style(kyberlib): 🎨 minor style tweaks and formatting

sebastienrousseau · May 9, 2024 · 5c9797c · 5c9797c
1 parent c32f576
commit 5c9797c
Show file tree

Hide file tree

Showing 11 changed files with 119 additions and 107 deletions.
diff --git a/src/api.rs b/src/api.rs
@@ -310,11 +310,11 @@ pub fn derive(seed: &[u8]) -> Result<Keypair, KyberLibError> {
 ///
 /// Returns the public key as a `PublicKey`.
 pub fn public(sk: &[u8]) -> PublicKey {
-    let mut pk = [0u8; KYBER_INDCPA_PUBLICKEYBYTES];
+    let mut pk = [0u8; KYBER_INDCPA_PUBLIC_KEY_BYTES];
     pk.copy_from_slice(
-        &sk[KYBER_INDCPA_SECRETKEYBYTES
-            ..KYBER_INDCPA_SECRETKEYBYTES
-                + KYBER_INDCPA_PUBLICKEYBYTES],
+        &sk[KYBER_INDCPA_SECRET_KEY_BYTES
+            ..KYBER_INDCPA_SECRET_KEY_BYTES
+                + KYBER_INDCPA_PUBLIC_KEY_BYTES],
     );
     pk
 }
diff --git a/src/avx2/indcpa.rs b/src/avx2/indcpa.rs
@@ -14,9 +14,9 @@ use crate::{
 ///  const poly *pk:  the input public-key polynomial
 ///  const [u8] seed: the input public seed
 fn pack_pk(r: &mut [u8], pk: &mut Polyvec, seed: &[u8]) {
-    const END: usize = KYBER_SYM_BYTES + KYBER_POLYVECBYTES;
+    const END: usize = KYBER_SYM_BYTES + KYBER_POLYVEC_BYTES;
     polyvec_tobytes(r, pk);
-    r[KYBER_POLYVECBYTES..END]
+    r[KYBER_POLYVEC_BYTES..END]
         .copy_from_slice(&seed[..KYBER_SYM_BYTES]);
 }
 
@@ -29,10 +29,10 @@ fn pack_pk(r: &mut [u8], pk: &mut Polyvec, seed: &[u8]) {
 ///  - [u8] seed:   output seed to generate matrix A
 ///  - const [u8] packedpk: input serialized public key
 fn unpack_pk(pk: &mut Polyvec, seed: &mut [u8], packedpk: &[u8]) {
-    const END: usize = KYBER_SYM_BYTES + KYBER_POLYVECBYTES;
+    const END: usize = KYBER_SYM_BYTES + KYBER_POLYVEC_BYTES;
     polyvec_frombytes(pk, packedpk);
     seed[..KYBER_SYM_BYTES]
-        .copy_from_slice(&packedpk[KYBER_POLYVECBYTES..END]);
+        .copy_from_slice(&packedpk[KYBER_POLYVEC_BYTES..END]);
 }
 
 /// Name:  pack_sk
@@ -66,7 +66,7 @@ fn unpack_sk(sk: &mut Polyvec, packedsk: &[u8]) {
 ///  const [u8] seed: the input polynomial v
 fn pack_ciphertext(r: &mut [u8], b: &mut Polyvec, v: Poly) {
     polyvec_compress(r, *b);
-    poly_compress(&mut r[KYBER_POLYVECCOMPRESSEDBYTES..], v);
+    poly_compress(&mut r[KYBER_POLYVEC_COMPRESSED_BYTES..], v);
 }
 
 /// Name:  unpack_ciphertext
@@ -79,7 +79,7 @@ fn pack_ciphertext(r: &mut [u8], b: &mut Polyvec, v: Poly) {
 ///  - const [u8] c:   input serialized ciphertext
 fn unpack_ciphertext(b: &mut Polyvec, v: &mut Poly, c: &[u8]) {
     polyvec_decompress(b, c);
-    poly_decompress(v, &c[KYBER_POLYVECCOMPRESSEDBYTES..]);
+    poly_decompress(v, &c[KYBER_POLYVEC_COMPRESSED_BYTES..]);
 }
 
 /// Name:  rej_uniform
@@ -190,8 +190,8 @@ fn gen_matrix(a: &mut [Polyvec], seed: &[u8], transposed: bool) {
 // Description: Generates public and private key for the CPA-secure
 //  public-key encryption scheme underlying Kyber
 //
-// Arguments: - [u8] pk: output public key (length KYBER_INDCPA_PUBLICKEYBYTES)
-//  - [u8] sk: output private key (length KYBER_INDCPA_SECRETKEYBYTES)
+// Arguments: - [u8] pk: output public key (length KYBER_INDCPA_PUBLIC_KEY_BYTES)
+//  - [u8] sk: output private key (length KYBER_INDCPA_SECRET_KEY_BYTES)
 pub(crate) fn indcpa_keypair<R>(
     pk: &mut [u8],
     sk: &mut [u8],
@@ -257,7 +257,7 @@ where
 ///
 /// Arguments: - [u8] c:  output ciphertext (length KYBER_INDCPA_BYTES)
 ///  - const [u8] m:  input message (length KYBER_SYM_BYTES)
-///  - const [u8] pk:   input public key (length KYBER_INDCPA_PUBLICKEYBYTES)
+///  - const [u8] pk:   input public key (length KYBER_INDCPA_PUBLIC_KEY_BYTES)
 ///  - const [u8] coin: input random coins used as seed (length KYBER_SYM_BYTES)
 ///      to deterministically generate all randomness
 pub(crate) fn indcpa_enc(
@@ -325,7 +325,7 @@ pub(crate) fn indcpa_enc(
 ///
 /// Arguments:   - [u8] m:  output decrypted message (of length KYBER_SYM_BYTES)
 ///  - const [u8] c:  input ciphertext (of length KYBER_INDCPA_BYTES)
-///  - const [u8] sk: input secret key (of length KYBER_INDCPA_SECRETKEYBYTES)
+///  - const [u8] sk: input secret key (of length KYBER_INDCPA_SECRET_KEY_BYTES)
 pub(crate) fn indcpa_dec(m: &mut [u8], c: &[u8], sk: &[u8]) {
     let (mut b, mut skpv) = (Polyvec::new(), Polyvec::new());
     let (mut v, mut mp) = (Poly::new(), Poly::new());

diff --git a/src/avx2/poly.rs b/src/avx2/poly.rs
@@ -193,11 +193,11 @@ pub fn poly_frombytes(r: &mut Poly, a: &[u8]) {
 }
 
 pub fn poly_tobytes(r: &mut [u8], a: Poly) {
-    let mut buf = [0u8; KYBER_POLYBYTES];
+    let mut buf = [0u8; KYBER_POLY_BYTES];
     unsafe {
         ntttobytes_avx(buf.as_mut_ptr(), &a.coeffs, &QDATA.coeffs);
     }
-    r[..KYBER_POLYBYTES].copy_from_slice(&buf[..]);
+    r[..KYBER_POLY_BYTES].copy_from_slice(&buf[..]);
 }
 
 pub unsafe fn poly_frommsg(r: &mut Poly, msg: &[u8]) {

diff --git a/src/avx2/polyvec.rs b/src/avx2/polyvec.rs
@@ -190,13 +190,13 @@ pub unsafe fn polyvec_decompress(r: &mut Polyvec, a: &[u8]) {
 
 pub fn polyvec_tobytes(r: &mut [u8], a: &Polyvec) {
     for i in 0..KYBER_SECURITY_PARAMETER {
-        poly_tobytes(&mut r[i * KYBER_POLYBYTES..], a.vec[i]);
+        poly_tobytes(&mut r[i * KYBER_POLY_BYTES..], a.vec[i]);
     }
 }
 
 pub unsafe fn polyvec_frombytes(r: &mut Polyvec, a: &[u8]) {
     for i in 0..KYBER_SECURITY_PARAMETER {
-        poly_frombytes(&mut r.vec[i], &a[i * KYBER_POLYBYTES..]);
+        poly_frombytes(&mut r.vec[i], &a[i * KYBER_POLY_BYTES..]);
     }
 }
 

diff --git a/src/kem.rs b/src/kem.rs
@@ -32,12 +32,12 @@ where
         KYBER_SECRET_KEY_BYTES - (2 * KYBER_SYM_BYTES);
     const SK_START: usize = KYBER_SECRET_KEY_BYTES - KYBER_SYM_BYTES;
     const END: usize =
-        KYBER_INDCPA_PUBLICKEYBYTES + KYBER_INDCPA_SECRETKEYBYTES;
+        KYBER_INDCPA_PUBLIC_KEY_BYTES + KYBER_INDCPA_SECRET_KEY_BYTES;
 
     indcpa_keypair(pk, sk, _seed, _rng)?;
 
-    sk[KYBER_INDCPA_SECRETKEYBYTES..END]
-        .copy_from_slice(&pk[..KYBER_INDCPA_PUBLICKEYBYTES]);
+    sk[KYBER_INDCPA_SECRET_KEY_BYTES..END]
+        .copy_from_slice(&pk[..KYBER_INDCPA_PUBLIC_KEY_BYTES]);
     hash_h(&mut sk[PK_START..], pk, KYBER_PUBLIC_KEY_BYTES);
 
     if let Some(s) = _seed {
@@ -115,11 +115,11 @@ pub fn decrypt_message(ss: &mut [u8], ct: &[u8], sk: &[u8]) {
     let mut buf = [0u8; 2 * KYBER_SYM_BYTES];
     let mut kr = [0u8; 2 * KYBER_SYM_BYTES];
     let mut cmp = [0u8; KYBER_CIPHERTEXT_BYTES];
-    let mut pk = [0u8; KYBER_INDCPA_PUBLICKEYBYTES];
+    let mut pk = [0u8; KYBER_INDCPA_PUBLIC_KEY_BYTES];
 
     pk.copy_from_slice(
-        &sk[KYBER_INDCPA_SECRETKEYBYTES..]
-            [..KYBER_INDCPA_PUBLICKEYBYTES],
+        &sk[KYBER_INDCPA_SECRET_KEY_BYTES..]
+            [..KYBER_INDCPA_PUBLIC_KEY_BYTES],
     );
 
     indcpa_dec(&mut buf, ct, sk);

diff --git a/src/lib.rs b/src/lib.rs
@@ -170,7 +170,7 @@ use reference::*;
 
 #[cfg(any(not(target_arch = "x86_64"), not(feature = "avx2")))]
 #[cfg(feature = "hazmat")]
-use reference::indcpa;
+pub use reference::indcpa;
 
 #[cfg(feature = "wasm")]
 /// WebAssembly bindings for the KyberLib library.

diff --git a/src/params.rs b/src/params.rs
@@ -23,29 +23,32 @@ pub const KYBER_ETA1: usize =
 /// - It determines the noise distribution's width in the encryption process.
 pub const KYBER_ETA2: usize = 2;
 
+// Size of the hashes and seeds
+pub const KYBER_SYM_BYTES: usize = 32;
+
 /// The parameter N, representing the degree of the polynomial used in Kyber.
 ///
 /// - This constant is a fundamental part of the scheme's structure.
 pub const KYBER_N: usize = 256;
 
 /// The size in bytes of the polynomials used in Kyber, derived from the parameter N.
-pub const KYBER_POLYBYTES: usize = 384;
+pub const KYBER_POLY_BYTES: usize = 384;
 
 /// Compressed byte size of the polynomial for Kyber variants except Kyber1024.
 ///
 /// - Determines how data is compacted when not using Kyber1024.
 #[cfg(not(feature = "kyber1024"))]
-pub const KYBER_POLYCOMPRESSEDBYTES: usize = 128;
+pub const KYBER_POLY_COMPRESSED_BYTES: usize = 128;
 
-/// The byte size of the vector of polynomials in Kyber, calculated from the security parameter and KYBER_POLYBYTES.
-pub const KYBER_POLYVECBYTES: usize =
-    KYBER_SECURITY_PARAMETER * KYBER_POLYBYTES;
+/// The byte size of the vector of polynomials in Kyber, calculated from the security parameter and KYBER_POLY_BYTES.
+pub const KYBER_POLYVEC_BYTES: usize =
+    KYBER_SECURITY_PARAMETER * KYBER_POLY_BYTES;
 
 /// Compressed byte size of the polynomial vector for Kyber variants except Kyber1024.
 ///
 /// - This setting affects data compression in non-Kyber1024 configurations.
 #[cfg(not(feature = "kyber1024"))]
-pub const KYBER_POLYVECCOMPRESSEDBYTES: usize =
+pub const KYBER_POLYVEC_COMPRESSED_BYTES: usize =
     KYBER_SECURITY_PARAMETER * 320;
 
 /// The modulus Q used in the Kyber scheme.
@@ -57,8 +60,8 @@ pub const KYBER_Q: usize = 3329;
 ///
 /// - It is computed as the sum of IND-CPA secret key and public key sizes, along with twice the size of symmetric keys.
 /// - This size is crucial for memory allocation during key generation and storage.
-pub const KYBER_SECRET_KEY_BYTES: usize = KYBER_INDCPA_SECRETKEYBYTES
-    + KYBER_INDCPA_PUBLICKEYBYTES
+pub const KYBER_SECRET_KEY_BYTES: usize = KYBER_INDCPA_SECRET_KEY_BYTES
+    + KYBER_INDCPA_PUBLIC_KEY_BYTES
     + 2 * KYBER_SYM_BYTES;
 
 /// The security parameter for Kyber, affecting the overall security level.
@@ -84,45 +87,40 @@ pub const KYBER_SECURITY_PARAMETER: usize =
 /// - This size is pivotal for ensuring the security and efficiency of the cryptographic process.
 pub const KYBER_SHARED_SECRET_BYTES: usize = 32;
 
-/// The size in bytes of symmetric keys, hash values, and RNG seeds in Kyber.
-///
-/// - This constant is critical for maintaining the integrity and compatibility of cryptographic operations within the scheme.
-pub const KYBER_SYM_BYTES: usize = 32;
-
 /// Compressed byte size of the polynomial for Kyber1024.
 ///
 /// - It determines the efficiency of data compression in Kyber1024.
 #[cfg(feature = "kyber1024")]
-pub const KYBER_POLYCOMPRESSEDBYTES: usize = 160;
+pub const KYBER_POLY_COMPRESSED_BYTES: usize = 160;
 
 /// Compressed byte size of the polynomial vector for Kyber1024.
 ///
 /// - Affects how polynomial vector data is compressed in the Kyber1024 variant.
 #[cfg(feature = "kyber1024")]
-pub const KYBER_POLYVECCOMPRESSEDBYTES: usize =
+pub const KYBER_POLYVEC_COMPRESSED_BYTES: usize =
     KYBER_SECURITY_PARAMETER * 352;
 
 /// Byte size of the IND-CPA public key in Kyber.
 ///
 /// - This constant is used to allocate memory for storing and transmitting public keys.
-pub const KYBER_INDCPA_PUBLICKEYBYTES: usize =
-    KYBER_POLYVECBYTES + KYBER_SYM_BYTES;
+pub const KYBER_INDCPA_PUBLIC_KEY_BYTES: usize =
+    KYBER_POLYVEC_BYTES + KYBER_SYM_BYTES;
 
 /// Byte size of the IND-CPA secret key in Kyber.
 ///
 /// - This size is essential for understanding the memory requirements for secure key storage.
-pub const KYBER_INDCPA_SECRETKEYBYTES: usize = KYBER_POLYVECBYTES;
+pub const KYBER_INDCPA_SECRET_KEY_BYTES: usize = KYBER_POLYVEC_BYTES;
 
 /// Total byte size of the IND-CPA data in Kyber.
 ///
 /// - It includes the sizes of compressed polynomial vectors and compressed polynomials.
 pub const KYBER_INDCPA_BYTES: usize =
-    KYBER_POLYVECCOMPRESSEDBYTES + KYBER_POLYCOMPRESSEDBYTES;
+    KYBER_POLYVEC_COMPRESSED_BYTES + KYBER_POLY_COMPRESSED_BYTES;
 
 /// Size in bytes of a public key in Kyber KEM.
 ///
 /// - This size is vital for memory allocation when handling public keys.
-pub const KYBER_PUBLIC_KEY_BYTES: usize = KYBER_INDCPA_PUBLICKEYBYTES;
+pub const KYBER_PUBLIC_KEY_BYTES: usize = KYBER_INDCPA_PUBLIC_KEY_BYTES;
 
 /// Size in bytes of a ciphertext in Kyber KEM.
 ///

diff --git a/src/reference/indcpa.rs b/src/reference/indcpa.rs
@@ -4,6 +4,13 @@ use crate::{
     KyberLibError, RngCore,
 };
 
+#[cfg(feature = "hazmat")]
+/// This module provides public constants related to the Kyber IND-CPA scheme.
+pub use crate::params::{
+    KYBER_INDCPA_BYTES, KYBER_INDCPA_PUBLIC_KEY_BYTES,
+    KYBER_INDCPA_SECRET_KEY_BYTES,
+};
+
 /// Name:  pack_pk
 ///
 /// Description: Serialize the public key as concatenation of the
@@ -14,9 +21,9 @@ use crate::{
 ///  const poly *pk:  the input public-key polynomial
 ///  const [u8] seed: the input public seed
 fn pack_pk(r: &mut [u8], pk: &mut Polyvec, seed: &[u8]) {
-    const END: usize = KYBER_SYM_BYTES + KYBER_POLYVECBYTES;
+    const END: usize = KYBER_SYM_BYTES + KYBER_POLYVEC_BYTES;
     polyvec_tobytes(r, pk);
-    r[KYBER_POLYVECBYTES..END]
+    r[KYBER_POLYVEC_BYTES..END]
         .copy_from_slice(&seed[..KYBER_SYM_BYTES]);
 }
 
@@ -29,10 +36,10 @@ fn pack_pk(r: &mut [u8], pk: &mut Polyvec, seed: &[u8]) {
 ///  - [u8] seed:   output seed to generate matrix A
 ///  - const [u8] packedpk: input serialized public key
 fn unpack_pk(pk: &mut Polyvec, seed: &mut [u8], packedpk: &[u8]) {
-    const END: usize = KYBER_SYM_BYTES + KYBER_POLYVECBYTES;
+    const END: usize = KYBER_SYM_BYTES + KYBER_POLYVEC_BYTES;
     polyvec_frombytes(pk, packedpk);
     seed[..KYBER_SYM_BYTES]
-        .copy_from_slice(&packedpk[KYBER_POLYVECBYTES..END]);
+        .copy_from_slice(&packedpk[KYBER_POLYVEC_BYTES..END]);
 }
 
 /// Name:  pack_sk
@@ -66,7 +73,7 @@ fn unpack_sk(sk: &mut Polyvec, packedsk: &[u8]) {
 ///  const [u8] seed: the input polynomial v
 fn pack_ciphertext(r: &mut [u8], b: &mut Polyvec, v: Poly) {
     polyvec_compress(r, *b);
-    poly_compress(&mut r[KYBER_POLYVECCOMPRESSEDBYTES..], v);
+    poly_compress(&mut r[KYBER_POLYVEC_COMPRESSED_BYTES..], v);
 }
 
 /// Name:  unpack_ciphertext
@@ -79,7 +86,7 @@ fn pack_ciphertext(r: &mut [u8], b: &mut Polyvec, v: Poly) {
 ///  - const [u8] c:   input serialized ciphertext
 fn unpack_ciphertext(b: &mut Polyvec, v: &mut Poly, c: &[u8]) {
     polyvec_decompress(b, c);
-    poly_decompress(v, &c[KYBER_POLYVECCOMPRESSEDBYTES..]);
+    poly_decompress(v, &c[KYBER_POLYVEC_COMPRESSED_BYTES..]);
 }
 
 /// Name:  rej_uniform
@@ -190,8 +197,8 @@ fn gen_matrix(a: &mut [Polyvec], seed: &[u8], transposed: bool) {
 // Description: Generates public and private key for the CPA-secure
 //  public-key encryption scheme underlying Kyber
 //
-// Arguments: - [u8] pk: output public key (length KYBER_INDCPA_PUBLICKEYBYTES)
-//  - [u8] sk: output private key (length KYBER_INDCPA_SECRETKEYBYTES)
+// Arguments: - [u8] pk: output public key (length KYBER_INDCPA_PUBLIC_KEY_BYTES)
+//  - [u8] sk: output private key (length KYBER_INDCPA_SECRET_KEY_BYTES)
 pub(crate) fn indcpa_keypair<R>(
     pk: &mut [u8],
     sk: &mut [u8],
@@ -250,11 +257,12 @@ where
 /// Description: Encryption function of the CPA-secure
 ///  public-key encryption scheme underlying Kyber.
 ///
-/// Arguments: - [u8] c:  output ciphertext (length KYBER_INDCPA_BYTES)
-///  - const [u8] m:  input message (length KYBER_SYM_BYTES)
-///  - const [u8] pk:   input public key (length KYBER_INDCPA_PUBLICKEYBYTES)
+/// Arguments:
+///  - const [u8] c:    output ciphertext (length KYBER_INDCPA_BYTES)
+///  - const [u8] m:    input message (length KYBER_SYM_BYTES)
+///  - const [u8] pk:   input public key (length KYBER_INDCPA_PUBLIC_KEY_BYTES)
 ///  - const [u8] coin: input random coins used as seed (length KYBER_SYM_BYTES)
-///      to deterministically generate all randomness
+///    to deterministically generate all randomness
 pub(crate) fn indcpa_enc(
     c: &mut [u8],
     m: &[u8],
@@ -313,9 +321,10 @@ pub(crate) fn indcpa_enc(
 /// Description: Decryption function of the CPA-secure
 ///  public-key encryption scheme underlying Kyber.
 ///
-/// Arguments:   - [u8] m:  output decrypted message (of length KYBER_SYM_BYTES)
-///  - const [u8] c:  input ciphertext (of length KYBER_INDCPA_BYTES)
-///  - const [u8] sk: input secret key (of length KYBER_INDCPA_SECRETKEYBYTES)
+/// Arguments:
+///  - const [u8] m:    output decrypted message (of length KYBER_SYM_BYTES)
+///  - const [u8] c:    input ciphertext (of length KYBER_INDCPA_BYTES)
+///  - const [u8] sk:   input secret key (of length KYBER_INDCPA_SECRET_KEY_BYTES)
 pub(crate) fn indcpa_dec(m: &mut [u8], c: &[u8], sk: &[u8]) {
     let (mut b, mut skpv) = (Polyvec::new(), Polyvec::new());
     let (mut v, mut mp) = (Poly::new(), Poly::new());