feat: RngCore on RpoRandomCoin

0xPolygonMiden · Mar 21, 2024 · b60807b · b60807b
1 parent d7b5170
commit b60807b
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 12 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -52,6 +52,7 @@ getrandom = { version = "0.2", features = ["js"] }
 num = { version = "0.4", default-features = false, features = ["alloc", "libm"] }
 num-complex = { version = "0.4.4", default-features = false }
 rand = { version = "0.8", default-features = false }
+rand_core = { version = "0.6", default-features = false }
 rand-utils = { version = "0.8", package = "winter-rand-utils", optional = true }
 serde = { version = "1.0", default-features = false, optional = true, features = ["derive"] }
 sha3 = { version = "0.10", default-features = false }

diff --git a/src/dsa/rpo_falcon512/keys/mod.rs b/src/dsa/rpo_falcon512/keys/mod.rs
@@ -13,16 +13,19 @@ pub use secret_key::SecretKey;
 // TESTS
 // ================================================================================================
 
-#[cfg(all(test, feature = "std"))]
+#[cfg(test)]
 mod tests {
-    use super::{Felt, SecretKey, Word};
-    use rand::rngs::OsRng;
+    use crate::{dsa::rpo_falcon512::SecretKey, rand::RpoRandomCoin, Word, ONE, ZERO};
+    use winter_math::FieldElement;
     use winter_utils::{Deserializable, Serializable};
 
     #[test]
     fn test_falcon_verification() {
+        let seed = [ZERO; 4];
+        let mut rng = RpoRandomCoin::new(seed);
+
         // generate random keys
-        let sk = SecretKey::new();
+        let sk = SecretKey::with_rng(&mut rng);
         let pk = sk.public_key();
 
         // test secret key serialization/deserialization
@@ -31,17 +34,14 @@ mod tests {
         let sk = SecretKey::read_from_bytes(&buffer).unwrap();
 
         // sign a random message
-        let message: Word =
-            rand_utils::rand_vector::<Felt>(4).try_into().expect("Should not fail.");
-        let mut rng = OsRng;
+        let message: Word = [ONE; 4];
         let signature = sk.sign(message, &mut rng);
 
         // make sure the signature verifies correctly
         assert!(pk.verify(message, &signature));
 
         // a signature should not verify against a wrong message
-        let message2: Word =
-            rand_utils::rand_vector::<Felt>(4).try_into().expect("Should not fail.");
+        let message2: Word = [ONE.double(); 4];
         assert!(!pk.verify(message2, &signature));
 
         // a signature should not verify against a wrong public key

diff --git a/src/dsa/rpo_falcon512/signature.rs b/src/dsa/rpo_falcon512/signature.rs
@@ -134,15 +134,15 @@ pub struct SignatureHeader(u8);
 impl Default for SignatureHeader {
     /// According to section 3.11.3 in the specification [1],  the signature header has the format
     /// `0 c c 1 n n n n` where:
-    /// 
+    ///
     /// 1. `c c` signifies the encoding method. `0 1` denotes using the compression encoding method
     /// and `1 0` denotes encoding using the uncompressed method.
     /// 2. `n n n n` encodes `LOG_N`.
-    /// 
+    ///
     /// For RPO Falcon 512 we use compression encoding and N = 512. Moreover, to differentiate the
     /// RPO Falcon variant from the reference variant using SHAKE256, we flip the first bit in the
     /// header. Thus, for RPO Falcon 512 the header is `1 0 1 1 1 0 0 1`
-    /// 
+    ///
     /// [1]: https://falcon-sign.info/falcon.pdf
     fn default() -> Self {
         Self(0b1011_1001)

diff --git a/src/rand/rpo.rs b/src/rand/rpo.rs
@@ -4,6 +4,8 @@ use crate::{
     utils::{ByteReader, ByteWriter, Deserializable, DeserializationError, Serializable},
 };
 use alloc::{string::ToString, vec::Vec};
+use rand::RngCore;
+use rand_core::impls;
 
 // CONSTANTS
 // ================================================================================================
@@ -183,6 +185,28 @@ impl FeltRng for RpoRandomCoin {
     }
 }
 
+// RNGCORE IMPLEMENTATION
+// ------------------------------------------------------------------------------------------------
+
+impl RngCore for RpoRandomCoin {
+    fn next_u32(&mut self) -> u32 {
+        self.draw_basefield().as_int() as u32
+    }
+
+    fn next_u64(&mut self) -> u64 {
+        impls::next_u64_via_u32(self)
+    }
+
+    fn fill_bytes(&mut self, dest: &mut [u8]) {
+        impls::fill_bytes_via_next(self, dest)
+    }
+
+    fn try_fill_bytes(&mut self, dest: &mut [u8]) -> Result<(), rand::Error> {
+        self.fill_bytes(dest);
+        Ok(())
+    }
+}
+
 // SERIALIZATION
 // ------------------------------------------------------------------------------------------------