Merge branch 'main' into center_vt_constant_time-3415539913779892970

tlepoint · web-flow · commit 84b2c4936b00 · 2026-01-31T18:14:22.000-05:00
diff --git a/crates/fhe-math/src/zq/mod.rs b/crates/fhe-math/src/zq/mod.rs
@@ -795,7 +795,7 @@ impl Modulus {
 
 #[cfg(test)]
 mod tests {
-    use super::{Modulus, primes};
+    use super::Modulus;
     use itertools::{Itertools, izip};
     use proptest::collection::vec as prop_vec;
     use proptest::prelude::{BoxedStrategy, Just, Strategy, any};
@@ -807,6 +807,10 @@ mod tests {
         any::<u64>().prop_filter_map("filter invalid moduli", |p| Modulus::new(p).ok())
     }
 
+    fn valid_moduli_opt() -> impl Strategy<Value = Modulus> {
+        valid_moduli().prop_filter("filter moduli not supporting opt", |p| p.supports_opt)
+    }
+
     fn vecs() -> BoxedStrategy<(Vec<u64>, Vec<u64>)> {
         prop_vec(any::<u64>(), 1..100)
             .prop_flat_map(|vec| {
@@ -1108,77 +1112,49 @@ mod tests {
              for (ai, bi) in izip!(a.iter(), b.iter()) {
                  prop_assert_eq!(p.center(*ai), *bi);
              }
-        }
-    }
-
-    // TODO: Make a proptest.
-    #[test]
-    fn mul_opt() {
-        let ntests = 100;
-        let mut rng = rand::rng();
+      }
 
-        for p in [4611686018326724609] {
-            let q = Modulus::new(p).unwrap();
-            assert!(primes::supports_opt(p));
+        #[test]
+        fn mul_opt(p in valid_moduli_opt(), mut a: u64, mut b: u64) {
+            a = p.reduce(a);
+            b = p.reduce(b);
 
-            assert_eq!(q.mul_opt(0, 1), 0);
-            assert_eq!(q.mul_opt(1, 1), 1);
-            assert_eq!(q.mul_opt(2 % p, 3 % p), 6 % p);
-            assert_eq!(q.mul_opt(p - 1, 1), p - 1);
-            assert_eq!(q.mul_opt(p - 1, 2 % p), p - 2);
+            prop_assert_eq!(p.mul_opt(a, b) as u128, ((a as u128) * (b as u128)) % (*p as u128));
+            unsafe { prop_assert_eq!(p.mul_opt_vt(a, b) as u128, ((a as u128) * (b as u128)) % (*p as u128)) }
 
             #[cfg(debug_assertions)]
             {
-                assert!(std::panic::catch_unwind(|| q.mul_opt(p, 1)).is_err());
-                assert!(std::panic::catch_unwind(|| q.mul_opt(p << 1, 1)).is_err());
-                assert!(std::panic::catch_unwind(|| q.mul_opt(0, p)).is_err());
-                assert!(std::panic::catch_unwind(|| q.mul_opt(0, p << 1)).is_err());
-            }
-
-            for _ in 0..ntests {
-                let a = rng.next_u64() % p;
-                let b = rng.next_u64() % p;
-                assert_eq!(
-                    q.mul_opt(a, b),
-                    (((a as u128) * (b as u128)) % (p as u128)) as u64
-                );
+                prop_assert!(std::panic::catch_unwind(|| p.mul_opt(*p, a)).is_err());
+                prop_assert!(std::panic::catch_unwind(|| p.mul_opt(a, *p)).is_err());
+                prop_assert!(std::panic::catch_unwind(|| p.mul_opt(*p + 1, a)).is_err());
+                prop_assert!(std::panic::catch_unwind(|| p.mul_opt(a, *p + 1)).is_err());
             }
         }
-    }
 
-    // TODO: Make a proptest.
-    #[test]
-    fn pow() {
-        let ntests = 10;
-        let mut rng = rand::rng();
+        #[test]
+        fn pow(p in valid_moduli(), mut a: u64, mut b: u64) {
+            a = p.reduce(a);
+            b = p.reduce(b);
 
-        for p in [2u64, 3, 17, 1987, 4611686018326724609] {
-            let q = Modulus::new(p).unwrap();
+            prop_assert_eq!(p.pow(a, 0), 1);
+            prop_assert_eq!(p.pow(a, 1), a);
+            if *p > 2 {
+                prop_assert_eq!(p.pow(a, 2), p.mul(a, a));
+            }
 
-            assert_eq!(q.pow(p - 1, 0), 1);
-            assert_eq!(q.pow(p - 1, 1), p - 1);
-            assert_eq!(q.pow(p - 1, 2 % p), 1);
-            assert_eq!(q.pow(1, p - 2), 1);
-            assert_eq!(q.pow(1, p - 1), 1);
+            let b_small = b % 1000;
+            let mut r = 1;
+            for _ in 0..b_small {
+                r = p.mul(r, a);
+            }
+            prop_assert_eq!(p.pow(a, b_small), r);
 
             #[cfg(debug_assertions)]
             {
-                assert!(std::panic::catch_unwind(|| q.pow(p, 1)).is_err());
-                assert!(std::panic::catch_unwind(|| q.pow(p << 1, 1)).is_err());
-                assert!(std::panic::catch_unwind(|| q.pow(0, p)).is_err());
-                assert!(std::panic::catch_unwind(|| q.pow(0, p << 1)).is_err());
-            }
-
-            for _ in 0..ntests {
-                let a = rng.next_u64() % p;
-                let b = (rng.next_u64() % p) % 1000;
-                let mut c = b;
-                let mut r = 1;
-                while c > 0 {
-                    r = q.mul(r, a);
-                    c -= 1;
-                }
-                assert_eq!(q.pow(a, b), r);
+                prop_assert!(std::panic::catch_unwind(|| p.pow(*p, 1)).is_err());
+                prop_assert!(std::panic::catch_unwind(|| p.pow(*p << 1, 1)).is_err());
+                prop_assert!(std::panic::catch_unwind(|| p.pow(0, *p)).is_err());
+                prop_assert!(std::panic::catch_unwind(|| p.pow(0, *p << 1)).is_err());
             }
         }
     }
