Replacing math/rand by crypto/rand.

cloudflare · Jun 29, 2021 · cd24567 · cd24567
1 parent 9bbb98f
commit cd24567
Show file tree

Hide file tree

Showing 7 changed files with 50 additions and 23 deletions.
diff --git a/pke/kyber/internal/common/field_test.go b/pke/kyber/internal/common/field_test.go
@@ -1,8 +1,9 @@
 package common
 
 import (
+	"crypto/rand"
+	"encoding/binary"
 	"flag"
-	mathRand "math/rand"
 	"testing"
 )
 
@@ -36,8 +37,14 @@ func TestBarrettReduceFull(t *testing.T) {
 }
 
 func TestMontReduce(t *testing.T) {
-	for i := 0; i < 1000; i++ {
-		x := mathRand.Int31n(int32(Q)*(1<<16)) - int32(Q)*(1<<15)
+	N := 1000
+	pp := make([]uint8, 4*N)
+	_, _ = rand.Read(pp)
+	max := int32(Q) * (1 << 16)
+	mid := int32(Q) * (1 << 15)
+	for i := 0; i < N; i++ {
+		r := int32(binary.LittleEndian.Uint32(pp[4*i:]))
+		x := (r % max) - mid
 		y := montReduce(x)
 		if modQ32(x) != modQ32(int32(y)*(1<<16)) {
 			t.Fatalf("%d", x)

diff --git a/pke/kyber/internal/common/ntt_test.go b/pke/kyber/internal/common/ntt_test.go
@@ -1,7 +1,8 @@
 package common
 
 import (
-	mathRand "math/rand"
+	"crypto/rand"
+	"encoding/binary"
 	"testing"
 )
 
@@ -34,14 +35,20 @@ func BenchmarkInvNTTGeneric(b *testing.B) {
 }
 
 func (p *Poly) Rand() {
+	pp := make([]uint8, 4*N)
+	_, _ = rand.Read(pp)
+	max := uint32(Q)
 	for i := 0; i < N; i++ {
-		p[i] = int16(mathRand.Intn(int(Q)))
+		p[i] = int16(binary.LittleEndian.Uint32(pp[4*i:]) % max)
 	}
 }
 
 func (p *Poly) RandAbsLeQ() {
+	pp := make([]uint8, 4*N)
+	_, _ = rand.Read(pp)
+	max := 2 * uint32(Q)
 	for i := 0; i < N; i++ {
-		p[i] = int16(mathRand.Intn(int(2*Q))) - Q
+		p[i] = int16(int32(binary.LittleEndian.Uint32(pp[4*i:])%max) - int32(Q))
 	}
 }
 

diff --git a/pke/kyber/internal/common/poly_test.go b/pke/kyber/internal/common/poly_test.go
@@ -1,15 +1,18 @@
 package common
 
 import (
-	cryptoRand "crypto/rand"
+	"crypto/rand"
+	"encoding/binary"
 	"fmt"
-	mathRand "math/rand"
 	"testing"
 )
 
 func (p *Poly) RandAbsLe9Q() {
+	pp := make([]uint8, 4*N)
+	_, _ = rand.Read(pp)
+	max := 9 * int32(Q)
 	for i := 0; i < N; i++ {
-		p[i] = int16(mathRand.Intn(18*int(Q) - 9*int(Q)))
+		p[i] = int16(int32(binary.LittleEndian.Uint32(pp[4*i:])) % max)
 	}
 }
 
@@ -26,7 +29,7 @@ func TestDecompressMessage(t *testing.T) {
 	var m, m2 [PlaintextSize]byte
 	var p Poly
 	for i := 0; i < 1000; i++ {
-		_, _ = cryptoRand.Read(m[:])
+		_, _ = rand.Read(m[:])
 		p.DecompressMessage(m[:])
 		p.CompressMessageTo(m2[:])
 		if m != m2 {

diff --git a/sign/dilithium/internal/common/field_test.go b/sign/dilithium/internal/common/field_test.go
@@ -1,16 +1,23 @@
 package common
 
 import (
+	"crypto/rand"
+	"encoding/binary"
 	"flag"
-	"math/rand"
 	"testing"
 )
 
 var runVeryLongTest = flag.Bool("very-long", false, "runs very long tests")
 
+func randUint32() uint32 {
+	x := (&[4]byte{})[:]
+	_, _ = rand.Read(x)
+	return binary.LittleEndian.Uint32(x)
+}
+
 func TestModQ(t *testing.T) {
 	for i := 0; i < 1000; i++ {
-		x := rand.Uint32()
+		x := randUint32()
 		y := modQ(x)
 		if y > Q {
 			t.Fatalf("modQ(%d) > Q", x)
@@ -23,7 +30,7 @@ func TestModQ(t *testing.T) {
 
 func TestReduceLe2Q(t *testing.T) {
 	for i := 0; i < 1000; i++ {
-		x := rand.Uint32()
+		x := randUint32()
 		y := reduceLe2Q(x)
 		if y > 2*Q {
 			t.Fatalf("reduce_le2q(%d) > 2Q", x)

diff --git a/sign/dilithium/internal/common/ntt_test.go b/sign/dilithium/internal/common/ntt_test.go
@@ -1,13 +1,16 @@
 package common
 
 import (
-	"math/rand"
+	"crypto/rand"
+	"encoding/binary"
 	"testing"
 )
 
 func (p *Poly) RandLe2Q() {
+	pp := make([]uint8, 4*N)
+	_, _ = rand.Read(pp)
 	for i := uint(0); i < N; i++ {
-		p[i] = uint32(rand.Intn(int(2 * Q)))
+		p[i] = binary.LittleEndian.Uint32(pp[4*i:]) % (2 * Q)
 	}
 }
 

diff --git a/sign/dilithium/internal/common/pack_test.go b/sign/dilithium/internal/common/pack_test.go
@@ -1,16 +1,19 @@
 package common
 
 import (
-	"math/rand"
+	"crypto/rand"
 	"testing"
 )
 
 func TestPackLe16AgainstGeneric(t *testing.T) {
 	var p Poly
 	var buf1, buf2 [PolyLe16Size]byte
+	pp := make([]byte, 256)
+
 	for j := 0; j < 1000; j++ {
+		_, _ = rand.Read(pp)
 		for i := 0; i < 256; i++ {
-			p[i] = uint32(rand.Intn(16))
+			p[i] = uint32(pp[i] & 0xF)
 		}
 		p.PackLe16(buf1[:])
 		p.packLe16Generic(buf2[:])

diff --git a/sign/dilithium/internal/common/poly_test.go b/sign/dilithium/internal/common/poly_test.go
@@ -1,9 +1,6 @@
 package common
 
-import (
-	"math/rand"
-	"testing"
-)
+import "testing"
 
 func TestExceeds(t *testing.T) {
 	for i := 0; i < N; i++ {
@@ -117,7 +114,7 @@ func TestReduceLe2QAgainstGeneric(t *testing.T) {
 	for k := 0; k < 1000; k++ {
 		var a Poly
 		for j := 0; j < N; j++ {
-			a[j] = rand.Uint32()
+			a[j] = randUint32()
 		}
 		p1 := a
 		p2 := a
@@ -133,7 +130,7 @@ func TestNormalizeAgainstGeneric(t *testing.T) {
 	for k := 0; k < 1000; k++ {
 		var a Poly
 		for j := 0; j < N; j++ {
-			a[j] = rand.Uint32()
+			a[j] = randUint32()
 		}
 		p1 := a
 		p2 := a