From 8556c8fc433032fa5a53aaa4a35b76837bc46470 Mon Sep 17 00:00:00 2001
From: Al-Kindi-0 <82364884+Al-Kindi-0@users.noreply.github.com>
Date: Wed, 29 May 2024 08:20:28 +0200
Subject: [PATCH] fix: encoding Falcon secret key basis polynomials (#319)

---
 src/dsa/rpo_falcon512/keys/secret_key.rs | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/dsa/rpo_falcon512/keys/secret_key.rs b/src/dsa/rpo_falcon512/keys/secret_key.rs
index d3ca339..ca57f2a 100644
--- a/src/dsa/rpo_falcon512/keys/secret_key.rs
+++ b/src/dsa/rpo_falcon512/keys/secret_key.rs
@@ -217,15 +217,27 @@ impl Serializable for SecretKey {
         let mut buffer = Vec::with_capacity(1281);
         buffer.push(header);
 
-        let f_i8: Vec<i8> = neg_f.coefficients.iter().map(|&a| -a as i8).collect();
+        let f_i8: Vec<i8> = neg_f
+            .coefficients
+            .iter()
+            .map(|&a| FalconFelt::new(-a).balanced_value() as i8)
+            .collect();
         let f_i8_encoded = encode_i8(&f_i8, WIDTH_SMALL_POLY_COEFFICIENT).unwrap();
         buffer.extend_from_slice(&f_i8_encoded);
 
-        let g_i8: Vec<i8> = g.coefficients.iter().map(|&a| a as i8).collect();
+        let g_i8: Vec<i8> = g
+            .coefficients
+            .iter()
+            .map(|&a| FalconFelt::new(a).balanced_value() as i8)
+            .collect();
         let g_i8_encoded = encode_i8(&g_i8, WIDTH_SMALL_POLY_COEFFICIENT).unwrap();
         buffer.extend_from_slice(&g_i8_encoded);
 
-        let big_f_i8: Vec<i8> = neg_big_f.coefficients.iter().map(|&a| -a as i8).collect();
+        let big_f_i8: Vec<i8> = neg_big_f
+            .coefficients
+            .iter()
+            .map(|&a| FalconFelt::new(-a).balanced_value() as i8)
+            .collect();
         let big_f_i8_encoded = encode_i8(&big_f_i8, WIDTH_BIG_POLY_COEFFICIENT).unwrap();
         buffer.extend_from_slice(&big_f_i8_encoded);
         target.write_bytes(&buffer);