feat(backend/frontend): use safe_serialization for secret keys

backends/concrete-cpu/implementation/src/c_api/secret_key.rs

@@ -218,12 +218,11 @@ pub unsafe extern "C" fn concrete_cpu_serialize_lwe_secret_key_u64(
     out_buffer: *mut u8,
     out_buffer_len: usize,
 ) -> usize {
-    let lwe_sk = LweSecretKey::from_container(slice::from_raw_parts(
-        lwe_sk,
-        concrete_cpu_lwe_secret_key_size_u64(lwe_dimension),
-    ));
+    let lwe_sk: LweSecretKey<Vec<u64>> = LweSecretKey::from_container(
+        slice::from_raw_parts(lwe_sk, concrete_cpu_lwe_secret_key_size_u64(lwe_dimension)).to_vec(),
+    );
 
-    super::utils::unsafe_serialize(&lwe_sk, out_buffer, out_buffer_len)
+    super::utils::safe_serialize(&lwe_sk, out_buffer, out_buffer_len)
 }
 
 #[no_mangle]
@@ -233,7 +232,7 @@ pub unsafe extern "C" fn concrete_cpu_unserialize_lwe_secret_key_u64(
     lwe_sk: *mut u64,
     lwe_sk_size: usize,
 ) -> usize {
-    let sk: LweSecretKey<Vec<u64>> = super::utils::unsafe_deserialize(buffer, buffer_len);
+    let sk: LweSecretKey<Vec<u64>> = super::utils::safe_deserialize(buffer, buffer_len);
     let container = sk.into_container();
     assert!(container.len() <= lwe_sk_size);
     let lwe_sk_slice = slice::from_raw_parts_mut(lwe_sk, lwe_sk_size);
@@ -249,15 +248,16 @@ pub unsafe extern "C" fn concrete_cpu_serialize_glwe_secret_key_u64(
     out_buffer: *mut u8,
     out_buffer_len: usize,
 ) -> usize {
-    let glwe_sk = GlweSecretKey::from_container(
+    let glwe_sk: GlweSecretKey<Vec<u64>> = GlweSecretKey::from_container(
         slice::from_raw_parts(
             glwe_sk,
             concrete_cpu_glwe_secret_key_size_u64(glwe_dimension, polynomial_size),
-        ),
+        )
+        .to_vec(),
         PolynomialSize(polynomial_size),
     );
 
-    super::utils::unsafe_serialize(&glwe_sk, out_buffer, out_buffer_len)
+    super::utils::safe_serialize(&glwe_sk, out_buffer, out_buffer_len)
 }
 
 #[no_mangle]
@@ -267,7 +267,7 @@ pub unsafe extern "C" fn concrete_cpu_unserialize_glwe_secret_key_u64(
     glwe_sk: *mut u64,
     glwe_sk_size: usize,
 ) -> usize {
-    let sk: GlweSecretKey<Vec<u64>> = super::utils::unsafe_deserialize(buffer, buffer_len);
+    let sk: GlweSecretKey<Vec<u64>> = super::utils::safe_deserialize(buffer, buffer_len);
     assert!(sk.glwe_dimension().0 == 1);
     let container = sk.into_container();
     assert!(container.len() <= glwe_sk_size);

docs/guides/tfhers/serialization.md

@@ -33,7 +33,7 @@ fn save_fheuint8(fheuint: FheUint8, path: &String) {
 
 ## Secret Key
 
-TFHE-rs safe serialization doesn't yet support this key so we should deserialize `LweSecretKey` using `bincode`
+We should deserialize `LweSecretKey` using safe serialization functions from TFHE-rs
 
 ```rust
 use tfhe::core_crypto::prelude::LweSecretKey;
@@ -42,7 +42,7 @@ use tfhe::core_crypto::prelude::LweSecretKey;
 
 fn load_lwe_sk(path: &String) -> LweSecretKey<Vec<u64>> {
     let file = fs::File::open(path).unwrap();
-    bincode::deserialize_from(file).unwrap()
+    safe_deserialize(file, SERIALIZE_SIZE_LIMIT).unwrap()
 }
 ```
 
@@ -51,6 +51,6 @@ To serialize
 ```rust
 fn save_lwe_sk(lwe_sk: LweSecretKey<Vec<u64>>, path: &String) {
     let file = fs::File::create(path).unwrap();
-    bincode::serialize_into(file, lwe_sk).unwrap()
+    safe_serialize(lwe_sk, file, SERIALIZE_SIZE_LIMIT).unwrap()
 }
 ```

frontends/concrete-python/tests/tfhers-utils/src/main.rs

@@ -187,7 +187,7 @@ fn write_keys(
     }
 
     if let Some(lwe_sk) = lwe_secret_key {
-        unsafe_save(output_lwe_path, &lwe_sk)
+        safe_save(output_lwe_path, &lwe_sk)
     }
 }
 
@@ -212,7 +212,7 @@ fn keygen(client_key_path: &String, server_key_path: &String, output_lwe_path: &
 }
 
 fn keygen_from_lwe(lwe_sk_path: &String) -> ClientKey {
-    let lwe_sk = unsafe_load(lwe_sk_path);
+    let lwe_sk = safe_load(lwe_sk_path);
 
     let shortint_key =
         tfhe::shortint::ClientKey::try_from_lwe_encryption_key(lwe_sk, BLOCK_PARAMS).unwrap();