
-            ) -> bool {
+            fn verify(&self, message: &[u8], sig: &Self::Signature) -> bool {
                 let res = ml_dsa::verify_finish::<K, L, LAMBDA_DIV4, PK_LEN, SIG_LEN, W1_LEN>(
                     BETA, GAMMA1, GAMMA2, OMEGA, TAU, &self, &message, &sig,
                 );
diff --git a/src/ml_dsa.rs b/src/ml_dsa.rs
@@ -5,7 +5,8 @@ use crate::encodings::{
 };
 use crate::hashing::{expand_a, expand_mask, expand_s, h_xof, sample_in_ball};
 use crate::helpers::{
-    center_mod, infinity_norm, mat_vec_mul, mont_reduce, partial_reduce32, to_mont, vec_add,
+    center_mod, full_reduce32, infinity_norm, mat_vec_mul, mont_reduce, partial_reduce32, to_mont,
+    vec_add,
 };
 use crate::high_low::{high_bits, low_bits, make_hint, power2round, use_hint};
 use crate::ntt::{inv_ntt, ntt};
@@ -57,7 +58,8 @@ pub(crate) fn key_gen<
     let t: [R; K] = {
         let s_1_hat: [T; L] = ntt(&s_1);
         let as1_hat: [T; K] = mat_vec_mul(&cap_a_hat, &s_1_hat);
-        vec_add(&inv_ntt(&as1_hat), &s_2)
+        let t_not_reduced: [R; K] = vec_add(&inv_ntt(&as1_hat), &s_2);
+        core::array::from_fn(|k| R(core::array::from_fn(|n| full_reduce32(t_not_reduced[k].0[n]))))
     };
 
     // 6: (t_1, t_0) ← Power2Round(t, d)    ▷ Compress t
diff --git a/src/traits.rs b/src/traits.rs
@@ -193,8 +193,7 @@ pub trait Verifier {
     /// # }
     /// # Ok(())}
     /// ```
-    fn verify(&self, message: &[u8], signature: &Self::Signature)
-        -> bool;
+    fn verify(&self, message: &[u8], signature: &Self::Signature) -> bool;
 }
 
 

Original file line number	Diff line number	Diff line change
`@@ -193,8 +193,7 @@ pub trait Verifier {`
`193`	`193`	`/// # }`
`194`	`194`	`/// # Ok(())}`
`195`	`195`	/// ```
`196`		`- fn verify(&self, message: &[u8], signature: &Self::Signature)`
`197`		`- -> bool;`
	`196`	`+ fn verify(&self, message: &[u8], signature: &Self::Signature) -> bool;`
`198`	`197`	`}`
`199`	`198`
`200`	`199`