wip; broken

cryspen · Nov 15, 2024 · 2168c96 · 2168c96
1 parent e7f2ef4
commit 2168c96
Show file tree

Hide file tree

Showing 13 changed files with 90 additions and 87 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -116,10 +116,9 @@ log = ["dep:log"]
 tests = []                           # Expose functions for testing.
 experimental = []                    # Expose experimental APIs.
 
-[profile.release]
-lto = "fat"
-codegen-units = 1
-panic = "abort"
+# [profile.release]
+# lto = "fat"
+# panic = "abort"
 
 [lints.rust]
 unexpected_cfgs = { level = "warn", check-cfg = [

diff --git a/libcrux-ml-dsa/src/arithmetic.rs b/libcrux-ml-dsa/src/arithmetic.rs
@@ -5,7 +5,7 @@ use crate::{
 
 #[inline(always)]
 pub(crate) fn vector_infinity_norm_exceeds<SIMDUnit: Operations, const DIMENSION: usize>(
-    vector: &[PolynomialRingElement<SIMDUnit>; DIMENSION],
+    vector: [PolynomialRingElement<SIMDUnit>; DIMENSION],
     bound: i32,
 ) -> bool {
     let mut exceeds = false;

diff --git a/libcrux-ml-dsa/src/encoding/commitment.rs b/libcrux-ml-dsa/src/encoding/commitment.rs
@@ -2,7 +2,7 @@ use crate::{polynomial::PolynomialRingElement, simd::traits::Operations};
 
 #[inline(always)]
 fn serialize<SIMDUnit: Operations, const OUTPUT_SIZE: usize>(
-    re: &PolynomialRingElement<SIMDUnit>,
+    re: PolynomialRingElement<SIMDUnit>,
 ) -> [u8; OUTPUT_SIZE] {
     let mut serialized = [0u8; OUTPUT_SIZE];
 
@@ -50,14 +50,14 @@ pub(crate) fn serialize_vector<
     const RING_ELEMENT_SIZE: usize,
     const OUTPUT_SIZE: usize,
 >(
-    vector: &[PolynomialRingElement<SIMDUnit>; DIMENSION],
+    vector: [PolynomialRingElement<SIMDUnit>; DIMENSION],
 ) -> [u8; OUTPUT_SIZE] {
     let mut serialized = [0u8; OUTPUT_SIZE];
     let mut offset: usize = 0;
 
     for ring_element in vector.iter() {
         serialized[offset..offset + RING_ELEMENT_SIZE]
-            .copy_from_slice(&serialize::<SIMDUnit, RING_ELEMENT_SIZE>(ring_element));
+            .copy_from_slice(&serialize::<SIMDUnit, RING_ELEMENT_SIZE>(*ring_element));
         offset += RING_ELEMENT_SIZE;
     }
 
@@ -105,7 +105,7 @@ mod tests {
             149,
         ];
 
-        assert_eq!(serialize::<SIMDUnit, 192>(&re), serialized);
+        assert_eq!(serialize::<SIMDUnit, 192>(re), serialized);
 
         // Test serialization when LOW_ORDER_ROUNDING_RANGE = 261,888
         let coefficients = [
@@ -132,7 +132,7 @@ mod tests {
             64, 117, 190, 98, 179, 38, 80, 88, 89, 9, 34, 243, 128, 219, 98, 11,
         ];
 
-        assert_eq!(serialize::<SIMDUnit, 128>(&re), serialized);
+        assert_eq!(serialize::<SIMDUnit, 128>(re), serialized);
     }
 
     #[cfg(not(feature = "simd256"))]

diff --git a/libcrux-ml-dsa/src/encoding/error.rs b/libcrux-ml-dsa/src/encoding/error.rs
@@ -4,7 +4,7 @@ use crate::{ntt::ntt, polynomial::PolynomialRingElement, simd::traits::Operation
 
 #[inline(always)]
 pub(crate) fn serialize<SIMDUnit: Operations, const ETA: usize, const OUTPUT_SIZE: usize>(
-    re: &PolynomialRingElement<SIMDUnit>,
+    re: PolynomialRingElement<SIMDUnit>,
 ) -> [u8; OUTPUT_SIZE] {
     let mut serialized = [0u8; OUTPUT_SIZE];
 

diff --git a/libcrux-ml-dsa/src/encoding/gamma1.rs b/libcrux-ml-dsa/src/encoding/gamma1.rs
@@ -6,7 +6,7 @@ pub(crate) fn serialize<
     const GAMMA1_EXPONENT: usize,
     const OUTPUT_BYTES: usize,
 >(
-    re: &PolynomialRingElement<SIMDUnit>,
+    re: PolynomialRingElement<SIMDUnit>,
 ) -> [u8; OUTPUT_BYTES] {
     let mut serialized = [0u8; OUTPUT_BYTES];
 
@@ -42,18 +42,21 @@ pub(crate) fn serialize<
 #[inline(always)]
 pub(crate) fn deserialize<SIMDUnit: Operations, const GAMMA1_EXPONENT: usize>(
     serialized: &[u8],
-    result: &mut PolynomialRingElement<SIMDUnit>,
-) {
+) -> PolynomialRingElement<SIMDUnit> {
     let mut serialized_chunks = match GAMMA1_EXPONENT as u8 {
         17 => serialized.chunks(18),
         19 => serialized.chunks(20),
         _ => unreachable!(),
     };
 
+    let mut result = PolynomialRingElement::<SIMDUnit>::ZERO();
+
     for i in 0..result.simd_units.len() {
         result.simd_units[i] =
             SIMDUnit::gamma1_deserialize::<GAMMA1_EXPONENT>(&serialized_chunks.next().unwrap());
     }
+
+    result
 }
 
 #[cfg(test)]
@@ -131,7 +134,7 @@ mod tests {
             117, 5, 185, 26, 141, 188, 106, 44, 164, 240, 119,
         ];
 
-        assert_eq!(serialize::<SIMDUnit, 19, 640>(&re), expected_bytes);
+        assert_eq!(serialize::<SIMDUnit, 19, 640>(re), expected_bytes);
     }
 
     fn test_deserialize_generic<SIMDUnit: Operations>() {
@@ -196,9 +199,10 @@ mod tests {
             -69944, -100373, 94602,
         ];
 
-        let mut result = PolynomialRingElement::<SIMDUnit>::ZERO();
-        deserialize::<SIMDUnit, 17>(&bytes, &mut result);
-        assert_eq!(result.to_i32_array(), expected_coefficients);
+        assert_eq!(
+            deserialize::<SIMDUnit, 17>(&bytes).to_i32_array(),
+            expected_coefficients
+        );
 
         let bytes: [u8; 640] = [
             253, 11, 216, 60, 251, 71, 79, 187, 242, 250, 209, 44, 72, 206, 98, 3, 22, 91, 184, 22,
@@ -266,9 +270,10 @@ mod tests {
             -138892, -414002, 42982,
         ];
 
-        let mut result = PolynomialRingElement::<SIMDUnit>::ZERO();
-        deserialize::<SIMDUnit, 19>(&bytes, &mut result);
-        assert_eq!(result.to_i32_array(), expected_coefficients);
+        assert_eq!(
+            deserialize::<SIMDUnit, 19>(&bytes).to_i32_array(),
+            expected_coefficients
+        );
     }
 
     #[cfg(not(feature = "simd256"))]

diff --git a/libcrux-ml-dsa/src/encoding/signature.rs b/libcrux-ml-dsa/src/encoding/signature.rs
@@ -29,7 +29,7 @@ impl<
         for i in 0..COLUMNS_IN_A {
             signature[offset..offset + GAMMA1_RING_ELEMENT_SIZE].copy_from_slice(
                 &encoding::gamma1::serialize::<SIMDUnit, GAMMA1_EXPONENT, GAMMA1_RING_ELEMENT_SIZE>(
-                    &self.signer_response[i],
+                    self.signer_response[i],
                 ),
             );
             offset += GAMMA1_RING_ELEMENT_SIZE;
@@ -72,10 +72,9 @@ impl<
         let mut signer_response = [PolynomialRingElement::<SIMDUnit>::ZERO(); COLUMNS_IN_A];
 
         for i in 0..COLUMNS_IN_A {
-            encoding::gamma1::deserialize::<SIMDUnit, GAMMA1_EXPONENT>(
+            signer_response[i] = encoding::gamma1::deserialize::<SIMDUnit, GAMMA1_EXPONENT>(
                 &signer_response_serialized
                     [i * GAMMA1_RING_ELEMENT_SIZE..(i + 1) * GAMMA1_RING_ELEMENT_SIZE],
-                &mut signer_response[i],
             );
         }
 

diff --git a/libcrux-ml-dsa/src/encoding/signing_key.rs b/libcrux-ml-dsa/src/encoding/signing_key.rs
@@ -48,21 +48,21 @@ pub(crate) fn generate_serialized<
 
     for ring_element in s1.iter() {
         signing_key_serialized[offset..offset + ERROR_RING_ELEMENT_SIZE].copy_from_slice(
-            &encoding::error::serialize::<SIMDUnit, ETA, ERROR_RING_ELEMENT_SIZE>(ring_element),
+            &encoding::error::serialize::<SIMDUnit, ETA, ERROR_RING_ELEMENT_SIZE>(*ring_element),
         );
         offset += ERROR_RING_ELEMENT_SIZE;
     }
 
     for ring_element in s2.iter() {
         signing_key_serialized[offset..offset + ERROR_RING_ELEMENT_SIZE].copy_from_slice(
-            &encoding::error::serialize::<SIMDUnit, ETA, ERROR_RING_ELEMENT_SIZE>(ring_element),
+            &encoding::error::serialize::<SIMDUnit, ETA, ERROR_RING_ELEMENT_SIZE>(*ring_element),
         );
         offset += ERROR_RING_ELEMENT_SIZE;
     }
 
     for ring_element in t0.iter() {
         signing_key_serialized[offset..offset + RING_ELEMENT_OF_T0S_SIZE]
-            .copy_from_slice(&encoding::t0::serialize::<SIMDUnit>(ring_element));
+            .copy_from_slice(&encoding::t0::serialize::<SIMDUnit>(*ring_element));
         offset += RING_ELEMENT_OF_T0S_SIZE;
     }
 

diff --git a/libcrux-ml-dsa/src/encoding/t0.rs b/libcrux-ml-dsa/src/encoding/t0.rs
@@ -9,7 +9,7 @@ use crate::{
 
 #[inline(always)]
 pub(crate) fn serialize<SIMDUnit: Operations>(
-    re: &PolynomialRingElement<SIMDUnit>,
+    re: PolynomialRingElement<SIMDUnit>,
 ) -> [u8; RING_ELEMENT_OF_T0S_SIZE] {
     let mut serialized = [0u8; RING_ELEMENT_OF_T0S_SIZE];
 
@@ -104,7 +104,7 @@ mod tests {
             114, 203, 81, 128, 188, 172, 90, 39, 25, 122, 156, 12, 71, 57, 204, 234, 227,
         ];
 
-        assert_eq!(serialize::<SIMDUnit>(&re), expected_bytes);
+        assert_eq!(serialize::<SIMDUnit>(re), expected_bytes);
     }
     fn test_deserialize_generic<SIMDUnit: Operations>() {
         let serialized = [

diff --git a/libcrux-ml-dsa/src/encoding/t1.rs b/libcrux-ml-dsa/src/encoding/t1.rs
@@ -7,7 +7,7 @@ use crate::{
 
 #[inline(always)]
 pub(crate) fn serialize<SIMDUnit: Operations>(
-    re: &PolynomialRingElement<SIMDUnit>,
+    re: PolynomialRingElement<SIMDUnit>,
 ) -> [u8; RING_ELEMENT_OF_T1S_SIZE] {
     let mut serialized = [0u8; RING_ELEMENT_OF_T1S_SIZE];
 
@@ -23,12 +23,16 @@ pub(crate) fn serialize<SIMDUnit: Operations>(
 
 pub(crate) fn deserialize<SIMDUnit: Operations>(
     serialized: &[u8],
-    result: &mut PolynomialRingElement<SIMDUnit>,
-) {
+) -> PolynomialRingElement<SIMDUnit> {
     let mut serialized_chunks = serialized.chunks(10);
+
+    let mut result = PolynomialRingElement::ZERO();
+
     for i in 0..result.simd_units.len() {
         result.simd_units[i] = SIMDUnit::t1_deserialize(&serialized_chunks.next().unwrap());
     }
+
+    result
 }
 
 #[cfg(test)]
@@ -78,7 +82,7 @@ mod tests {
             122,
         ];
 
-        assert_eq!(serialize::<SIMDUnit>(&re), expected_bytes);
+        assert_eq!(serialize::<SIMDUnit>(re), expected_bytes);
     }
 
     fn test_deserialize_generic<SIMDUnit: Operations>() {
@@ -120,9 +124,10 @@ mod tests {
             226, 479, 381, 932, 464, 451, 915, 206, 410, 402, 900,
         ];
 
-        let mut result = PolynomialRingElement::<SIMDUnit>::ZERO();
-        deserialize::<SIMDUnit>(&serialized, &mut result);
-        assert_eq!(result.to_i32_array(), expected_coefficients);
+        assert_eq!(
+            deserialize::<SIMDUnit>(&serialized).to_i32_array(),
+            expected_coefficients
+        );
     }
 
     #[cfg(not(feature = "simd256"))]

diff --git a/libcrux-ml-dsa/src/encoding/verification_key.rs b/libcrux-ml-dsa/src/encoding/verification_key.rs
@@ -21,7 +21,7 @@ pub(crate) fn generate_serialized<
     for (i, ring_element) in t1.iter().enumerate() {
         let offset = SEED_FOR_A_SIZE + (i * RING_ELEMENT_OF_T1S_SIZE);
         verification_key_serialized[offset..offset + RING_ELEMENT_OF_T1S_SIZE]
-            .copy_from_slice(&t1::serialize::<SIMDUnit>(ring_element));
+            .copy_from_slice(&t1::serialize::<SIMDUnit>(*ring_element));
     }
 
     verification_key_serialized
@@ -39,14 +39,12 @@ pub(crate) fn deserialize<
     [u8; SEED_FOR_A_SIZE],
     [PolynomialRingElement<SIMDUnit>; ROWS_IN_A],
 ) {
-    // This may be ok to do here because it's only used in one place where we'd need to "allocate".
     let mut t1 = [PolynomialRingElement::<SIMDUnit>::ZERO(); ROWS_IN_A];
     let (seed_for_A, serialized_remaining) = serialized.split_at(SEED_FOR_A_SIZE);
 
     for i in 0..ROWS_IN_A {
-        t1::deserialize::<SIMDUnit>(
+        t1[i] = t1::deserialize::<SIMDUnit>(
             &serialized_remaining[i * RING_ELEMENT_OF_T1S_SIZE..(i + 1) * RING_ELEMENT_OF_T1S_SIZE],
-            &mut t1[i],
         );
     }
 

diff --git a/libcrux-ml-dsa/src/matrix.rs b/libcrux-ml-dsa/src/matrix.rs
@@ -114,25 +114,28 @@ pub(crate) fn compute_w_approx<
     const COLUMNS_IN_A: usize,
 >(
     A_as_ntt: &[[PolynomialRingElement<SIMDUnit>; COLUMNS_IN_A]; ROWS_IN_A],
-    signer_response: &[PolynomialRingElement<SIMDUnit>; COLUMNS_IN_A],
-    verifier_challenge_as_ntt: &PolynomialRingElement<SIMDUnit>,
-    t1: &mut [PolynomialRingElement<SIMDUnit>; ROWS_IN_A],
-) {
+    signer_response: [PolynomialRingElement<SIMDUnit>; COLUMNS_IN_A],
+    verifier_challenge_as_ntt: PolynomialRingElement<SIMDUnit>,
+    t1: [PolynomialRingElement<SIMDUnit>; ROWS_IN_A],
+) -> [PolynomialRingElement<SIMDUnit>; ROWS_IN_A] {
+    let mut result = [PolynomialRingElement::<SIMDUnit>::ZERO(); ROWS_IN_A];
+
     for (i, row) in A_as_ntt.iter().enumerate() {
-        let mut tmp = PolynomialRingElement::<SIMDUnit>::ZERO();
         for (j, ring_element) in row.iter().enumerate() {
             let product = ntt_multiply_montgomery(&ring_element, &ntt(signer_response[j]));
 
-            tmp = PolynomialRingElement::<SIMDUnit>::add(&tmp, &product);
+            result[i] = PolynomialRingElement::<SIMDUnit>::add(&result[i], &product);
         }
 
         let t1_shifted =
             shift_left_then_reduce::<SIMDUnit, { BITS_IN_LOWER_PART_OF_T as i32 }>(t1[i]);
         let challenge_times_t1_shifted =
             ntt_multiply_montgomery(&verifier_challenge_as_ntt, &ntt(t1_shifted));
-        t1[i] = invert_ntt_montgomery(PolynomialRingElement::<SIMDUnit>::subtract(
-            &t1[i],
+        result[i] = invert_ntt_montgomery(PolynomialRingElement::<SIMDUnit>::subtract(
+            &result[i],
             &challenge_times_t1_shifted,
         ));
     }
+
+    result
 }