/* x^n+1 */
void
pol_xn1(fmpz_poly_t poly, ulong n)
{
fmpz_poly_fit_length(poly, n + 1);
fmpz_poly_set_coeff_si(poly, 0, 1);
fmpz_poly_set_coeff_si(poly, n, 1);
}
void
fmpz_poly_set_coeff_fmpz_n(fmpz_poly_t poly, slong n,
const fmpz_t x)
{
if (x)
fmpz_poly_set_coeff_fmpz(poly, n, x);
else
fmpz_poly_set_coeff_si(poly, n, 0);
}
void
poly_new(fmpz_poly_t new_poly,
int const * const c,
const size_t len)
{
if (!new_poly)
NTRU_ABORT_DEBUG("Unexpected NULL parameter in");
fmpz_poly_init(new_poly);
for (uint32_t i = 0; i < len; i++)
fmpz_poly_set_coeff_si(new_poly, i, c[i]);
}
void eta_series(fmpz_poly_t *eta, ulong prec)
{
ulong i, e;
int no[4] = {1, -1, 1, -1};
fmpz_poly_set_coeff_si(*eta, 0, 1);
i = 1;
e = i*(3*i + 1) / 2;
while (e <= prec) {
fmpz_poly_set_coeff_si(*eta, e, no[i % 4]);
e += (3*i + 2);
i += 1;
}
i = 1;
e = i*(3*i - 1) / 2;
while (e <= prec) {
fmpz_poly_set_coeff_si(*eta, e, no[i % 4]);
e += (3*i + 1);
i += 1;
}
}
void unif_poly(fmpz_poly_t poly, fmpz_t space, long d)
{
long i, x;
mpz_t randseed;
mpz_init(randseed);
hcrypt_random(randseed);
unsigned long int useed = mpz_get_ui(randseed);
srand(useed);
for( i = 0 ; i < d ; i++) {
x = rand();
fmpz_poly_set_coeff_si(poly, i, x);
}
fmpz_poly_scalar_smod_fmpz(poly, poly, space);
mpz_clear(randseed);
}
int
main(void)
{
int i, j, result;
FLINT_TEST_INIT(state);
flint_printf("get/set_coeff_si....");
fflush(stdout);
for (i = 0; i < 100 * flint_test_multiplier(); i++)
{
fmpz_poly_t a;
slong coeff, len;
slong n1, n2;
fmpz_poly_init(a);
len = n_randint(state, 100) + 1;
for (j = 0; j < 1000; j++)
{
n1 = z_randtest(state);
coeff = n_randint(state, len);
fmpz_poly_set_coeff_si(a, coeff, n1);
n2 = fmpz_poly_get_coeff_si(a, coeff);
result = (n1 == n2);
if (!result)
{
flint_printf("FAIL: n1 = %wd, n2 = %wd, coeff = %wd, length = %wd\n",
n1, n2, coeff, len);
abort();
}
}
fmpz_poly_clear(a);
}
FLINT_TEST_CLEANUP(state);
flint_printf("PASS\n");
return 0;
}
void guassian_poly(fmpz_poly_t poly, long d)
{
if ( d == 0 )
return;
double tdvn = bgv_get_dvn();
long a = (long)ceil(-10*tdvn);
long b = (long)floor(+10*tdvn);
long x, i;
double p;
mpz_t randseed;
mpz_init(randseed);
hcrypt_random(randseed);
unsigned long int useed = mpz_get_ui(randseed);
srand(useed);
for( i = 0 ; i < d ; i++) {
x = rand()%(b - a) + a;
fmpz_poly_set_coeff_si(poly, i, x);
}
mpz_clear(randseed);
}
void eis_series(fmpz_poly_t *eis, ulong k, ulong prec)
{
ulong i, p, ee, p_pow, ind;
fmpz_t last, last_m1, mult, fp, t_coeff, term, term_m1;
long bern_fac[15] = {0, 0, 0, 0, 240, 0, -504, 0, 480, 0, -264, 0, 0, 0, -24};
// Now, we compute the eisenstein series
// First, compute primes by sieving.
// allocate memory for the array.
/*
char *primes;
primes = calloc(prec + 1, sizeof(char));
for(i = 0; i <= prec; i++) {
primes[i] = 1;
}
primes[0] = 0;
primes[1] = 0;
p = 2;
while(p*p <= prec) {
j = p*p;
while(j <= prec) {
primes[j] = 0;
j += p;
}
p += 1;
while(primes[p] != 1)
p += 1;
}
*/
// Now, create the eisenstein series.
// We build up each coefficient using the multiplicative properties of the
// divisor sum function.
fmpz_poly_set_coeff_si(*eis, 0, 1);
for(i = 1; i <= prec; i++)
fmpz_poly_set_coeff_si(*eis, i, bern_fac[k]);
fmpz_init(last);
fmpz_init(last_m1);
fmpz_init(mult);
fmpz_init(fp);
fmpz_init(t_coeff);
fmpz_init(term);
fmpz_init(term_m1);
ee = k - 1;
p = 2;
while(p <= prec) {
p_pow = p;
fmpz_set_ui(fp, p);
fmpz_pow_ui(mult, fp, ee);
fmpz_pow_ui(term, mult, 2);
fmpz_set(last, mult);
while(p_pow <= prec) {
ind = p_pow;
fmpz_sub_ui(term_m1, term, 1);
fmpz_sub_ui(last_m1, last, 1);
while(ind <= prec) {
fmpz_poly_get_coeff_fmpz(t_coeff, *eis, ind);
fmpz_mul(t_coeff, t_coeff, term_m1);
fmpz_divexact(t_coeff, t_coeff, last_m1);
fmpz_poly_set_coeff_fmpz(*eis, ind, t_coeff);
ind += p_pow;
}
p_pow *= p;
fmpz_set(last, term);
fmpz_mul(term, term, mult);
}
p = n_nextprime(p, 1);
}
fmpz_clear(last);
fmpz_clear(last_m1);
fmpz_clear(mult);
fmpz_clear(fp);
fmpz_clear(t_coeff);
fmpz_clear(term);
fmpz_clear(term_m1);
}
int
main(void)
{
int i, result;
FLINT_TEST_INIT(state);
flint_printf("inv_series_newton....");
fflush(stdout);
/* Check Q^{-1} * Q is congruent 1 mod t^n */
for (i = 0; i < 100 * flint_test_multiplier(); i++)
{
fmpz_poly_t a, b, c, one;
slong n = n_randint(state, 80) + 1;
fmpz_poly_init(a);
fmpz_poly_init(b);
fmpz_poly_init(c);
fmpz_poly_init(one);
fmpz_poly_randtest_not_zero(a, state, n_randint(state, 80) + 1, 100);
fmpz_poly_set_coeff_si(a, 0, n_randint(state, 2) ? 1 : -1);
fmpz_poly_set_ui(one, 1);
fmpz_poly_inv_series_newton(b, a, n);
fmpz_poly_mullow(c, a, b, n);
result = (fmpz_poly_equal(c, one));
if (!result)
{
flint_printf("FAIL:\n");
flint_printf("a = "), fmpz_poly_print(a), flint_printf("\n\n");
flint_printf("b = "), fmpz_poly_print(b), flint_printf("\n\n");
flint_printf("c = "), fmpz_poly_print(c), flint_printf("\n\n");
abort();
}
fmpz_poly_clear(a);
fmpz_poly_clear(b);
fmpz_poly_clear(c);
fmpz_poly_clear(one);
}
/* Verify bug fix for the case Q = -1 mod (x) */
{
fmpz_poly_t a, b, c, one;
slong n = 1;
fmpz_poly_init(a);
fmpz_poly_init(b);
fmpz_poly_init(c);
fmpz_poly_init(one);
fmpz_poly_set_si(a, -1);
fmpz_poly_set_ui(one, 1);
fmpz_poly_inv_series_newton(b, a, n);
fmpz_poly_mullow(c, a, b, n);
result = (fmpz_poly_equal(c, one));
if (!result)
{
flint_printf("FAIL:\n");
flint_printf("a = "), fmpz_poly_print(a), flint_printf("\n\n");
flint_printf("b = "), fmpz_poly_print(b), flint_printf("\n\n");
flint_printf("c = "), fmpz_poly_print(c), flint_printf("\n\n");
abort();
}
fmpz_poly_clear(a);
fmpz_poly_clear(b);
fmpz_poly_clear(c);
fmpz_poly_clear(one);
}
FLINT_TEST_CLEANUP(state);
flint_printf("PASS\n");
return 0;
}
bool
poly_inverse_poly_p(fmpz_poly_t Fp,
const fmpz_poly_t a,
const ntru_params *params)
{
bool retval = false;
int k = 0,
j = 0;
fmpz *b_last;
fmpz_poly_t a_tmp,
b,
c,
f,
g;
/* general initialization of temp variables */
fmpz_poly_init(b);
fmpz_poly_set_coeff_ui(b, 0, 1);
fmpz_poly_init(c);
fmpz_poly_init(f);
fmpz_poly_set(f, a);
/* set g(x) = x^N − 1 */
fmpz_poly_init(g);
fmpz_poly_set_coeff_si(g, 0, -1);
fmpz_poly_set_coeff_si(g, params->N, 1);
/* avoid side effects */
fmpz_poly_init(a_tmp);
fmpz_poly_set(a_tmp, a);
fmpz_poly_zero(Fp);
while (1) {
while (fmpz_poly_get_coeff_ptr(f, 0) &&
fmpz_is_zero(fmpz_poly_get_coeff_ptr(f, 0))) {
for (uint32_t i = 1; i <= params->N; i++) {
fmpz *f_coeff = fmpz_poly_get_coeff_ptr(f, i);
fmpz *c_coeff = fmpz_poly_get_coeff_ptr(c, params->N - i);
/* f(x) = f(x) / x */
fmpz_poly_set_coeff_fmpz_n(f, i - 1,
f_coeff);
/* c(x) = c(x) * x */
fmpz_poly_set_coeff_fmpz_n(c, params->N + 1 - i,
c_coeff);
}
fmpz_poly_set_coeff_si(f, params->N, 0);
fmpz_poly_set_coeff_si(c, 0, 0);
k++;
if (fmpz_poly_degree(f) == -1)
goto cleanup;
}
if (fmpz_poly_is_zero(g) == 1)
goto cleanup;
if (fmpz_poly_degree(f) == 0)
break;
if (fmpz_poly_degree(f) < fmpz_poly_degree(g)) {
/* exchange f and g and exchange b and c */
fmpz_poly_swap(f, g);
fmpz_poly_swap(b, c);
}
{
fmpz_poly_t c_tmp,
g_tmp;
fmpz_t u,
mp_tmp;
fmpz_init(u);
fmpz_zero(u);
fmpz_init_set(mp_tmp, fmpz_poly_get_coeff_ptr(f, 0));
fmpz_poly_init(g_tmp);
fmpz_poly_set(g_tmp, g);
fmpz_poly_init(c_tmp);
fmpz_poly_set(c_tmp, c);
/* u = f[0] * g[0]^(-1) mod p */
/* = (f[0] mod p) * (g[0] inverse mod p) mod p */
fmpz_invmod_ui(u,
fmpz_poly_get_coeff_ptr(g, 0),
params->p);
fmpz_mod_ui(mp_tmp, mp_tmp, params->p);
fmpz_mul(u, mp_tmp, u);
fmpz_mod_ui(u, u, params->p);
/* f = f - u * g mod p */
fmpz_poly_scalar_mul_fmpz(g_tmp, g_tmp, u);
fmpz_poly_sub(f, f, g_tmp);
fmpz_poly_mod_unsigned(f, params->p);
/* b = b - u * c mod p */
fmpz_poly_scalar_mul_fmpz(c_tmp, c_tmp, u);
fmpz_poly_sub(b, b, c_tmp);
fmpz_poly_mod_unsigned(b, params->p);
fmpz_clear(u);
fmpz_poly_clear(g_tmp);
fmpz_poly_clear(c_tmp);
}
}
k = k % params->N;
b_last = fmpz_poly_get_coeff_ptr(b, params->N);
if (fmpz_cmp_si_n(b_last, 0))
goto cleanup;
/* Fp(x) = x^(N-k) * b(x) */
for (int i = params->N - 1; i >= 0; i--) {
fmpz *b_i;
/* b(X) = f[0]^(-1) * b(X) (mod p) */
{
fmpz_t mp_tmp;
fmpz_init(mp_tmp);
fmpz_invmod_ui(mp_tmp,
fmpz_poly_get_coeff_ptr(f, 0),
params->p);
if (fmpz_poly_get_coeff_ptr(b, i)) {
fmpz_mul(fmpz_poly_get_coeff_ptr(b, i),
fmpz_poly_get_coeff_ptr(b, i),
mp_tmp);
fmpz_mod_ui(fmpz_poly_get_coeff_ptr(b, i),
fmpz_poly_get_coeff_ptr(b, i),
params->p);
}
}
j = i - k;
if (j < 0)
j = j + params->N;
b_i = fmpz_poly_get_coeff_ptr(b, i);
fmpz_poly_set_coeff_fmpz_n(Fp, j, b_i);
}
/* check if the f * Fp = 1 (mod p) condition holds true */
fmpz_poly_set(a_tmp, a);
poly_starmultiply(a_tmp, a_tmp, Fp, params, params->p);
if (fmpz_poly_is_one(a_tmp))
retval = true;
else
fmpz_poly_zero(Fp);
cleanup:
fmpz_poly_clear(a_tmp);
fmpz_poly_clear(b);
fmpz_poly_clear(c);
fmpz_poly_clear(f);
fmpz_poly_clear(g);
return retval;
}
bool
poly_inverse_poly_q(fmpz_poly_t Fq,
const fmpz_poly_t a,
const ntru_params *params)
{
bool retval = false;
int k = 0,
j = 0;
fmpz *b_last;
fmpz_poly_t a_tmp,
b,
c,
f,
g;
/* general initialization of temp variables */
fmpz_poly_init(b);
fmpz_poly_set_coeff_ui(b, 0, 1);
fmpz_poly_init(c);
fmpz_poly_init(f);
fmpz_poly_set(f, a);
/* set g(x) = x^N − 1 */
fmpz_poly_init(g);
fmpz_poly_set_coeff_si(g, 0, -1);
fmpz_poly_set_coeff_si(g, params->N, 1);
/* avoid side effects */
fmpz_poly_init(a_tmp);
fmpz_poly_set(a_tmp, a);
fmpz_poly_zero(Fq);
while (1) {
while (fmpz_poly_get_coeff_ptr(f, 0) &&
fmpz_is_zero(fmpz_poly_get_coeff_ptr(f, 0))) {
for (uint32_t i = 1; i <= params->N; i++) {
fmpz *f_coeff = fmpz_poly_get_coeff_ptr(f, i);
fmpz *c_coeff = fmpz_poly_get_coeff_ptr(c, params->N - i);
/* f(x) = f(x) / x */
fmpz_poly_set_coeff_fmpz_n(f, i - 1,
f_coeff);
/* c(x) = c(x) * x */
fmpz_poly_set_coeff_fmpz_n(c, params->N + 1 - i,
c_coeff);
}
fmpz_poly_set_coeff_si(f, params->N, 0);
fmpz_poly_set_coeff_si(c, 0, 0);
k++;
if (fmpz_poly_degree(f) == -1)
goto cleanup;
}
if (fmpz_poly_is_zero(g) == 1)
goto cleanup;
if (fmpz_poly_degree(f) == 0)
break;
if (fmpz_poly_degree(f) < fmpz_poly_degree(g)) {
fmpz_poly_swap(f, g);
fmpz_poly_swap(b, c);
}
fmpz_poly_add(f, g, f);
fmpz_poly_mod_unsigned(f, 2);
fmpz_poly_add(b, c, b);
fmpz_poly_mod_unsigned(b, 2);
}
k = k % params->N;
b_last = fmpz_poly_get_coeff_ptr(b, params->N);
if (fmpz_cmp_si_n(b_last, 0))
goto cleanup;
/* Fq(x) = x^(N-k) * b(x) */
for (int i = params->N - 1; i >= 0; i--) {
fmpz *b_i;
j = i - k;
if (j < 0)
j = j + params->N;
b_i = fmpz_poly_get_coeff_ptr(b, i);
fmpz_poly_set_coeff_fmpz_n(Fq, j, b_i);
}
poly_mod2_to_modq(Fq, a_tmp, params);
/* check if the f * Fq = 1 (mod p) condition holds true */
fmpz_poly_set(a_tmp, a);
poly_starmultiply(a_tmp, a_tmp, Fq, params, params->q);
if (fmpz_poly_is_one(a_tmp))
retval = true;
else
fmpz_poly_zero(Fq);
cleanup:
fmpz_poly_clear(a_tmp);
fmpz_poly_clear(b);
fmpz_poly_clear(c);
fmpz_poly_clear(f);
fmpz_poly_clear(g);
return retval;
}
int main(int argc, char *args[])/* setup.txt, ct.txt{ct->lev, ct->row, ct->col, ct}, sk.txt{row, col, poly}*/
{
FILE *fp;
if((fp = fopen(args[1], "r")) == NULL)
{
printf("file read error\n");
exit(0);
}
fmpz_t tmp;
fmpz_init(tmp);
fgets(str, 100, fp);
fmpz_set_str(tmp, str, 10);
long lev, d, i, j;
lev = fmpz_get_si(tmp);
fgets(str, 100, fp);
fmpz_set_str(tmp, str, 10);
d = fmpz_get_si(tmp);
fmpz_poly_t fx;
fmpz_poly_init(fx);
fmpz_poly_set_coeff_si(fx, 0, 1);
fmpz_poly_set_coeff_si(fx, d, 1);
param_node_t *ph, *pr, *ps, *param;
ph = param_node_init(ph);
ps = ph;
for( i = 0 ; i <= lev; i++ ) {
pr = param_node_init(pr);
fgets(str, 100, fp);
fmpz_set_str(pr->q, str, 10);
fgets(str, 100, fp);
fmpz_set_str(tmp, str, 10);
pr->n = fmpz_get_si(tmp);
fgets(str, 100, fp);
fmpz_set_str(tmp, str, 10);
pr->bign = fmpz_get_si(tmp);
ps->next = pr;
ps = pr;
}
ps->next = NULL;
fclose(fp);
param = ph->next;
long row, col, ctlev;
if((fp = fopen(args[2], "r")) == NULL)
{
printf("file read error\n");
exit(0);
}
fgets(str, 30, fp);
fmpz_set_str(tmp, str,10);
ctlev = fmpz_get_si(tmp);
fgets(str, 30, fp);
fmpz_set_str(tmp, str,10);
row = fmpz_get_si(tmp);
fgets(str, 30, fp);
fmpz_set_str(tmp, str,10);
col = fmpz_get_si(tmp);
fmpz_poly_mat_t ct;
fmpz_poly_mat_init(ct, row, col);
for( i = 0 ; i < row ; i++) {
for(j = 0; j < col ; j++) {
fgets(str, 100000, fp);
fmpz_poly_set_str(fmpz_poly_mat_entry(ct, i, j), str);
}
}
fclose(fp);
if((fp = fopen(args[3], "r")) == NULL)
{
printf("file read error\n");
exit(0);
}
long l;
sk_node_t *sh, *ss, *sr;
sh = (sk_node_t *)malloc(sizeof(sk_node_t));
ss = sh;
for(l = 0; l <= lev ; l++){
sr = (sk_node_t *)malloc(sizeof(sk_node_t));
fgets(str, 30, fp);
fmpz_set_str(tmp, str,10);
row = fmpz_get_si(tmp);
fgets(str, 30, fp);
fmpz_set_str(tmp, str,10);
col = fmpz_get_si(tmp);
fmpz_poly_mat_init(sr->sk, row, col);
for( i = 0 ; i < row ; i++) {
for(j = 0; j < col ; j++) {
fgets(str, 100000, fp);
fmpz_poly_set_str(fmpz_poly_mat_entry(sr->sk, i, j), str);
}
}
ss->next = sr;
ss = sr;
}
ss->next = NULL;
fclose(fp);
sh = sh->next;
while(lev > ctlev){
sh = sh->next;
param = param->next;
lev--;
}
fmpz_poly_t ms;
fmpz_poly_init(ms);
e_decrypt(ms, param, sh->sk, ct, fx);
fmpz_poly_print(ms);
printf("\n");
return 0;
}
