diff --git a/src/math.rs b/src/math.rs index b63bfe0..37ecc96 100644 --- a/src/math.rs +++ b/src/math.rs @@ -1,4 +1,4 @@ -use crate::params::{o_bytes, Level}; +use crate::params::{k, m, n, o, Level}; use std::ops::{Add, Neg}; #[derive(Debug, Clone, Copy)] @@ -217,6 +217,14 @@ pub fn encode_vec(vec: Mat) -> [u8; (R + 1) / 2] { out } +pub fn sample_solution( + mat: Mat<{ m(L) }, { k(L) * o(L) }>, + y: Mat<{ m(L) }, 1>, + r: Mat<{ k(L) * o(L) }, 1>, +) -> Mat<{ n(L) }, 1> { + todo!() +} + // pub struct FullMat([[u8; C]; R]); // // pub const fn tpn(n: usize) -> usize { diff --git a/src/mayo.rs b/src/mayo.rs index a2f16fd..d839db5 100644 --- a/src/mayo.rs +++ b/src/mayo.rs @@ -1,17 +1,17 @@ use crate::math::{ - decode_matrices, decode_matrix, decode_vec, encode_matrices, encode_vec, upper, Mat, + decode_matrices, decode_matrix, decode_vec, encode_matrices, encode_vec, sample_solution, + upper, Mat, }; use crate::params::Level; use crate::params::{ - digest_bytes, k, l_bytes, m, n, o, o_bytes, p1_bytes, p2_bytes, p3_bytes, pk_seed_bytes, poly, - q, salt_bytes, v_bytes, + digest_bytes, k, l_bytes, m, n, o, o_bytes, p1_bytes, p2_bytes, p3_bytes, pk_seed_bytes, + polymat, salt_bytes, v_bytes, }; use crate::sig::{KeyGen, Signer, Verifier}; use crate::sym::{aes_128_ctr, shake_256}; use rand::rngs::OsRng; use rand::RngCore; use rayon::prelude::*; -use tiny_keccak::{Hasher, Shake}; #[derive(Debug)] pub struct SigningKey([u8; salt_bytes(L)], VerifyKey) @@ -226,22 +226,26 @@ where } } l += 1; - el = el.mul_right(E_mat(L)); + el = el.mul_right(Mat(polymat())); } } - let x = sample_solution(A, t, r); + let x = sample_solution(A.tp(), t, r).tp(); - let s = Mat([[0; k(L) * n(L)]; 1]); + let mut s = Mat([[0; k(L) * n(L)]; 1]); for i in 0..(k(L)) { - s.0[0][(i * n(L))..((i + 1) * n(L) - o(L))].copy_from_slice( - &(vv[i] + (om.mul_right(Mat([x.0[(i * o(L))..((i + 1) * o(L))]; 1]).tp()))).0[0], - ); + let x_inner = &x.0[0][(i * o(L))..((i + 1) * o(L))]; + let mut xi = [0; o(L)]; + for i in 0..o(L) { + xi[i] = x_inner[i]; + } + s.0[0][(i * n(L))..((i + 1) * n(L) - o(L))] + .copy_from_slice(&(vv[i] + (om.mul_right(Mat([xi; 1]).tp()))).0[0]); s.0[0][((i + 1) * n(L) - o(L))..((i + 1) * n(L))] - .copy_from_slice(&x.0[(i * o(L))..((i + 1) * o(L))]); + .copy_from_slice(&x.0[0][(i * o(L))..((i + 1) * o(L))]); } - let sig = encode_vec::<{ k(L) * n(L) }>(s.tp()).to_vec(); + let mut sig = encode_vec::<{ k(L) * n(L) }>(s.tp()).to_vec(); for i in salt { sig.push(i); diff --git a/src/params.rs b/src/params.rs index 3326b7c..81534e9 100644 --- a/src/params.rs +++ b/src/params.rs @@ -74,11 +74,26 @@ pub const fn poly(level: Level) -> usize { match level { Level::MAYO1 => 64, Level::MAYO2 => 64, - Level::MAYO3 => 64, + Level::MAYO3 => 96, Level::MAYO5 => 128, } } +pub const fn polymat() -> [[u8; m(L)]; m(L)] { + match poly(L) { + 64 => { + todo!() + } + 96 => { + todo!() + } + 128 => { + todo!() + } + _ => unimplemented!(), + } +} + pub const fn v_bytes(level: Level) -> usize { (n(level) - o(level) + 1) / 2 } diff --git a/src/sym.rs b/src/sym.rs index 1317809..a3130d5 100644 --- a/src/sym.rs +++ b/src/sym.rs @@ -2,8 +2,8 @@ use crypto::aes::{self, KeySize}; use tiny_keccak::{Hasher, Shake}; pub fn aes_128_ctr(seed: &[u8], l: usize) -> Vec { - let mut nonce = [0u8; 16]; - let mut cipher = aes::ctr(KeySize::KeySize128, &seed, &nonce); + let nonce = [0u8; 16]; + let mut cipher = aes::ctr(KeySize::KeySize128, seed, &nonce); let enc = vec![0u8; l]; let mut out = vec![0u8; l]; cipher.process(&enc, &mut out[..]);