From a9b51c5d3c4b9596eb2b9360080f765224e3849a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 5 Feb 2025 11:18:00 +0000 Subject: [PATCH 1/8] Remove `asm` macro The `asm` macro is an abbreviation for inline assembly. However, it is only ever used in `verify.h`, in the context of GCC or Clang. This commit removes the `asm` macro definition from `sys.h`, and instead uses `__asm__` directly in `verify.h`. Signed-off-by: Hanno Becker --- mlkem/sys.h | 2 -- mlkem/verify.h | 6 +++--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/mlkem/sys.h b/mlkem/sys.h index 231b0d1c4..7b3a32adf 100644 --- a/mlkem/sys.h +++ b/mlkem/sys.h @@ -100,9 +100,7 @@ #define DEFAULT_ALIGN 32 #if defined(_WIN32) #define ALIGN __declspec(align(DEFAULT_ALIGN)) -#define asm __asm #else -#define asm __asm__ #define ALIGN __attribute__((aligned(DEFAULT_ALIGN))) #endif diff --git a/mlkem/verify.h b/mlkem/verify.h index 28cbf4d00..38565646d 100644 --- a/mlkem/verify.h +++ b/mlkem/verify.h @@ -97,21 +97,21 @@ __contract__(ensures(return_value == b)) { return (b ^ get_optblocker_u8()); } static INLINE uint32_t value_barrier_u32(uint32_t b) __contract__(ensures(return_value == b)) { - asm("" : "+r"(b)); + __asm__("" : "+r"(b)); return b; } static INLINE int32_t value_barrier_i32(int32_t b) __contract__(ensures(return_value == b)) { - asm("" : "+r"(b)); + __asm__("" : "+r"(b)); return b; } static INLINE uint8_t value_barrier_u8(uint8_t b) __contract__(ensures(return_value == b)) { - asm("" : "+r"(b)); + __asm__("" : "+r"(b)); return b; } From 5eabd87ba6fdae63f92815c3e14bb2a0ad7ecbbb Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 5 Feb 2025 11:09:10 +0000 Subject: [PATCH 2/8] sys: Use __declspec(align ...) on pure MSVC only Previously, the ALIGN directive was defined as __declspec(align...) on _WIN32 platforms. That includes MingW builds, which however use `__attribute__((aligned(...))`. This commit changes the ALIGN directive to use __declspec only on 'pure MSVC' systems, where _MSC_VER is set but __GNUC__ isn't. If __GNUC__ is set -- which includes the MingW case -- then `__attribute__((aligned(...))` is used. If neither __GNUC__ nor __MSC_V is set, ALIGN is empty. Signed-off-by: Hanno Becker --- mlkem/sys.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mlkem/sys.h b/mlkem/sys.h index 7b3a32adf..3bf6f18b7 100644 --- a/mlkem/sys.h +++ b/mlkem/sys.h @@ -98,10 +98,12 @@ #endif #define DEFAULT_ALIGN 32 -#if defined(_WIN32) +#if defined(__GNUC__) +#define ALIGN __attribute__((aligned(DEFAULT_ALIGN))) +#elif defined(_MSC_VER) #define ALIGN __declspec(align(DEFAULT_ALIGN)) #else -#define ALIGN __attribute__((aligned(DEFAULT_ALIGN))) +#define ALIGN /* No known support for alignment constraints */ #endif #endif /* MLKEM_NATIVE_SYS_H */ From decd67f0344bdb3b27128d9ab7cac5bb88e82f7c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 5 Feb 2025 13:04:34 +0000 Subject: [PATCH 3/8] Monobuild: Separate configurability of inclusion of native code This commit modifies the monobuild file to only include aarch64/x86_64 backend files when building for the respective architecture. Signed-off-by: Hanno Becker --- .../monolithic_build/mlkem_native_monobuild.c | 10 ++++++ scripts/autogen | 32 +++++++++++++++---- 2 files changed, 36 insertions(+), 6 deletions(-) diff --git a/examples/monolithic_build/mlkem_native_monobuild.c b/examples/monolithic_build/mlkem_native_monobuild.c index 957f806c5..8978e7426 100644 --- a/examples/monolithic_build/mlkem_native_monobuild.c +++ b/examples/monolithic_build/mlkem_native_monobuild.c @@ -13,6 +13,8 @@ * mlkem-native */ +#include "mlkem/sys.h" + #include "mlkem/compress.c" #include "mlkem/debug.c" #include "mlkem/fips202/fips202.c" @@ -26,17 +28,25 @@ #include "mlkem/verify.c" #include "mlkem/zetas.c" #if defined(MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH) +#if defined(SYS_AARCH64) #include "mlkem/native/aarch64/src/aarch64_zetas.c" #include "mlkem/native/aarch64/src/rej_uniform_table.c" +#endif /* SYS_AARCH64 */ +#if defined(SYS_X86_64) #include "mlkem/native/x86_64/src/basemul.c" #include "mlkem/native/x86_64/src/compress_avx2.c" #include "mlkem/native/x86_64/src/consts.c" #include "mlkem/native/x86_64/src/rej_uniform_avx2.c" #include "mlkem/native/x86_64/src/rej_uniform_table.c" +#endif /* SYS_X86_64 */ #endif /* MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH */ #if defined(MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202) +#if defined(SYS_AARCH64) #include "mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c" +#endif /* SYS_AARCH64 */ +#if defined(SYS_X86_64) #include "mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c" +#endif /* SYS_X86_64 */ #endif /* MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202 */ diff --git a/scripts/autogen b/scripts/autogen index 327fdda00..aa24f0698 100755 --- a/scripts/autogen +++ b/scripts/autogen @@ -659,11 +659,17 @@ def gen_monolithic_source_file(dry_run=False): def native(c): return "native/" in c - def native_fips202(c): - return native(c) and "fips202" in c + def native_fips202_aarch64(c): + return native(c) and "fips202" in c and "aarch64" in c - def native_arith(c): - return native(c) and not native_fips202(c) + def native_fips202_x86_64(c): + return native(c) and "fips202" in c and "x86_64" in c + + def native_arith_aarch64(c): + return native(c) and not "fips202" in c and "aarch64" in c + + def native_arith_x86_64(c): + return native(c) and not "fips202" in c and "x86_64" in c # List of level-specific source files # All other files only need including and building once @@ -693,15 +699,29 @@ def gen_monolithic_source_file(dry_run=False): yield " * Monolithic compilation unit bundling all compilation units within mlkem-native" yield " */" yield "" + yield '#include "mlkem/sys.h"' + yield "" for c in filter(lambda c: not native(c), c_sources): yield f'#include "{c}"' yield "#if defined(MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH)" - for c in filter(native_arith, c_sources): + yield "#if defined(SYS_AARCH64)" + for c in filter(native_arith_aarch64, c_sources): yield f'#include "{c}"' + yield "#endif /* SYS_AARCH64 */" + yield "#if defined(SYS_X86_64)" + for c in filter(native_arith_x86_64, c_sources): + yield f'#include "{c}"' + yield "#endif /* SYS_X86_64 */" yield "#endif /* MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH */" yield "#if defined(MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202)" - for c in filter(native_fips202, c_sources): + yield "#if defined(SYS_AARCH64)" + for c in filter(native_fips202_aarch64, c_sources): + yield f'#include "{c}"' + yield "#endif /* SYS_AARCH64 */" + yield "#if defined(SYS_X86_64)" + for c in filter(native_fips202_x86_64, c_sources): yield f'#include "{c}"' + yield "#endif /* SYS_X86_64 */" yield "#endif /* MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202 */" yield "" yield from gen_monolithic_undef_all_core( From 79b3f73fbc3cb8bbcf0119eb8a76ed21b67a22ec Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 5 Feb 2025 20:13:11 +0000 Subject: [PATCH 4/8] simpasm: Remove trailing whitespace after autogen-info line Signed-off-by: Hanno Becker --- .../fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S | 2 +- .../fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S | 2 +- .../fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S | 2 +- .../native/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S | 2 +- .../aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S | 2 +- .../aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S | 2 +- .../src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S | 2 +- mlkem/native/aarch64/src/intt_opt.S | 2 +- mlkem/native/aarch64/src/ntt_opt.S | 2 +- mlkem/native/aarch64/src/poly_mulcache_compute_asm_opt.S | 2 +- mlkem/native/aarch64/src/poly_reduce_asm_opt.S | 2 +- mlkem/native/aarch64/src/poly_tobytes_asm_opt.S | 2 +- mlkem/native/aarch64/src/poly_tomont_asm_opt.S | 2 +- .../src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S | 2 +- .../src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S | 2 +- .../src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S | 2 +- mlkem/native/aarch64/src/rej_uniform_asm_clean.S | 2 +- mlkem/native/x86_64/src/basemul.S | 2 +- mlkem/native/x86_64/src/intt.S | 2 +- mlkem/native/x86_64/src/ntt.S | 2 +- mlkem/native/x86_64/src/nttfrombytes.S | 2 +- mlkem/native/x86_64/src/nttpack.S | 2 +- mlkem/native/x86_64/src/ntttobytes.S | 2 +- mlkem/native/x86_64/src/nttunpack.S | 2 +- mlkem/native/x86_64/src/reduce.S | 2 +- mlkem/native/x86_64/src/tomont.S | 2 +- scripts/simpasm | 2 +- 27 files changed, 27 insertions(+), 27 deletions(-) diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S index 67bb47391..0fdbf1d44 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S @@ -33,7 +33,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/fips202/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S index b77e90487..60a208fe6 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S @@ -45,7 +45,7 @@ #if defined(__ARM_FEATURE_SHA3) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/fips202/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S index 572b3485e..649abb37d 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S @@ -45,7 +45,7 @@ #if defined(__ARM_FEATURE_SHA3) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/fips202/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S index aa39eac2b..9e0217d82 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S @@ -45,7 +45,7 @@ #if defined(__ARM_FEATURE_SHA3) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/fips202/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S index 9d10b9bf4..7d11591c9 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S @@ -35,7 +35,7 @@ #if defined(__ARM_FEATURE_SHA3) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/fips202/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S index 8f6889fa2..e09ded2bb 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S @@ -33,7 +33,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/fips202/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S index 22a586607..db5994051 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S @@ -35,7 +35,7 @@ #if defined(__ARM_FEATURE_SHA3) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/fips202/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/intt_opt.S b/mlkem/native/aarch64/src/intt_opt.S index 47f4a6491..f9dd5fefe 100644 --- a/mlkem/native/aarch64/src/intt_opt.S +++ b/mlkem/native/aarch64/src/intt_opt.S @@ -28,7 +28,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/intt_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/ntt_opt.S b/mlkem/native/aarch64/src/ntt_opt.S index 5cef65fac..8b74eb581 100644 --- a/mlkem/native/aarch64/src/ntt_opt.S +++ b/mlkem/native/aarch64/src/ntt_opt.S @@ -29,7 +29,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/ntt_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/poly_mulcache_compute_asm_opt.S b/mlkem/native/aarch64/src/poly_mulcache_compute_asm_opt.S index c0518641d..e20291091 100644 --- a/mlkem/native/aarch64/src/poly_mulcache_compute_asm_opt.S +++ b/mlkem/native/aarch64/src/poly_mulcache_compute_asm_opt.S @@ -8,7 +8,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/poly_mulcache_compute_asm_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/poly_reduce_asm_opt.S b/mlkem/native/aarch64/src/poly_reduce_asm_opt.S index aa28836eb..edfc20cd4 100644 --- a/mlkem/native/aarch64/src/poly_reduce_asm_opt.S +++ b/mlkem/native/aarch64/src/poly_reduce_asm_opt.S @@ -8,7 +8,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/poly_reduce_asm_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/poly_tobytes_asm_opt.S b/mlkem/native/aarch64/src/poly_tobytes_asm_opt.S index 4646b02b8..0123c94c2 100644 --- a/mlkem/native/aarch64/src/poly_tobytes_asm_opt.S +++ b/mlkem/native/aarch64/src/poly_tobytes_asm_opt.S @@ -8,7 +8,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/poly_tobytes_asm_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/poly_tomont_asm_opt.S b/mlkem/native/aarch64/src/poly_tomont_asm_opt.S index 4629a1dc1..be77e54c3 100644 --- a/mlkem/native/aarch64/src/poly_tomont_asm_opt.S +++ b/mlkem/native/aarch64/src/poly_tomont_asm_opt.S @@ -8,7 +8,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/poly_tomont_asm_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S index 06a3d46e5..19c045b56 100644 --- a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S +++ b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S @@ -15,7 +15,7 @@ (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S index 3b23a7e99..3316ce865 100644 --- a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S +++ b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S @@ -15,7 +15,7 @@ (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S index f0ec531a1..44942e2f7 100644 --- a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S +++ b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S @@ -15,7 +15,7 @@ (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/aarch64/src/rej_uniform_asm_clean.S b/mlkem/native/aarch64/src/rej_uniform_asm_clean.S index abc9e1661..731094e42 100644 --- a/mlkem/native/aarch64/src/rej_uniform_asm_clean.S +++ b/mlkem/native/aarch64/src/rej_uniform_asm_clean.S @@ -24,7 +24,7 @@ && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/rej_uniform_asm_clean.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/x86_64/src/basemul.S b/mlkem/native/x86_64/src/basemul.S index d35204932..7ee18d851 100644 --- a/mlkem/native/x86_64/src/basemul.S +++ b/mlkem/native/x86_64/src/basemul.S @@ -11,7 +11,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/x86_64/src/basemul.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/x86_64/src/intt.S b/mlkem/native/x86_64/src/intt.S index 925baedf9..f3af89b24 100644 --- a/mlkem/native/x86_64/src/intt.S +++ b/mlkem/native/x86_64/src/intt.S @@ -14,7 +14,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/x86_64/src/intt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/x86_64/src/ntt.S b/mlkem/native/x86_64/src/ntt.S index 9777e1b3e..1012e446a 100644 --- a/mlkem/native/x86_64/src/ntt.S +++ b/mlkem/native/x86_64/src/ntt.S @@ -11,7 +11,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/x86_64/src/ntt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/x86_64/src/nttfrombytes.S b/mlkem/native/x86_64/src/nttfrombytes.S index ba9722619..e15ff493c 100644 --- a/mlkem/native/x86_64/src/nttfrombytes.S +++ b/mlkem/native/x86_64/src/nttfrombytes.S @@ -12,7 +12,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/x86_64/src/nttfrombytes.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/x86_64/src/nttpack.S b/mlkem/native/x86_64/src/nttpack.S index a9516da03..c12d47406 100644 --- a/mlkem/native/x86_64/src/nttpack.S +++ b/mlkem/native/x86_64/src/nttpack.S @@ -12,7 +12,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/x86_64/src/nttpack.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/x86_64/src/ntttobytes.S b/mlkem/native/x86_64/src/ntttobytes.S index 99d3a16fb..46025e911 100644 --- a/mlkem/native/x86_64/src/ntttobytes.S +++ b/mlkem/native/x86_64/src/ntttobytes.S @@ -12,7 +12,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/x86_64/src/ntttobytes.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/x86_64/src/nttunpack.S b/mlkem/native/x86_64/src/nttunpack.S index b88e80078..c437754e9 100644 --- a/mlkem/native/x86_64/src/nttunpack.S +++ b/mlkem/native/x86_64/src/nttunpack.S @@ -12,7 +12,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/x86_64/src/nttunpack.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/x86_64/src/reduce.S b/mlkem/native/x86_64/src/reduce.S index e336b1a27..a98f7a8f6 100644 --- a/mlkem/native/x86_64/src/reduce.S +++ b/mlkem/native/x86_64/src/reduce.S @@ -17,7 +17,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/x86_64/src/reduce.S using scripts/simpasm. Do not modify it directly. */ diff --git a/mlkem/native/x86_64/src/tomont.S b/mlkem/native/x86_64/src/tomont.S index 58f61f663..7418de23c 100644 --- a/mlkem/native/x86_64/src/tomont.S +++ b/mlkem/native/x86_64/src/tomont.S @@ -16,7 +16,7 @@ !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/x86_64/src/tomont.S using scripts/simpasm. Do not modify it directly. */ diff --git a/scripts/simpasm b/scripts/simpasm index e43165751..37b5daa58 100755 --- a/scripts/simpasm +++ b/scripts/simpasm @@ -251,7 +251,7 @@ def simplify(logger, args, asm_input, asm_output=None): autogen_header = [ "", "/*", - f" * WARNING: This file is auto-derived from the mlkem-native source file ", + f" * WARNING: This file is auto-derived from the mlkem-native source file", f" * {asm_input} using scripts/simpasm. Do not modify it directly.", " */", "", From c304521f47efe6a3df81f84cf3ba775d6f01ffeb Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 6 Feb 2025 04:28:16 +0000 Subject: [PATCH 5/8] Shorten MLKEM_NATIVE_ to MLK_, add MLK_ prefix to sys.h macros This commit is a great renaming of macros from MLKEM_NATIVE_ to MLK_. In other places where there is risk of clash with other files -- e.g. sys.h defining ALIGN -- MLK_ is added as a prefix. The commit is produced by ``` FILES=$(git ls-files -s | grep -v "^120000" | cut -f2) printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/SYS_(UNIX_LIKE|LITTLE_ENDIAN|BIG_ENDIAN|X86_64|AARCH64)/MLK_SYS_$1/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/^ALIGN([^A-Za-z_])/MLK_ALIGN\1/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/([^_])INLINE([^A-Za-z_])/\1MLK_INLINE\2/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/([^_])ALWAYS_INLINE([^A-Za-z_])/\1MLK_ALWAYS_INLINE\2/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/^ALWAYS_INLINE([^A-Za-z_])/MLK_ALWAYS_INLINE\1/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/([^A-Za-z_])RESTRICT([^A-Za-z_])/\1MLK_RESTRICT\2/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/([^A-Za-z_])ALIGN([^A-Za-z_])/\1MLK_ALIGN\2/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/([^_])FORCE_AARCH64_EB([^A-Za-z_])/\1MLK_FORCE_AARCH64_EB\2/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/([^_])FORCE_AARCH64([^A-Za-z_])/\1MLK_FORCE_AARCH64\2/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/([^_])FORCE_X86_64([^A-Za-z_])/\1MLK_FORCE_X86_64\2/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/([^A-Za-z_])RESTRICT /\1MLK_RESTRICT /g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/DEFAULT_ALIGN/MLK_DEFAULT_ALIGN/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/MLKEM_ASM_NAMESPACE/MLK_ASM_NAMESPACE/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/MLKEM_NAMESPACE/MLK_NAMESPACE/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/MLKEM_DEFAULT_/MLK_DEFAULT_/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/MLKEM_USE_/MLK_USE_/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/PREFIX_UNDERSCORE/MLK_PREFIX_UNDERSCORE/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/UINT12_LIMIT/MLKEM_UINT12_LIMIT/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/BUILD_INFO_/MLK_BUILD_INFO_/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/PQCP_MLKEM_NATIVE/BACKUP_PQCP_NAMESPACE/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/MLKEM_NATIVE_/MLK_/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/BACKUP_PQCP_NAMESPACE/PQCP_MLKEM_NATIVE/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/ FIPS202_NATIVE/ MLK_FIPS202_NATIVE/g' {} printf '%s\n' $FILES | xargs -P 8 -I {} \ perl -pi -e 's/MLKEM_NATIE/MLK/g' {} ``` (note the last line also fixes a pre-existing "MLKEM_NATIE_" typo) followed by (in the nix shell) ``` autogen format ``` Signed-off-by: Hanno Becker --- .clang-format | 2 +- .github/workflows/bench.yml | 22 +- .github/workflows/ci.yml | 6 +- dev/aarch64_clean/meta.h | 18 +- dev/aarch64_clean/src/aarch64_zetas.c | 26 +-- dev/aarch64_clean/src/arith_native_aarch64.h | 42 ++-- dev/aarch64_clean/src/clean_impl.h | 56 ++--- dev/aarch64_clean/src/consts.h | 10 +- dev/aarch64_clean/src/intt_clean.S | 12 +- dev/aarch64_clean/src/ntt_clean.S | 12 +- .../src/poly_mulcache_compute_asm_clean.S | 12 +- dev/aarch64_clean/src/poly_reduce_asm_clean.S | 12 +- .../src/poly_tobytes_asm_clean.S | 12 +- dev/aarch64_clean/src/poly_tomont_asm_clean.S | 12 +- ...semul_acc_montgomery_cached_asm_k2_clean.S | 16 +- ...semul_acc_montgomery_cached_asm_k3_clean.S | 16 +- ...semul_acc_montgomery_cached_asm_k4_clean.S | 16 +- dev/aarch64_clean/src/rej_uniform_asm_clean.S | 12 +- dev/aarch64_clean/src/rej_uniform_table.c | 16 +- dev/aarch64_opt/meta.h | 18 +- dev/aarch64_opt/src/aarch64_zetas.c | 26 +-- dev/aarch64_opt/src/arith_native_aarch64.h | 42 ++-- dev/aarch64_opt/src/consts.h | 10 +- dev/aarch64_opt/src/intt_opt.S | 12 +- dev/aarch64_opt/src/ntt_opt.S | 12 +- dev/aarch64_opt/src/opt_impl.h | 54 ++--- .../src/poly_mulcache_compute_asm_opt.S | 12 +- dev/aarch64_opt/src/poly_reduce_asm_opt.S | 12 +- dev/aarch64_opt/src/poly_tobytes_asm_opt.S | 12 +- dev/aarch64_opt/src/poly_tomont_asm_opt.S | 12 +- ...basemul_acc_montgomery_cached_asm_k2_opt.S | 16 +- ...basemul_acc_montgomery_cached_asm_k3_opt.S | 16 +- ...basemul_acc_montgomery_cached_asm_k4_opt.S | 16 +- dev/aarch64_opt/src/rej_uniform_asm_clean.S | 16 +- dev/aarch64_opt/src/rej_uniform_table.c | 16 +- dev/fips202/aarch64/cortex_a55.h | 18 +- dev/fips202/aarch64/meta.h | 18 +- dev/fips202/aarch64/src/cortex_a55_impl.h | 16 +- dev/fips202/aarch64/src/default_impl.h | 40 ++-- .../aarch64/src/fips202_native_aarch64.h | 22 +- .../src/keccak_f1600_x1_scalar_asm_opt.S | 16 +- .../src/keccak_f1600_x1_v84a_asm_clean.S | 16 +- .../src/keccak_f1600_x2_v84a_asm_clean.S | 16 +- .../src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S | 16 +- ...ccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S | 16 +- ...eccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S | 16 +- ..._f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S | 16 +- .../aarch64/src/keccakf1600_round_constants.c | 22 +- dev/x86_64/meta.h | 18 +- dev/x86_64/src/align.h | 6 +- dev/x86_64/src/arith_native_x86_64.h | 62 +++--- dev/x86_64/src/basemul.S | 12 +- dev/x86_64/src/basemul.c | 16 +- dev/x86_64/src/compress_avx2.c | 39 ++-- dev/x86_64/src/consts.c | 14 +- dev/x86_64/src/consts.h | 8 +- dev/x86_64/src/default_impl.h | 121 ++++++----- dev/x86_64/src/intt.S | 12 +- dev/x86_64/src/ntt.S | 12 +- dev/x86_64/src/nttfrombytes.S | 12 +- dev/x86_64/src/nttpack.S | 12 +- dev/x86_64/src/ntttobytes.S | 12 +- dev/x86_64/src/nttunpack.S | 12 +- dev/x86_64/src/reduce.S | 12 +- dev/x86_64/src/rej_uniform_avx2.c | 16 +- dev/x86_64/src/rej_uniform_table.c | 16 +- dev/x86_64/src/tomont.S | 12 +- examples/bring_your_own_fips202/Makefile | 4 +- .../bring_your_own_fips202/fips202/fips202.h | 32 +-- .../fips202/fips202x4.h | 40 ++-- examples/custom_backend/Makefile | 6 +- examples/custom_backend/README.md | 8 +- .../mlkem_native/custom_config.h | 42 ++-- .../mlkem/fips202/native/custom/custom.h | 13 +- .../fips202/native/custom/src/custom_impl.h | 10 +- .../mlkem_native_as_code_package/Makefile | 4 +- examples/monolithic_build/Makefile | 22 +- examples/monolithic_build/config_1024.h | 53 +++-- examples/monolithic_build/config_512.h | 53 +++-- examples/monolithic_build/config_768.h | 53 +++-- examples/monolithic_build/main.c | 8 +- .../monolithic_build/mlkem_native_monobuild.c | 86 ++++---- examples/monolithic_build_multilevel/Makefile | 6 +- .../monolithic_build_multilevel/README.md | 76 +++---- .../mlkem_native_all.c | 20 +- .../mlkem_native_all.h | 48 ++--- .../multilevel_config.h | 45 ++-- .../Makefile | 26 +-- .../README.md | 82 +++---- .../mlkem_native_all.c | 26 +-- .../mlkem_native_all.h | 48 ++--- .../multilevel_config.h | 51 +++-- examples/multilevel_build/Makefile | 20 +- examples/multilevel_build/README.md | 8 +- examples/multilevel_build/mlkem_native_all.h | 48 ++--- examples/multilevel_build_native/Makefile | 30 +-- examples/multilevel_build_native/README.md | 8 +- .../mlkem_native_all.h | 48 ++--- integration/liboqs/ML-KEM-1024_META.yml | 6 +- integration/liboqs/ML-KEM-512_META.yml | 6 +- integration/liboqs/ML-KEM-768_META.yml | 6 +- mlkem/arith_backend.h | 12 +- mlkem/cbmc.h | 6 +- mlkem/common.h | 72 +++---- mlkem/compress.c | 125 ++++++----- mlkem/compress.h | 101 +++++---- mlkem/config.h | 93 ++++---- mlkem/debug.c | 17 +- mlkem/debug.h | 10 +- mlkem/fips202/fips202.c | 16 +- mlkem/fips202/fips202.h | 28 +-- mlkem/fips202/fips202_backend.h | 12 +- mlkem/fips202/fips202x4.c | 18 +- mlkem/fips202/fips202x4.h | 18 +- mlkem/fips202/keccakf1600.c | 34 +-- mlkem/fips202/keccakf1600.h | 22 +- mlkem/fips202/native/aarch64/meta.h | 18 +- .../fips202/native/aarch64/meta_cortex_a55.h | 18 +- .../native/aarch64/src/cortex_a55_impl.h | 16 +- .../fips202/native/aarch64/src/default_impl.h | 40 ++-- .../aarch64/src/fips202_native_aarch64.h | 22 +- .../src/keccak_f1600_x1_scalar_asm_opt.S | 16 +- .../src/keccak_f1600_x1_v84a_asm_clean.S | 16 +- .../src/keccak_f1600_x2_v84a_asm_clean.S | 16 +- .../src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S | 16 +- ...ccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S | 16 +- ...eccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S | 16 +- ..._f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S | 16 +- .../aarch64/src/keccakf1600_round_constants.c | 22 +- mlkem/fips202/native/api.h | 20 +- mlkem/fips202/native/meta.h | 10 +- mlkem/fips202/native/x86_64/meta.h | 19 +- .../x86_64/src/KeccakP-1600-times4-SIMD256.c | 18 +- mlkem/fips202/native/x86_64/src/xkcp_impl.h | 18 +- mlkem/indcpa.c | 48 ++--- mlkem/indcpa.h | 22 +- mlkem/kem.c | 22 +- mlkem/kem.h | 18 +- mlkem/mlkem_native.h | 114 +++++----- mlkem/native/aarch64/meta.h | 18 +- mlkem/native/aarch64/src/aarch64_zetas.c | 26 +-- .../native/aarch64/src/arith_native_aarch64.h | 42 ++-- mlkem/native/aarch64/src/consts.h | 10 +- mlkem/native/aarch64/src/intt_opt.S | 12 +- mlkem/native/aarch64/src/ntt_opt.S | 12 +- mlkem/native/aarch64/src/opt_impl.h | 54 ++--- .../src/poly_mulcache_compute_asm_opt.S | 12 +- .../native/aarch64/src/poly_reduce_asm_opt.S | 12 +- .../native/aarch64/src/poly_tobytes_asm_opt.S | 12 +- .../native/aarch64/src/poly_tomont_asm_opt.S | 12 +- ...basemul_acc_montgomery_cached_asm_k2_opt.S | 16 +- ...basemul_acc_montgomery_cached_asm_k3_opt.S | 16 +- ...basemul_acc_montgomery_cached_asm_k4_opt.S | 16 +- .../aarch64/src/rej_uniform_asm_clean.S | 16 +- mlkem/native/aarch64/src/rej_uniform_table.c | 16 +- mlkem/native/api.h | 203 +++++++++--------- mlkem/native/meta.h | 14 +- mlkem/native/x86_64/meta.h | 18 +- mlkem/native/x86_64/src/align.h | 6 +- mlkem/native/x86_64/src/arith_native_x86_64.h | 62 +++--- mlkem/native/x86_64/src/basemul.S | 12 +- mlkem/native/x86_64/src/basemul.c | 16 +- mlkem/native/x86_64/src/compress_avx2.c | 39 ++-- mlkem/native/x86_64/src/consts.c | 14 +- mlkem/native/x86_64/src/consts.h | 8 +- mlkem/native/x86_64/src/default_impl.h | 121 ++++++----- mlkem/native/x86_64/src/intt.S | 12 +- mlkem/native/x86_64/src/ntt.S | 12 +- mlkem/native/x86_64/src/nttfrombytes.S | 12 +- mlkem/native/x86_64/src/nttpack.S | 12 +- mlkem/native/x86_64/src/ntttobytes.S | 12 +- mlkem/native/x86_64/src/nttunpack.S | 12 +- mlkem/native/x86_64/src/reduce.S | 12 +- mlkem/native/x86_64/src/rej_uniform_avx2.c | 16 +- mlkem/native/x86_64/src/rej_uniform_table.c | 16 +- mlkem/native/x86_64/src/tomont.S | 12 +- mlkem/params.h | 14 +- mlkem/poly.c | 100 ++++----- mlkem/poly.h | 54 ++--- mlkem/poly_k.c | 100 ++++----- mlkem/poly_k.h | 98 ++++----- mlkem/randombytes.h | 6 +- mlkem/sampling.c | 46 ++-- mlkem/sampling.h | 26 +-- mlkem/symmetric.h | 6 +- mlkem/sys.h | 76 +++---- mlkem/verify.c | 14 +- mlkem/verify.h | 72 +++---- mlkem/zetas.c | 10 +- .../KeccakF1600_StateExtractBytes/Makefile | 4 +- .../KeccakF1600_StateExtractBytes_BE/Makefile | 6 +- proofs/cbmc/KeccakF1600_StatePermute/Makefile | 4 +- .../KeccakF1600_StatePermute_native/Makefile | 6 +- .../cbmc/KeccakF1600_StateXORBytes/Makefile | 4 +- .../KeccakF1600_StateXORBytes_BE/Makefile | 6 +- .../KeccakF1600x4_StateExtractBytes/Makefile | 6 +- .../cbmc/KeccakF1600x4_StatePermute/Makefile | 6 +- .../Makefile | 4 +- .../Makefile | 4 +- .../cbmc/KeccakF1600x4_StateXORBytes/Makefile | 6 +- proofs/cbmc/Makefile.common | 4 +- proofs/cbmc/Makefile_params.common | 6 +- proofs/cbmc/barrett_reduce/Makefile | 2 +- .../barrett_reduce/barrett_reduce_harness.c | 2 +- proofs/cbmc/crypto_kem_dec/Makefile | 6 +- proofs/cbmc/crypto_kem_enc/Makefile | 6 +- proofs/cbmc/crypto_kem_enc_derand/Makefile | 6 +- proofs/cbmc/crypto_kem_keypair/Makefile | 6 +- .../cbmc/crypto_kem_keypair_derand/Makefile | 6 +- proofs/cbmc/ct_cmask_neg_i16/Makefile | 4 +- proofs/cbmc/ct_cmask_nonzero_u16/Makefile | 4 +- proofs/cbmc/ct_cmask_nonzero_u8/Makefile | 4 +- proofs/cbmc/ct_cmov_zero/Makefile | 4 +- proofs/cbmc/ct_memcmp/Makefile | 4 +- proofs/cbmc/ct_sel_int16/Makefile | 4 +- proofs/cbmc/ct_sel_uint8/Makefile | 4 +- proofs/cbmc/dummy_backend.h | 10 +- proofs/cbmc/dummy_backend_fips202_x1.h | 10 +- proofs/cbmc/dummy_backend_fips202_x1_impl.h | 8 +- proofs/cbmc/dummy_backend_fips202_x2.h | 10 +- proofs/cbmc/dummy_backend_fips202_x2_impl.h | 8 +- proofs/cbmc/dummy_backend_fips202_x4.h | 10 +- proofs/cbmc/dummy_backend_fips202_x4_impl.h | 8 +- proofs/cbmc/dummy_backend_impl.h | 26 +-- proofs/cbmc/fqmul/Makefile | 2 +- proofs/cbmc/fqmul/fqmul_harness.c | 2 +- proofs/cbmc/gen_matrix/Makefile | 8 +- proofs/cbmc/gen_matrix_native/Makefile | 10 +- proofs/cbmc/indcpa_dec/Makefile | 6 +- proofs/cbmc/indcpa_enc/Makefile | 6 +- proofs/cbmc/indcpa_keypair_derand/Makefile | 6 +- proofs/cbmc/invntt_layer/Makefile | 4 +- .../cbmc/invntt_layer/invntt_layer_harness.c | 2 +- proofs/cbmc/keccak_absorb_once/Makefile | 4 +- .../keccak_absorb_once_harness.c | 2 +- proofs/cbmc/keccak_absorb_once_x4/Makefile | 4 +- .../keccak_absorb_once_x4_harness.c | 2 +- proofs/cbmc/keccak_squeeze_once/Makefile | 4 +- .../keccak_squeeze_once_harness.c | 2 +- proofs/cbmc/keccak_squeezeblocks/Makefile | 4 +- .../keccak_squeezeblocks_harness.c | 2 +- proofs/cbmc/keccak_squeezeblocks_x4/Makefile | 4 +- .../keccak_squeezeblocks_x4_harness.c | 2 +- proofs/cbmc/matvec_mul/Makefile | 6 +- proofs/cbmc/matvec_mul/matvec_mul_harness.c | 2 +- proofs/cbmc/montgomery_reduce/Makefile | 2 +- .../montgomery_reduce_harness.c | 2 +- proofs/cbmc/ntt_butterfly_block/Makefile | 4 +- .../ntt_butterfly_block_harness.c | 2 +- proofs/cbmc/ntt_layer/Makefile | 4 +- proofs/cbmc/ntt_layer/ntt_layer_harness.c | 2 +- proofs/cbmc/poly_add/Makefile | 2 +- proofs/cbmc/poly_cbd_eta1/Makefile | 4 +- .../poly_cbd_eta1/poly_cbd_eta1_harness.c | 2 +- proofs/cbmc/poly_cbd_eta2/Makefile | 6 +- .../poly_cbd_eta2/poly_cbd_eta2_harness.c | 2 +- proofs/cbmc/poly_compress_du/Makefile | 4 +- proofs/cbmc/poly_compress_dv/Makefile | 8 +- proofs/cbmc/poly_decompress_du/Makefile | 8 +- proofs/cbmc/poly_decompress_dv/Makefile | 4 +- proofs/cbmc/poly_frombytes/Makefile | 4 +- proofs/cbmc/poly_frombytes_native/Makefile | 4 +- proofs/cbmc/poly_frommsg/Makefile | 6 +- proofs/cbmc/poly_getnoise_eta1122_4x/Makefile | 6 +- .../poly_getnoise_eta1122_4x_native/Makefile | 8 +- proofs/cbmc/poly_getnoise_eta1_4x/Makefile | 6 +- proofs/cbmc/poly_getnoise_eta2/Makefile | 10 +- proofs/cbmc/poly_invntt_tomont/Makefile | 4 +- .../cbmc/poly_invntt_tomont_native/Makefile | 4 +- proofs/cbmc/poly_mulcache_compute/Makefile | 4 +- .../poly_mulcache_compute_native/Makefile | 4 +- proofs/cbmc/poly_ntt/Makefile | 6 +- proofs/cbmc/poly_ntt_native/Makefile | 4 +- proofs/cbmc/poly_reduce/Makefile | 6 +- proofs/cbmc/poly_reduce_native/Makefile | 4 +- proofs/cbmc/poly_rej_uniform/Makefile | 6 +- proofs/cbmc/poly_rej_uniform_x4/Makefile | 6 +- proofs/cbmc/poly_sub/Makefile | 2 +- proofs/cbmc/poly_tobytes/Makefile | 4 +- proofs/cbmc/poly_tobytes_native/Makefile | 4 +- proofs/cbmc/poly_tomont/Makefile | 4 +- proofs/cbmc/poly_tomont_native/Makefile | 4 +- proofs/cbmc/poly_tomsg/Makefile | 4 +- proofs/cbmc/polyvec_add/Makefile | 6 +- .../polyvec_basemul_acc_montgomery/Makefile | 4 +- .../Makefile | 4 +- .../Makefile | 4 +- proofs/cbmc/polyvec_compress_du/Makefile | 8 +- proofs/cbmc/polyvec_decompress_du/Makefile | 8 +- proofs/cbmc/polyvec_frombytes/Makefile | 8 +- proofs/cbmc/polyvec_invntt_tomont/Makefile | 6 +- proofs/cbmc/polyvec_mulcache_compute/Makefile | 6 +- proofs/cbmc/polyvec_ntt/Makefile | 6 +- proofs/cbmc/polyvec_reduce/Makefile | 8 +- proofs/cbmc/polyvec_tobytes/Makefile | 8 +- proofs/cbmc/polyvec_tomont/Makefile | 8 +- proofs/cbmc/proof_guide.md | 10 +- proofs/cbmc/rej_uniform/Makefile | 6 +- proofs/cbmc/rej_uniform/rej_uniform_harness.c | 2 +- proofs/cbmc/rej_uniform_native/Makefile | 6 +- .../rej_uniform_native_harness.c | 2 +- proofs/cbmc/rej_uniform_scalar/Makefile | 2 +- .../rej_uniform_scalar_harness.c | 2 +- proofs/cbmc/scalar_compress_d1/Makefile | 2 +- proofs/cbmc/scalar_compress_d10/Makefile | 2 +- proofs/cbmc/scalar_compress_d11/Makefile | 2 +- proofs/cbmc/scalar_compress_d4/Makefile | 2 +- proofs/cbmc/scalar_compress_d5/Makefile | 2 +- proofs/cbmc/scalar_decompress_d10/Makefile | 2 +- proofs/cbmc/scalar_decompress_d11/Makefile | 2 +- proofs/cbmc/scalar_decompress_d4/Makefile | 2 +- proofs/cbmc/scalar_decompress_d5/Makefile | 2 +- .../cbmc/scalar_signed_to_unsigned_q/Makefile | 4 +- .../scalar_signed_to_unsigned_q_harness.c | 2 +- proofs/cbmc/sha3_256/Makefile | 6 +- proofs/cbmc/sha3_512/Makefile | 6 +- proofs/cbmc/shake128_absorb_once/Makefile | 6 +- proofs/cbmc/shake128_squeezeblocks/Makefile | 6 +- proofs/cbmc/shake128x4_absorb_once/Makefile | 6 +- proofs/cbmc/shake128x4_squeezeblocks/Makefile | 6 +- proofs/cbmc/shake256/Makefile | 6 +- proofs/cbmc/shake256x4/Makefile | 6 +- proofs/hol_light/arm/mlkem/mlkem_intt.S | 2 +- proofs/hol_light/arm/mlkem/mlkem_ntt.S | 2 +- scripts/autogen | 98 ++++----- scripts/tests | 10 +- test/bench_components_mlkem.c | 18 +- test/gen_KAT.c | 12 +- test/gen_NISTKAT.c | 12 +- test/mk/auto.mk | 12 +- test/mk/components.mk | 2 +- test/test_mlkem.c | 9 +- 332 files changed, 2934 insertions(+), 2953 deletions(-) diff --git a/.clang-format b/.clang-format index 5d7b342c3..82665b8d7 100644 --- a/.clang-format +++ b/.clang-format @@ -22,4 +22,4 @@ Macros: - __contract__(x)={ void a; void b; void c; void d; void e; void f; } void abcdefghijklmnopqrstuvw() - __loop__(x)={} # Make this artifically long to force line break - - MLKEM_NATIVE_INTERNAL_API=void abcdefghijklmnopqrstuvwabcdefghijklmnopqrstuvwabcdefg(); + - MLK_INTERNAL_API=void abcdefghijklmnopqrstuvwabcdefghijklmnopqrstuvwabcdefg(); diff --git a/.github/workflows/bench.yml b/.github/workflows/bench.yml index e275f101b..cac015cc2 100644 --- a/.github/workflows/bench.yml +++ b/.github/workflows/bench.yml @@ -30,20 +30,20 @@ jobs: - system: rpi4 name: Arm Cortex-A72 (Raspberry Pi 4) benchmarks bench_pmu: PMU - archflags: -mcpu=cortex-a72 -DSYS_AARCH64_SLOW_BARREL_SHIFTER - cflags: "-flto -DFORCE_AARCH64" + archflags: -mcpu=cortex-a72 -DMLK_SYS_AARCH64_SLOW_BARREL_SHIFTER + cflags: "-flto -DMLK_FORCE_AARCH64" bench_extra_args: "" - system: rpi5 name: Arm Cortex-A76 (Raspberry Pi 5) benchmarks bench_pmu: PERF archflags: "-mcpu=cortex-a76 -march=armv8.2-a" - cflags: "-flto -DFORCE_AARCH64" + cflags: "-flto -DMLK_FORCE_AARCH64" bench_extra_args: "" - system: a55 name: Arm Cortex-A55 (Snapdragon 888) benchmarks bench_pmu: PERF archflags: "-mcpu=cortex-a55 -march=armv8.2-a" - cflags: "-flto -static -DFORCE_AARCH64 -DMLKEM_NATIVE_FIPS202_BACKEND_FILE=\\\\\\\"fips202/native/aarch64/meta_cortex_a55.h\\\\\\\"" + cflags: "-flto -static -DMLK_FORCE_AARCH64 -DMLK_FIPS202_BACKEND_FILE=\\\\\\\"fips202/native/aarch64/meta_cortex_a55.h\\\\\\\"" bench_extra_args: -w exec-on-a55 - system: bpi name: SpacemiT K1 8 (Banana Pi F3) benchmarks @@ -82,43 +82,43 @@ jobs: ec2_instance_type: t4g.small ec2_ami: ubuntu-latest (aarch64) archflags: -mcpu=cortex-a76 -march=armv8.2-a - cflags: "-flto -DFORCE_AARCH64" + cflags: "-flto -DMLK_FORCE_AARCH64" perf: PERF - name: Graviton3 ec2_instance_type: c7g.medium ec2_ami: ubuntu-latest (aarch64) archflags: -march=armv8.4-a+sha3 - cflags: "-flto -DFORCE_AARCH64" + cflags: "-flto -DMLK_FORCE_AARCH64" perf: PERF - name: Graviton4 ec2_instance_type: c8g.medium ec2_ami: ubuntu-latest (aarch64) archflags: -march=armv9-a+sha3 - cflags: "-flto -DFORCE_AARCH64" + cflags: "-flto -DMLK_FORCE_AARCH64" perf: PERF - name: AMD EPYC 4th gen (c7a) ec2_instance_type: c7a.medium ec2_ami: ubuntu-latest (x86_64) archflags: -mavx2 -mbmi2 -mpopcnt -maes -march=znver4 - cflags: "-flto -DFORCE_X86_64" + cflags: "-flto -DMLK_FORCE_X86_64" perf: PMU - name: Intel Xeon 4th gen (c7i) ec2_instance_type: c7i.metal-24xl ec2_ami: ubuntu-latest (x86_64) archflags: -mavx2 -mbmi2 -mpopcnt -maes -march=sapphirerapids - cflags: "-flto -DFORCE_X86_64" + cflags: "-flto -DMLK_FORCE_X86_64" perf: PMU - name: AMD EPYC 3rd gen (c6a) ec2_instance_type: c6a.large ec2_ami: ubuntu-latest (x86_64) archflags: -mavx2 -mbmi2 -mpopcnt -maes -march=znver3 - cflags: "-flto -DFORCE_X86_64" + cflags: "-flto -DMLK_FORCE_X86_64" perf: PMU - name: Intel Xeon 3rd gen (c6i) ec2_instance_type: c6i.large ec2_ami: ubuntu-latest (x86_64) archflags: -mavx2 -mbmi2 -mpopcnt -maes -march=icelake-server - cflags: "-flto -DFORCE_X86_64" + cflags: "-flto -DMLK_FORCE_X86_64" perf: PMU uses: ./.github/workflows/bench_ec2_reusable.yml if: github.repository_owner == 'pq-code-package' && (github.event.label.name == 'benchmark' || github.ref == 'refs/heads/main') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 08d0a7a1d..1717cf664 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -499,13 +499,13 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: make quickcheck run: | - OPT=0 CFLAGS="-DMLKEM_NATIVE_CHECK_APIS -Wno-redundant-decls" make quickcheck + OPT=0 CFLAGS="-DMLK_CHECK_APIS -Wno-redundant-decls" make quickcheck make clean >/dev/null - OPT=1 CFLAGS="-DMLKEM_NATIVE_CHECK_APIS -Wno-redundant-decls" make quickcheck + OPT=1 CFLAGS="-DMLK_CHECK_APIS -Wno-redundant-decls" make quickcheck - uses: ./.github/actions/setup-apt - name: tests func run: | - ./scripts/tests func --cflags="-DMLKEM_NATIVE_CHECK_APIS -Wno-redundant-decls" + ./scripts/tests func --cflags="-DMLK_CHECK_APIS -Wno-redundant-decls" ec2_functests: strategy: fail-fast: false diff --git a/dev/aarch64_clean/meta.h b/dev/aarch64_clean/meta.h index d624cf36e..46c1d98ba 100644 --- a/dev/aarch64_clean/meta.h +++ b/dev/aarch64_clean/meta.h @@ -3,26 +3,26 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_AARCH64_CLEAN_META_H -#define MLKEM_NATIVE_DEV_AARCH64_CLEAN_META_H +#ifndef MLK_DEV_AARCH64_CLEAN_META_H +#define MLK_DEV_AARCH64_CLEAN_META_H /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_H +#ifdef MLK_ARITH_PROFILE_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_H +#define MLK_ARITH_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN +#define MLK_ARITH_BACKEND_AARCH64_CLEAN -#define MLKEM_NATIVE_ARITH_BACKEND_NAME AARCH64_CLEAN +#define MLK_ARITH_BACKEND_NAME AARCH64_CLEAN /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_ARITH_BACKEND_IMPL "native/aarch64/src/clean_impl.h" +#define MLK_ARITH_BACKEND_IMPL "native/aarch64/src/clean_impl.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_H */ +#endif /* MLK_ARITH_PROFILE_H */ -#endif /* MLKEM_NATIVE_DEV_AARCH64_CLEAN_META_H */ +#endif /* MLK_DEV_AARCH64_CLEAN_META_H */ diff --git a/dev/aarch64_clean/src/aarch64_zetas.c b/dev/aarch64_clean/src/aarch64_zetas.c index 24adae1c2..6b3f52e46 100644 --- a/dev/aarch64_clean/src/aarch64_zetas.c +++ b/dev/aarch64_clean/src/aarch64_zetas.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "arith_native_aarch64.h" @@ -20,7 +20,7 @@ * Table of zeta values used in the AArch64 forward NTT * See autogen for details. */ -ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = { +MLK_ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = { -1600, -15749, -749, -7373, -40, -394, -687, -6762, 630, 6201, -1432, -14095, 848, 8347, 0, 0, 1062, 10453, 296, 2914, -882, -8682, 0, 0, -1410, -13879, 1339, 13180, 1476, 14529, @@ -31,7 +31,7 @@ ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = { 0, 0, -1583, -15582, -1355, -13338, 821, 8081, 0, 0, }; -ALIGN const int16_t aarch64_ntt_zetas_layer56[] = { +MLK_ALIGN const int16_t aarch64_ntt_zetas_layer56[] = { 289, 289, 331, 331, -76, -76, -1573, -1573, 2845, 2845, 3258, 3258, -748, -748, -15483, -15483, 17, 17, 583, 583, 1637, 1637, -1041, -1041, 167, 167, 5739, @@ -77,7 +77,7 @@ ALIGN const int16_t aarch64_ntt_zetas_layer56[] = { 10129, 10129, -3878, -3878, -11566, -11566, }; -ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = { +MLK_ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = { 1583, 15582, -821, -8081, 1355, 13338, 0, 0, -569, -5601, 450, 4429, 936, 9213, 0, 0, 69, 679, 447, 4400, -535, -5266, 0, 0, 543, 5345, 1235, 12156, -1426, -14036, @@ -88,7 +88,7 @@ ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = { -848, -8347, 1432, 14095, -630, -6201, 687, 6762, 0, 0, }; -ALIGN const int16_t aarch64_invntt_zetas_layer56[] = { +MLK_ALIGN const int16_t aarch64_invntt_zetas_layer56[] = { -910, -910, -1227, -1227, 219, 219, 855, 855, -8957, -8957, -12078, -12078, 2156, 2156, 8416, 8416, 1175, 1175, 394, 394, -1029, -1029, -1212, -1212, 11566, 11566, 3878, @@ -134,7 +134,7 @@ ALIGN const int16_t aarch64_invntt_zetas_layer56[] = { -16113, -16113, -5739, -5739, -167, -167, }; -ALIGN const int16_t aarch64_zetas_mulcache_native[] = { +MLK_ALIGN const int16_t aarch64_zetas_mulcache_native[] = { 17, -17, -568, 568, 583, -583, -680, 680, 1637, -1637, 723, -723, -1041, 1041, 1100, -1100, 1409, -1409, -667, 667, -48, 48, 233, -233, 756, -756, -1173, 1173, -314, 314, -279, 279, -1626, @@ -149,7 +149,7 @@ ALIGN const int16_t aarch64_zetas_mulcache_native[] = { 1219, -394, 394, 885, -885, -1175, 1175, }; -ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = { +MLK_ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = { 167, -167, -5591, 5591, 5739, -5739, -6693, 6693, 16113, -16113, 7117, -7117, -10247, 10247, 10828, -10828, 13869, -13869, -6565, 6565, -472, 472, 2293, -2293, 7441, -7441, -11546, @@ -167,11 +167,11 @@ ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = { -11566, 11566, }; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(aarch64_zetas) +MLK_EMPTY_CU(aarch64_zetas) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/aarch64_clean/src/arith_native_aarch64.h b/dev/aarch64_clean/src/arith_native_aarch64.h index fea32774e..8ca61f64b 100644 --- a/dev/aarch64_clean/src/arith_native_aarch64.h +++ b/dev/aarch64_clean/src/arith_native_aarch64.h @@ -2,24 +2,22 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_AARCH64_CLEAN_SRC_ARITH_NATIVE_AARCH64_H -#define MLKEM_NATIVE_DEV_AARCH64_CLEAN_SRC_ARITH_NATIVE_AARCH64_H +#ifndef MLK_DEV_AARCH64_CLEAN_SRC_ARITH_NATIVE_AARCH64_H +#define MLK_DEV_AARCH64_CLEAN_SRC_ARITH_NATIVE_AARCH64_H #include #include "../../../common.h" -#define aarch64_ntt_zetas_layer01234 \ - MLKEM_NAMESPACE(aarch64_ntt_zetas_layer01234) -#define aarch64_ntt_zetas_layer56 MLKEM_NAMESPACE(aarch64_ntt_zetas_layer56) +#define aarch64_ntt_zetas_layer01234 MLK_NAMESPACE(aarch64_ntt_zetas_layer01234) +#define aarch64_ntt_zetas_layer56 MLK_NAMESPACE(aarch64_ntt_zetas_layer56) #define aarch64_invntt_zetas_layer01234 \ - MLKEM_NAMESPACE(aarch64_invntt_zetas_layer01234) -#define aarch64_invntt_zetas_layer56 \ - MLKEM_NAMESPACE(aarch64_invntt_zetas_layer56) + MLK_NAMESPACE(aarch64_invntt_zetas_layer01234) +#define aarch64_invntt_zetas_layer56 MLK_NAMESPACE(aarch64_invntt_zetas_layer56) #define aarch64_zetas_mulcache_native \ - MLKEM_NAMESPACE(aarch64_zetas_mulcache_native) + MLK_NAMESPACE(aarch64_zetas_mulcache_native) #define aarch64_zetas_mulcache_twisted_native \ - MLKEM_NAMESPACE(aarch64_zetas_mulcache_twisted_native) -#define rej_uniform_table MLKEM_NAMESPACE(rej_uniform_table) + MLK_NAMESPACE(aarch64_zetas_mulcache_twisted_native) +#define rej_uniform_table MLK_NAMESPACE(rej_uniform_table) extern const int16_t aarch64_ntt_zetas_layer01234[]; extern const int16_t aarch64_ntt_zetas_layer56[]; @@ -29,50 +27,50 @@ extern const int16_t aarch64_zetas_mulcache_native[]; extern const int16_t aarch64_zetas_mulcache_twisted_native[]; extern const uint8_t rej_uniform_table[]; -#define ntt_asm_clean MLKEM_NAMESPACE(ntt_asm_clean) +#define ntt_asm_clean MLK_NAMESPACE(ntt_asm_clean) void ntt_asm_clean(int16_t *, const int16_t *, const int16_t *); -#define intt_asm_clean MLKEM_NAMESPACE(intt_asm_clean) +#define intt_asm_clean MLK_NAMESPACE(intt_asm_clean) void intt_asm_clean(int16_t *, const int16_t *, const int16_t *); -#define rej_uniform_asm_clean MLKEM_NAMESPACE(rej_uniform_asm_clean) +#define rej_uniform_asm_clean MLK_NAMESPACE(rej_uniform_asm_clean) unsigned rej_uniform_asm_clean(int16_t *r, const uint8_t *buf, unsigned buflen, const uint8_t *table); -#define poly_reduce_asm_clean MLKEM_NAMESPACE(poly_reduce_asm_clean) +#define poly_reduce_asm_clean MLK_NAMESPACE(poly_reduce_asm_clean) void poly_reduce_asm_clean(int16_t *); -#define poly_tomont_asm_clean MLKEM_NAMESPACE(poly_tomont_asm_clean) +#define poly_tomont_asm_clean MLK_NAMESPACE(poly_tomont_asm_clean) void poly_tomont_asm_clean(int16_t *); #define poly_mulcache_compute_asm_clean \ - MLKEM_NAMESPACE(poly_mulcache_compute_asm_clean) + MLK_NAMESPACE(poly_mulcache_compute_asm_clean) void poly_mulcache_compute_asm_clean(int16_t *, const int16_t *, const int16_t *, const int16_t *); -#define poly_tobytes_asm_clean MLKEM_NAMESPACE(poly_tobytes_asm_clean) +#define poly_tobytes_asm_clean MLK_NAMESPACE(poly_tobytes_asm_clean) void poly_tobytes_asm_clean(uint8_t *r, const int16_t *a); #define polyvec_basemul_acc_montgomery_cached_asm_k2_clean \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_clean) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_clean) void polyvec_basemul_acc_montgomery_cached_asm_k2_clean(int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache); #define polyvec_basemul_acc_montgomery_cached_asm_k3_clean \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_clean) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_clean) void polyvec_basemul_acc_montgomery_cached_asm_k3_clean(int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache); #define polyvec_basemul_acc_montgomery_cached_asm_k4_clean \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_clean) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_clean) void polyvec_basemul_acc_montgomery_cached_asm_k4_clean(int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache); -#endif /* MLKEM_NATIVE_DEV_AARCH64_CLEAN_SRC_ARITH_NATIVE_AARCH64_H */ +#endif /* MLK_DEV_AARCH64_CLEAN_SRC_ARITH_NATIVE_AARCH64_H */ diff --git a/dev/aarch64_clean/src/clean_impl.h b/dev/aarch64_clean/src/clean_impl.h index 29e049bbd..59469196b 100644 --- a/dev/aarch64_clean/src/clean_impl.h +++ b/dev/aarch64_clean/src/clean_impl.h @@ -3,84 +3,84 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_AARCH64_CLEAN_SRC_CLEAN_IMPL_H -#define MLKEM_NATIVE_DEV_AARCH64_CLEAN_SRC_CLEAN_IMPL_H +#ifndef MLK_DEV_AARCH64_CLEAN_SRC_CLEAN_IMPL_H +#define MLK_DEV_AARCH64_CLEAN_SRC_CLEAN_IMPL_H /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#ifdef MLK_ARITH_PROFILE_IMPL_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#define MLK_ARITH_PROFILE_IMPL_H #include "arith_native_aarch64.h" /* Set of primitives that this backend replaces */ -#define MLKEM_USE_NATIVE_NTT -#define MLKEM_USE_NATIVE_INTT -#define MLKEM_USE_NATIVE_POLY_REDUCE -#define MLKEM_USE_NATIVE_POLY_TOMONT -#define MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE -#define MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED -#define MLKEM_USE_NATIVE_POLY_TOBYTES -#define MLKEM_USE_NATIVE_REJ_UNIFORM - -static INLINE void ntt_native(int16_t data[MLKEM_N]) +#define MLK_USE_NATIVE_NTT +#define MLK_USE_NATIVE_INTT +#define MLK_USE_NATIVE_POLY_REDUCE +#define MLK_USE_NATIVE_POLY_TOMONT +#define MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE +#define MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED +#define MLK_USE_NATIVE_POLY_TOBYTES +#define MLK_USE_NATIVE_REJ_UNIFORM + +static MLK_INLINE void ntt_native(int16_t data[MLKEM_N]) { ntt_asm_clean(data, aarch64_ntt_zetas_layer01234, aarch64_ntt_zetas_layer56); } -static INLINE void intt_native(int16_t data[MLKEM_N]) +static MLK_INLINE void intt_native(int16_t data[MLKEM_N]) { intt_asm_clean(data, aarch64_invntt_zetas_layer01234, aarch64_invntt_zetas_layer56); } -static INLINE void poly_reduce_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_reduce_native(int16_t data[MLKEM_N]) { poly_reduce_asm_clean(data); } -static INLINE void poly_tomont_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_tomont_native(int16_t data[MLKEM_N]) { poly_tomont_asm_clean(data); } -static INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], - const int16_t y[MLKEM_N]) +static MLK_INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], + const int16_t y[MLKEM_N]) { poly_mulcache_compute_asm_clean(x, y, aarch64_zetas_mulcache_native, aarch64_zetas_mulcache_twisted_native); } -static INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( int16_t r[MLKEM_N], const int16_t a[2 * MLKEM_N], const int16_t b[2 * MLKEM_N], const int16_t b_cache[2 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_asm_k2_clean(r, a, b, b_cache); } -static INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( int16_t r[MLKEM_N], const int16_t a[3 * MLKEM_N], const int16_t b[3 * MLKEM_N], const int16_t b_cache[3 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_asm_k3_clean(r, a, b, b_cache); } -static INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( int16_t r[MLKEM_N], const int16_t a[4 * MLKEM_N], const int16_t b[4 * MLKEM_N], const int16_t b_cache[4 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_asm_k4_clean(r, a, b, b_cache); } -static INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], - const int16_t a[MLKEM_N]) +static MLK_INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], + const int16_t a[MLKEM_N]) { poly_tobytes_asm_clean(r, a); } -static INLINE int rej_uniform_native(int16_t *r, unsigned len, - const uint8_t *buf, unsigned buflen) +static MLK_INLINE int rej_uniform_native(int16_t *r, unsigned len, + const uint8_t *buf, unsigned buflen) { if (len != MLKEM_N || buflen % 24 != 0) { @@ -89,6 +89,6 @@ static INLINE int rej_uniform_native(int16_t *r, unsigned len, return (int)rej_uniform_asm_clean(r, buf, buflen, rej_uniform_table); } -#endif /* MLKEM_NATIVE_ARITH_PROFILE_IMPL_H */ +#endif /* MLK_ARITH_PROFILE_IMPL_H */ -#endif /* MLKEM_NATIVE_DEV_AARCH64_CLEAN_SRC_CLEAN_IMPL_H */ +#endif /* MLK_DEV_AARCH64_CLEAN_SRC_CLEAN_IMPL_H */ diff --git a/dev/aarch64_clean/src/consts.h b/dev/aarch64_clean/src/consts.h index 72e878e5d..da304e973 100644 --- a/dev/aarch64_clean/src/consts.h +++ b/dev/aarch64_clean/src/consts.h @@ -3,17 +3,17 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_AARCH64_CLEAN_SRC_CONSTS_H -#define MLKEM_NATIVE_DEV_AARCH64_CLEAN_SRC_CONSTS_H +#ifndef MLK_DEV_AARCH64_CLEAN_SRC_CONSTS_H +#define MLK_DEV_AARCH64_CLEAN_SRC_CONSTS_H #include #include "../../../common.h" -#define zetas_mulcache_native MLKEM_NAMESPACE(zetas_mulcache_native) +#define zetas_mulcache_native MLK_NAMESPACE(zetas_mulcache_native) extern const int16_t zetas_mulcache_native[256]; #define zetas_mulcache_twisted_native \ - MLKEM_NAMESPACE(zetas_mulcache_twisted_native) + MLK_NAMESPACE(zetas_mulcache_twisted_native) extern const int16_t zetas_mulcache_twisted_native[256]; -#endif /* MLKEM_NATIVE_DEV_AARCH64_CLEAN_SRC_CONSTS_H */ +#endif /* MLK_DEV_AARCH64_CLEAN_SRC_CONSTS_H */ diff --git a/dev/aarch64_clean/src/intt_clean.S b/dev/aarch64_clean/src/intt_clean.S index 81dd752c4..72403504a 100644 --- a/dev/aarch64_clean/src/intt_clean.S +++ b/dev/aarch64_clean/src/intt_clean.S @@ -24,8 +24,8 @@ /// #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ // Bounds: @@ -194,9 +194,9 @@ ninv_tw .req v30 .text - .global MLKEM_ASM_NAMESPACE(intt_asm_clean) + .global MLK_ASM_NAMESPACE(intt_asm_clean) .balign 4 -MLKEM_ASM_NAMESPACE(intt_asm_clean): +MLK_ASM_NAMESPACE(intt_asm_clean): push_stack // Setup constants @@ -388,5 +388,5 @@ layer012_start: .unreq ninv_tw /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_CLEAN && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_clean/src/ntt_clean.S b/dev/aarch64_clean/src/ntt_clean.S index e8396f523..a4ab586c3 100644 --- a/dev/aarch64_clean/src/ntt_clean.S +++ b/dev/aarch64_clean/src/ntt_clean.S @@ -25,8 +25,8 @@ /// #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ // Bounds: @@ -166,9 +166,9 @@ t3 .req v28 .text - .global MLKEM_ASM_NAMESPACE(ntt_asm_clean) + .global MLK_ASM_NAMESPACE(ntt_asm_clean) .balign 4 -MLKEM_ASM_NAMESPACE(ntt_asm_clean): +MLK_ASM_NAMESPACE(ntt_asm_clean): push_stack mov wtmp, #3329 @@ -316,5 +316,5 @@ layer3456_start: .unreq t3 /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_CLEAN && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_clean/src/poly_mulcache_compute_asm_clean.S b/dev/aarch64_clean/src/poly_mulcache_compute_asm_clean.S index 3b9583970..3756a4229 100644 --- a/dev/aarch64_clean/src/poly_mulcache_compute_asm_clean.S +++ b/dev/aarch64_clean/src/poly_mulcache_compute_asm_clean.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ /* Montgomery multiplication, with precomputed Montgomery twist @@ -43,10 +43,10 @@ modulus .req v6 modulus_twisted .req v7 - .global MLKEM_ASM_NAMESPACE(poly_mulcache_compute_asm_clean) + .global MLK_ASM_NAMESPACE(poly_mulcache_compute_asm_clean) .text .balign 4 -MLKEM_ASM_NAMESPACE(poly_mulcache_compute_asm_clean): +MLK_ASM_NAMESPACE(poly_mulcache_compute_asm_clean): mov wtmp, #3329 dup modulus.8h, wtmp @@ -97,5 +97,5 @@ mulcache_compute_loop_start: .unreq modulus_twisted /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_CLEAN && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_clean/src/poly_reduce_asm_clean.S b/dev/aarch64_clean/src/poly_reduce_asm_clean.S index 58fa163c3..bbdf29469 100644 --- a/dev/aarch64_clean/src/poly_reduce_asm_clean.S +++ b/dev/aarch64_clean/src/poly_reduce_asm_clean.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ /* Barrett reduction */ @@ -42,9 +42,9 @@ modulus_twisted .req v4 .text - .global MLKEM_ASM_NAMESPACE(poly_reduce_asm_clean) + .global MLK_ASM_NAMESPACE(poly_reduce_asm_clean) .balign 4 -MLKEM_ASM_NAMESPACE(poly_reduce_asm_clean): +MLK_ASM_NAMESPACE(poly_reduce_asm_clean): mov wtmp, #3329 // ML-KEM modulus dup modulus.8h, wtmp @@ -92,5 +92,5 @@ loop_start: .unreq modulus_twisted /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_CLEAN && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_clean/src/poly_tobytes_asm_clean.S b/dev/aarch64_clean/src/poly_tobytes_asm_clean.S index 9b02c3075..089d9a4fa 100644 --- a/dev/aarch64_clean/src/poly_tobytes_asm_clean.S +++ b/dev/aarch64_clean/src/poly_tobytes_asm_clean.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ /******************************************** @@ -24,9 +24,9 @@ count .req x2 .text - .global MLKEM_ASM_NAMESPACE(poly_tobytes_asm_clean) + .global MLK_ASM_NAMESPACE(poly_tobytes_asm_clean) .balign 4 -MLKEM_ASM_NAMESPACE(poly_tobytes_asm_clean): +MLK_ASM_NAMESPACE(poly_tobytes_asm_clean): mov count, #16 poly_tobytes_asm_clean_asm_loop_start: @@ -61,5 +61,5 @@ poly_tobytes_asm_clean_asm_loop_start: .unreq count /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_CLEAN && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_clean/src/poly_tomont_asm_clean.S b/dev/aarch64_clean/src/poly_tomont_asm_clean.S index a5d10e2d0..227adb155 100644 --- a/dev/aarch64_clean/src/poly_tomont_asm_clean.S +++ b/dev/aarch64_clean/src/poly_tomont_asm_clean.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ /* Montgomery multiplication, with precomputed Montgomery twist @@ -37,9 +37,9 @@ tmp0 .req v6 .text - .global MLKEM_ASM_NAMESPACE(poly_tomont_asm_clean) + .global MLK_ASM_NAMESPACE(poly_tomont_asm_clean) .balign 4 -MLKEM_ASM_NAMESPACE(poly_tomont_asm_clean): +MLK_ASM_NAMESPACE(poly_tomont_asm_clean): mov wtmp, #3329 // ML-KEM modulus dup modulus.8h, wtmp @@ -94,5 +94,5 @@ poly_tomont_asm_loop: .unreq tmp0 /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_CLEAN && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k2_clean.S b/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k2_clean.S index a817aba3b..dcaca6eb6 100644 --- a/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k2_clean.S +++ b/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k2_clean.S @@ -10,9 +10,9 @@ // https://github.com/neon-ntt/neon-ntt #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) /* simpasm: header-end */ // Input: @@ -141,9 +141,9 @@ t0 .req v28 .text - .global MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_clean) + .global MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_clean) .balign 4 -MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_clean): +MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_clean): push_stack mov wtmp, #3329 @@ -214,6 +214,6 @@ k2_loop_start: /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) */ diff --git a/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k3_clean.S b/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k3_clean.S index f50038f75..b36c62339 100644 --- a/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k3_clean.S +++ b/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k3_clean.S @@ -10,9 +10,9 @@ // https://github.com/neon-ntt/neon-ntt #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) /* simpasm: header-end */ // Input: @@ -141,9 +141,9 @@ t0 .req v28 .text - .global MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_clean) + .global MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_clean) .balign 4 -MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_clean): +MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_clean): push_stack mov wtmp, #3329 dup modulus.8h, wtmp @@ -217,6 +217,6 @@ k3_loop_start: .unreq t0 /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) */ diff --git a/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k4_clean.S b/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k4_clean.S index 61c064626..bd6f1ccc0 100644 --- a/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k4_clean.S +++ b/dev/aarch64_clean/src/polyvec_basemul_acc_montgomery_cached_asm_k4_clean.S @@ -10,9 +10,9 @@ // https://github.com/neon-ntt/neon-ntt #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) /* simpasm: header-end */ // Input: @@ -141,9 +141,9 @@ t0 .req v28 .text - .global MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_clean) + .global MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_clean) .balign 4 -MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_clean): +MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_clean): push_stack mov wtmp, #3329 dup modulus.8h, wtmp @@ -227,6 +227,6 @@ k4_loop_start: .unreq t0 /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) */ diff --git a/dev/aarch64_clean/src/rej_uniform_asm_clean.S b/dev/aarch64_clean/src/rej_uniform_asm_clean.S index d01c0651a..f142ed606 100644 --- a/dev/aarch64_clean/src/rej_uniform_asm_clean.S +++ b/dev/aarch64_clean/src/rej_uniform_asm_clean.S @@ -19,8 +19,8 @@ * Returns number of sampled 16-bit integers (at most MLKEM_N). **************************************************/ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ // We save the output on the stack first, and copy to the actual @@ -114,9 +114,9 @@ bits .req v31 .text - .global MLKEM_ASM_NAMESPACE(rej_uniform_asm_clean) + .global MLK_ASM_NAMESPACE(rej_uniform_asm_clean) .balign 4 -MLKEM_ASM_NAMESPACE(rej_uniform_asm_clean): +MLK_ASM_NAMESPACE(rej_uniform_asm_clean): push_stack // Load 0x1, 0x2, 0x4, 0x8, 0x10, 0x20, 0x40, 0x80 @@ -404,5 +404,5 @@ return: .unreq bits /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_CLEAN && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_clean/src/rej_uniform_table.c b/dev/aarch64_clean/src/rej_uniform_table.c index 33f1c66aa..78257eee4 100644 --- a/dev/aarch64_clean/src/rej_uniform_table.c +++ b/dev/aarch64_clean/src/rej_uniform_table.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "arith_native_aarch64.h" @@ -20,7 +20,7 @@ * Lookup table used by rejection sampling of the public matrix. * See autogen for details. */ -ALIGN const uint8_t rej_uniform_table[] = { +MLK_ALIGN const uint8_t rej_uniform_table[] = { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 /* 0 */, 0, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 /* 1 */, 2, 3, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 /* 2 */, @@ -279,10 +279,10 @@ ALIGN const uint8_t rej_uniform_table[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 /* 255 */, }; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(aarch64_rej_uniform_table) +MLK_EMPTY_CU(aarch64_rej_uniform_table) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/aarch64_opt/meta.h b/dev/aarch64_opt/meta.h index 0c64c1439..f02b5b2de 100644 --- a/dev/aarch64_opt/meta.h +++ b/dev/aarch64_opt/meta.h @@ -3,24 +3,24 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_AARCH64_OPT_META_H -#define MLKEM_NATIVE_DEV_AARCH64_OPT_META_H -#ifdef MLKEM_NATIVE_ARITH_PROFILE_H +#ifndef MLK_DEV_AARCH64_OPT_META_H +#define MLK_DEV_AARCH64_OPT_META_H +#ifdef MLK_ARITH_PROFILE_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_H +#define MLK_ARITH_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT +#define MLK_ARITH_BACKEND_AARCH64_OPT -#define MLKEM_NATIVE_ARITH_BACKEND_NAME AARCH64_OPT +#define MLK_ARITH_BACKEND_NAME AARCH64_OPT /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_ARITH_BACKEND_IMPL "native/aarch64/src/opt_impl.h" +#define MLK_ARITH_BACKEND_IMPL "native/aarch64/src/opt_impl.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_H */ +#endif /* MLK_ARITH_PROFILE_H */ -#endif /* MLKEM_NATIVE_DEV_AARCH64_OPT_META_H */ +#endif /* MLK_DEV_AARCH64_OPT_META_H */ diff --git a/dev/aarch64_opt/src/aarch64_zetas.c b/dev/aarch64_opt/src/aarch64_zetas.c index 5a4e4be39..1b7184ec6 100644 --- a/dev/aarch64_opt/src/aarch64_zetas.c +++ b/dev/aarch64_opt/src/aarch64_zetas.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "arith_native_aarch64.h" @@ -20,7 +20,7 @@ * Table of zeta values used in the AArch64 forward NTT * See autogen for details. */ -ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = { +MLK_ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = { -1600, -15749, -749, -7373, -40, -394, -687, -6762, 630, 6201, -1432, -14095, 848, 8347, 0, 0, 1062, 10453, 296, 2914, -882, -8682, 0, 0, -1410, -13879, 1339, 13180, 1476, 14529, @@ -31,7 +31,7 @@ ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = { 0, 0, -1583, -15582, -1355, -13338, 821, 8081, 0, 0, }; -ALIGN const int16_t aarch64_ntt_zetas_layer56[] = { +MLK_ALIGN const int16_t aarch64_ntt_zetas_layer56[] = { 289, 289, 331, 331, -76, -76, -1573, -1573, 2845, 2845, 3258, 3258, -748, -748, -15483, -15483, 17, 17, 583, 583, 1637, 1637, -1041, -1041, 167, 167, 5739, @@ -77,7 +77,7 @@ ALIGN const int16_t aarch64_ntt_zetas_layer56[] = { 10129, 10129, -3878, -3878, -11566, -11566, }; -ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = { +MLK_ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = { 1583, 15582, -821, -8081, 1355, 13338, 0, 0, -569, -5601, 450, 4429, 936, 9213, 0, 0, 69, 679, 447, 4400, -535, -5266, 0, 0, 543, 5345, 1235, 12156, -1426, -14036, @@ -88,7 +88,7 @@ ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = { -848, -8347, 1432, 14095, -630, -6201, 687, 6762, 0, 0, }; -ALIGN const int16_t aarch64_invntt_zetas_layer56[] = { +MLK_ALIGN const int16_t aarch64_invntt_zetas_layer56[] = { -910, -910, -1227, -1227, 219, 219, 855, 855, -8957, -8957, -12078, -12078, 2156, 2156, 8416, 8416, 1175, 1175, 394, 394, -1029, -1029, -1212, -1212, 11566, 11566, 3878, @@ -134,7 +134,7 @@ ALIGN const int16_t aarch64_invntt_zetas_layer56[] = { -16113, -16113, -5739, -5739, -167, -167, }; -ALIGN const int16_t aarch64_zetas_mulcache_native[] = { +MLK_ALIGN const int16_t aarch64_zetas_mulcache_native[] = { 17, -17, -568, 568, 583, -583, -680, 680, 1637, -1637, 723, -723, -1041, 1041, 1100, -1100, 1409, -1409, -667, 667, -48, 48, 233, -233, 756, -756, -1173, 1173, -314, 314, -279, 279, -1626, @@ -149,7 +149,7 @@ ALIGN const int16_t aarch64_zetas_mulcache_native[] = { 1219, -394, 394, 885, -885, -1175, 1175, }; -ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = { +MLK_ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = { 167, -167, -5591, 5591, 5739, -5739, -6693, 6693, 16113, -16113, 7117, -7117, -10247, 10247, 10828, -10828, 13869, -13869, -6565, 6565, -472, 472, 2293, -2293, 7441, -7441, -11546, @@ -167,11 +167,11 @@ ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = { -11566, 11566, }; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(aarch64_zetas) +MLK_EMPTY_CU(aarch64_zetas) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/aarch64_opt/src/arith_native_aarch64.h b/dev/aarch64_opt/src/arith_native_aarch64.h index 59acafd27..4187cd898 100644 --- a/dev/aarch64_opt/src/arith_native_aarch64.h +++ b/dev/aarch64_opt/src/arith_native_aarch64.h @@ -2,24 +2,22 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_AARCH64_OPT_SRC_ARITH_NATIVE_AARCH64_H -#define MLKEM_NATIVE_DEV_AARCH64_OPT_SRC_ARITH_NATIVE_AARCH64_H +#ifndef MLK_DEV_AARCH64_OPT_SRC_ARITH_NATIVE_AARCH64_H +#define MLK_DEV_AARCH64_OPT_SRC_ARITH_NATIVE_AARCH64_H #include #include "../../../common.h" -#define aarch64_ntt_zetas_layer01234 \ - MLKEM_NAMESPACE(aarch64_ntt_zetas_layer01234) -#define aarch64_ntt_zetas_layer56 MLKEM_NAMESPACE(aarch64_ntt_zetas_layer56) +#define aarch64_ntt_zetas_layer01234 MLK_NAMESPACE(aarch64_ntt_zetas_layer01234) +#define aarch64_ntt_zetas_layer56 MLK_NAMESPACE(aarch64_ntt_zetas_layer56) #define aarch64_invntt_zetas_layer01234 \ - MLKEM_NAMESPACE(aarch64_invntt_zetas_layer01234) -#define aarch64_invntt_zetas_layer56 \ - MLKEM_NAMESPACE(aarch64_invntt_zetas_layer56) + MLK_NAMESPACE(aarch64_invntt_zetas_layer01234) +#define aarch64_invntt_zetas_layer56 MLK_NAMESPACE(aarch64_invntt_zetas_layer56) #define aarch64_zetas_mulcache_native \ - MLKEM_NAMESPACE(aarch64_zetas_mulcache_native) + MLK_NAMESPACE(aarch64_zetas_mulcache_native) #define aarch64_zetas_mulcache_twisted_native \ - MLKEM_NAMESPACE(aarch64_zetas_mulcache_twisted_native) -#define rej_uniform_table MLKEM_NAMESPACE(rej_uniform_table) + MLK_NAMESPACE(aarch64_zetas_mulcache_twisted_native) +#define rej_uniform_table MLK_NAMESPACE(rej_uniform_table) extern const int16_t aarch64_ntt_zetas_layer01234[]; extern const int16_t aarch64_ntt_zetas_layer56[]; @@ -29,49 +27,49 @@ extern const int16_t aarch64_zetas_mulcache_native[]; extern const int16_t aarch64_zetas_mulcache_twisted_native[]; extern const uint8_t rej_uniform_table[]; -#define ntt_asm_opt MLKEM_NAMESPACE(ntt_asm_opt) +#define ntt_asm_opt MLK_NAMESPACE(ntt_asm_opt) void ntt_asm_opt(int16_t *, const int16_t *, const int16_t *); -#define intt_asm_opt MLKEM_NAMESPACE(intt_asm_opt) +#define intt_asm_opt MLK_NAMESPACE(intt_asm_opt) void intt_asm_opt(int16_t *, const int16_t *, const int16_t *); -#define poly_reduce_asm_opt MLKEM_NAMESPACE(poly_reduce_asm_opt) +#define poly_reduce_asm_opt MLK_NAMESPACE(poly_reduce_asm_opt) void poly_reduce_asm_opt(int16_t *); -#define poly_tomont_asm_opt MLKEM_NAMESPACE(poly_tomont_asm_opt) +#define poly_tomont_asm_opt MLK_NAMESPACE(poly_tomont_asm_opt) void poly_tomont_asm_opt(int16_t *); #define poly_mulcache_compute_asm_opt \ - MLKEM_NAMESPACE(poly_mulcache_compute_asm_opt) + MLK_NAMESPACE(poly_mulcache_compute_asm_opt) void poly_mulcache_compute_asm_opt(int16_t *, const int16_t *, const int16_t *, const int16_t *); -#define poly_tobytes_asm_opt MLKEM_NAMESPACE(poly_tobytes_asm_opt) +#define poly_tobytes_asm_opt MLK_NAMESPACE(poly_tobytes_asm_opt) void poly_tobytes_asm_opt(uint8_t *r, const int16_t *a); #define polyvec_basemul_acc_montgomery_cached_asm_k2_opt \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt) void polyvec_basemul_acc_montgomery_cached_asm_k2_opt(int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache); #define polyvec_basemul_acc_montgomery_cached_asm_k3_opt \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt) void polyvec_basemul_acc_montgomery_cached_asm_k3_opt(int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache); #define polyvec_basemul_acc_montgomery_cached_asm_k4_opt \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt) void polyvec_basemul_acc_montgomery_cached_asm_k4_opt(int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache); -#define rej_uniform_asm_clean MLKEM_NAMESPACE(rej_uniform_asm_clean) +#define rej_uniform_asm_clean MLK_NAMESPACE(rej_uniform_asm_clean) unsigned rej_uniform_asm_clean(int16_t *r, const uint8_t *buf, unsigned buflen, const uint8_t *table); -#endif /* MLKEM_NATIVE_DEV_AARCH64_OPT_SRC_ARITH_NATIVE_AARCH64_H */ +#endif /* MLK_DEV_AARCH64_OPT_SRC_ARITH_NATIVE_AARCH64_H */ diff --git a/dev/aarch64_opt/src/consts.h b/dev/aarch64_opt/src/consts.h index a8d98644a..96e91a01f 100644 --- a/dev/aarch64_opt/src/consts.h +++ b/dev/aarch64_opt/src/consts.h @@ -3,17 +3,17 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_AARCH64_OPT_SRC_CONSTS_H -#define MLKEM_NATIVE_DEV_AARCH64_OPT_SRC_CONSTS_H +#ifndef MLK_DEV_AARCH64_OPT_SRC_CONSTS_H +#define MLK_DEV_AARCH64_OPT_SRC_CONSTS_H #include #include "../../../common.h" -#define zetas_mulcache_native MLKEM_NAMESPACE(zetas_mulcache_native) +#define zetas_mulcache_native MLK_NAMESPACE(zetas_mulcache_native) extern const int16_t zetas_mulcache_native[256]; #define zetas_mulcache_twisted_native \ - MLKEM_NAMESPACE(zetas_mulcache_twisted_native) + MLK_NAMESPACE(zetas_mulcache_twisted_native) extern const int16_t zetas_mulcache_twisted_native[256]; -#endif /* MLKEM_NATIVE_DEV_AARCH64_OPT_SRC_CONSTS_H */ +#endif /* MLK_DEV_AARCH64_OPT_SRC_CONSTS_H */ diff --git a/dev/aarch64_opt/src/intt_opt.S b/dev/aarch64_opt/src/intt_opt.S index 75b6217dd..b827c2971 100644 --- a/dev/aarch64_opt/src/intt_opt.S +++ b/dev/aarch64_opt/src/intt_opt.S @@ -24,8 +24,8 @@ /// #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ // Bounds: @@ -194,9 +194,9 @@ ninv_tw .req v30 .text - .global MLKEM_ASM_NAMESPACE(intt_asm_opt) + .global MLK_ASM_NAMESPACE(intt_asm_opt) .balign 4 -MLKEM_ASM_NAMESPACE(intt_asm_opt): +MLK_ASM_NAMESPACE(intt_asm_opt): push_stack // Setup constants @@ -1044,5 +1044,5 @@ layer012_start: .unreq ninv_tw /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_opt/src/ntt_opt.S b/dev/aarch64_opt/src/ntt_opt.S index 6f3e054c4..b5824d645 100644 --- a/dev/aarch64_opt/src/ntt_opt.S +++ b/dev/aarch64_opt/src/ntt_opt.S @@ -25,8 +25,8 @@ /// #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ // Bounds: @@ -167,9 +167,9 @@ t3 .req v28 .text - .global MLKEM_ASM_NAMESPACE(ntt_asm_opt) + .global MLK_ASM_NAMESPACE(ntt_asm_opt) .balign 4 -MLKEM_ASM_NAMESPACE(ntt_asm_opt): +MLK_ASM_NAMESPACE(ntt_asm_opt): push_stack mov wtmp, #3329 @@ -954,5 +954,5 @@ ntt_opt_loop1: .unreq t3 /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_opt/src/opt_impl.h b/dev/aarch64_opt/src/opt_impl.h index 86a46710b..80115bfa9 100644 --- a/dev/aarch64_opt/src/opt_impl.h +++ b/dev/aarch64_opt/src/opt_impl.h @@ -3,83 +3,83 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_AARCH64_OPT_SRC_OPT_IMPL_H -#define MLKEM_NATIVE_DEV_AARCH64_OPT_SRC_OPT_IMPL_H -#ifdef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#ifndef MLK_DEV_AARCH64_OPT_SRC_OPT_IMPL_H +#define MLK_DEV_AARCH64_OPT_SRC_OPT_IMPL_H +#ifdef MLK_ARITH_PROFILE_IMPL_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#define MLK_ARITH_PROFILE_IMPL_H #include "../../../params.h" #include "arith_native_aarch64.h" /* Set of primitives that this backend replaces */ -#define MLKEM_USE_NATIVE_NTT -#define MLKEM_USE_NATIVE_INTT -#define MLKEM_USE_NATIVE_POLY_REDUCE -#define MLKEM_USE_NATIVE_POLY_TOMONT -#define MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE -#define MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED -#define MLKEM_USE_NATIVE_POLY_TOBYTES -#define MLKEM_USE_NATIVE_REJ_UNIFORM +#define MLK_USE_NATIVE_NTT +#define MLK_USE_NATIVE_INTT +#define MLK_USE_NATIVE_POLY_REDUCE +#define MLK_USE_NATIVE_POLY_TOMONT +#define MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE +#define MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED +#define MLK_USE_NATIVE_POLY_TOBYTES +#define MLK_USE_NATIVE_REJ_UNIFORM -static INLINE void ntt_native(int16_t data[MLKEM_N]) +static MLK_INLINE void ntt_native(int16_t data[MLKEM_N]) { ntt_asm_opt(data, aarch64_ntt_zetas_layer01234, aarch64_ntt_zetas_layer56); } -static INLINE void intt_native(int16_t data[MLKEM_N]) +static MLK_INLINE void intt_native(int16_t data[MLKEM_N]) { intt_asm_opt(data, aarch64_invntt_zetas_layer01234, aarch64_invntt_zetas_layer56); } -static INLINE void poly_reduce_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_reduce_native(int16_t data[MLKEM_N]) { poly_reduce_asm_opt(data); } -static INLINE void poly_tomont_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_tomont_native(int16_t data[MLKEM_N]) { poly_tomont_asm_opt(data); } -static INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], - const int16_t y[MLKEM_N]) +static MLK_INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], + const int16_t y[MLKEM_N]) { poly_mulcache_compute_asm_opt(x, y, aarch64_zetas_mulcache_native, aarch64_zetas_mulcache_twisted_native); } -static INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( int16_t r[MLKEM_N], const int16_t a[2 * MLKEM_N], const int16_t b[2 * MLKEM_N], const int16_t b_cache[2 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_asm_k2_opt(r, a, b, b_cache); } -static INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( int16_t r[MLKEM_N], const int16_t a[3 * MLKEM_N], const int16_t b[3 * MLKEM_N], const int16_t b_cache[3 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_asm_k3_opt(r, a, b, b_cache); } -static INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( int16_t r[MLKEM_N], const int16_t a[4 * MLKEM_N], const int16_t b[4 * MLKEM_N], const int16_t b_cache[4 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_asm_k4_opt(r, a, b, b_cache); } -static INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], - const int16_t a[MLKEM_N]) +static MLK_INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], + const int16_t a[MLKEM_N]) { poly_tobytes_asm_opt(r, a); } -static INLINE int rej_uniform_native(int16_t *r, unsigned len, - const uint8_t *buf, unsigned buflen) +static MLK_INLINE int rej_uniform_native(int16_t *r, unsigned len, + const uint8_t *buf, unsigned buflen) { if (len != MLKEM_N || buflen % 24 != 0) { @@ -88,6 +88,6 @@ static INLINE int rej_uniform_native(int16_t *r, unsigned len, return (int)rej_uniform_asm_clean(r, buf, buflen, rej_uniform_table); } -#endif /* MLKEM_NATIVE_ARITH_PROFILE_IMPL_H */ +#endif /* MLK_ARITH_PROFILE_IMPL_H */ -#endif /* MLKEM_NATIVE_DEV_AARCH64_OPT_SRC_OPT_IMPL_H */ +#endif /* MLK_DEV_AARCH64_OPT_SRC_OPT_IMPL_H */ diff --git a/dev/aarch64_opt/src/poly_mulcache_compute_asm_opt.S b/dev/aarch64_opt/src/poly_mulcache_compute_asm_opt.S index a0da001fc..e7278389f 100644 --- a/dev/aarch64_opt/src/poly_mulcache_compute_asm_opt.S +++ b/dev/aarch64_opt/src/poly_mulcache_compute_asm_opt.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ /* Montgomery multiplication, with precomputed Montgomery twist @@ -45,9 +45,9 @@ modulus_twisted .req v7 .text - .global MLKEM_ASM_NAMESPACE(poly_mulcache_compute_asm_opt) + .global MLK_ASM_NAMESPACE(poly_mulcache_compute_asm_opt) .balign 4 -MLKEM_ASM_NAMESPACE(poly_mulcache_compute_asm_opt): +MLK_ASM_NAMESPACE(poly_mulcache_compute_asm_opt): mov wtmp, #3329 dup modulus.8h, wtmp @@ -176,5 +176,5 @@ poly_mulcache_compute_asm_opt_loop: .unreq modulus_twisted /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_opt/src/poly_reduce_asm_opt.S b/dev/aarch64_opt/src/poly_reduce_asm_opt.S index b3d32d9bf..dc89d5a5e 100644 --- a/dev/aarch64_opt/src/poly_reduce_asm_opt.S +++ b/dev/aarch64_opt/src/poly_reduce_asm_opt.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ /* Barrett reduction */ @@ -42,9 +42,9 @@ modulus_twisted .req v4 .text - .global MLKEM_ASM_NAMESPACE(poly_reduce_asm_opt) + .global MLK_ASM_NAMESPACE(poly_reduce_asm_opt) .balign 4 -MLKEM_ASM_NAMESPACE(poly_reduce_asm_opt): +MLK_ASM_NAMESPACE(poly_reduce_asm_opt): mov wtmp, #3329 // ML-KEM modulus dup modulus.8h, wtmp @@ -255,5 +255,5 @@ poly_reduce_asm_opt_loop: .unreq modulus_twisted /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_opt/src/poly_tobytes_asm_opt.S b/dev/aarch64_opt/src/poly_tobytes_asm_opt.S index 8348e1eec..63cb97657 100644 --- a/dev/aarch64_opt/src/poly_tobytes_asm_opt.S +++ b/dev/aarch64_opt/src/poly_tobytes_asm_opt.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ /******************************************** @@ -24,9 +24,9 @@ count .req x2 .text - .global MLKEM_ASM_NAMESPACE(poly_tobytes_asm_opt) + .global MLK_ASM_NAMESPACE(poly_tobytes_asm_opt) .balign 4 -MLKEM_ASM_NAMESPACE(poly_tobytes_asm_opt): +MLK_ASM_NAMESPACE(poly_tobytes_asm_opt): mov count, #16 poly_tobytes_asm_opt_asm_loop_start: @@ -61,5 +61,5 @@ poly_tobytes_asm_opt_asm_loop_start: .unreq count /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_opt/src/poly_tomont_asm_opt.S b/dev/aarch64_opt/src/poly_tomont_asm_opt.S index a2d893b99..8b9a2ac14 100644 --- a/dev/aarch64_opt/src/poly_tomont_asm_opt.S +++ b/dev/aarch64_opt/src/poly_tomont_asm_opt.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ /* Montgomery multiplication, with precomputed Montgomery twist @@ -38,9 +38,9 @@ .text - .global MLKEM_ASM_NAMESPACE(poly_tomont_asm_opt) + .global MLK_ASM_NAMESPACE(poly_tomont_asm_opt) .balign 4 -MLKEM_ASM_NAMESPACE(poly_tomont_asm_opt): +MLK_ASM_NAMESPACE(poly_tomont_asm_opt): mov wtmp, #3329 // ML-KEM modulus dup modulus.8h, wtmp @@ -213,5 +213,5 @@ poly_tomont_asm_opt_loop: .unreq tmp0 /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S b/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S index 92c80cf9d..4883df42c 100644 --- a/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S +++ b/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S @@ -10,9 +10,9 @@ // https://github.com/neon-ntt/neon-ntt #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) /* simpasm: header-end */ // Input: @@ -141,9 +141,9 @@ t0 .req v28 .text - .global MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt) + .global MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt) .balign 4 -MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt): +MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt): push_stack mov wtmp, #3329 @@ -545,6 +545,6 @@ polyvec_basemul_acc_montgomery_cached_asm_k2_opt_loop: .unreq t0 /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) */ diff --git a/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S b/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S index 03b6ed141..35cebe219 100644 --- a/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S +++ b/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S @@ -10,9 +10,9 @@ // https://github.com/neon-ntt/neon-ntt #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) /* simpasm: header-end */ // Input: @@ -141,9 +141,9 @@ t0 .req v28 .text - .global MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt) + .global MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt) .balign 4 -MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt): +MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt): push_stack mov wtmp, #3329 dup modulus.8h, wtmp @@ -649,6 +649,6 @@ polyvec_basemul_acc_montgomery_cached_asm_k3_opt_loop: .unreq t0 /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) */ diff --git a/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S b/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S index b469a1e8f..47384d2c7 100644 --- a/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S +++ b/dev/aarch64_opt/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S @@ -10,9 +10,9 @@ // https://github.com/neon-ntt/neon-ntt #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) /* simpasm: header-end */ // Input: @@ -141,9 +141,9 @@ t0 .req v28 .text - .global MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt) + .global MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt) .balign 4 -MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt): +MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt): push_stack mov wtmp, #3329 dup modulus.8h, wtmp @@ -760,6 +760,6 @@ polyvec_basemul_acc_montgomery_cached_asm_k4_opt_loop: .unreq t0 /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) */ diff --git a/dev/aarch64_opt/src/rej_uniform_asm_clean.S b/dev/aarch64_opt/src/rej_uniform_asm_clean.S index 163865897..acdfea048 100644 --- a/dev/aarch64_opt/src/rej_uniform_asm_clean.S +++ b/dev/aarch64_opt/src/rej_uniform_asm_clean.S @@ -19,9 +19,9 @@ * Returns number of sampled 16-bit integers (at most MLKEM_N). **************************************************/ #include "../../../common.h" -#if (defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) || \ - defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT)) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) || \ + defined(MLK_ARITH_BACKEND_AARCH64_OPT)) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ // We save the output on the stack first, and copy to the actual @@ -115,9 +115,9 @@ bits .req v31 .text - .global MLKEM_ASM_NAMESPACE(rej_uniform_asm_clean) + .global MLK_ASM_NAMESPACE(rej_uniform_asm_clean) .balign 4 -MLKEM_ASM_NAMESPACE(rej_uniform_asm_clean): +MLK_ASM_NAMESPACE(rej_uniform_asm_clean): push_stack // Load 0x1, 0x2, 0x4, 0x8, 0x10, 0x20, 0x40, 0x80 @@ -405,6 +405,6 @@ return: .unreq bits /* simpasm: footer-start */ -#endif /* (defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) || - defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT)) - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* (defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) || + defined(MLK_ARITH_BACKEND_AARCH64_OPT)) + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/aarch64_opt/src/rej_uniform_table.c b/dev/aarch64_opt/src/rej_uniform_table.c index 3feb0d2fc..c1b8e1319 100644 --- a/dev/aarch64_opt/src/rej_uniform_table.c +++ b/dev/aarch64_opt/src/rej_uniform_table.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "arith_native_aarch64.h" @@ -20,7 +20,7 @@ * Lookup table used by rejection sampling of the public matrix. * See autogen for details. */ -ALIGN const uint8_t rej_uniform_table[] = { +MLK_ALIGN const uint8_t rej_uniform_table[] = { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 /* 0 */, 0, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 /* 1 */, 2, 3, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 /* 2 */, @@ -279,10 +279,10 @@ ALIGN const uint8_t rej_uniform_table[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 /* 255 */, }; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(aarch64_rej_uniform_table) +MLK_EMPTY_CU(aarch64_rej_uniform_table) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/fips202/aarch64/cortex_a55.h b/dev/fips202/aarch64/cortex_a55.h index 55f40ff9e..79be6521e 100644 --- a/dev/fips202/aarch64/cortex_a55.h +++ b/dev/fips202/aarch64/cortex_a55.h @@ -3,26 +3,26 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_FIPS202_AARCH64_CORTEX_A55_H -#define MLKEM_NATIVE_DEV_FIPS202_AARCH64_CORTEX_A55_H +#ifndef MLK_DEV_FIPS202_AARCH64_CORTEX_A55_H +#define MLK_DEV_FIPS202_AARCH64_CORTEX_A55_H /* FIPS202 assembly profile targeting Cortex-A55 */ -#ifdef FIPS202_NATIVE_PROFILE_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_H +#define MLK_FIPS202_NATIVE_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55 +#define MLK_FIPS202_BACKEND_AARCH64_A55 -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME AARCH64_A55 +#define MLK_FIPS202_BACKEND_NAME AARCH64_A55 /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_IMPL "native/aarch64/src/cortex_a55_impl.h" +#define MLK_FIPS202_BACKEND_IMPL "native/aarch64/src/cortex_a55_impl.h" -#endif /* FIPS202_NATIVE_PROFILE_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_H */ -#endif /* MLKEM_NATIVE_DEV_FIPS202_AARCH64_CORTEX_A55_H */ +#endif /* MLK_DEV_FIPS202_AARCH64_CORTEX_A55_H */ diff --git a/dev/fips202/aarch64/meta.h b/dev/fips202/aarch64/meta.h index ec2d92d6b..b0b43eb31 100644 --- a/dev/fips202/aarch64/meta.h +++ b/dev/fips202/aarch64/meta.h @@ -3,26 +3,26 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_FIPS202_AARCH64_META_H -#define MLKEM_NATIVE_DEV_FIPS202_AARCH64_META_H +#ifndef MLK_DEV_FIPS202_AARCH64_META_H +#define MLK_DEV_FIPS202_AARCH64_META_H /* Default FIPS202 assembly profile for AArch64 systems */ -#ifdef FIPS202_NATIVE_PROFILE_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_H +#define MLK_FIPS202_NATIVE_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT +#define MLK_FIPS202_BACKEND_AARCH64_DEFAULT -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME AARCH64_DEFAULT +#define MLK_FIPS202_BACKEND_NAME AARCH64_DEFAULT /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_IMPL "native/aarch64/src/default_impl.h" +#define MLK_FIPS202_BACKEND_IMPL "native/aarch64/src/default_impl.h" -#endif /* FIPS202_NATIVE_PROFILE_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_H */ -#endif /* MLKEM_NATIVE_DEV_FIPS202_AARCH64_META_H */ +#endif /* MLK_DEV_FIPS202_AARCH64_META_H */ diff --git a/dev/fips202/aarch64/src/cortex_a55_impl.h b/dev/fips202/aarch64/src/cortex_a55_impl.h index f9abd370d..7dd25184e 100644 --- a/dev/fips202/aarch64/src/cortex_a55_impl.h +++ b/dev/fips202/aarch64/src/cortex_a55_impl.h @@ -3,14 +3,14 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_FIPS202_AARCH64_SRC_CORTEX_A55_IMPL_H -#define MLKEM_NATIVE_DEV_FIPS202_AARCH64_SRC_CORTEX_A55_IMPL_H +#ifndef MLK_DEV_FIPS202_AARCH64_SRC_CORTEX_A55_IMPL_H +#define MLK_DEV_FIPS202_AARCH64_SRC_CORTEX_A55_IMPL_H /* FIPS202 assembly profile targeting Cortex-A55 */ -#ifdef FIPS202_NATIVE_PROFILE_IMPL_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_IMPL_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_IMPL_H +#define MLK_FIPS202_NATIVE_PROFILE_IMPL_H #include "fips202_native_aarch64.h" @@ -18,12 +18,12 @@ * On Cortex-A55, we use lazy rotation assembly for Keccak-x1, * but no batched assembly implementation. */ -#define MLKEM_USE_FIPS202_X1_NATIVE -static INLINE void keccak_f1600_x1_native(uint64_t *state) +#define MLK_USE_FIPS202_X1_NATIVE +static MLK_INLINE void keccak_f1600_x1_native(uint64_t *state) { keccak_f1600_x1_scalar_asm_opt(state, keccakf1600_round_constants); } -#endif /* FIPS202_NATIVE_PROFILE_IMPL_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_IMPL_H */ -#endif /* MLKEM_NATIVE_DEV_FIPS202_AARCH64_SRC_CORTEX_A55_IMPL_H */ +#endif /* MLK_DEV_FIPS202_AARCH64_SRC_CORTEX_A55_IMPL_H */ diff --git a/dev/fips202/aarch64/src/default_impl.h b/dev/fips202/aarch64/src/default_impl.h index 6ecc79eaa..49c6e2ab2 100644 --- a/dev/fips202/aarch64/src/default_impl.h +++ b/dev/fips202/aarch64/src/default_impl.h @@ -3,14 +3,14 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_FIPS202_AARCH64_SRC_DEFAULT_IMPL_H -#define MLKEM_NATIVE_DEV_FIPS202_AARCH64_SRC_DEFAULT_IMPL_H +#ifndef MLK_DEV_FIPS202_AARCH64_SRC_DEFAULT_IMPL_H +#define MLK_DEV_FIPS202_AARCH64_SRC_DEFAULT_IMPL_H /* Default FIPS202 assembly profile for AArch64 systems */ -#ifdef FIPS202_NATIVE_PROFILE_IMPL_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_IMPL_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_IMPL_H +#define MLK_FIPS202_NATIVE_PROFILE_IMPL_H #include "fips202_native_aarch64.h" @@ -26,24 +26,24 @@ * Keccak-f1600 * * - On Arm-based Apple CPUs, we pick a pure Neon implementation. - * - Otherwise, unless SYS_AARCH64_SLOW_BARREL_SHIFTER is set, + * - Otherwise, unless MLK_SYS_AARCH64_SLOW_BARREL_SHIFTER is set, * we use lazy-rotation scalar assembly from [1]. - * - Otherwise, if SYS_AARCH64_SLOW_BARREL_SHIFTER is set, we + * - Otherwise, if MLK_SYS_AARCH64_SLOW_BARREL_SHIFTER is set, we * fall back to the standard C implementation. */ #if defined(__ARM_FEATURE_SHA3) && defined(__APPLE__) -#define MLKEM_USE_FIPS202_X1_NATIVE -static INLINE void keccak_f1600_x1_native(uint64_t *state) +#define MLK_USE_FIPS202_X1_NATIVE +static MLK_INLINE void keccak_f1600_x1_native(uint64_t *state) { keccak_f1600_x1_v84a_asm_clean(state, keccakf1600_round_constants); } -#elif !defined(SYS_AARCH64_SLOW_BARREL_SHIFTER) -#define MLKEM_USE_FIPS202_X1_NATIVE -static INLINE void keccak_f1600_x1_native(uint64_t *state) +#elif !defined(MLK_SYS_AARCH64_SLOW_BARREL_SHIFTER) +#define MLK_USE_FIPS202_X1_NATIVE +static MLK_INLINE void keccak_f1600_x1_native(uint64_t *state) { keccak_f1600_x1_scalar_asm_opt(state, keccakf1600_round_constants); } -#endif /* !SYS_AARCH64_SLOW_BARREL_SHIFTER */ +#endif /* !MLK_SYS_AARCH64_SLOW_BARREL_SHIFTER */ /* * Keccak-f1600x2/x4 @@ -65,14 +65,14 @@ static INLINE void keccak_f1600_x1_native(uint64_t *state) * instructions only. */ #if defined(__APPLE__) -#define MLKEM_USE_FIPS202_X2_NATIVE -static INLINE void keccak_f1600_x2_native(uint64_t *state) +#define MLK_USE_FIPS202_X2_NATIVE +static MLK_INLINE void keccak_f1600_x2_native(uint64_t *state) { keccak_f1600_x2_v84a_asm_clean(state, keccakf1600_round_constants); } #else /* __APPLE__ */ -#define MLKEM_USE_FIPS202_X4_NATIVE -static INLINE void keccak_f1600_x4_native(uint64_t *state) +#define MLK_USE_FIPS202_X4_NATIVE +static MLK_INLINE void keccak_f1600_x4_native(uint64_t *state) { keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt(state, keccakf1600_round_constants); @@ -81,14 +81,14 @@ static INLINE void keccak_f1600_x4_native(uint64_t *state) #else /* __ARM_FEATURE_SHA3 */ -#define MLKEM_USE_FIPS202_X4_NATIVE -static INLINE void keccak_f1600_x4_native(uint64_t *state) +#define MLK_USE_FIPS202_X4_NATIVE +static MLK_INLINE void keccak_f1600_x4_native(uint64_t *state) { keccak_f1600_x4_scalar_v8a_asm_hybrid_opt(state, keccakf1600_round_constants); } #endif /* __ARM_FEATURE_SHA3 */ -#endif /* FIPS202_NATIVE_PROFILE_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_H */ -#endif /* MLKEM_NATIVE_DEV_FIPS202_AARCH64_SRC_DEFAULT_IMPL_H */ +#endif /* MLK_DEV_FIPS202_AARCH64_SRC_DEFAULT_IMPL_H */ diff --git a/dev/fips202/aarch64/src/fips202_native_aarch64.h b/dev/fips202/aarch64/src/fips202_native_aarch64.h index 2a0a40dd9..e2196a97e 100644 --- a/dev/fips202/aarch64/src/fips202_native_aarch64.h +++ b/dev/fips202/aarch64/src/fips202_native_aarch64.h @@ -2,44 +2,44 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_FIPS202_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H -#define MLKEM_NATIVE_DEV_FIPS202_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H +#ifndef MLK_DEV_FIPS202_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H +#define MLK_DEV_FIPS202_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H #include #include "../../../../common.h" #define keccak_f1600_x1_scalar_asm_opt \ - MLKEM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt) + MLK_NAMESPACE(keccak_f1600_x1_scalar_asm_opt) void keccak_f1600_x1_scalar_asm_opt(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x1_v84a_asm_clean \ - MLKEM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean) + MLK_NAMESPACE(keccak_f1600_x1_v84a_asm_clean) void keccak_f1600_x1_v84a_asm_clean(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x2_v84a_asm_clean \ - MLKEM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean) + MLK_NAMESPACE(keccak_f1600_x2_v84a_asm_clean) void keccak_f1600_x2_v84a_asm_clean(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x2_v8a_v84a_asm_hybrid \ - MLKEM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid) + MLK_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid) void keccak_f1600_x2_v8a_v84a_asm_hybrid(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x4_scalar_v8a_asm_hybrid_opt \ - MLKEM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) + MLK_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) void keccak_f1600_x4_scalar_v8a_asm_hybrid_opt(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x4_scalar_v84a_asm_hybrid_opt \ - MLKEM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) + MLK_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) void keccak_f1600_x4_scalar_v84a_asm_hybrid_opt(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt \ - MLKEM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt) + MLK_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt) void keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt(uint64_t *state, uint64_t const *rc); -#define keccakf1600_round_constants MLKEM_NAMESPACE(keccakf1600_round_constants) +#define keccakf1600_round_constants MLK_NAMESPACE(keccakf1600_round_constants) extern const uint64_t keccakf1600_round_constants[]; -#endif /* MLKEM_NATIVE_DEV_FIPS202_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H */ +#endif /* MLK_DEV_FIPS202_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H */ diff --git a/dev/fips202/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S b/dev/fips202/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S index d07dcaf9c..b5bc4304b 100644 --- a/dev/fips202/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S +++ b/dev/fips202/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S @@ -28,9 +28,9 @@ // Author: Matthias Kannwischer #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ /****************** REGISTER ALLOCATIONS *******************/ @@ -165,9 +165,9 @@ #define KECCAK_F1600_ROUNDS 24 .text - .global MLKEM_ASM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt) + .global MLK_ASM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt) .balign 4 -MLKEM_ASM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt): +MLK_ASM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt): alloc_stack save_gprs @@ -455,6 +455,6 @@ initial: .unreq Asu /* simpasm: footer-start */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/dev/fips202/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S b/dev/fips202/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S index 676210574..7d31873a3 100644 --- a/dev/fips202/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S +++ b/dev/fips202/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S @@ -38,9 +38,9 @@ // #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) /* simpasm: header-end */ @@ -311,9 +311,9 @@ #define KECCAK_F1600_ROUNDS 24 .text - .global MLKEM_ASM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean) + .global MLK_ASM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean) .balign 4 -MLKEM_ASM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean): +MLK_ASM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean): alloc_stack save_vregs mov const_addr, input_rc @@ -425,6 +425,6 @@ keccak_f1600_x1_v84a_loop: /* simpasm: footer-start */ #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/dev/fips202/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S b/dev/fips202/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S index eebae4b76..3abb30746 100644 --- a/dev/fips202/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S +++ b/dev/fips202/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S @@ -38,9 +38,9 @@ // #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) /* simpasm: header-end */ @@ -339,10 +339,10 @@ #define KECCAK_F1600_ROUNDS 24 .text - .global MLKEM_ASM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean) + .global MLK_ASM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean) .balign 4 -MLKEM_ASM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean): +MLK_ASM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean): alloc_stack save_vregs mov const_addr, input_rc @@ -454,6 +454,6 @@ keccak_f1600_x2_v84a_loop: /* simpasm: footer-start */ #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/dev/fips202/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S b/dev/fips202/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S index ac46b0946..84c7a24eb 100644 --- a/dev/fips202/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S +++ b/dev/fips202/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S @@ -38,9 +38,9 @@ // #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) /* simpasm: header-end */ @@ -380,9 +380,9 @@ #define KECCAK_F1600_ROUNDS 24 .text - .global MLKEM_ASM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid) + .global MLK_ASM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid) .balign 4 -MLKEM_ASM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid): +MLK_ASM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid): alloc_stack save_gprs save_vregs @@ -498,6 +498,6 @@ keccak_f1600_x2_v8a_v84a_loop: /* simpasm: footer-start */ #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/dev/fips202/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S b/dev/fips202/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S index 35b21fdc6..1e9cc6dde 100644 --- a/dev/fips202/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S +++ b/dev/fips202/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S @@ -28,9 +28,9 @@ // Author: Matthias Kannwischer #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) /* simpasm: header-end */ @@ -878,9 +878,9 @@ .endm .text - .global MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) + .global MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) .balign 4 -MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt): +MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt): alloc_stack save_gprs save_vregs @@ -1649,6 +1649,6 @@ keccak_f1600_x4_scalar_v84a_hybrid_done: /* simpasm: footer-start */ #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/dev/fips202/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S b/dev/fips202/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S index 8417c38ea..cb52bac62 100644 --- a/dev/fips202/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S +++ b/dev/fips202/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S @@ -28,9 +28,9 @@ // Author: Matthias Kannwischer #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #define KECCAK_F1600_ROUNDS 24 @@ -860,9 +860,9 @@ .endm .text - .global MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) + .global MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) .balign 4 -MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt): +MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt): alloc_stack save_gprs save_vregs @@ -1815,6 +1815,6 @@ keccak_f1600_x4_v8a_scalar_hybrid_done: .unreq tmp /* simpasm: footer-start */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/dev/fips202/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S b/dev/fips202/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S index 88cba117d..88d256cb7 100644 --- a/dev/fips202/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S +++ b/dev/fips202/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S @@ -28,9 +28,9 @@ // Author: Matthias Kannwischer #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) /* simpasm: header-end */ @@ -878,9 +878,9 @@ .endm .text - .global MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt) + .global MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt) .balign 4 -MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt): +MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt): alloc_stack save_gprs save_vregs @@ -1741,6 +1741,6 @@ keccak_f1600_x4_v8a_v84a_scalar_hybrid_done: /* simpasm: footer-start */ #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/dev/fips202/aarch64/src/keccakf1600_round_constants.c b/dev/fips202/aarch64/src/keccakf1600_round_constants.c index 29101c742..793329584 100644 --- a/dev/fips202/aarch64/src/keccakf1600_round_constants.c +++ b/dev/fips202/aarch64/src/keccakf1600_round_constants.c @@ -5,14 +5,14 @@ #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "fips202_native_aarch64.h" -ALIGN const uint64_t keccakf1600_round_constants[] = { +MLK_ALIGN const uint64_t keccakf1600_round_constants[] = { 0x0000000000000001, 0x0000000000008082, 0x800000000000808a, 0x8000000080008000, 0x000000000000808b, 0x0000000080000001, 0x8000000080008081, 0x8000000000008009, 0x000000000000008a, @@ -23,12 +23,12 @@ ALIGN const uint64_t keccakf1600_round_constants[] = { 0x8000000000008080, 0x0000000080000001, 0x8000000080008008, }; -#else /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#else /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ -MLKEM_NATIVE_EMPTY_CU(fips202_aarch64_round_constants) +MLK_EMPTY_CU(fips202_aarch64_round_constants) -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/dev/x86_64/meta.h b/dev/x86_64/meta.h index c29bbcaa9..096050d29 100644 --- a/dev/x86_64/meta.h +++ b/dev/x86_64/meta.h @@ -3,26 +3,26 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_X86_64_META_H -#define MLKEM_NATIVE_DEV_X86_64_META_H +#ifndef MLK_DEV_X86_64_META_H +#define MLK_DEV_X86_64_META_H /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_H +#ifdef MLK_ARITH_PROFILE_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_H +#define MLK_ARITH_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT +#define MLK_ARITH_BACKEND_X86_64_DEFAULT -#define MLKEM_NATIVE_ARITH_BACKEND_NAME X86_64_DEFAULT +#define MLK_ARITH_BACKEND_NAME X86_64_DEFAULT /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_ARITH_BACKEND_IMPL "native/x86_64/src/default_impl.h" +#define MLK_ARITH_BACKEND_IMPL "native/x86_64/src/default_impl.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_H */ +#endif /* MLK_ARITH_PROFILE_H */ -#endif /* MLKEM_NATIVE_DEV_X86_64_META_H */ +#endif /* MLK_DEV_X86_64_META_H */ diff --git a/dev/x86_64/src/align.h b/dev/x86_64/src/align.h index e6de2f919..401f50f68 100644 --- a/dev/x86_64/src/align.h +++ b/dev/x86_64/src/align.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_X86_64_SRC_ALIGN_H -#define MLKEM_NATIVE_DEV_X86_64_SRC_ALIGN_H +#ifndef MLK_DEV_X86_64_SRC_ALIGN_H +#define MLK_DEV_X86_64_SRC_ALIGN_H /* * Implementation from Kyber reference repository * https://github.com/pq-crystals/kyber/blob/main/avx2/align.h @@ -32,4 +32,4 @@ #endif -#endif /* MLKEM_NATIVE_DEV_X86_64_SRC_ALIGN_H */ +#endif /* MLK_DEV_X86_64_SRC_ALIGN_H */ diff --git a/dev/x86_64/src/arith_native_x86_64.h b/dev/x86_64/src/arith_native_x86_64.h index 3bed16dfe..b5c9be71c 100644 --- a/dev/x86_64/src/arith_native_x86_64.h +++ b/dev/x86_64/src/arith_native_x86_64.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_X86_64_SRC_ARITH_NATIVE_X86_64_H -#define MLKEM_NATIVE_DEV_X86_64_SRC_ARITH_NATIVE_X86_64_H +#ifndef MLK_DEV_X86_64_SRC_ARITH_NATIVE_X86_64_H +#define MLK_DEV_X86_64_SRC_ARITH_NATIVE_X86_64_H #include "../../../common.h" @@ -15,70 +15,70 @@ #define REJ_UNIFORM_AVX_BUFLEN \ (3 * 168) /* REJ_UNIFORM_AVX_BUFLEN * SHAKE128_RATE */ -#define rej_uniform_avx2 MLKEM_NAMESPACE(rej_uniform_avx2) +#define rej_uniform_avx2 MLK_NAMESPACE(rej_uniform_avx2) unsigned rej_uniform_avx2(int16_t *r, const uint8_t *buf); -#define rej_uniform_table MLKEM_NAMESPACE(rej_uniform_table) +#define rej_uniform_table MLK_NAMESPACE(rej_uniform_table) extern const uint8_t rej_uniform_table[256][8]; -#define ntt_avx2 MLKEM_NAMESPACE(ntt_avx2) +#define ntt_avx2 MLK_NAMESPACE(ntt_avx2) void ntt_avx2(__m256i *r, const __m256i *qdata); -#define invntt_avx2 MLKEM_NAMESPACE(invntt_avx2) +#define invntt_avx2 MLK_NAMESPACE(invntt_avx2) void invntt_avx2(__m256i *r, const __m256i *qdata); -#define nttpack_avx2 MLKEM_NAMESPACE(nttpack_avx2) +#define nttpack_avx2 MLK_NAMESPACE(nttpack_avx2) void nttpack_avx2(__m256i *r, const __m256i *qdata); -#define nttunpack_avx2 MLKEM_NAMESPACE(nttunpack_avx2) +#define nttunpack_avx2 MLK_NAMESPACE(nttunpack_avx2) void nttunpack_avx2(__m256i *r, const __m256i *qdata); -#define reduce_avx2 MLKEM_NAMESPACE(reduce_avx2) +#define reduce_avx2 MLK_NAMESPACE(reduce_avx2) void reduce_avx2(__m256i *r, const __m256i *qdata); -#define basemul_avx2 MLKEM_NAMESPACE(basemul_avx2) +#define basemul_avx2 MLK_NAMESPACE(basemul_avx2) void basemul_avx2(__m256i *r, const __m256i *a, const __m256i *b, const __m256i *qdata); #define polyvec_basemul_acc_montgomery_cached_avx2 \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_avx2) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_avx2) void polyvec_basemul_acc_montgomery_cached_avx2(unsigned k, int16_t r[MLKEM_N], const int16_t *a, const int16_t *b, const int16_t *kb_cache); -#define ntttobytes_avx2 MLKEM_NAMESPACE(ntttobytes_avx2) +#define ntttobytes_avx2 MLK_NAMESPACE(ntttobytes_avx2) void ntttobytes_avx2(uint8_t *r, const __m256i *a, const __m256i *qdata); -#define nttfrombytes_avx2 MLKEM_NAMESPACE(nttfrombytes_avx2) +#define nttfrombytes_avx2 MLK_NAMESPACE(nttfrombytes_avx2) void nttfrombytes_avx2(__m256i *r, const uint8_t *a, const __m256i *qdata); -#define tomont_avx2 MLKEM_NAMESPACE(tomont_avx2) +#define tomont_avx2 MLK_NAMESPACE(tomont_avx2) void tomont_avx2(__m256i *r, const __m256i *qdata); -#define poly_compress_d4_avx2 MLKEM_NAMESPACE(poly_compress_d4_avx2) +#define poly_compress_d4_avx2 MLK_NAMESPACE(poly_compress_d4_avx2) void poly_compress_d4_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], - const __m256i *RESTRICT a); -#define poly_decompress_d4_avx2 MLKEM_NAMESPACE(poly_decompress_d4_avx2) -void poly_decompress_d4_avx2(__m256i *RESTRICT r, + const __m256i *MLK_RESTRICT a); +#define poly_decompress_d4_avx2 MLK_NAMESPACE(poly_decompress_d4_avx2) +void poly_decompress_d4_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]); -#define poly_compress_d10_avx2 MLKEM_NAMESPACE(poly_compress10_avx2) +#define poly_compress_d10_avx2 MLK_NAMESPACE(poly_compress10_avx2) void poly_compress_d10_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], - const __m256i *RESTRICT a); -#define poly_decompress_d10_avx2 MLKEM_NAMESPACE(poly_decompress10_avx2) -void poly_decompress_d10_avx2(__m256i *RESTRICT r, + const __m256i *MLK_RESTRICT a); +#define poly_decompress_d10_avx2 MLK_NAMESPACE(poly_decompress10_avx2) +void poly_decompress_d10_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]); -#define poly_compress_d5_avx2 MLKEM_NAMESPACE(poly_compress_d5_avx2) +#define poly_compress_d5_avx2 MLK_NAMESPACE(poly_compress_d5_avx2) void poly_compress_d5_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], - const __m256i *RESTRICT a); -#define poly_decompress_d5_avx2 MLKEM_NAMESPACE(poly_decompress_d5_avx2) -void poly_decompress_d5_avx2(__m256i *RESTRICT r, + const __m256i *MLK_RESTRICT a); +#define poly_decompress_d5_avx2 MLK_NAMESPACE(poly_decompress_d5_avx2) +void poly_decompress_d5_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]); -#define poly_compress_d11_avx2 MLKEM_NAMESPACE(poly_compress11_avx2) +#define poly_compress_d11_avx2 MLK_NAMESPACE(poly_compress11_avx2) void poly_compress_d11_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], - const __m256i *RESTRICT a); -#define poly_decompress_d11_avx2 MLKEM_NAMESPACE(poly_decompress11_avx2) -void poly_decompress_d11_avx2(__m256i *RESTRICT r, + const __m256i *MLK_RESTRICT a); +#define poly_decompress_d11_avx2 MLK_NAMESPACE(poly_decompress11_avx2) +void poly_decompress_d11_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]); -#endif /* MLKEM_NATIVE_DEV_X86_64_SRC_ARITH_NATIVE_X86_64_H */ +#endif /* MLK_DEV_X86_64_SRC_ARITH_NATIVE_X86_64_H */ diff --git a/dev/x86_64/src/basemul.S b/dev/x86_64/src/basemul.S index 2d8cd7d1a..2f4f48200 100644 --- a/dev/x86_64/src/basemul.S +++ b/dev/x86_64/src/basemul.S @@ -7,8 +7,8 @@ // https://github.com/pq-crystals/kyber/blob/main/avx2 #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #include "consts.h" @@ -114,9 +114,9 @@ vmovdqa %ymm11,(64*\off+48)*2(%rdi) .endm .text -.global MLKEM_ASM_NAMESPACE(basemul_avx2) +.global MLK_ASM_NAMESPACE(basemul_avx2) .balign 4 -MLKEM_ASM_NAMESPACE(basemul_avx2): +MLK_ASM_NAMESPACE(basemul_avx2): mov %rsp,%r8 and $-32,%rsp sub $32,%rsp @@ -137,5 +137,5 @@ mov %r8,%rsp ret /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/x86_64/src/basemul.c b/dev/x86_64/src/basemul.c index 331421466..93491aa46 100644 --- a/dev/x86_64/src/basemul.c +++ b/dev/x86_64/src/basemul.c @@ -5,8 +5,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include "arith_native_x86_64.h" #include "consts.h" @@ -43,7 +43,7 @@ void polyvec_basemul_acc_montgomery_cached_avx2(unsigned k, int16_t r[MLKEM_N], const int16_t *b_cache) { unsigned i; - int16_t t[MLKEM_N] ALIGN; + int16_t t[MLKEM_N] MLK_ALIGN; /* TODO: Use mulcache for AVX2. So far, it is unused. */ ((void)b_cache); @@ -59,10 +59,10 @@ void polyvec_basemul_acc_montgomery_cached_avx2(unsigned k, int16_t r[MLKEM_N], } } -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(avx2_basemul) +MLK_EMPTY_CU(avx2_basemul) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/x86_64/src/compress_avx2.c b/dev/x86_64/src/compress_avx2.c index e7f5cd524..a66593b82 100644 --- a/dev/x86_64/src/compress_avx2.c +++ b/dev/x86_64/src/compress_avx2.c @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include @@ -17,10 +17,9 @@ #include "arith_native_x86_64.h" #include "consts.h" -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || \ - (MLKEM_K == 2 || MLKEM_K == 3) +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 || MLKEM_K == 3) void poly_compress_d4_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], - const __m256i *RESTRICT a) + const __m256i *MLK_RESTRICT a) { unsigned int i; __m256i f0, f1, f2, f3; @@ -59,7 +58,7 @@ void poly_compress_d4_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], } } -void poly_decompress_d4_avx2(__m256i *RESTRICT r, +void poly_decompress_d4_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]) { unsigned int i; @@ -86,7 +85,7 @@ void poly_decompress_d4_avx2(__m256i *RESTRICT r, } void poly_compress_d10_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], - const __m256i *RESTRICT a) + const __m256i *MLK_RESTRICT a) { unsigned int i; __m256i f0, f1, f2; @@ -129,7 +128,7 @@ void poly_compress_d10_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], } } -void poly_decompress_d10_avx2(__m256i *RESTRICT r, +void poly_decompress_d10_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]) { unsigned int i; @@ -165,12 +164,12 @@ void poly_decompress_d10_avx2(__m256i *RESTRICT r, _mm256_store_si256(&r[i], f); } -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ || MLKEM_K == 3) */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 void poly_compress_d5_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], - const __m256i *RESTRICT a) + const __m256i *MLK_RESTRICT a) { unsigned int i; __m256i f0, f1; @@ -211,7 +210,7 @@ void poly_compress_d5_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], } } -void poly_decompress_d5_avx2(__m256i *RESTRICT r, +void poly_decompress_d5_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]) { unsigned int i; @@ -243,7 +242,7 @@ void poly_decompress_d5_avx2(__m256i *RESTRICT r, } void poly_compress_d11_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], - const __m256i *RESTRICT a) + const __m256i *MLK_RESTRICT a) { unsigned int i; __m256i f0, f1, f2; @@ -315,7 +314,7 @@ void poly_compress_d11_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], memcpy(&r[22 * i + 16], &t1, 6); } -void poly_decompress_d11_avx2(__m256i *RESTRICT r, +void poly_decompress_d11_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]) { unsigned int i; @@ -359,12 +358,12 @@ void poly_decompress_d11_avx2(__m256i *RESTRICT r, _mm256_store_si256(&r[i], f); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD || MLKEM_K == 4 */ +#endif /* MLK_MULTILEVEL_BUILD || MLKEM_K == 4 */ -#else /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && \ - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#else /* MLK_ARITH_BACKEND_X86_64_DEFAULT && \ + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ -MLKEM_NATIVE_EMPTY_CU(avx2_poly_compress) +MLK_EMPTY_CU(avx2_poly_compress) -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && \ - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && \ + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/x86_64/src/consts.c b/dev/x86_64/src/consts.c index 5ac647c76..5747f4c64 100644 --- a/dev/x86_64/src/consts.c +++ b/dev/x86_64/src/consts.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include "align.h" #include "consts.h" @@ -86,13 +86,13 @@ const qdata_t qdata = {{ SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT}}; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(avx2_consts) +MLK_EMPTY_CU(avx2_consts) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/dev/x86_64/src/consts.h b/dev/x86_64/src/consts.h index 7f7b67c1c..b3035264b 100644 --- a/dev/x86_64/src/consts.h +++ b/dev/x86_64/src/consts.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_X86_64_SRC_CONSTS_H -#define MLKEM_NATIVE_DEV_X86_64_SRC_CONSTS_H +#ifndef MLK_DEV_X86_64_SRC_CONSTS_H +#define MLK_DEV_X86_64_SRC_CONSTS_H /* * Implementation from Kyber reference repository * https://github.com/pq-crystals/kyber/blob/main/avx2/consts.h @@ -35,8 +35,8 @@ #ifndef __ASSEMBLER__ #include "align.h" typedef ALIGNED_INT16(640) qdata_t; -#define qdata MLKEM_NAMESPACE(qdata) +#define qdata MLK_NAMESPACE(qdata) extern const qdata_t qdata; #endif -#endif /* MLKEM_NATIVE_DEV_X86_64_SRC_CONSTS_H */ +#endif /* MLK_DEV_X86_64_SRC_CONSTS_H */ diff --git a/dev/x86_64/src/default_impl.h b/dev/x86_64/src/default_impl.h index 68a179478..5e19e21a4 100644 --- a/dev/x86_64/src/default_impl.h +++ b/dev/x86_64/src/default_impl.h @@ -3,47 +3,47 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEV_X86_64_SRC_DEFAULT_IMPL_H -#define MLKEM_NATIVE_DEV_X86_64_SRC_DEFAULT_IMPL_H +#ifndef MLK_DEV_X86_64_SRC_DEFAULT_IMPL_H +#define MLK_DEV_X86_64_SRC_DEFAULT_IMPL_H /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#ifdef MLK_ARITH_PROFILE_IMPL_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#define MLK_ARITH_PROFILE_IMPL_H #include #include "../../../params.h" #include "arith_native_x86_64.h" -#define MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER - -#define MLKEM_USE_NATIVE_REJ_UNIFORM -#define MLKEM_USE_NATIVE_NTT -#define MLKEM_USE_NATIVE_INTT -#define MLKEM_USE_NATIVE_POLY_REDUCE -#define MLKEM_USE_NATIVE_POLY_TOMONT -#define MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED -#define MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE -#define MLKEM_USE_NATIVE_POLY_TOBYTES -#define MLKEM_USE_NATIVE_POLY_FROMBYTES -#define MLKEM_USE_NATIVE_POLY_COMPRESS_D4 -#define MLKEM_USE_NATIVE_POLY_COMPRESS_D5 -#define MLKEM_USE_NATIVE_POLY_COMPRESS_D10 -#define MLKEM_USE_NATIVE_POLY_COMPRESS_D11 -#define MLKEM_USE_NATIVE_POLY_DECOMPRESS_D4 -#define MLKEM_USE_NATIVE_POLY_DECOMPRESS_D5 -#define MLKEM_USE_NATIVE_POLY_DECOMPRESS_D10 -#define MLKEM_USE_NATIVE_POLY_DECOMPRESS_D11 - -static INLINE void poly_permute_bitrev_to_custom(int16_t data[MLKEM_N]) +#define MLK_USE_NATIVE_NTT_CUSTOM_ORDER + +#define MLK_USE_NATIVE_REJ_UNIFORM +#define MLK_USE_NATIVE_NTT +#define MLK_USE_NATIVE_INTT +#define MLK_USE_NATIVE_POLY_REDUCE +#define MLK_USE_NATIVE_POLY_TOMONT +#define MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED +#define MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE +#define MLK_USE_NATIVE_POLY_TOBYTES +#define MLK_USE_NATIVE_POLY_FROMBYTES +#define MLK_USE_NATIVE_POLY_COMPRESS_D4 +#define MLK_USE_NATIVE_POLY_COMPRESS_D5 +#define MLK_USE_NATIVE_POLY_COMPRESS_D10 +#define MLK_USE_NATIVE_POLY_COMPRESS_D11 +#define MLK_USE_NATIVE_POLY_DECOMPRESS_D4 +#define MLK_USE_NATIVE_POLY_DECOMPRESS_D5 +#define MLK_USE_NATIVE_POLY_DECOMPRESS_D10 +#define MLK_USE_NATIVE_POLY_DECOMPRESS_D11 + +static MLK_INLINE void poly_permute_bitrev_to_custom(int16_t data[MLKEM_N]) { nttunpack_avx2((__m256i *)(data), qdata.vec); } -static INLINE int rej_uniform_native(int16_t *r, unsigned len, - const uint8_t *buf, unsigned buflen) +static MLK_INLINE int rej_uniform_native(int16_t *r, unsigned len, + const uint8_t *buf, unsigned buflen) { /* AVX2 implementation assumes specific buffer lengths */ if (len != MLKEM_N || buflen != REJ_UNIFORM_AVX_BUFLEN) @@ -54,127 +54,126 @@ static INLINE int rej_uniform_native(int16_t *r, unsigned len, return (int)rej_uniform_avx2(r, buf); } -static INLINE void ntt_native(int16_t data[MLKEM_N]) +static MLK_INLINE void ntt_native(int16_t data[MLKEM_N]) { ntt_avx2((__m256i *)data, qdata.vec); } -static INLINE void intt_native(int16_t data[MLKEM_N]) +static MLK_INLINE void intt_native(int16_t data[MLKEM_N]) { invntt_avx2((__m256i *)data, qdata.vec); } -static INLINE void poly_reduce_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_reduce_native(int16_t data[MLKEM_N]) { reduce_avx2((__m256i *)data, qdata.vec); } -static INLINE void poly_tomont_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_tomont_native(int16_t data[MLKEM_N]) { tomont_avx2((__m256i *)data, qdata.vec); } -static INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], - const int16_t y[MLKEM_N]) +static MLK_INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], + const int16_t y[MLKEM_N]) { /* AVX2 backend does not use mulcache */ ((void)y); ((void)x); } -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2 -static INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2 +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( int16_t r[MLKEM_N], const int16_t a[2 * MLKEM_N], const int16_t b[2 * MLKEM_N], const int16_t b_cache[2 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_avx2(2, r, a, b, b_cache); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 2 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 2 */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3 -static INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3 +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( int16_t r[MLKEM_N], const int16_t a[3 * MLKEM_N], const int16_t b[3 * MLKEM_N], const int16_t b_cache[3 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_avx2(3, r, a, b, b_cache); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 3 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 3 */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 -static INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( int16_t r[MLKEM_N], const int16_t a[4 * MLKEM_N], const int16_t b[4 * MLKEM_N], const int16_t b_cache[4 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_avx2(4, r, a, b, b_cache); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ -static INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], - const int16_t a[MLKEM_N]) +static MLK_INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], + const int16_t a[MLKEM_N]) { ntttobytes_avx2(r, (const __m256i *)a, qdata.vec); } -static INLINE void poly_frombytes_native(int16_t r[MLKEM_N], - const uint8_t a[MLKEM_POLYBYTES]) +static MLK_INLINE void poly_frombytes_native(int16_t r[MLKEM_N], + const uint8_t a[MLKEM_POLYBYTES]) { nttfrombytes_avx2((__m256i *)r, a, qdata.vec); } -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || \ - (MLKEM_K == 2 || MLKEM_K == 3) -static INLINE void poly_compress_d4_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 || MLKEM_K == 3) +static MLK_INLINE void poly_compress_d4_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], const int16_t a[MLKEM_N]) { poly_compress_d4_avx2(r, (const __m256i *)a); } -static INLINE void poly_compress_d10_native( +static MLK_INLINE void poly_compress_d10_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], const int16_t a[MLKEM_N]) { poly_compress_d10_avx2(r, (const __m256i *)a); } -static INLINE void poly_decompress_d4_native( +static MLK_INLINE void poly_decompress_d4_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]) { poly_decompress_d4_avx2((__m256i *)r, a); } -static INLINE void poly_decompress_d10_native( +static MLK_INLINE void poly_decompress_d10_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]) { poly_decompress_d10_avx2((__m256i *)r, a); } -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ || MLKEM_K == 3) */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 -static INLINE void poly_compress_d5_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +static MLK_INLINE void poly_compress_d5_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], const int16_t a[MLKEM_N]) { poly_compress_d5_avx2(r, (const __m256i *)a); } -static INLINE void poly_compress_d11_native( +static MLK_INLINE void poly_compress_d11_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], const int16_t a[MLKEM_N]) { poly_compress_d11_avx2(r, (const __m256i *)a); } -static INLINE void poly_decompress_d5_native( +static MLK_INLINE void poly_decompress_d5_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]) { poly_decompress_d5_avx2((__m256i *)r, a); } -static INLINE void poly_decompress_d11_native( +static MLK_INLINE void poly_decompress_d11_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]) { poly_decompress_d11_avx2((__m256i *)r, a); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ -#endif /* MLKEM_NATIVE_ARITH_PROFILE_IMPL_H */ +#endif /* MLK_ARITH_PROFILE_IMPL_H */ -#endif /* MLKEM_NATIVE_DEV_X86_64_SRC_DEFAULT_IMPL_H */ +#endif /* MLK_DEV_X86_64_SRC_DEFAULT_IMPL_H */ diff --git a/dev/x86_64/src/intt.S b/dev/x86_64/src/intt.S index ec8bbb7e0..a208c8cc9 100644 --- a/dev/x86_64/src/intt.S +++ b/dev/x86_64/src/intt.S @@ -10,8 +10,8 @@ * been made to simplify reasoning of non-overflow */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #include "consts.h" @@ -242,9 +242,9 @@ vmovdqa %ymm11,(64*\off+176)*2(%rdi) .endm .text -.global MLKEM_ASM_NAMESPACE(invntt_avx2) +.global MLK_ASM_NAMESPACE(invntt_avx2) .balign 4 -MLKEM_ASM_NAMESPACE(invntt_avx2): +MLK_ASM_NAMESPACE(invntt_avx2): vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rsi),%ymm0 intt_levels0t5 0 @@ -255,5 +255,5 @@ intt_level6 1 ret /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/x86_64/src/ntt.S b/dev/x86_64/src/ntt.S index 4979f8c91..64f1a2e28 100644 --- a/dev/x86_64/src/ntt.S +++ b/dev/x86_64/src/ntt.S @@ -7,8 +7,8 @@ // https://github.com/pq-crystals/kyber/blob/main/avx2 #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #include "consts.h" @@ -206,9 +206,9 @@ vmovdqa %ymm11,(128*\off+112)*2(%rdi) .endm .text -.global MLKEM_ASM_NAMESPACE(ntt_avx2) +.global MLK_ASM_NAMESPACE(ntt_avx2) .balign 4 -MLKEM_ASM_NAMESPACE(ntt_avx2): +MLK_ASM_NAMESPACE(ntt_avx2): vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rsi),%ymm0 level0 0 @@ -220,5 +220,5 @@ levels1t6 1 ret /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/x86_64/src/nttfrombytes.S b/dev/x86_64/src/nttfrombytes.S index 4afc11630..416d2f7cb 100644 --- a/dev/x86_64/src/nttfrombytes.S +++ b/dev/x86_64/src/nttfrombytes.S @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #include "consts.h" @@ -17,9 +17,9 @@ #include "shuffle.inc" .text -.global MLKEM_ASM_NAMESPACE(nttfrombytes_avx2) +.global MLK_ASM_NAMESPACE(nttfrombytes_avx2) .balign 4 -MLKEM_ASM_NAMESPACE(nttfrombytes_avx2): +MLK_ASM_NAMESPACE(nttfrombytes_avx2): #consts vmovdqa AVX2_BACKEND_DATA_OFFSET_16XMASK*2(%rdx),%ymm0 call nttfrombytes128_avx @@ -95,5 +95,5 @@ vmovdqa %ymm1,224(%rdi) ret /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/x86_64/src/nttpack.S b/dev/x86_64/src/nttpack.S index 3848d7083..2239c048e 100644 --- a/dev/x86_64/src/nttpack.S +++ b/dev/x86_64/src/nttpack.S @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #include "consts.h" @@ -17,9 +17,9 @@ #include "shuffle.inc" .text -.global MLKEM_ASM_NAMESPACE(nttpack_avx2) +.global MLK_ASM_NAMESPACE(nttpack_avx2) .balign 4 -MLKEM_ASM_NAMESPACE(nttpack_avx2): +MLK_ASM_NAMESPACE(nttpack_avx2): #load vmovdqa (%rdi),%ymm4 vmovdqa 32(%rdi),%ymm5 @@ -63,5 +63,5 @@ vmovdqa %ymm11,224(%rdi) ret /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/x86_64/src/ntttobytes.S b/dev/x86_64/src/ntttobytes.S index 71c80073f..8a9319d2d 100644 --- a/dev/x86_64/src/ntttobytes.S +++ b/dev/x86_64/src/ntttobytes.S @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #include "consts.h" @@ -17,9 +17,9 @@ #include "shuffle.inc" .text -.global MLKEM_ASM_NAMESPACE(ntttobytes_avx2) +.global MLK_ASM_NAMESPACE(ntttobytes_avx2) .balign 4 -MLKEM_ASM_NAMESPACE(ntttobytes_avx2): +MLK_ASM_NAMESPACE(ntttobytes_avx2): #consts vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rdx),%ymm0 call ntttobytes128_avx @@ -89,5 +89,5 @@ vmovdqu %ymm9,160(%rdi) ret /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/x86_64/src/nttunpack.S b/dev/x86_64/src/nttunpack.S index 73982c36a..50e72be93 100644 --- a/dev/x86_64/src/nttunpack.S +++ b/dev/x86_64/src/nttunpack.S @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #include "consts.h" @@ -17,9 +17,9 @@ #include "shuffle.inc" .text -.global MLKEM_ASM_NAMESPACE(nttunpack_avx2) +.global MLK_ASM_NAMESPACE(nttunpack_avx2) .balign 4 -MLKEM_ASM_NAMESPACE(nttunpack_avx2): +MLK_ASM_NAMESPACE(nttunpack_avx2): call nttunpack128_avx2 add $256,%rdi call nttunpack128_avx2 @@ -69,5 +69,5 @@ vmovdqa %ymm11,224(%rdi) ret /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/x86_64/src/reduce.S b/dev/x86_64/src/reduce.S index f1ddfc576..fd263a52f 100644 --- a/dev/x86_64/src/reduce.S +++ b/dev/x86_64/src/reduce.S @@ -13,17 +13,17 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #include "consts.h" #include "fq.inc" .text -.global MLKEM_ASM_NAMESPACE(reduce_avx2) +.global MLK_ASM_NAMESPACE(reduce_avx2) .balign 4 -MLKEM_ASM_NAMESPACE(reduce_avx2): +MLK_ASM_NAMESPACE(reduce_avx2): #consts vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rsi),%ymm0 vmovdqa AVX2_BACKEND_DATA_OFFSET_16XV*2(%rsi),%ymm1 @@ -74,5 +74,5 @@ vmovdqa %ymm9,224(%rdi) ret /* simpasm: footer-start */ -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/dev/x86_64/src/rej_uniform_avx2.c b/dev/x86_64/src/rej_uniform_avx2.c index d53306828..c9de341f2 100644 --- a/dev/x86_64/src/rej_uniform_avx2.c +++ b/dev/x86_64/src/rej_uniform_avx2.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include @@ -19,7 +19,7 @@ #include "arith_native_x86_64.h" #include "consts.h" -unsigned rej_uniform_avx2(int16_t *RESTRICT r, const uint8_t *buf) +unsigned rej_uniform_avx2(int16_t *MLK_RESTRICT r, const uint8_t *buf) { unsigned ctr, pos; uint16_t val0, val1; @@ -124,10 +124,10 @@ unsigned rej_uniform_avx2(int16_t *RESTRICT r, const uint8_t *buf) return ctr; } -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(avx2_rej_uniform) +MLK_EMPTY_CU(avx2_rej_uniform) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/x86_64/src/rej_uniform_table.c b/dev/x86_64/src/rej_uniform_table.c index 2d4ea6ab4..c411e35e4 100644 --- a/dev/x86_64/src/rej_uniform_table.c +++ b/dev/x86_64/src/rej_uniform_table.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "arith_native_x86_64.h" @@ -20,7 +20,7 @@ * Lookup table used by rejection sampling of the public matrix. * See autogen for details. */ -ALIGN const uint8_t rej_uniform_table[256][8] = { +MLK_ALIGN const uint8_t rej_uniform_table[256][8] = { {-1, -1, -1, -1, -1, -1, -1, -1}, {0, -1, -1, -1, -1, -1, -1, -1}, {2, -1, -1, -1, -1, -1, -1, -1}, {0, 2, -1, -1, -1, -1, -1, -1}, {4, -1, -1, -1, -1, -1, -1, -1}, {0, 4, -1, -1, -1, -1, -1, -1}, @@ -151,10 +151,10 @@ ALIGN const uint8_t rej_uniform_table[256][8] = { {2, 4, 6, 8, 10, 12, 14, -1}, {0, 2, 4, 6, 8, 10, 12, 14}, }; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(avx2_rej_uniform_table) +MLK_EMPTY_CU(avx2_rej_uniform_table) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/dev/x86_64/src/tomont.S b/dev/x86_64/src/tomont.S index 1cb5ef7f3..9e96d55a2 100644 --- a/dev/x86_64/src/tomont.S +++ b/dev/x86_64/src/tomont.S @@ -12,17 +12,17 @@ // semantics of poly_reduce(). #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* simpasm: header-end */ #include "consts.h" #include "fq.inc" .text -.global MLKEM_ASM_NAMESPACE(tomont_avx2) +.global MLK_ASM_NAMESPACE(tomont_avx2) .balign 4 -MLKEM_ASM_NAMESPACE(tomont_avx2): +MLK_ASM_NAMESPACE(tomont_avx2): #consts vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rsi),%ymm0 vmovdqa AVX2_BACKEND_DATA_OFFSET_16XMONTSQLO*2(%rsi),%ymm1 @@ -65,5 +65,5 @@ vmovdqa %ymm10,224(%rdi) ret /* simpasm: footer-start */ -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/examples/bring_your_own_fips202/Makefile b/examples/bring_your_own_fips202/Makefile index a67424648..2a197de7a 100644 --- a/examples/bring_your_own_fips202/Makefile +++ b/examples/bring_your_own_fips202/Makefile @@ -14,7 +14,7 @@ endif # Part A: # # mlkem-native source and header files -MLKEM_NATIVE_SOURCE=$(wildcard \ +MLK_SOURCE=$(wildcard \ mlkem_native/*.c \ mlkem_native/**/*.c \ mlkem_native/**/**/*.c \ @@ -49,7 +49,7 @@ RNG_SOURCE=$(wildcard test_only_rng/*.c) # Your application source code APP_SOURCE=$(wildcard *.c) -ALL_SOURCE=$(MLKEM_NATIVE_SOURCE) $(FIPS202_SOURCE) $(RNG_SOURCE) $(APP_SOURCE) +ALL_SOURCE=$(MLK_SOURCE) $(FIPS202_SOURCE) $(RNG_SOURCE) $(APP_SOURCE) BUILD_DIR=build BIN=test_binary diff --git a/examples/bring_your_own_fips202/fips202/fips202.h b/examples/bring_your_own_fips202/fips202/fips202.h index cd3f7531e..3aca5d9dc 100644 --- a/examples/bring_your_own_fips202/fips202/fips202.h +++ b/examples/bring_your_own_fips202/fips202/fips202.h @@ -27,7 +27,7 @@ typedef sha3_ctx_t shake128ctx; /* NOTE: shake128_init is already defined in sha3.h under that name; * Otherwise, it would need to be defined here as well. */ -#define shake128_absorb_once MLKEM_NAMESPACE(shake128_absorb_once) +#define shake128_absorb_once MLK_NAMESPACE(shake128_absorb_once) /************************************************* * Name: shake128_absorb_once * @@ -39,8 +39,8 @@ typedef sha3_ctx_t shake128ctx; * state * - size_t inlen: length of input in bytes **************************************************/ -static INLINE void shake128_absorb_once(shake128ctx *state, - const uint8_t *input, size_t inlen) +static MLK_INLINE void shake128_absorb_once(shake128ctx *state, + const uint8_t *input, size_t inlen) { shake_update(state, input, inlen); shake_xof(state); @@ -50,7 +50,7 @@ static INLINE void shake128_absorb_once(shake128ctx *state, * * Supports being called multiple times */ -#define shake128_squeezeblocks MLKEM_NAMESPACE(shake128_squeezeblocks) +#define shake128_squeezeblocks MLK_NAMESPACE(shake128_squeezeblocks) /************************************************* * Name: shake128_squeezeblocks * @@ -63,19 +63,19 @@ static INLINE void shake128_absorb_once(shake128ctx *state, * to output) * - shake128ctx *state: pointer to in/output Keccak state **************************************************/ -static INLINE void shake128_squeezeblocks(uint8_t *output, size_t nblocks, - shake128ctx *state) +static MLK_INLINE void shake128_squeezeblocks(uint8_t *output, size_t nblocks, + shake128ctx *state) { shake_out(state, output, nblocks * SHAKE128_RATE); } /* Free the state */ -#define shake128_release MLKEM_NAMESPACE(shake128_release) -static INLINE void shake128_release(shake128ctx *state) { ((void)state); } +#define shake128_release MLK_NAMESPACE(shake128_release) +static MLK_INLINE void shake128_release(shake128ctx *state) { ((void)state); } /* One-stop SHAKE256 call. Aliasing between input and * output is not permitted */ -#define shake256 MLKEM_NAMESPACE(shake256) +#define shake256 MLK_NAMESPACE(shake256) /************************************************* * Name: shake256 * @@ -86,8 +86,8 @@ static INLINE void shake128_release(shake128ctx *state) { ((void)state); } * - const uint8_t *input: pointer to input * - size_t inlen: length of input in bytes **************************************************/ -static INLINE void shake256(uint8_t *output, size_t outlen, - const uint8_t *input, size_t inlen) +static MLK_INLINE void shake256(uint8_t *output, size_t outlen, + const uint8_t *input, size_t inlen) { sha3_ctx_t c; shake256_init(&c); @@ -99,7 +99,7 @@ static INLINE void shake256(uint8_t *output, size_t outlen, /* One-stop SHA3_256 call. Aliasing between input and * output is not permitted */ #define SHA3_256_HASHBYTES 32 -#define sha3_256 MLKEM_NAMESPACE(sha3_256) +#define sha3_256 MLK_NAMESPACE(sha3_256) /************************************************* * Name: sha3_256 * @@ -109,7 +109,8 @@ static INLINE void shake256(uint8_t *output, size_t outlen, * - const uint8_t *input: pointer to input * - size_t inlen: length of input in bytes **************************************************/ -static INLINE void sha3_256(uint8_t *output, const uint8_t *input, size_t inlen) +static MLK_INLINE void sha3_256(uint8_t *output, const uint8_t *input, + size_t inlen) { (void)sha3(input, inlen, output, SHA3_256_HASHBYTES); } @@ -117,7 +118,7 @@ static INLINE void sha3_256(uint8_t *output, const uint8_t *input, size_t inlen) /* One-stop SHA3_512 call. Aliasing between input and * output is not permitted */ #define SHA3_512_HASHBYTES 64 -#define sha3_512 MLKEM_NAMESPACE(sha3_512) +#define sha3_512 MLK_NAMESPACE(sha3_512) /************************************************* * Name: sha3_512 * @@ -127,7 +128,8 @@ static INLINE void sha3_256(uint8_t *output, const uint8_t *input, size_t inlen) * - const uint8_t *input: pointer to input * - size_t inlen: length of input in bytes **************************************************/ -static INLINE void sha3_512(uint8_t *output, const uint8_t *input, size_t inlen) +static MLK_INLINE void sha3_512(uint8_t *output, const uint8_t *input, + size_t inlen) { (void)sha3(input, inlen, output, SHA3_512_HASHBYTES); } diff --git a/examples/bring_your_own_fips202/fips202/fips202x4.h b/examples/bring_your_own_fips202/fips202/fips202x4.h index 10b93aa7f..f26cce8ae 100644 --- a/examples/bring_your_own_fips202/fips202/fips202x4.h +++ b/examples/bring_your_own_fips202/fips202/fips202x4.h @@ -21,12 +21,12 @@ typedef shake128ctx shake128x4ctx[4]; -#define shake128x4_absorb_once MLKEM_NAMESPACE(shake128x4_absorb_once) -static INLINE void shake128x4_absorb_once(shake128x4ctx *state, - const uint8_t *in0, - const uint8_t *in1, - const uint8_t *in2, - const uint8_t *in3, size_t inlen) +#define shake128x4_absorb_once MLK_NAMESPACE(shake128x4_absorb_once) +static MLK_INLINE void shake128x4_absorb_once(shake128x4ctx *state, + const uint8_t *in0, + const uint8_t *in1, + const uint8_t *in2, + const uint8_t *in3, size_t inlen) __contract__( requires(memory_no_alias(state, sizeof(shake128x4ctx))) requires(memory_no_alias(in0, inlen)) @@ -42,11 +42,11 @@ __contract__( shake128_absorb_once(&(*state)[3], in3, inlen); } -#define shake128x4_squeezeblocks MLKEM_NAMESPACE(shake128x4_squeezeblocks) -static INLINE void shake128x4_squeezeblocks(uint8_t *out0, uint8_t *out1, - uint8_t *out2, uint8_t *out3, - size_t nblocks, - shake128x4ctx *state) +#define shake128x4_squeezeblocks MLK_NAMESPACE(shake128x4_squeezeblocks) +static MLK_INLINE void shake128x4_squeezeblocks(uint8_t *out0, uint8_t *out1, + uint8_t *out2, uint8_t *out3, + size_t nblocks, + shake128x4ctx *state) __contract__( requires(memory_no_alias(state, sizeof(shake128x4ctx))) requires(memory_no_alias(out0, nblocks * SHAKE128_RATE)) @@ -66,8 +66,8 @@ __contract__( shake128_squeezeblocks(out3, nblocks, &(*state)[3]); } -#define shake128x4_init MLKEM_NAMESPACE(shake128x4_init) -static INLINE void shake128x4_init(shake128x4ctx *state) +#define shake128x4_init MLK_NAMESPACE(shake128x4_init) +static MLK_INLINE void shake128x4_init(shake128x4ctx *state) { shake128_init(&(*state)[0]); shake128_init(&(*state)[1]); @@ -75,8 +75,8 @@ static INLINE void shake128x4_init(shake128x4ctx *state) shake128_init(&(*state)[3]); } -#define shake128x4_release MLKEM_NAMESPACE(shake128x4_release) -static INLINE void shake128x4_release(shake128x4ctx *state) +#define shake128x4_release MLK_NAMESPACE(shake128x4_release) +static MLK_INLINE void shake128x4_release(shake128x4ctx *state) { shake128_release(&(*state)[0]); shake128_release(&(*state)[1]); @@ -84,11 +84,11 @@ static INLINE void shake128x4_release(shake128x4ctx *state) shake128_release(&(*state)[3]); } -#define shake256x4 MLKEM_NAMESPACE(shake256x4) -static INLINE void shake256x4(uint8_t *out0, uint8_t *out1, uint8_t *out2, - uint8_t *out3, size_t outlen, uint8_t *in0, - uint8_t *in1, uint8_t *in2, uint8_t *in3, - size_t inlen) +#define shake256x4 MLK_NAMESPACE(shake256x4) +static MLK_INLINE void shake256x4(uint8_t *out0, uint8_t *out1, uint8_t *out2, + uint8_t *out3, size_t outlen, uint8_t *in0, + uint8_t *in1, uint8_t *in2, uint8_t *in3, + size_t inlen) __contract__( /* Refine +prove this spec, e.g. add disjointness constraints? */ requires(readable(in0, inlen)) diff --git a/examples/custom_backend/Makefile b/examples/custom_backend/Makefile index af99013b9..5a4de392c 100644 --- a/examples/custom_backend/Makefile +++ b/examples/custom_backend/Makefile @@ -17,7 +17,7 @@ endif # # If you are not concerned about minimizing for a specific backend, # you can just include _all_ source files into your build. -MLKEM_NATIVE_SOURCE=$(wildcard \ +MLK_SOURCE=$(wildcard \ mlkem_native/**/*.c \ mlkem_native/**/**/*.c \ mlkem_native/**/**/**/*.c \ @@ -43,7 +43,7 @@ RNG_SOURCE=$(wildcard test_only_rng/*.c) # Your application source code APP_SOURCE=$(wildcard *.c) -ALL_SOURCE=$(MLKEM_NATIVE_SOURCE) $(RNG_SOURCE) $(APP_SOURCE) +ALL_SOURCE=$(MLK_SOURCE) $(RNG_SOURCE) $(APP_SOURCE) BUILD_DIR=build BIN=test_binary @@ -67,7 +67,7 @@ CFLAGS := \ -O3 \ $(CFLAGS) -CFLAGS+=-DMLKEM_NATIVE_CONFIG_FILE="\"custom_config.h\"" +CFLAGS+=-DMLK_CONFIG_FILE="\"custom_config.h\"" BINARY_NAME_FULL=$(BUILD_DIR)/$(BIN) diff --git a/examples/custom_backend/README.md b/examples/custom_backend/README.md index 0ebe976f6..ab01e1707 100644 --- a/examples/custom_backend/README.md +++ b/examples/custom_backend/README.md @@ -19,13 +19,13 @@ An application using mlkem-native with a custom FIPS-202 backend and custom conf 4. A custom FIPS-202 backend. In this example, the metadata file is [custom.h](mlkem_native/mlkem/fips202/native/custom/custom.h), the implementation shim is [custom_impl.h](mlkem_native/mlkem/fips202/native/custom/src/custom_impl.h), wrapping the - [sha3.c](mlkem_native/mlkem/fips202/native/custom/src/sha3.c) and setting `MLKEM_USE_FIPS101_X1_NATIVE` to indicate that we + [sha3.c](mlkem_native/mlkem/fips202/native/custom/src/sha3.c) and setting `MLK_USE_FIPS101_X1_NATIVE` to indicate that we replace 1-fold Keccak-F1600. 5. Either modify the existing [config.h](mlkem_native/mlkem/config.h), or register a new config. In this example, we add a new config [custom_config.h](mlkem_native/custom_config.h) and register it from the command line for - `-DMLKEM_NATIVE_CONFIG_FILE="custom_config.h"` -- no further changes to the build are needed. For the sake of - demonstration, we set a custom namespace. We set `MLKEM_NATIVE_FIPS202_BACKEND` to point to our custom FIPS-202 - backend, but leave `MLKEM_NATIVE_ARITH_BACKEND` undefined to indicate that we wish to use the C backend. + `-DMLK_CONFIG_FILE="custom_config.h"` -- no further changes to the build are needed. For the sake of + demonstration, we set a custom namespace. We set `MLK_FIPS202_BACKEND` to point to our custom FIPS-202 + backend, but leave `MLK_ARITH_BACKEND` undefined to indicate that we wish to use the C backend. ## Note diff --git a/examples/custom_backend/mlkem_native/custom_config.h b/examples/custom_backend/mlkem_native/custom_config.h index fbaef50ca..caeb4d56e 100644 --- a/examples/custom_backend/mlkem_native/custom_config.h +++ b/examples/custom_backend/mlkem_native/custom_config.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_CONFIG_H -#define MLKEM_NATIVE_CONFIG_H +#ifndef MLK_CONFIG_H +#define MLK_CONFIG_H /****************************************************************************** * Name: MLKEM_K @@ -20,7 +20,7 @@ #define MLKEM_K 3 /* We want MLKEM-768 */ /****************************************************************************** - * Name: MLKEM_NATIVE_CONFIG_FILE + * Name: MLK_CONFIG_FILE * * Description: If defined, this is a header that will be included instead * of mlkem/config.h. @@ -31,18 +31,18 @@ * *****************************************************************************/ /* No need to set this -- we _are_ already in a custom config */ -/* #define MLKEM_NATIVE_CONFIG_FILE "config.h" */ +/* #define MLK_CONFIG_FILE "config.h" */ /****************************************************************************** - * Name: MLKEM_NAMESPACE_PREFIX + * Name: MLK_NAMESPACE_PREFIX * * Description: The prefix to use to namespace global symbols * from mlkem/. *****************************************************************************/ -#define MLKEM_NAMESPACE_PREFIX CUSTOM_TINY_SHA3 +#define MLK_NAMESPACE_PREFIX CUSTOM_TINY_SHA3 /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_ARITH + * Name: MLK_USE_NATIVE_BACKEND_ARITH * * Description: Determines whether an native arithmetic backend should be used. * @@ -52,7 +52,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the arithmetic backend to be use is - * determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is + * determined by MLK_ARITH_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -61,27 +61,27 @@ * *****************************************************************************/ /* No native arithmetic backend */ -/* #define MLKEM_USE_NATIVE_BACKEND_ARITH */ +/* #define MLK_USE_NATIVE_BACKEND_ARITH */ /****************************************************************************** - * Name: MLKEM_NATIVE_ARITH_BACKEND_FILE + * Name: MLK_ARITH_BACKEND_FILE * * Description: The arithmetic backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option + * If MLK_USE_NATIVE_BACKEND_ARITH is unset, this option * is ignored. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must + * If MLK_USE_NATIVE_BACKEND_ARITH is set, this option must * either be undefined or the filename of an arithmetic backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -/* #define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/meta.h" */ +/* #define MLK_ARITH_BACKEND_FILE "native/meta.h" */ /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_FIPS202 + * Name: MLK_USE_NATIVE_BACKEND_FIPS202 * * Description: Determines whether an native FIPS202 backend should be used. * @@ -91,7 +91,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the FIPS202 backend to be use is - * determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is + * determined by MLK_FIPS202_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -99,30 +99,30 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#define MLKEM_USE_NATIVE_BACKEND_FIPS202 +#define MLK_USE_NATIVE_BACKEND_FIPS202 /****************************************************************************** - * Name: MLKEM_NATIVE_FIPS202_BACKEND_FILE + * Name: MLK_FIPS202_BACKEND_FILE * * Description: The FIPS-202 backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_FIPS202 is set, this option must + * If MLK_USE_NATIVE_BACKEND_FIPS202 is set, this option must * either be undefined or the filename of a FIPS202 backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#define MLKEM_NATIVE_FIPS202_BACKEND_FILE "fips202/native/custom/custom.h" +#define MLK_FIPS202_BACKEND_FILE "fips202/native/custom/custom.h" /****************************************************************************** - * Name: MLKEM_NATIVE_API_STANDARD + * Name: MLK_API_STANDARD * * Description: Define this to extend api.h to also export key sizes and public * API in the CRYPTO_xxx and crypto_kem_xxx format as used e.g. by * SUPERCOP. * *****************************************************************************/ -#define MLKEM_NATIVE_API_STANDARD +#define MLK_API_STANDARD #endif /* MLkEM_NATIVE_CONFIG_H */ diff --git a/examples/custom_backend/mlkem_native/mlkem/fips202/native/custom/custom.h b/examples/custom_backend/mlkem_native/mlkem/fips202/native/custom/custom.h index 718d89143..e7e875380 100644 --- a/examples/custom_backend/mlkem_native/mlkem/fips202/native/custom/custom.h +++ b/examples/custom_backend/mlkem_native/mlkem/fips202/native/custom/custom.h @@ -5,21 +5,20 @@ /* Default FIPS202 assembly profile for AArch64 systems */ -#ifdef FIPS202_NATIVE_PROFILE_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_H +#define MLK_FIPS202_NATIVE_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_CUSTOM_TINY_SHA3 +#define MLK_FIPS202_BACKEND_CUSTOM_TINY_SHA3 -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME TINY_SHA3 +#define MLK_FIPS202_BACKEND_NAME TINY_SHA3 /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_IMPL \ - "fips202/native/custom/src/custom_impl.h" +#define MLK_FIPS202_BACKEND_IMPL "fips202/native/custom/src/custom_impl.h" -#endif /* FIPS202_NATIVE_PROFILE_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_H */ diff --git a/examples/custom_backend/mlkem_native/mlkem/fips202/native/custom/src/custom_impl.h b/examples/custom_backend/mlkem_native/mlkem/fips202/native/custom/src/custom_impl.h index 999325145..a34a460ff 100644 --- a/examples/custom_backend/mlkem_native/mlkem/fips202/native/custom/src/custom_impl.h +++ b/examples/custom_backend/mlkem_native/mlkem/fips202/native/custom/src/custom_impl.h @@ -5,18 +5,18 @@ /* Default FIPS202 assembly profile for AArch64 systems */ -#ifdef FIPS202_NATIVE_PROFILE_IMPL_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_IMPL_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_IMPL_H +#define MLK_FIPS202_NATIVE_PROFILE_IMPL_H #include "sha3.h" /* Replace (single) Keccak-F1600 by tiny-SHA3's */ -#define MLKEM_USE_FIPS202_X1_NATIVE -static INLINE void keccak_f1600_x1_native(uint64_t *state) +#define MLK_USE_FIPS202_X1_NATIVE +static MLK_INLINE void keccak_f1600_x1_native(uint64_t *state) { tiny_sha3_keccakf(state); } -#endif /* FIPS202_NATIVE_PROFILE_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_H */ diff --git a/examples/mlkem_native_as_code_package/Makefile b/examples/mlkem_native_as_code_package/Makefile index 79c515e67..bbcf00d12 100644 --- a/examples/mlkem_native_as_code_package/Makefile +++ b/examples/mlkem_native_as_code_package/Makefile @@ -17,7 +17,7 @@ endif # # If you are not concerned about minimizing for a specific backend, # you can just include _all_ source files into your build. -MLKEM_NATIVE_SOURCE=$(wildcard \ +MLK_SOURCE=$(wildcard \ mlkem_native/**/*.c \ mlkem_native/**/**/*.c \ mlkem_native/**/**/**/*.c \ @@ -40,7 +40,7 @@ RNG_SOURCE=$(wildcard test_only_rng/*.c) # Your application source code APP_SOURCE=$(wildcard *.c) -ALL_SOURCE=$(MLKEM_NATIVE_SOURCE) $(RNG_SOURCE) $(APP_SOURCE) +ALL_SOURCE=$(MLK_SOURCE) $(RNG_SOURCE) $(APP_SOURCE) BUILD_DIR=build BIN=test_binary diff --git a/examples/monolithic_build/Makefile b/examples/monolithic_build/Makefile index b24f07fe6..bc10832a2 100644 --- a/examples/monolithic_build/Makefile +++ b/examples/monolithic_build/Makefile @@ -25,7 +25,7 @@ Q ?= @ # Here, we use just a single monolithic compilation unit to include # multiple instances of mlkem-native. -MLKEM_NATIVE_SOURCE=mlkem_native_monobuild.c +MLK_SOURCE=mlkem_native_monobuild.c INC=-Imlkem/ -I./ @@ -73,7 +73,7 @@ CFLAGS := \ $(CFLAGS) # Set this flag to give all non-global functions internal linkage -CFLAGS += -DMLKEM_NATIVE_MONOBUILD +CFLAGS += -DMLK_MONOBUILD BIN512_FULL=$(BUILD_DIR)/$(BIN512) BIN768_FULL=$(BUILD_DIR)/$(BIN768) @@ -83,41 +83,41 @@ LIB512_FULL=$(BUILD_DIR)/$(LIB512) LIB768_FULL=$(BUILD_DIR)/$(LIB768) LIB1024_FULL=$(BUILD_DIR)/$(LIB1024) -$(LIB512_FULL): $(MLKEM_NATIVE_SOURCE) +$(LIB512_FULL): $(MLK_SOURCE) $(Q)echo "$@" $(Q)[ -d $(@) ] || mkdir -p $(@D) - $(Q)$(CC) -c $(CFLAGS) -DMLKEM_NATIVE_CONFIG_FILE="\"config_512.h\"" $(INC) $^ -o $(BUILD_DIR)/mlkem_native512.o + $(Q)$(CC) -c $(CFLAGS) -DMLK_CONFIG_FILE="\"config_512.h\"" $(INC) $^ -o $(BUILD_DIR)/mlkem_native512.o $(Q)$(AR) rcs $@ $(BUILD_DIR)/mlkem_native512.o $(Q)strip -S $@ -$(LIB768_FULL): $(MLKEM_NATIVE_SOURCE) +$(LIB768_FULL): $(MLK_SOURCE) $(Q)echo "$@" $(Q)[ -d $(@) ] || mkdir -p $(@D) - $(Q)$(CC) -c $(CFLAGS) -DMLKEM_NATIVE_CONFIG_FILE="\"config_768.h\"" $(INC) $^ -o $(BUILD_DIR)/mlkem_native768.o + $(Q)$(CC) -c $(CFLAGS) -DMLK_CONFIG_FILE="\"config_768.h\"" $(INC) $^ -o $(BUILD_DIR)/mlkem_native768.o $(Q)$(AR) rcs $@ $(BUILD_DIR)/mlkem_native768.o $(Q)strip -S $@ -$(LIB1024_FULL): $(MLKEM_NATIVE_SOURCE) +$(LIB1024_FULL): $(MLK_SOURCE) $(Q)echo "$@" $(Q)[ -d $(@) ] || mkdir -p $(@D) - $(Q)$(CC) -c $(CFLAGS) -DMLKEM_NATIVE_CONFIG_FILE="\"config_1024.h\"" $(INC) $^ -o $(BUILD_DIR)/mlkem_native1024.o + $(Q)$(CC) -c $(CFLAGS) -DMLK_CONFIG_FILE="\"config_1024.h\"" $(INC) $^ -o $(BUILD_DIR)/mlkem_native1024.o $(Q)$(AR) rcs $@ $(BUILD_DIR)/mlkem_native1024.o $(Q)strip -S $@ $(BIN512_FULL): $(APP_SOURCE) $(LIB512_FULL) $(Q)echo "$@" $(Q)[ -d $(@) ] || mkdir -p $(@D) - $(Q)$(CC) $(CFLAGS) -DMLKEM_NATIVE_CONFIG_FILE="\"config_512.h\"" $(INC) $^ -o $@ + $(Q)$(CC) $(CFLAGS) -DMLK_CONFIG_FILE="\"config_512.h\"" $(INC) $^ -o $@ $(BIN768_FULL): $(APP_SOURCE) $(LIB768_FULL) $(Q)echo "$@" $(Q)[ -d $(@) ] || mkdir -p $(@D) - $(Q)$(CC) $(CFLAGS) -DMLKEM_NATIVE_CONFIG_FILE="\"config_768.h\"" $(INC) $^ -o $@ + $(Q)$(CC) $(CFLAGS) -DMLK_CONFIG_FILE="\"config_768.h\"" $(INC) $^ -o $@ $(BIN1024_FULL): $(APP_SOURCE) $(LIB1024_FULL) $(Q)echo "$@" $(Q)[ -d $(@) ] || mkdir -p $(@D) - $(Q)$(CC) $(CFLAGS) -DMLKEM_NATIVE_CONFIG_FILE="\"config_1024.h\"" $(INC) $^ -o $@ + $(Q)$(CC) $(CFLAGS) -DMLK_CONFIG_FILE="\"config_1024.h\"" $(INC) $^ -o $@ all: build diff --git a/examples/monolithic_build/config_1024.h b/examples/monolithic_build/config_1024.h index 146207d3c..73855acfb 100644 --- a/examples/monolithic_build/config_1024.h +++ b/examples/monolithic_build/config_1024.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_CONFIG_H -#define MLKEM_NATIVE_CONFIG_H +#ifndef MLK_CONFIG_H +#define MLK_CONFIG_H /****************************************************************************** * Name: MLKEM_K @@ -22,23 +22,23 @@ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_CONFIG_FILE + * Name: MLK_CONFIG_FILE * * Description: If defined, this is a header that will be included instead * of mlkem/config.h. * * This _must_ be set on the command line using - * `-DMLKEM_NATIVE_CONFIG_FILE="..."`. + * `-DMLK_CONFIG_FILE="..."`. * * When you need to build mlkem-native in multiple configurations, - * using varying MLKEM_NATIE_CONFIG_FILE can be more convenient + * using varying MLK_CONFIG_FILE can be more convenient * then configuring everything through CFLAGS. * *****************************************************************************/ -/* #define MLKEM_NATIVE_CONFIG_FILE "config.h" */ +/* #define MLK_CONFIG_FILE "config.h" */ /****************************************************************************** - * Name: MLKEM_NAMESPACE_PREFIX + * Name: MLK_NAMESPACE_PREFIX * * Description: The prefix to use to namespace global symbols * from mlkem/. @@ -46,10 +46,10 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#define MLKEM_NAMESPACE_PREFIX mlkem +#define MLK_NAMESPACE_PREFIX mlkem /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_ARITH + * Name: MLK_USE_NATIVE_BACKEND_ARITH * * Description: Determines whether an native arithmetic backend should be used. * @@ -59,7 +59,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the arithmetic backend to be use is - * determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is + * determined by MLK_ARITH_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -67,32 +67,31 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_ARITH) -/* #define MLKEM_USE_NATIVE_BACKEND_ARITH */ +#if !defined(MLK_USE_NATIVE_BACKEND_ARITH) +/* #define MLK_USE_NATIVE_BACKEND_ARITH */ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_ARITH_BACKEND_FILE + * Name: MLK_ARITH_BACKEND_FILE * * Description: The arithmetic backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option + * If MLK_USE_NATIVE_BACKEND_ARITH is unset, this option * is ignored. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must + * If MLK_USE_NATIVE_BACKEND_ARITH is set, this option must * either be undefined or the filename of an arithmetic backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_ARITH) && \ - !defined(MLKEM_NATIVE_ARITH_BACKEND_FILE) -#define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_ARITH) && !defined(MLK_ARITH_BACKEND_FILE) +#define MLK_ARITH_BACKEND_FILE "native/meta.h" #endif /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_FIPS202 + * Name: MLK_USE_NATIVE_BACKEND_FIPS202 * * Description: Determines whether an native FIPS202 backend should be used. * @@ -102,7 +101,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the FIPS202 backend to be use is - * determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is + * determined by MLK_FIPS202_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -110,25 +109,25 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) -/* #define MLKEM_USE_NATIVE_BACKEND_FIPS202 */ +#if !defined(MLK_USE_NATIVE_BACKEND_FIPS202) +/* #define MLK_USE_NATIVE_BACKEND_FIPS202 */ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_FIPS202_BACKEND_FILE + * Name: MLK_FIPS202_BACKEND_FILE * * Description: The FIPS-202 backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_FIPS202 is set, this option must + * If MLK_USE_NATIVE_BACKEND_FIPS202 is set, this option must * either be undefined or the filename of a FIPS202 backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) && \ - !defined(MLKEM_NATIVE_FIPS202_BACKEND_FILE) -#define MLKEM_NATIVE_FIPS202_BACKEND_FILE "fips202/native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_FIPS202) && \ + !defined(MLK_FIPS202_BACKEND_FILE) +#define MLK_FIPS202_BACKEND_FILE "fips202/native/meta.h" #endif #endif /* MLkEM_NATIVE_CONFIG_H */ diff --git a/examples/monolithic_build/config_512.h b/examples/monolithic_build/config_512.h index 323e00691..e0413cc67 100644 --- a/examples/monolithic_build/config_512.h +++ b/examples/monolithic_build/config_512.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_CONFIG_H -#define MLKEM_NATIVE_CONFIG_H +#ifndef MLK_CONFIG_H +#define MLK_CONFIG_H /****************************************************************************** * Name: MLKEM_K @@ -22,23 +22,23 @@ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_CONFIG_FILE + * Name: MLK_CONFIG_FILE * * Description: If defined, this is a header that will be included instead * of mlkem/config.h. * * This _must_ be set on the command line using - * `-DMLKEM_NATIVE_CONFIG_FILE="..."`. + * `-DMLK_CONFIG_FILE="..."`. * * When you need to build mlkem-native in multiple configurations, - * using varying MLKEM_NATIE_CONFIG_FILE can be more convenient + * using varying MLK_CONFIG_FILE can be more convenient * then configuring everything through CFLAGS. * *****************************************************************************/ -/* #define MLKEM_NATIVE_CONFIG_FILE "config.h" */ +/* #define MLK_CONFIG_FILE "config.h" */ /****************************************************************************** - * Name: MLKEM_NAMESPACE_PREFIX + * Name: MLK_NAMESPACE_PREFIX * * Description: The prefix to use to namespace global symbols * from mlkem/. @@ -46,10 +46,10 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#define MLKEM_NAMESPACE_PREFIX mlkem +#define MLK_NAMESPACE_PREFIX mlkem /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_ARITH + * Name: MLK_USE_NATIVE_BACKEND_ARITH * * Description: Determines whether an native arithmetic backend should be used. * @@ -59,7 +59,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the arithmetic backend to be use is - * determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is + * determined by MLK_ARITH_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -67,32 +67,31 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_ARITH) -/* #define MLKEM_USE_NATIVE_BACKEND_ARITH */ +#if !defined(MLK_USE_NATIVE_BACKEND_ARITH) +/* #define MLK_USE_NATIVE_BACKEND_ARITH */ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_ARITH_BACKEND_FILE + * Name: MLK_ARITH_BACKEND_FILE * * Description: The arithmetic backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option + * If MLK_USE_NATIVE_BACKEND_ARITH is unset, this option * is ignored. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must + * If MLK_USE_NATIVE_BACKEND_ARITH is set, this option must * either be undefined or the filename of an arithmetic backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_ARITH) && \ - !defined(MLKEM_NATIVE_ARITH_BACKEND_FILE) -#define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_ARITH) && !defined(MLK_ARITH_BACKEND_FILE) +#define MLK_ARITH_BACKEND_FILE "native/meta.h" #endif /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_FIPS202 + * Name: MLK_USE_NATIVE_BACKEND_FIPS202 * * Description: Determines whether an native FIPS202 backend should be used. * @@ -102,7 +101,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the FIPS202 backend to be use is - * determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is + * determined by MLK_FIPS202_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -110,25 +109,25 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) -/* #define MLKEM_USE_NATIVE_BACKEND_FIPS202 */ +#if !defined(MLK_USE_NATIVE_BACKEND_FIPS202) +/* #define MLK_USE_NATIVE_BACKEND_FIPS202 */ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_FIPS202_BACKEND_FILE + * Name: MLK_FIPS202_BACKEND_FILE * * Description: The FIPS-202 backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_FIPS202 is set, this option must + * If MLK_USE_NATIVE_BACKEND_FIPS202 is set, this option must * either be undefined or the filename of a FIPS202 backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) && \ - !defined(MLKEM_NATIVE_FIPS202_BACKEND_FILE) -#define MLKEM_NATIVE_FIPS202_BACKEND_FILE "fips202/native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_FIPS202) && \ + !defined(MLK_FIPS202_BACKEND_FILE) +#define MLK_FIPS202_BACKEND_FILE "fips202/native/meta.h" #endif #endif /* MLkEM_NATIVE_CONFIG_H */ diff --git a/examples/monolithic_build/config_768.h b/examples/monolithic_build/config_768.h index b5280459a..d88252dcd 100644 --- a/examples/monolithic_build/config_768.h +++ b/examples/monolithic_build/config_768.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_CONFIG_H -#define MLKEM_NATIVE_CONFIG_H +#ifndef MLK_CONFIG_H +#define MLK_CONFIG_H /****************************************************************************** * Name: MLKEM_K @@ -22,23 +22,23 @@ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_CONFIG_FILE + * Name: MLK_CONFIG_FILE * * Description: If defined, this is a header that will be included instead * of mlkem/config.h. * * This _must_ be set on the command line using - * `-DMLKEM_NATIVE_CONFIG_FILE="..."`. + * `-DMLK_CONFIG_FILE="..."`. * * When you need to build mlkem-native in multiple configurations, - * using varying MLKEM_NATIE_CONFIG_FILE can be more convenient + * using varying MLK_CONFIG_FILE can be more convenient * then configuring everything through CFLAGS. * *****************************************************************************/ -/* #define MLKEM_NATIVE_CONFIG_FILE "config.h" */ +/* #define MLK_CONFIG_FILE "config.h" */ /****************************************************************************** - * Name: MLKEM_NAMESPACE_PREFIX + * Name: MLK_NAMESPACE_PREFIX * * Description: The prefix to use to namespace global symbols * from mlkem/. @@ -46,10 +46,10 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#define MLKEM_NAMESPACE_PREFIX mlkem +#define MLK_NAMESPACE_PREFIX mlkem /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_ARITH + * Name: MLK_USE_NATIVE_BACKEND_ARITH * * Description: Determines whether an native arithmetic backend should be used. * @@ -59,7 +59,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the arithmetic backend to be use is - * determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is + * determined by MLK_ARITH_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -67,32 +67,31 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_ARITH) -/* #define MLKEM_USE_NATIVE_BACKEND_ARITH */ +#if !defined(MLK_USE_NATIVE_BACKEND_ARITH) +/* #define MLK_USE_NATIVE_BACKEND_ARITH */ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_ARITH_BACKEND_FILE + * Name: MLK_ARITH_BACKEND_FILE * * Description: The arithmetic backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option + * If MLK_USE_NATIVE_BACKEND_ARITH is unset, this option * is ignored. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must + * If MLK_USE_NATIVE_BACKEND_ARITH is set, this option must * either be undefined or the filename of an arithmetic backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_ARITH) && \ - !defined(MLKEM_NATIVE_ARITH_BACKEND_FILE) -#define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_ARITH) && !defined(MLK_ARITH_BACKEND_FILE) +#define MLK_ARITH_BACKEND_FILE "native/meta.h" #endif /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_FIPS202 + * Name: MLK_USE_NATIVE_BACKEND_FIPS202 * * Description: Determines whether an native FIPS202 backend should be used. * @@ -102,7 +101,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the FIPS202 backend to be use is - * determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is + * determined by MLK_FIPS202_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -110,25 +109,25 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) -/* #define MLKEM_USE_NATIVE_BACKEND_FIPS202 */ +#if !defined(MLK_USE_NATIVE_BACKEND_FIPS202) +/* #define MLK_USE_NATIVE_BACKEND_FIPS202 */ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_FIPS202_BACKEND_FILE + * Name: MLK_FIPS202_BACKEND_FILE * * Description: The FIPS-202 backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_FIPS202 is set, this option must + * If MLK_USE_NATIVE_BACKEND_FIPS202 is set, this option must * either be undefined or the filename of a FIPS202 backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) && \ - !defined(MLKEM_NATIVE_FIPS202_BACKEND_FILE) -#define MLKEM_NATIVE_FIPS202_BACKEND_FILE "fips202/native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_FIPS202) && \ + !defined(MLK_FIPS202_BACKEND_FILE) +#define MLK_FIPS202_BACKEND_FILE "fips202/native/meta.h" #endif #endif /* MLkEM_NATIVE_CONFIG_H */ diff --git a/examples/monolithic_build/main.c b/examples/monolithic_build/main.c index 3396dfbca..1a2bce09e 100644 --- a/examples/monolithic_build/main.c +++ b/examples/monolithic_build/main.c @@ -28,9 +28,9 @@ static int test_keys_mlkem(void) 0x0a, 0x56, 0xe3, 0xf0, 0xd3, 0xfd, 0x9b, 0x58, 0xbd, 0xa2, 0x8b, 0x69, 0x0f, 0x91, 0xb5, 0x7b, 0x88, 0xa5, 0xa8, 0x0b, 0x90}; #endif - uint8_t pk[MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)]; - uint8_t sk[MLKEM_SECRETKEYBYTES(BUILD_INFO_LVL)]; - uint8_t ct[MLKEM_CIPHERTEXTBYTES(BUILD_INFO_LVL)]; + uint8_t pk[MLKEM_PUBLICKEYBYTES(MLK_BUILD_INFO_LVL)]; + uint8_t sk[MLKEM_SECRETKEYBYTES(MLK_BUILD_INFO_LVL)]; + uint8_t ct[MLKEM_CIPHERTEXTBYTES(MLK_BUILD_INFO_LVL)]; uint8_t key_a[MLKEM_BYTES]; uint8_t key_b[MLKEM_BYTES]; @@ -67,7 +67,7 @@ static int test_keys_mlkem(void) return 1; } - printf("[MLKEM-%d] OK\n", BUILD_INFO_LVL); + printf("[MLKEM-%d] OK\n", MLK_BUILD_INFO_LVL); return 0; } diff --git a/examples/monolithic_build/mlkem_native_monobuild.c b/examples/monolithic_build/mlkem_native_monobuild.c index 8978e7426..02331fe52 100644 --- a/examples/monolithic_build/mlkem_native_monobuild.c +++ b/examples/monolithic_build/mlkem_native_monobuild.c @@ -27,27 +27,27 @@ #include "mlkem/sampling.c" #include "mlkem/verify.c" #include "mlkem/zetas.c" -#if defined(MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH) -#if defined(SYS_AARCH64) +#if defined(MLK_MONOBUILD_WITH_NATIVE_ARITH) +#if defined(MLK_SYS_AARCH64) #include "mlkem/native/aarch64/src/aarch64_zetas.c" #include "mlkem/native/aarch64/src/rej_uniform_table.c" -#endif /* SYS_AARCH64 */ -#if defined(SYS_X86_64) +#endif /* MLK_SYS_AARCH64 */ +#if defined(MLK_SYS_X86_64) #include "mlkem/native/x86_64/src/basemul.c" #include "mlkem/native/x86_64/src/compress_avx2.c" #include "mlkem/native/x86_64/src/consts.c" #include "mlkem/native/x86_64/src/rej_uniform_avx2.c" #include "mlkem/native/x86_64/src/rej_uniform_table.c" -#endif /* SYS_X86_64 */ -#endif /* MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH */ -#if defined(MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202) -#if defined(SYS_AARCH64) +#endif /* MLK_SYS_X86_64 */ +#endif /* MLK_MONOBUILD_WITH_NATIVE_ARITH */ +#if defined(MLK_MONOBUILD_WITH_NATIVE_FIPS202) +#if defined(MLK_SYS_AARCH64) #include "mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c" -#endif /* SYS_AARCH64 */ -#if defined(SYS_X86_64) +#endif /* MLK_SYS_AARCH64 */ +#if defined(MLK_SYS_X86_64) #include "mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c" -#endif /* SYS_X86_64 */ -#endif /* MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202 */ +#endif /* MLK_SYS_X86_64 */ +#endif /* MLK_MONOBUILD_WITH_NATIVE_FIPS202 */ /* @@ -55,47 +55,41 @@ */ /* mlkem/common.h */ -#undef MLKEM_ASM_NAMESPACE -#undef MLKEM_NAMESPACE -#undef MLKEM_NAMESPACE_K -#undef MLKEM_NATIVE_ARITH_BACKEND_NAME -#undef MLKEM_NATIVE_COMMON_H -#undef MLKEM_NATIVE_EMPTY_CU -#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME -#undef MLKEM_NATIVE_INTERNAL_API -#undef MLKEM_NATIVE_MAKE_NAMESPACE -#undef MLKEM_NATIVE_MAKE_NAMESPACE_ -#undef MLKEM_NATIVE_MAKE_NAMESPACE_K -#undef MLKEM_NATIVE_MAKE_NAMESPACE_K_ -#undef PREFIX_UNDERSCORE -#undef PREFIX_UNDERSCORE_ +#undef MLK_ARITH_BACKEND_NAME +#undef MLK_ASM_NAMESPACE +#undef MLK_COMMON_H +#undef MLK_EMPTY_CU +#undef MLK_FIPS202_BACKEND_NAME +#undef MLK_INTERNAL_API +#undef MLK_MAKE_NAMESPACE +#undef MLK_MAKE_NAMESPACE_ +#undef MLK_MAKE_NAMESPACE_K +#undef MLK_MAKE_NAMESPACE_K_ +#undef MLK_NAMESPACE +#undef MLK_NAMESPACE_K +#undef MLK_PREFIX_UNDERSCORE +#undef MLK_PREFIX_UNDERSCORE_ /* mlkem/config.h */ -#undef MLKEM_DEFAULT_NAMESPACE_PREFIX #undef MLKEM_K -#undef MLKEM_NAMESPACE_PREFIX -#undef MLKEM_NATIVE_ARITH_BACKEND_FILE -#undef MLKEM_NATIVE_CONFIG_H -#undef MLKEM_NATIVE_FIPS202_BACKEND_FILE +#undef MLK_ARITH_BACKEND_FILE +#undef MLK_CONFIG_H +#undef MLK_DEFAULT_NAMESPACE_PREFIX +#undef MLK_FIPS202_BACKEND_FILE +#undef MLK_NAMESPACE_PREFIX /* mlkem/indcpa.h */ -#undef MLKEM_NATIVE_INDCPA_H +#undef MLK_INDCPA_H #undef gen_matrix #undef indcpa_dec #undef indcpa_enc #undef indcpa_keypair_derand /* mlkem/kem.h */ -#undef MLKEM_NATIVE_KEM_H +#undef MLK_KEM_H #undef crypto_kem_dec #undef crypto_kem_enc #undef crypto_kem_enc_derand #undef crypto_kem_keypair #undef crypto_kem_keypair_derand /* mlkem/mlkem_native.h */ -#undef BUILD_INFO_CONCAT2 -#undef BUILD_INFO_CONCAT2_ -#undef BUILD_INFO_CONCAT3 -#undef BUILD_INFO_CONCAT3_ -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE #undef CRYPTO_BYTES #undef CRYPTO_CIPHERTEXTBYTES #undef CRYPTO_PUBLICKEYBYTES @@ -119,12 +113,18 @@ #undef MLKEM_BYTES #undef MLKEM_CIPHERTEXTBYTES #undef MLKEM_CIPHERTEXTBYTES_ -#undef MLKEM_NATIVE_H #undef MLKEM_PUBLICKEYBYTES #undef MLKEM_PUBLICKEYBYTES_ #undef MLKEM_SECRETKEYBYTES #undef MLKEM_SECRETKEYBYTES_ #undef MLKEM_SYMBYTES +#undef MLK_BUILD_INFO_CONCAT2 +#undef MLK_BUILD_INFO_CONCAT2_ +#undef MLK_BUILD_INFO_CONCAT3 +#undef MLK_BUILD_INFO_CONCAT3_ +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_H #undef crypto_kem_dec #undef crypto_kem_enc #undef crypto_kem_enc_derand @@ -144,7 +144,6 @@ #undef MLKEM_INDCPA_SECRETKEYBYTES #undef MLKEM_LVL #undef MLKEM_N -#undef MLKEM_NATIVE_PARAMS_H #undef MLKEM_POLYBYTES #undef MLKEM_POLYCOMPRESSEDBYTES_D10 #undef MLKEM_POLYCOMPRESSEDBYTES_D11 @@ -158,9 +157,10 @@ #undef MLKEM_Q_HALF #undef MLKEM_SSBYTES #undef MLKEM_SYMBYTES -#undef UINT12_LIMIT +#undef MLKEM_UINT12_LIMIT +#undef MLK_PARAMS_H /* mlkem/poly_k.h */ -#undef MLKEM_NATIVE_POLY_K_H +#undef MLK_POLY_K_H #undef poly_compress_du #undef poly_compress_dv #undef poly_decompress_du diff --git a/examples/monolithic_build_multilevel/Makefile b/examples/monolithic_build_multilevel/Makefile index 47bff44a4..dfd95ca8a 100644 --- a/examples/monolithic_build_multilevel/Makefile +++ b/examples/monolithic_build_multilevel/Makefile @@ -23,7 +23,7 @@ endif # Here, we use just a single monolithic compilation unit to include # multiple instances of mlkem-native. -MLKEM_NATIVE_SOURCE=mlkem_native_all.c +MLK_SOURCE=mlkem_native_all.c INC=-Imlkem/ -I./ @@ -65,12 +65,12 @@ CFLAGS := \ $(CFLAGS) # Set this flag to give all non-global functions internal linkage -CFLAGS += -DMLKEM_NATIVE_MONOBUILD +CFLAGS += -DMLK_MONOBUILD BINARY_NAME_FULL=$(BUILD_DIR)/$(BIN) LIB_NAME_FULL=$(BUILD_DIR)/$(LIB) -$(LIB_NAME_FULL): $(MLKEM_NATIVE_SOURCE) +$(LIB_NAME_FULL): $(MLK_SOURCE) echo "$@" mkdir -p $(BUILD_DIR) $(CC) -c $(CFLAGS) $(INC) $^ -o $(BUILD_DIR)/mlkem_native.o diff --git a/examples/monolithic_build_multilevel/README.md b/examples/monolithic_build_multilevel/README.md index 99c87ee20..539e70827 100644 --- a/examples/monolithic_build_multilevel/README.md +++ b/examples/monolithic_build_multilevel/README.md @@ -12,77 +12,77 @@ inclusion in another compilation unit. The manually written source file [mlkem_native_all.c](mlkem_native_all.c) includes [mlkem_native_monobuild.c](mlkem_native_monobuild.c) three times, each time using the fixed config [multilevel_config.h](multilevel_config.h), but changing the security level (specified -by `MLKEM_K`) every time. For each inclusion, it sets `MLKEM_NATIVE_CONFIG_FILE` +by `MLKEM_K`) every time. For each inclusion, it sets `MLK_CONFIG_FILE` appropriately first, and then includes the monobuild: ```C /* Three instances of mlkem-native for all security levels */ /* Include level-independent code */ -#define MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED -#define MLKEM_NATIVE_MONOBUILD_KEEP_SHARED_HEADERS +#define MLK_MULTILEVEL_BUILD_WITH_SHARED +#define MLK_MONOBUILD_KEEP_SHARED_HEADERS #define MLKEM_K 2 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE /* Exclude level-independent code */ -#undef MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED -#define MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED +#undef MLK_MULTILEVEL_BUILD_WITH_SHARED +#define MLK_MULTILEVEL_BUILD_NO_SHARED #define MLKEM_K 3 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE #define MLKEM_K 4 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" -#undef MLKEM_NATIVE_MONOBUILD_KEEP_SHARED_HEADERS +#define MLK_CONFIG_FILE "multilevel_config.h" +#undef MLK_MONOBUILD_KEEP_SHARED_HEADERS #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE ``` -Note the setting `MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED` which forces the inclusion of all level-independent -code in the MLKEM-512 build, and the setting `MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED`, which drops all -level-independent code in the subsequent builds. Finally, `MLKEM_NATIVE_MONOBUILD_KEEP_SHARED_HEADERS` entails that +Note the setting `MLK_MULTILEVEL_BUILD_WITH_SHARED` which forces the inclusion of all level-independent +code in the MLKEM-512 build, and the setting `MLK_MULTILEVEL_BUILD_NO_SHARED`, which drops all +level-independent code in the subsequent builds. Finally, `MLK_MONOBUILD_KEEP_SHARED_HEADERS` entails that `mlkem_native_monobuild.c` does not `#undefine` the `#define` clauses from level-independent files. To make the monolithic multi-level build accessible from the application sources, we provide [mlkem_native_all.h](mlkem_native_all.h), which includes [mlkem_native.h](../../mlkem/mlkem_native.h) once per -configuration. Note that we don't refer to the configuration using `MLKEM_NATIVE_CONFIG_FILE`, but by setting -`BUILD_INFO_XXX` explicitly. Otherwise, [mlkem_native.h](../../mlkem/mlkem_native.h) would include the confg, which +configuration. Note that we don't refer to the configuration using `MLK_CONFIG_FILE`, but by setting +`MLK_BUILD_INFO_XXX` explicitly. Otherwise, [mlkem_native.h](../../mlkem/mlkem_native.h) would include the confg, which would lead to name-clashes upon multiple use. ```C /* API for MLKEM-512 */ -#define BUILD_INFO_LVL 512 -#define BUILD_INFO_NAMESPACE(sym) mlkem512_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 512 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem512_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-768 */ -#define BUILD_INFO_LVL 768 -#define BUILD_INFO_NAMESPACE(sym) mlkem768_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 768 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem768_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-1024 */ -#define BUILD_INFO_LVL 1024 -#define BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 1024 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H ``` ## Usage diff --git a/examples/monolithic_build_multilevel/mlkem_native_all.c b/examples/monolithic_build_multilevel/mlkem_native_all.c index c769874c2..354482fc2 100644 --- a/examples/monolithic_build_multilevel/mlkem_native_all.c +++ b/examples/monolithic_build_multilevel/mlkem_native_all.c @@ -3,28 +3,28 @@ * SPDX-License-Identifier: Apache-2.0 */ -#define MLKEM_NATIVE_MULTILEVEL_BUILD +#define MLK_MULTILEVEL_BUILD /* Three instances of mlkem-native for all security levels */ /* Include level-independent code */ -#define MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED +#define MLK_MULTILEVEL_BUILD_WITH_SHARED #define MLKEM_K 2 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE /* Exclude level-independent code */ -#undef MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED -#define MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED +#undef MLK_MULTILEVEL_BUILD_WITH_SHARED +#define MLK_MULTILEVEL_BUILD_NO_SHARED #define MLKEM_K 3 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE #define MLKEM_K 4 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE diff --git a/examples/monolithic_build_multilevel/mlkem_native_all.h b/examples/monolithic_build_multilevel/mlkem_native_all.h index 3adc94c9f..942aaf5f1 100644 --- a/examples/monolithic_build_multilevel/mlkem_native_all.h +++ b/examples/monolithic_build_multilevel/mlkem_native_all.h @@ -3,37 +3,37 @@ * SPDX-License-Identifier: Apache-2.0 */ -#if !defined(MLKEM_NATIVE_ALL_H) -#define MLKEM_NATIVE_ALL_H +#if !defined(MLK_ALL_H) +#define MLK_ALL_H /* API for MLKEM-512 */ -#define BUILD_INFO_LVL 512 -#define BUILD_INFO_NAMESPACE(sym) mlkem512_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 512 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem512_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-768 */ -#define BUILD_INFO_LVL 768 -#define BUILD_INFO_NAMESPACE(sym) mlkem768_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 768 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem768_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-1024 */ -#define BUILD_INFO_LVL 1024 -#define BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 1024 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H -#endif /* MLKEM_NATIVE_ALL_H */ +#endif /* MLK_ALL_H */ diff --git a/examples/monolithic_build_multilevel/multilevel_config.h b/examples/monolithic_build_multilevel/multilevel_config.h index 55c61530b..5d9273a15 100644 --- a/examples/monolithic_build_multilevel/multilevel_config.h +++ b/examples/monolithic_build_multilevel/multilevel_config.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_CONFIG_H -#define MLKEM_NATIVE_CONFIG_H +#ifndef MLK_CONFIG_H +#define MLK_CONFIG_H /****************************************************************************** * Name: MLKEM_K @@ -22,23 +22,23 @@ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_CONFIG_FILE + * Name: MLK_CONFIG_FILE * * Description: If defined, this is a header that will be included instead * of mlkem/config.h. * * This _must_ be set on the command line using - * `-DMLKEM_NATIVE_CONFIG_FILE="..."`. + * `-DMLK_CONFIG_FILE="..."`. * * When you need to build mlkem-native in multiple configurations, - * using varying MLKEM_NATIE_CONFIG_FILE can be more convenient + * using varying MLK_CONFIG_FILE can be more convenient * then configuring everything through CFLAGS. * *****************************************************************************/ -/* #define MLKEM_NATIVE_CONFIG_FILE "config.h" */ +/* #define MLK_CONFIG_FILE "config.h" */ /****************************************************************************** - * Name: MLKEM_NAMESPACE_PREFIX + * Name: MLK_NAMESPACE_PREFIX * * Description: The prefix to use to namespace global symbols * from mlkem/. @@ -46,11 +46,11 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#define MLKEM_NAMESPACE_PREFIX mlkem -#define MLKEM_NAMESPACE_PREFIX_ADD_LEVEL +#define MLK_NAMESPACE_PREFIX mlkem +#define MLK_NAMESPACE_PREFIX_ADD_LEVEL /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_ARITH + * Name: MLK_USE_NATIVE_BACKEND_ARITH * * Description: Determines whether an native arithmetic backend should be used. * @@ -60,7 +60,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the arithmetic backend to be use is - * determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is + * determined by MLK_ARITH_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -68,32 +68,31 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_ARITH) -/* #define MLKEM_USE_NATIVE_BACKEND_ARITH */ +#if !defined(MLK_USE_NATIVE_BACKEND_ARITH) +/* #define MLK_USE_NATIVE_BACKEND_ARITH */ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_ARITH_BACKEND_FILE + * Name: MLK_ARITH_BACKEND_FILE * * Description: The arithmetic backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option + * If MLK_USE_NATIVE_BACKEND_ARITH is unset, this option * is ignored. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must + * If MLK_USE_NATIVE_BACKEND_ARITH is set, this option must * either be undefined or the filename of an arithmetic backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_ARITH) && \ - !defined(MLKEM_NATIVE_ARITH_BACKEND_FILE) -#define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_ARITH) && !defined(MLK_ARITH_BACKEND_FILE) +#define MLK_ARITH_BACKEND_FILE "native/meta.h" #endif /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_FIPS202 + * Name: MLK_USE_NATIVE_BACKEND_FIPS202 * * Description: Determines whether an native FIPS202 backend should be used. * @@ -103,7 +102,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the FIPS202 backend to be use is - * determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is + * determined by MLK_FIPS202_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -111,8 +110,8 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) -/* #define MLKEM_USE_NATIVE_BACKEND_FIPS202 */ +#if !defined(MLK_USE_NATIVE_BACKEND_FIPS202) +/* #define MLK_USE_NATIVE_BACKEND_FIPS202 */ #endif #endif /* MLkEM_NATIVE_CONFIG_H */ diff --git a/examples/monolithic_build_multilevel_native/Makefile b/examples/monolithic_build_multilevel_native/Makefile index b3d45f5e9..d26de3040 100644 --- a/examples/monolithic_build_multilevel_native/Makefile +++ b/examples/monolithic_build_multilevel_native/Makefile @@ -23,8 +23,8 @@ endif # Here, we use just a single monolithic compilation unit to include # multiple instances of mlkem-native, plus all assembly. -MLKEM_NATIVE_SOURCE_C=mlkem_native_all.c -MLKEM_NATIVE_SOURCE_ASM = $(wildcard \ +MLK_SOURCE_C=mlkem_native_all.c +MLK_SOURCE_ASM = $(wildcard \ mlkem/**/*.S \ mlkem/**/**/*.S \ mlkem/**/**/**/*.S \ @@ -64,11 +64,11 @@ endif ifeq ($(HOST_PLATFORM),Linux-x86_64) ifeq ($(CROSS_PREFIX),) CFLAGS += -mavx2 -mbmi2 -mpopcnt -maes - CFLAGS += -DFORCE_X86_64 + CFLAGS += -DMLK_FORCE_X86_64 else ifneq ($(findstring aarch64_be, $(CROSS_PREFIX)),) - CFLAGS += -DFORCE_AARCH64_EB + CFLAGS += -DMLK_FORCE_AARCH64_EB else ifneq ($(findstring aarch64, $(CROSS_PREFIX)),) - CFLAGS += -DFORCE_AARCH64 + CFLAGS += -DMLK_FORCE_AARCH64 else endif @@ -76,16 +76,16 @@ endif # linux aarch64 else ifeq ($(HOST_PLATFORM),Linux-aarch64) ifeq ($(CROSS_PREFIX),) - CFLAGS += -DFORCE_AARCH64 + CFLAGS += -DMLK_FORCE_AARCH64 else ifneq ($(findstring x86_64, $(CROSS_PREFIX)),) CFLAGS += -mavx2 -mbmi2 -mpopcnt -maes - CFLAGS += -DFORCE_X86_64 + CFLAGS += -DMLK_FORCE_X86_64 else endif # darwin aarch64 else ifeq ($(HOST_PLATFORM),Darwin-arm64) - CFLAGS += -DFORCE_AARCH64 + CFLAGS += -DMLK_FORCE_AARCH64 endif CFLAGS := \ @@ -104,14 +104,14 @@ CFLAGS := \ -O3 \ $(CFLAGS) -ASMFLAGS = -DMLKEM_NATIVE_CONFIG_FILE=\"multilevel_config.h\" -ASMFLAGS += -DMLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED +ASMFLAGS = -DMLK_CONFIG_FILE=\"multilevel_config.h\" +ASMFLAGS += -DMLK_MULTILEVEL_BUILD_WITH_SHARED BINARY_NAME_FULL=$(BUILD_DIR)/$(BIN) LIB_NAME_FULL=$(BUILD_DIR)/$(LIB) -MLKEM_NATIVE_OBJ_C=$(patsubst %,$(BUILD_DIR)/%.o,$(MLKEM_NATIVE_SOURCE_C)) -MLKEM_NATIVE_OBJ_ASM=$(patsubst %,$(BUILD_DIR)/%.o,$(MLKEM_NATIVE_SOURCE_ASM)) +MLK_OBJ_C=$(patsubst %,$(BUILD_DIR)/%.o,$(MLK_SOURCE_C)) +MLK_OBJ_ASM=$(patsubst %,$(BUILD_DIR)/%.o,$(MLK_SOURCE_ASM)) Q ?= @ @@ -125,7 +125,7 @@ $(BUILD_DIR)/%.S.o: %.S $(Q)[ -d $(@D) ] || mkdir -p $(@D) $(Q)$(CC) -c $(CFLAGS) $(ASMFLAGS) $(INC) $^ -o $@ -$(LIB_NAME_FULL): $(MLKEM_NATIVE_OBJ_C) $(MLKEM_NATIVE_OBJ_ASM) +$(LIB_NAME_FULL): $(MLK_OBJ_C) $(MLK_OBJ_ASM) $(Q)echo "AR $@" $(Q)[ -d $(@D) ] || mkdir -p $(@D) $(Q)$(AR) rcs $@ $^ diff --git a/examples/monolithic_build_multilevel_native/README.md b/examples/monolithic_build_multilevel_native/README.md index f703bf029..ab99e135c 100644 --- a/examples/monolithic_build_multilevel_native/README.md +++ b/examples/monolithic_build_multilevel_native/README.md @@ -12,82 +12,82 @@ inclusion in another compilation unit. The manually written source file [mlkem_native_all.c](mlkem_native_all.c) includes [mlkem_native_monobuild.c](mlkem_native_monobuild.c) three times, each time using the fixed config [multilevel_config.h](multilevel_config.h), but changing the security level (specified -by `MLKEM_K`) every time. For each inclusion, it sets `MLKEM_NATIVE_CONFIG_FILE` +by `MLKEM_K`) every time. For each inclusion, it sets `MLK_CONFIG_FILE` appropriately first, and then includes the monobuild: ```C /* Three instances of mlkem-native for all security levels */ /* Include level-independent code */ -#define MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED 1 -#define MLKEM_NATIVE_MONOBUILD_KEEP_SHARED_HEADERS +#define MLK_MULTILEVEL_BUILD_WITH_SHARED 1 +#define MLK_MONOBUILD_KEEP_SHARED_HEADERS /* Include C files accompanying native code */ -#define MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH -#define MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202 +#define MLK_MONOBUILD_WITH_NATIVE_ARITH +#define MLK_MONOBUILD_WITH_NATIVE_FIPS202 /* Indicate that this is a monobuild */ -#define MLKEM_NATIVE_MONOBUILD +#define MLK_MONOBUILD #define MLKEM_K 2 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE /* Exclude level-independent code */ -#undef MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED -#define MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED +#undef MLK_MULTILEVEL_BUILD_WITH_SHARED +#define MLK_MULTILEVEL_BUILD_NO_SHARED #define MLKEM_K 3 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE #define MLKEM_K 4 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" -#undef MLKEM_NATIVE_MONOBUILD_KEEP_SHARED_HEADERS +#define MLK_CONFIG_FILE "multilevel_config.h" +#undef MLK_MONOBUILD_KEEP_SHARED_HEADERS #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE ``` -Note the setting `MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED` which forces the inclusion of all level-independent -code in the MLKEM-512 build, and the setting `MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED`, which drops all -level-independent code in the subsequent builds. Finally, `MLKEM_NATIVE_MONOBUILD_KEEP_SHARED_HEADERS` entails that +Note the setting `MLK_MULTILEVEL_BUILD_WITH_SHARED` which forces the inclusion of all level-independent +code in the MLKEM-512 build, and the setting `MLK_MULTILEVEL_BUILD_NO_SHARED`, which drops all +level-independent code in the subsequent builds. Finally, `MLK_MONOBUILD_KEEP_SHARED_HEADERS` entails that `mlkem_native_monobuild.c` does not `#undefine` the `#define` clauses from level-independent files. To make the monolithic multi-level build accessible from the application sources, we provide [mlkem_native_all.h](mlkem_native_all.h), which includes [mlkem_native.h](../../mlkem/mlkem_native.h) once per -configuration. Note that we don't refer to the configuration using `MLKEM_NATIVE_CONFIG_FILE`, but by setting -`BUILD_INFO_XXX` explicitly. Otherwise, [mlkem_native.h](../../mlkem/mlkem_native.h) would include the confg, which +configuration. Note that we don't refer to the configuration using `MLK_CONFIG_FILE`, but by setting +`MLK_BUILD_INFO_XXX` explicitly. Otherwise, [mlkem_native.h](../../mlkem/mlkem_native.h) would include the confg, which would lead to name-clashes upon multiple use. ```C /* API for MLKEM-512 */ -#define BUILD_INFO_LVL 512 -#define BUILD_INFO_NAMESPACE(sym) mlkem512_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 512 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem512_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-768 */ -#define BUILD_INFO_LVL 768 -#define BUILD_INFO_NAMESPACE(sym) mlkem768_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 768 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem768_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-1024 */ -#define BUILD_INFO_LVL 1024 -#define BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 1024 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H ``` ## Usage diff --git a/examples/monolithic_build_multilevel_native/mlkem_native_all.c b/examples/monolithic_build_multilevel_native/mlkem_native_all.c index 06e94a88b..481105c37 100644 --- a/examples/monolithic_build_multilevel_native/mlkem_native_all.c +++ b/examples/monolithic_build_multilevel_native/mlkem_native_all.c @@ -3,33 +3,33 @@ * SPDX-License-Identifier: Apache-2.0 */ -#define MLKEM_NATIVE_MULTILEVEL_BUILD +#define MLK_MULTILEVEL_BUILD /* Three instances of mlkem-native for all security levels */ /* Include level-independent code */ -#define MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED 1 +#define MLK_MULTILEVEL_BUILD_WITH_SHARED 1 /* Include C files accompanying native code */ -#define MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH -#define MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202 +#define MLK_MONOBUILD_WITH_NATIVE_ARITH +#define MLK_MONOBUILD_WITH_NATIVE_FIPS202 /* Indicate that this is a monobuild */ -#define MLKEM_NATIVE_MONOBUILD +#define MLK_MONOBUILD #define MLKEM_K 2 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE /* Exclude level-independent code */ -#undef MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED -#define MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED +#undef MLK_MULTILEVEL_BUILD_WITH_SHARED +#define MLK_MULTILEVEL_BUILD_NO_SHARED #define MLKEM_K 3 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE #define MLKEM_K 4 -#define MLKEM_NATIVE_CONFIG_FILE "multilevel_config.h" +#define MLK_CONFIG_FILE "multilevel_config.h" #include "mlkem_native_monobuild.c" -#undef MLKEM_NATIVE_CONFIG_FILE +#undef MLK_CONFIG_FILE diff --git a/examples/monolithic_build_multilevel_native/mlkem_native_all.h b/examples/monolithic_build_multilevel_native/mlkem_native_all.h index 3adc94c9f..942aaf5f1 100644 --- a/examples/monolithic_build_multilevel_native/mlkem_native_all.h +++ b/examples/monolithic_build_multilevel_native/mlkem_native_all.h @@ -3,37 +3,37 @@ * SPDX-License-Identifier: Apache-2.0 */ -#if !defined(MLKEM_NATIVE_ALL_H) -#define MLKEM_NATIVE_ALL_H +#if !defined(MLK_ALL_H) +#define MLK_ALL_H /* API for MLKEM-512 */ -#define BUILD_INFO_LVL 512 -#define BUILD_INFO_NAMESPACE(sym) mlkem512_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 512 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem512_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-768 */ -#define BUILD_INFO_LVL 768 -#define BUILD_INFO_NAMESPACE(sym) mlkem768_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 768 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem768_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-1024 */ -#define BUILD_INFO_LVL 1024 -#define BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 1024 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H -#endif /* MLKEM_NATIVE_ALL_H */ +#endif /* MLK_ALL_H */ diff --git a/examples/monolithic_build_multilevel_native/multilevel_config.h b/examples/monolithic_build_multilevel_native/multilevel_config.h index b068241f4..be2f31956 100644 --- a/examples/monolithic_build_multilevel_native/multilevel_config.h +++ b/examples/monolithic_build_multilevel_native/multilevel_config.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_CONFIG_H -#define MLKEM_NATIVE_CONFIG_H +#ifndef MLK_CONFIG_H +#define MLK_CONFIG_H /****************************************************************************** * Name: MLKEM_K @@ -22,23 +22,23 @@ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_CONFIG_FILE + * Name: MLK_CONFIG_FILE * * Description: If defined, this is a header that will be included instead * of mlkem/config.h. * * This _must_ be set on the command line using - * `-DMLKEM_NATIVE_CONFIG_FILE="..."`. + * `-DMLK_CONFIG_FILE="..."`. * * When you need to build mlkem-native in multiple configurations, - * using varying MLKEM_NATIE_CONFIG_FILE can be more convenient + * using varying MLK_CONFIG_FILE can be more convenient * then configuring everything through CFLAGS. * *****************************************************************************/ -/* #define MLKEM_NATIVE_CONFIG_FILE "config.h" */ +/* #define MLK_CONFIG_FILE "config.h" */ /****************************************************************************** - * Name: MLKEM_NAMESPACE_PREFIX + * Name: MLK_NAMESPACE_PREFIX * * Description: The prefix to use to namespace global symbols * from mlkem/. @@ -46,11 +46,11 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#define MLKEM_NAMESPACE_PREFIX mlkem -#define MLKEM_NAMESPACE_PREFIX_ADD_LEVEL +#define MLK_NAMESPACE_PREFIX mlkem +#define MLK_NAMESPACE_PREFIX_ADD_LEVEL /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_ARITH + * Name: MLK_USE_NATIVE_BACKEND_ARITH * * Description: Determines whether an native arithmetic backend should be used. * @@ -60,7 +60,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the arithmetic backend to be use is - * determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is + * determined by MLK_ARITH_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -68,30 +68,29 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#define MLKEM_USE_NATIVE_BACKEND_ARITH +#define MLK_USE_NATIVE_BACKEND_ARITH /****************************************************************************** - * Name: MLKEM_NATIVE_ARITH_BACKEND_FILE + * Name: MLK_ARITH_BACKEND_FILE * * Description: The arithmetic backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option + * If MLK_USE_NATIVE_BACKEND_ARITH is unset, this option * is ignored. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must + * If MLK_USE_NATIVE_BACKEND_ARITH is set, this option must * either be undefined or the filename of an arithmetic backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_ARITH) && \ - !defined(MLKEM_NATIVE_ARITH_BACKEND_FILE) -#define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_ARITH) && !defined(MLK_ARITH_BACKEND_FILE) +#define MLK_ARITH_BACKEND_FILE "native/meta.h" #endif /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_FIPS202 + * Name: MLK_USE_NATIVE_BACKEND_FIPS202 * * Description: Determines whether an native FIPS202 backend should be used. * @@ -101,7 +100,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the FIPS202 backend to be use is - * determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is + * determined by MLK_FIPS202_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -109,23 +108,23 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#define MLKEM_USE_NATIVE_BACKEND_FIPS202 +#define MLK_USE_NATIVE_BACKEND_FIPS202 /****************************************************************************** - * Name: MLKEM_NATIVE_FIPS202_BACKEND_FILE + * Name: MLK_FIPS202_BACKEND_FILE * * Description: The FIPS-202 backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_FIPS202 is set, this option must + * If MLK_USE_NATIVE_BACKEND_FIPS202 is set, this option must * either be undefined or the filename of a FIPS202 backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) && \ - !defined(MLKEM_NATIVE_FIPS202_BACKEND_FILE) -#define MLKEM_NATIVE_FIPS202_BACKEND_FILE "fips202/native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_FIPS202) && \ + !defined(MLK_FIPS202_BACKEND_FILE) +#define MLK_FIPS202_BACKEND_FILE "fips202/native/meta.h" #endif #endif /* MLkEM_NATIVE_CONFIG_H */ diff --git a/examples/multilevel_build/Makefile b/examples/multilevel_build/Makefile index 41c41256d..1c78915ba 100644 --- a/examples/multilevel_build/Makefile +++ b/examples/multilevel_build/Makefile @@ -18,12 +18,12 @@ endif # # If you are not concerned about minimizing for a specific backend, # you can just include _all_ source files into your build. -MLKEM_NATIVE_SOURCE_ALL := $(wildcard \ +MLK_SOURCE_ALL := $(wildcard \ mlkem_native/**/*.c \ mlkem_native/**/**/*.c \ mlkem_native/**/**/**/*.c \ mlkem_native/**/**/**/**/*.c) -MLKEM_NATIVE_SOURCE:=$(foreach S,$(MLKEM_NATIVE_SOURCE_ALL),\ +MLK_SOURCE:=$(foreach S,$(MLK_SOURCE_ALL),\ $(if $(findstring /native/,$S),,$S)) BUILD_DIR=build @@ -31,21 +31,21 @@ MLKEM512_DIR = $(BUILD_DIR)/mlkem512 MLKEM768_DIR = $(BUILD_DIR)/mlkem768 MLKEM1024_DIR = $(BUILD_DIR)/mlkem1024 -MLKEM512_OBJS=$(patsubst %,$(MLKEM512_DIR)/%.o,$(MLKEM_NATIVE_SOURCE)) -MLKEM768_OBJS=$(patsubst %,$(MLKEM768_DIR)/%.o,$(MLKEM_NATIVE_SOURCE)) -MLKEM1024_OBJS=$(patsubst %,$(MLKEM1024_DIR)/%.o,$(MLKEM_NATIVE_SOURCE)) +MLKEM512_OBJS=$(patsubst %,$(MLKEM512_DIR)/%.o,$(MLK_SOURCE)) +MLKEM768_OBJS=$(patsubst %,$(MLKEM768_DIR)/%.o,$(MLK_SOURCE)) +MLKEM1024_OBJS=$(patsubst %,$(MLKEM1024_DIR)/%.o,$(MLK_SOURCE)) $(MLKEM512_OBJS): $(MLKEM512_DIR)/%.c.o: %.c $(Q)[ -d $(@D) ] || mkdir -p $(@D) - $(Q)$(CC) -DMLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED -DMLKEM_K=2 $(CFLAGS) -c $^ -o $@ + $(Q)$(CC) -DMLK_MULTILEVEL_BUILD_WITH_SHARED -DMLKEM_K=2 $(CFLAGS) -c $^ -o $@ $(MLKEM768_OBJS): $(MLKEM768_DIR)/%.c.o: %.c $(Q)[ -d $(@D) ] || mkdir -p $(@D) - $(Q)$(CC) -DMLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED -DMLKEM_K=3 $(CFLAGS) -c $^ -o $@ + $(Q)$(CC) -DMLK_MULTILEVEL_BUILD_NO_SHARED -DMLKEM_K=3 $(CFLAGS) -c $^ -o $@ $(MLKEM1024_OBJS): $(MLKEM1024_DIR)/%.c.o: %.c $(Q)[ -d $(@D) ] || mkdir -p $(@D) - $(Q)$(CC) -DMLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED -DMLKEM_K=4 $(CFLAGS) -c $^ -o $@ + $(Q)$(CC) -DMLK_MULTILEVEL_BUILD_NO_SHARED -DMLKEM_K=4 $(CFLAGS) -c $^ -o $@ mlkem512_objs: $(MLKEM512_OBJS) mlkem768_objs: $(MLKEM768_OBJS) @@ -84,8 +84,8 @@ CFLAGS := \ -Wno-unknown-pragmas \ -Wno-unused-command-line-argument \ -fomit-frame-pointer \ - -DMLKEM_NAMESPACE_PREFIX=mlkem \ - -DMLKEM_NAMESPACE_PREFIX_ADD_LEVEL\ + -DMLK_NAMESPACE_PREFIX=mlkem \ + -DMLK_NAMESPACE_PREFIX_ADD_LEVEL\ -std=c99 \ -pedantic \ -MMD \ diff --git a/examples/multilevel_build/README.md b/examples/multilevel_build/README.md index f4d0329b9..c45b88570 100644 --- a/examples/multilevel_build/README.md +++ b/examples/multilevel_build/README.md @@ -7,10 +7,10 @@ MLKEM-512, MLKEM-768, and MLKEM-1024, and so that level-independent code is shar of mlkem-native is used. The library is built 3 times in different build directories `build/mlkem{512,768,1024}`. For the MLKEM-512 build, we set -`MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED` to force the inclusion of all level-independent code in the -MLKEM512-build. For MLKEM-768 and MLKEM-1024, we set `MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED` to not include any -level-independent code. Finally, we use the common namespace prefix `mlkem` as `MLKEM_NAMESPACE_PREFIX` for all three -builds, but set `MLKEM_NAMESPACE_PREFIX_ADD_LEVEL` to additionally suffix level-dependent functions with `512/768/1024`, +`MLK_MULTILEVEL_BUILD_WITH_SHARED` to force the inclusion of all level-independent code in the +MLKEM512-build. For MLKEM-768 and MLKEM-1024, we set `MLK_MULTILEVEL_BUILD_NO_SHARED` to not include any +level-independent code. Finally, we use the common namespace prefix `mlkem` as `MLK_NAMESPACE_PREFIX` for all three +builds, but set `MLK_NAMESPACE_PREFIX_ADD_LEVEL` to additionally suffix level-dependent functions with `512/768/1024`, while level-independent functions are named `mlkem_xxx`. ## Usage diff --git a/examples/multilevel_build/mlkem_native_all.h b/examples/multilevel_build/mlkem_native_all.h index 98817598f..2e79468e0 100644 --- a/examples/multilevel_build/mlkem_native_all.h +++ b/examples/multilevel_build/mlkem_native_all.h @@ -3,37 +3,37 @@ * SPDX-License-Identifier: Apache-2.0 */ -#if !defined(MLKEM_NATIVE_ALL_H) -#define MLKEM_NATIVE_ALL_H +#if !defined(MLK_ALL_H) +#define MLK_ALL_H /* API for MLKEM-512 */ -#define BUILD_INFO_LVL 512 -#define BUILD_INFO_NAMESPACE(sym) mlkem512_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 512 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem512_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native/mlkem/mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-768 */ -#define BUILD_INFO_LVL 768 -#define BUILD_INFO_NAMESPACE(sym) mlkem768_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 768 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem768_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native/mlkem/mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-1024 */ -#define BUILD_INFO_LVL 1024 -#define BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 1024 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native/mlkem/mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H -#endif /* MLKEM_NATIVE_ALL_H */ +#endif /* MLK_ALL_H */ diff --git a/examples/multilevel_build_native/Makefile b/examples/multilevel_build_native/Makefile index 36d4b28ba..eb16dfcbb 100644 --- a/examples/multilevel_build_native/Makefile +++ b/examples/multilevel_build_native/Makefile @@ -22,11 +22,11 @@ endif ifeq ($(HOST_PLATFORM),Linux-x86_64) ifeq ($(CROSS_PREFIX),) CFLAGS += -mavx2 -mbmi2 -mpopcnt -maes - CFLAGS += -DFORCE_X86_64 + CFLAGS += -DMLK_FORCE_X86_64 else ifneq ($(findstring aarch64_be, $(CROSS_PREFIX)),) - CFLAGS += -DFORCE_AARCH64_EB + CFLAGS += -DMLK_FORCE_AARCH64_EB else ifneq ($(findstring aarch64, $(CROSS_PREFIX)),) - CFLAGS += -DFORCE_AARCH64 + CFLAGS += -DMLK_FORCE_AARCH64 else endif @@ -34,16 +34,16 @@ endif # linux aarch64 else ifeq ($(HOST_PLATFORM),Linux-aarch64) ifeq ($(CROSS_PREFIX),) - CFLAGS += -DFORCE_AARCH64 + CFLAGS += -DMLK_FORCE_AARCH64 else ifneq ($(findstring x86_64, $(CROSS_PREFIX)),) CFLAGS += -mavx2 -mbmi2 -mpopcnt -maes - CFLAGS += -DFORCE_X86_64 + CFLAGS += -DMLK_FORCE_X86_64 else endif # darwin aarch64 else ifeq ($(HOST_PLATFORM),Darwin-arm64) - CFLAGS += -DFORCE_AARCH64 + CFLAGS += -DMLK_FORCE_AARCH64 endif CFLAGS := \ @@ -59,8 +59,8 @@ CFLAGS := \ -Wno-unknown-pragmas \ -Wno-unused-command-line-argument \ -fomit-frame-pointer \ - -DMLKEM_NAMESPACE_PREFIX=mlkem \ - -DMLKEM_NAMESPACE_PREFIX_ADD_LEVEL \ + -DMLK_NAMESPACE_PREFIX=mlkem \ + -DMLK_NAMESPACE_PREFIX_ADD_LEVEL \ -std=c99 \ -pedantic \ -MMD \ @@ -74,7 +74,7 @@ CFLAGS := \ # # If you are not concerned about minimizing for a specific backend, # you can just include _all_ source files into your build. -MLKEM_NATIVE_SOURCE := $(wildcard \ +MLK_SOURCE := $(wildcard \ mlkem_native/**/*.c \ mlkem_native/**/**/*.c \ mlkem_native/**/**/**/*.c \ @@ -91,24 +91,24 @@ MLKEM512_DIR = $(BUILD_DIR)/mlkem512 MLKEM768_DIR = $(BUILD_DIR)/mlkem768 MLKEM1024_DIR = $(BUILD_DIR)/mlkem1024 -MLKEM512_OBJS=$(patsubst %,$(MLKEM512_DIR)/%.o,$(MLKEM_NATIVE_SOURCE)) -MLKEM768_OBJS=$(patsubst %,$(MLKEM768_DIR)/%.o,$(MLKEM_NATIVE_SOURCE)) -MLKEM1024_OBJS=$(patsubst %,$(MLKEM1024_DIR)/%.o,$(MLKEM_NATIVE_SOURCE)) +MLKEM512_OBJS=$(patsubst %,$(MLKEM512_DIR)/%.o,$(MLK_SOURCE)) +MLKEM768_OBJS=$(patsubst %,$(MLKEM768_DIR)/%.o,$(MLK_SOURCE)) +MLKEM1024_OBJS=$(patsubst %,$(MLKEM1024_DIR)/%.o,$(MLK_SOURCE)) $(MLKEM512_OBJS): $(MLKEM512_DIR)/%.o: % $(Q)echo " CC $@" $(Q)[ -d $(@D) ] || mkdir -p $(@D) - $(Q)$(CC) -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_USE_NATIVE_BACKEND_FIPS202 -DMLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED -DMLKEM_K=2 $(CFLAGS) -c $^ -o $@ + $(Q)$(CC) -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_USE_NATIVE_BACKEND_FIPS202 -DMLK_MULTILEVEL_BUILD_WITH_SHARED -DMLKEM_K=2 $(CFLAGS) -c $^ -o $@ $(MLKEM768_OBJS): $(MLKEM768_DIR)/%.o: % $(Q)echo " CC $@" $(Q)[ -d $(@D) ] || mkdir -p $(@D) - $(Q)$(CC) -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_USE_NATIVE_BACKEND_FIPS202 -DMLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED -DMLKEM_K=3 $(CFLAGS) -c $^ -o $@ + $(Q)$(CC) -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_USE_NATIVE_BACKEND_FIPS202 -DMLK_MULTILEVEL_BUILD_NO_SHARED -DMLKEM_K=3 $(CFLAGS) -c $^ -o $@ $(MLKEM1024_OBJS): $(MLKEM1024_DIR)/%.o: % $(Q)echo " CC $@" $(Q)[ -d $(@D) ] || mkdir -p $(@D) - $(Q)$(CC) -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_USE_NATIVE_BACKEND_FIPS202 -DMLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED -DMLKEM_K=4 $(CFLAGS) -c $^ -o $@ + $(Q)$(CC) -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_USE_NATIVE_BACKEND_FIPS202 -DMLK_MULTILEVEL_BUILD_NO_SHARED -DMLKEM_K=4 $(CFLAGS) -c $^ -o $@ mlkem512_objs: $(MLKEM512_OBJS) mlkem768_objs: $(MLKEM768_OBJS) diff --git a/examples/multilevel_build_native/README.md b/examples/multilevel_build_native/README.md index ea1547870..deff59fbb 100644 --- a/examples/multilevel_build_native/README.md +++ b/examples/multilevel_build_native/README.md @@ -6,10 +6,10 @@ This directory contains a minimal example for how to build mlkem-native with sup MLKEM-512, MLKEM-768, and MLKEM-1024. All level-independent code is shared, and native backends are in use. The library is built 3 times in different build directories `build/mlkem{512,768,1024}`. For the MLKEM-512 build, we set -`MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED` to force the inclusion of all level-independent code in the -MLKEM512-build. For MLKEM-768 and MLKEM-1024, we set `MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED` to not include any -level-independent code. Finally, we use the common namespace prefix `mlkem` as `MLKEM_NAMESPACE_PREFIX` for all three -builds, but set `MLKEM_NAMESPACE_PREFIX_ADD_LEVEL` to additionally suffix level-dependent functions with `512/768/1024`, +`MLK_MULTILEVEL_BUILD_WITH_SHARED` to force the inclusion of all level-independent code in the +MLKEM512-build. For MLKEM-768 and MLKEM-1024, we set `MLK_MULTILEVEL_BUILD_NO_SHARED` to not include any +level-independent code. Finally, we use the common namespace prefix `mlkem` as `MLK_NAMESPACE_PREFIX` for all three +builds, but set `MLK_NAMESPACE_PREFIX_ADD_LEVEL` to additionally suffix level-dependent functions with `512/768/1024`, while level-independent functions are named `mlkem_xxx`. ## Usage diff --git a/examples/multilevel_build_native/mlkem_native_all.h b/examples/multilevel_build_native/mlkem_native_all.h index 98817598f..2e79468e0 100644 --- a/examples/multilevel_build_native/mlkem_native_all.h +++ b/examples/multilevel_build_native/mlkem_native_all.h @@ -3,37 +3,37 @@ * SPDX-License-Identifier: Apache-2.0 */ -#if !defined(MLKEM_NATIVE_ALL_H) -#define MLKEM_NATIVE_ALL_H +#if !defined(MLK_ALL_H) +#define MLK_ALL_H /* API for MLKEM-512 */ -#define BUILD_INFO_LVL 512 -#define BUILD_INFO_NAMESPACE(sym) mlkem512_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 512 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem512_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native/mlkem/mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-768 */ -#define BUILD_INFO_LVL 768 -#define BUILD_INFO_NAMESPACE(sym) mlkem768_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 768 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem768_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native/mlkem/mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H /* API for MLKEM-1024 */ -#define BUILD_INFO_LVL 1024 -#define BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym -#define BUILD_INFO_NO_STANDARD_API +#define MLK_BUILD_INFO_LVL 1024 +#define MLK_BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym +#define MLK_BUILD_INFO_NO_STANDARD_API #include "mlkem_native/mlkem/mlkem_native.h" -#undef BUILD_INFO_LVL -#undef BUILD_INFO_NAMESPACE -#undef BUILD_INFO_NO_STANDARD_API -#undef MLKEM_NATIVE_H +#undef MLK_BUILD_INFO_LVL +#undef MLK_BUILD_INFO_NAMESPACE +#undef MLK_BUILD_INFO_NO_STANDARD_API +#undef MLK_H -#endif /* MLKEM_NATIVE_ALL_H */ +#endif /* MLK_ALL_H */ diff --git a/integration/liboqs/ML-KEM-1024_META.yml b/integration/liboqs/ML-KEM-1024_META.yml index 6273dbb72..72b47ea1e 100644 --- a/integration/liboqs/ML-KEM-1024_META.yml +++ b/integration/liboqs/ML-KEM-1024_META.yml @@ -26,7 +26,7 @@ implementations: - name: ref version: FIPS203 folder_name: mlkem - compile_opts: -DMLKEM_K=4 -DMLKEM_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM1024_C + compile_opts: -DMLKEM_K=4 -DMLK_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM1024_C signature_keypair: PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair signature_enc: PQCP_MLKEM_NATIVE_MLKEM1024_C_enc signature_dec: PQCP_MLKEM_NATIVE_MLKEM1024_C_dec @@ -34,7 +34,7 @@ implementations: - name: x86_64 version: FIPS203 folder_name: mlkem - compile_opts: -DMLKEM_K=4 -DFORCE_X86_64 -DMLKEM_NATIVE_ARITH_BACKEND_NAME=X86_64_DEFAULT -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_DEFAULT + compile_opts: -DMLKEM_K=4 -DMLK_FORCE_X86_64 -DMLK_ARITH_BACKEND_NAME=X86_64_DEFAULT -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_DEFAULT signature_keypair: PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_DEFAULT_keypair signature_enc: PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_DEFAULT_enc signature_dec: PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_DEFAULT_dec @@ -51,7 +51,7 @@ implementations: - name: aarch64 version: FIPS203 folder_name: mlkem - compile_opts: -DMLKEM_K=4 -DFORCE_AARCH64 -DMLKEM_NATIVE_ARITH_BACKEND_NAME=AARCH64_OPT -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_OPT + compile_opts: -DMLKEM_K=4 -DMLK_FORCE_AARCH64 -DMLK_ARITH_BACKEND_NAME=AARCH64_OPT -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_OPT signature_keypair: PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_OPT_keypair signature_enc: PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_OPT_enc signature_dec: PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_OPT_dec diff --git a/integration/liboqs/ML-KEM-512_META.yml b/integration/liboqs/ML-KEM-512_META.yml index a18c37663..9a621443f 100644 --- a/integration/liboqs/ML-KEM-512_META.yml +++ b/integration/liboqs/ML-KEM-512_META.yml @@ -26,7 +26,7 @@ implementations: - name: ref version: FIPS203 folder_name: mlkem - compile_opts: -DMLKEM_K=2 -DMLKEM_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM512_C + compile_opts: -DMLKEM_K=2 -DMLK_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM512_C signature_keypair: PQCP_MLKEM_NATIVE_MLKEM512_C_keypair signature_enc: PQCP_MLKEM_NATIVE_MLKEM512_C_enc signature_dec: PQCP_MLKEM_NATIVE_MLKEM512_C_dec @@ -34,7 +34,7 @@ implementations: - name: x86_64 version: FIPS203 folder_name: mlkem - compile_opts: -DMLKEM_K=2 -DFORCE_X86_64 -DMLKEM_NATIVE_ARITH_BACKEND_NAME=X86_64_DEFAULT -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM512_X86_64_DEFAULT + compile_opts: -DMLKEM_K=2 -DMLK_FORCE_X86_64 -DMLK_ARITH_BACKEND_NAME=X86_64_DEFAULT -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM512_X86_64_DEFAULT signature_keypair: PQCP_MLKEM_NATIVE_MLKEM512_X86_64_DEFAULT_keypair signature_enc: PQCP_MLKEM_NATIVE_MLKEM512_X86_64_DEFAULT_enc signature_dec: PQCP_MLKEM_NATIVE_MLKEM512_X86_64_DEFAULT_dec @@ -51,7 +51,7 @@ implementations: - name: aarch64 version: FIPS203 folder_name: mlkem - compile_opts: -DMLKEM_K=2 -DFORCE_AARCH64 -DMLKEM_NATIVE_ARITH_BACKEND_NAME=AARCH64_OPT -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_OPT + compile_opts: -DMLKEM_K=2 -DMLK_FORCE_AARCH64 -DMLK_ARITH_BACKEND_NAME=AARCH64_OPT -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_OPT signature_keypair: PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_OPT_keypair signature_enc: PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_OPT_enc signature_dec: PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_OPT_dec diff --git a/integration/liboqs/ML-KEM-768_META.yml b/integration/liboqs/ML-KEM-768_META.yml index 4226c3428..9600fbd43 100644 --- a/integration/liboqs/ML-KEM-768_META.yml +++ b/integration/liboqs/ML-KEM-768_META.yml @@ -26,7 +26,7 @@ implementations: - name: ref version: FIPS203 folder_name: mlkem - compile_opts: -DMLKEM_K=3 -DMLKEM_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM768_C + compile_opts: -DMLKEM_K=3 -DMLK_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM768_C signature_keypair: PQCP_MLKEM_NATIVE_MLKEM768_C_keypair signature_enc: PQCP_MLKEM_NATIVE_MLKEM768_C_enc signature_dec: PQCP_MLKEM_NATIVE_MLKEM768_C_dec @@ -34,7 +34,7 @@ implementations: - name: x86_64 version: FIPS203 folder_name: mlkem - compile_opts: -DMLKEM_K=3 -DFORCE_X86_64 -DMLKEM_NATIVE_ARITH_BACKEND_NAME=X86_64_DEFAULT -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM768_X86_64_DEFAULT + compile_opts: -DMLKEM_K=3 -DMLK_FORCE_X86_64 -DMLK_ARITH_BACKEND_NAME=X86_64_DEFAULT -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM768_X86_64_DEFAULT signature_keypair: PQCP_MLKEM_NATIVE_MLKEM768_X86_64_DEFAULT_keypair signature_enc: PQCP_MLKEM_NATIVE_MLKEM768_X86_64_DEFAULT_enc signature_dec: PQCP_MLKEM_NATIVE_MLKEM768_X86_64_DEFAULT_dec @@ -51,7 +51,7 @@ implementations: - name: aarch64 version: FIPS203 folder_name: mlkem - compile_opts: -DMLKEM_K=3 -DFORCE_AARCH64 -DMLKEM_NATIVE_ARITH_BACKEND_NAME=AARCH64_OPT -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_OPT + compile_opts: -DMLKEM_K=3 -DMLK_FORCE_AARCH64 -DMLK_ARITH_BACKEND_NAME=AARCH64_OPT -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_NAMESPACE_PREFIX=PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_OPT signature_keypair: PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_OPT_keypair signature_enc: PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_OPT_enc signature_dec: PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_OPT_dec diff --git a/mlkem/arith_backend.h b/mlkem/arith_backend.h index 1e1c384ff..dc7685e73 100644 --- a/mlkem/arith_backend.h +++ b/mlkem/arith_backend.h @@ -3,22 +3,22 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_ARITH_BACKEND_H -#define MLKEM_NATIVE_ARITH_BACKEND_H +#ifndef MLK_ARITH_BACKEND_H +#define MLK_ARITH_BACKEND_H #include "common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL) -#include MLKEM_NATIVE_ARITH_BACKEND_IMPL +#if defined(MLK_ARITH_BACKEND_IMPL) +#include MLK_ARITH_BACKEND_IMPL /* Include to enforce consistency of API and implementation, * and conduct sanity checks on the backend. * * Keep this _after_ the inclusion of the backend; otherwise, * the sanity checks won't have an effect. */ -#if defined(MLKEM_NATIVE_CHECK_APIS) +#if defined(MLK_CHECK_APIS) #include "native/api.h" #endif #endif -#endif /* MLKEM_NATIVE_ARITH_BACKEND_H */ +#endif /* MLK_ARITH_BACKEND_H */ diff --git a/mlkem/cbmc.h b/mlkem/cbmc.h index ed2f8b36c..1fff5ee28 100644 --- a/mlkem/cbmc.h +++ b/mlkem/cbmc.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_CBMC_H -#define MLKEM_NATIVE_CBMC_H +#ifndef MLK_CBMC_H +#define MLK_CBMC_H /*************************************************** * Basic replacements for __CPROVER_XXX contracts ***************************************************/ @@ -140,4 +140,4 @@ #endif -#endif /* MLKEM_NATIVE_CBMC_H */ +#endif /* MLK_CBMC_H */ diff --git a/mlkem/common.h b/mlkem/common.h index 8ed4a003e..a92e6c42e 100644 --- a/mlkem/common.h +++ b/mlkem/common.h @@ -2,82 +2,80 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_COMMON_H -#define MLKEM_NATIVE_COMMON_H +#ifndef MLK_COMMON_H +#define MLK_COMMON_H -#if defined(MLKEM_NATIVE_CONFIG_FILE) -#include MLKEM_NATIVE_CONFIG_FILE +#if defined(MLK_CONFIG_FILE) +#include MLK_CONFIG_FILE #else #include "config.h" -#endif /* MLKEM_NATIVE_CONFIG_FILE */ +#endif /* MLK_CONFIG_FILE */ #include "params.h" #include "sys.h" /* Include backend metadata */ -#if defined(MLKEM_USE_NATIVE_BACKEND_ARITH) -#if defined(MLKEM_NATIVE_ARITH_BACKEND_FILE) -#include MLKEM_NATIVE_ARITH_BACKEND_FILE +#if defined(MLK_USE_NATIVE_BACKEND_ARITH) +#if defined(MLK_ARITH_BACKEND_FILE) +#include MLK_ARITH_BACKEND_FILE #else -#error Bad configuration: MLKEM_USE_NATIVE_BACKEND_ARITH is set, but MLKEM_NATIVE_ARITH_BACKEND_FILE is not. +#error Bad configuration: MLK_USE_NATIVE_BACKEND_ARITH is set, but MLK_ARITH_BACKEND_FILE is not. #endif #endif -#if defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_FILE) -#include MLKEM_NATIVE_FIPS202_BACKEND_FILE +#if defined(MLK_USE_NATIVE_BACKEND_FIPS202) +#if defined(MLK_FIPS202_BACKEND_FILE) +#include MLK_FIPS202_BACKEND_FILE #else -#error Bad configuration: MLKEM_USE_NATIVE_BACKEND_FIPS202 is set, but MLKEM_NATIVE_FIPS202_BACKEND_FILE is not. +#error Bad configuration: MLK_USE_NATIVE_BACKEND_FIPS202 is set, but MLK_FIPS202_BACKEND_FILE is not. #endif #endif -#if !defined(MLKEM_NATIVE_ARITH_BACKEND_NAME) -#define MLKEM_NATIVE_ARITH_BACKEND_NAME C +#if !defined(MLK_ARITH_BACKEND_NAME) +#define MLK_ARITH_BACKEND_NAME C #endif -#if !defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME) -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME C +#if !defined(MLK_FIPS202_BACKEND_NAME) +#define MLK_FIPS202_BACKEND_NAME C #endif /* For a monobuild (where all compilation units are merged into one), mark * all non-public API as static since they don't need external linkage. */ -#if !defined(MLKEM_NATIVE_MONOBUILD) -#define MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_MONOBUILD) +#define MLK_INTERNAL_API #else -#define MLKEM_NATIVE_INTERNAL_API static +#define MLK_INTERNAL_API static #endif -#define MLKEM_NATIVE_MAKE_NAMESPACE_(x1, x2) x1##_##x2 -#define MLKEM_NATIVE_MAKE_NAMESPACE(x1, x2) MLKEM_NATIVE_MAKE_NAMESPACE_(x1, x2) +#define MLK_MAKE_NAMESPACE_(x1, x2) x1##_##x2 +#define MLK_MAKE_NAMESPACE(x1, x2) MLK_MAKE_NAMESPACE_(x1, x2) -#define MLKEM_NAMESPACE(s) \ - MLKEM_NATIVE_MAKE_NAMESPACE(MLKEM_NAMESPACE_PREFIX, s) +#define MLK_NAMESPACE(s) MLK_MAKE_NAMESPACE(MLK_NAMESPACE_PREFIX, s) -#if defined(MLKEM_NAMESPACE_PREFIX_ADD_LEVEL) -#define MLKEM_NATIVE_MAKE_NAMESPACE_K_(x1, x2, x3) x1##x2##_##x3 -#define MLKEM_NATIVE_MAKE_NAMESPACE_K(x1, x2, x3) \ - MLKEM_NATIVE_MAKE_NAMESPACE_K_(x1, x2, x3) -#define MLKEM_NAMESPACE_K(s) \ - MLKEM_NATIVE_MAKE_NAMESPACE_K(MLKEM_NAMESPACE_PREFIX, MLKEM_LVL, s) +#if defined(MLK_NAMESPACE_PREFIX_ADD_LEVEL) +#define MLK_MAKE_NAMESPACE_K_(x1, x2, x3) x1##x2##_##x3 +#define MLK_MAKE_NAMESPACE_K(x1, x2, x3) MLK_MAKE_NAMESPACE_K_(x1, x2, x3) +#define MLK_NAMESPACE_K(s) \ + MLK_MAKE_NAMESPACE_K(MLK_NAMESPACE_PREFIX, MLKEM_LVL, s) #else -#define MLKEM_NAMESPACE_K(s) MLKEM_NAMESPACE(s) +#define MLK_NAMESPACE_K(s) MLK_NAMESPACE(s) #endif /* On Apple platforms, we need to emit leading underscore * in front of assembly symbols. We thus introducee a separate * namespace wrapper for ASM symbols. */ #if !defined(__APPLE__) -#define MLKEM_ASM_NAMESPACE(sym) MLKEM_NAMESPACE(sym) +#define MLK_ASM_NAMESPACE(sym) MLK_NAMESPACE(sym) #else -#define PREFIX_UNDERSCORE_(sym) _##sym -#define PREFIX_UNDERSCORE(sym) PREFIX_UNDERSCORE_(sym) -#define MLKEM_ASM_NAMESPACE(sym) PREFIX_UNDERSCORE(MLKEM_NAMESPACE(sym)) +#define MLK_PREFIX_UNDERSCORE_(sym) _##sym +#define MLK_PREFIX_UNDERSCORE(sym) MLK_PREFIX_UNDERSCORE_(sym) +#define MLK_ASM_NAMESPACE(sym) MLK_PREFIX_UNDERSCORE(MLK_NAMESPACE(sym)) #endif /* We aim to simplify the user's life by supporting builds where * all source files are included, even those that are not needed. * Those files are appropriately guarded and will be empty when unneeded. * The following is to avoid compilers complaining about this. */ -#define MLKEM_NATIVE_EMPTY_CU(s) extern int MLKEM_NAMESPACE_K(empty_cu_##s); +#define MLK_EMPTY_CU(s) extern int MLK_NAMESPACE_K(empty_cu_##s); -#endif /* MLKEM_NATIVE_COMMON_H */ +#endif /* MLK_COMMON_H */ diff --git a/mlkem/compress.c b/mlkem/compress.c index 620600269..e218d00d0 100644 --- a/mlkem/compress.c +++ b/mlkem/compress.c @@ -3,7 +3,7 @@ * SPDX-License-Identifier: Apache-2.0 */ #include "common.h" -#if !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include @@ -13,10 +13,9 @@ #include "debug.h" #include "verify.h" -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || \ - (MLKEM_K == 2 || MLKEM_K == 3) -#if !defined(MLKEM_USE_NATIVE_POLY_COMPRESS_D4) -MLKEM_NATIVE_INTERNAL_API +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 || MLKEM_K == 3) +#if !defined(MLK_USE_NATIVE_POLY_COMPRESS_D4) +MLK_INTERNAL_API void poly_compress_d4(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], const poly *a) { unsigned i; @@ -41,17 +40,17 @@ void poly_compress_d4(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], const poly *a) r[i * 4 + 3] = t[6] | (t[7] << 4); } } -#else /* MLKEM_USE_NATIVE_POLY_COMPRESS_D4 */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_COMPRESS_D4 */ +MLK_INTERNAL_API void poly_compress_d4(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], const poly *a) { debug_assert_bound(a, MLKEM_N, 0, MLKEM_Q); poly_compress_d4_native(r, a->coeffs); } -#endif /* MLKEM_USE_NATIVE_POLY_COMPRESS_D4 */ +#endif /* MLK_USE_NATIVE_POLY_COMPRESS_D4 */ -#if !defined(MLKEM_USE_NATIVE_POLY_COMPRESS_D10) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_COMPRESS_D10) +MLK_INTERNAL_API void poly_compress_d10(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], const poly *a) { unsigned j; @@ -80,17 +79,17 @@ void poly_compress_d10(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], const poly *a) r[5 * j + 4] = (t[3] >> 2); } } -#else /* MLKEM_USE_NATIVE_POLY_COMPRESS_D10 */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_COMPRESS_D10 */ +MLK_INTERNAL_API void poly_compress_d10(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], const poly *a) { debug_assert_bound(a, MLKEM_N, 0, MLKEM_Q); poly_compress_d10_native(r, a->coeffs); } -#endif /* MLKEM_USE_NATIVE_POLY_COMPRESS_D10 */ +#endif /* MLK_USE_NATIVE_POLY_COMPRESS_D10 */ -#if !defined(MLKEM_USE_NATIVE_POLY_DECOMPRESS_D4) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_DECOMPRESS_D4) +MLK_INTERNAL_API void poly_decompress_d4(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]) { unsigned i; @@ -105,17 +104,17 @@ void poly_decompress_d4(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]) debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#else /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D4 */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_DECOMPRESS_D4 */ +MLK_INTERNAL_API void poly_decompress_d4(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]) { poly_decompress_d4_native(r->coeffs, a); debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#endif /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D4 */ +#endif /* MLK_USE_NATIVE_POLY_DECOMPRESS_D4 */ -#if !defined(MLKEM_USE_NATIVE_POLY_DECOMPRESS_D10) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_DECOMPRESS_D10) +MLK_INTERNAL_API void poly_decompress_d10(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]) { @@ -145,21 +144,21 @@ void poly_decompress_d10(poly *r, debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#else /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D10 */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_DECOMPRESS_D10 */ +MLK_INTERNAL_API void poly_decompress_d10(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]) { poly_decompress_d10_native(r->coeffs, a); debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#endif /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D10 */ -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ +#endif /* MLK_USE_NATIVE_POLY_DECOMPRESS_D10 */ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ || MLKEM_K == 3) */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 -#if !defined(MLKEM_USE_NATIVE_POLY_COMPRESS_D5) -MLKEM_NATIVE_INTERNAL_API +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +#if !defined(MLK_USE_NATIVE_POLY_COMPRESS_D5) +MLK_INTERNAL_API void poly_compress_d5(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], const poly *a) { unsigned i; @@ -190,17 +189,17 @@ void poly_compress_d5(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], const poly *a) r[i * 5 + 4] = 0xFF & ((t[6] >> 2) | (t[7] << 3)); } } -#else /* MLKEM_USE_NATIVE_POLY_COMPRESS_D5 */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_COMPRESS_D5 */ +MLK_INTERNAL_API void poly_compress_d5(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], const poly *a) { debug_assert_bound(a, MLKEM_N, 0, MLKEM_Q); poly_compress_d5_native(r, a->coeffs); } -#endif /* MLKEM_USE_NATIVE_POLY_COMPRESS_D5 */ +#endif /* MLK_USE_NATIVE_POLY_COMPRESS_D5 */ -#if !defined(MLKEM_USE_NATIVE_POLY_COMPRESS_D11) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_COMPRESS_D11) +MLK_INTERNAL_API void poly_compress_d11(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], const poly *a) { unsigned j; @@ -236,17 +235,17 @@ void poly_compress_d11(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], const poly *a) r[11 * j + 10] = (t[7] >> 3); } } -#else /* MLKEM_USE_NATIVE_POLY_COMPRESS_D11 */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_COMPRESS_D11 */ +MLK_INTERNAL_API void poly_compress_d11(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], const poly *a) { debug_assert_bound(a, MLKEM_N, 0, MLKEM_Q); poly_compress_d11_native(r, a->coeffs); } -#endif /* MLKEM_USE_NATIVE_POLY_COMPRESS_D11 */ +#endif /* MLK_USE_NATIVE_POLY_COMPRESS_D11 */ -#if !defined(MLKEM_USE_NATIVE_POLY_DECOMPRESS_D5) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_DECOMPRESS_D5) +MLK_INTERNAL_API void poly_decompress_d5(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]) { unsigned i; @@ -289,17 +288,17 @@ void poly_decompress_d5(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]) debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#else /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D5 */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_DECOMPRESS_D5 */ +MLK_INTERNAL_API void poly_decompress_d5(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]) { poly_decompress_d5_native(r->coeffs, a); debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#endif /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D5 */ +#endif /* MLK_USE_NATIVE_POLY_DECOMPRESS_D5 */ -#if !defined(MLKEM_USE_NATIVE_POLY_DECOMPRESS_D11) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_DECOMPRESS_D11) +MLK_INTERNAL_API void poly_decompress_d11(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]) { @@ -334,20 +333,20 @@ void poly_decompress_d11(poly *r, debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#else /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D11 */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_DECOMPRESS_D11 */ +MLK_INTERNAL_API void poly_decompress_d11(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]) { poly_decompress_d11_native(r->coeffs, a); debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#endif /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D11 */ +#endif /* MLK_USE_NATIVE_POLY_DECOMPRESS_D11 */ -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD) || MLKEM_K == 4 */ +#endif /* MLK_MULTILEVEL_BUILD) || MLKEM_K == 4 */ -#if !defined(MLKEM_USE_NATIVE_POLY_TOBYTES) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_TOBYTES) +MLK_INTERNAL_API void poly_tobytes(uint8_t r[MLKEM_POLYBYTES], const poly *a) { unsigned i; @@ -378,24 +377,24 @@ void poly_tobytes(uint8_t r[MLKEM_POLYBYTES], const poly *a) r[3 * i + 2] = t1 >> 4; } } -#else /* MLKEM_USE_NATIVE_POLY_TOBYTES */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_TOBYTES */ +MLK_INTERNAL_API void poly_tobytes(uint8_t r[MLKEM_POLYBYTES], const poly *a) { debug_assert_bound(a, MLKEM_N, 0, MLKEM_Q); poly_tobytes_native(r, a->coeffs); } -#endif /* MLKEM_USE_NATIVE_POLY_TOBYTES */ +#endif /* MLK_USE_NATIVE_POLY_TOBYTES */ -#if !defined(MLKEM_USE_NATIVE_POLY_FROMBYTES) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_FROMBYTES) +MLK_INTERNAL_API void poly_frombytes(poly *r, const uint8_t a[MLKEM_POLYBYTES]) { unsigned i; for (i = 0; i < MLKEM_N / 2; i++) __loop__( invariant(i <= MLKEM_N / 2) - invariant(array_bound(r->coeffs, 0, 2 * i, 0, UINT12_LIMIT))) + invariant(array_bound(r->coeffs, 0, 2 * i, 0, MLKEM_UINT12_LIMIT))) { const uint8_t t0 = a[3 * i + 0]; const uint8_t t1 = a[3 * i + 1]; @@ -405,17 +404,17 @@ void poly_frombytes(poly *r, const uint8_t a[MLKEM_POLYBYTES]) } /* Note that the coefficients are not canonical */ - debug_assert_bound(r, MLKEM_N, 0, UINT12_LIMIT); + debug_assert_bound(r, MLKEM_N, 0, MLKEM_UINT12_LIMIT); } -#else /* MLKEM_USE_NATIVE_POLY_FROMBYTES */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_FROMBYTES */ +MLK_INTERNAL_API void poly_frombytes(poly *r, const uint8_t a[MLKEM_POLYBYTES]) { poly_frombytes_native(r->coeffs, a); } -#endif /* MLKEM_USE_NATIVE_POLY_FROMBYTES */ +#endif /* MLK_USE_NATIVE_POLY_FROMBYTES */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_frommsg(poly *r, const uint8_t msg[MLKEM_INDCPA_MSGBYTES]) { unsigned i; @@ -442,7 +441,7 @@ void poly_frommsg(poly *r, const uint8_t msg[MLKEM_INDCPA_MSGBYTES]) debug_assert_abs_bound(r, MLKEM_N, MLKEM_Q); } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_tomsg(uint8_t msg[MLKEM_INDCPA_MSGBYTES], const poly *a) { unsigned i; @@ -463,8 +462,8 @@ void poly_tomsg(uint8_t msg[MLKEM_INDCPA_MSGBYTES], const poly *a) } } -#else /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#else /* MLK_MULTILEVEL_BUILD_NO_SHARED */ -MLKEM_NATIVE_EMPTY_CU(compress) +MLK_EMPTY_CU(compress) -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/compress.h b/mlkem/compress.h index 8e5013079..9eb710da6 100644 --- a/mlkem/compress.h +++ b/mlkem/compress.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_COMPRESS_H -#define MLKEM_NATIVE_COMPRESS_H +#ifndef MLK_COMPRESS_H +#define MLK_COMPRESS_H #include #include @@ -17,15 +17,15 @@ * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define scalar_compress_d1 MLKEM_NAMESPACE(scalar_compress_d1) -#define scalar_compress_d4 MLKEM_NAMESPACE(scalar_compress_d4) -#define scalar_compress_d5 MLKEM_NAMESPACE(scalar_compress_d5) -#define scalar_compress_d10 MLKEM_NAMESPACE(scalar_compress_d10) -#define scalar_compress_d11 MLKEM_NAMESPACE(scalar_compress_d11) -#define scalar_decompress_d4 MLKEM_NAMESPACE(scalar_decompress_d4) -#define scalar_decompress_d5 MLKEM_NAMESPACE(scalar_decompress_d5) -#define scalar_decompress_d10 MLKEM_NAMESPACE(scalar_decompress_d10) -#define scalar_decompress_d11 MLKEM_NAMESPACE(scalar_decompress_d11) +#define scalar_compress_d1 MLK_NAMESPACE(scalar_compress_d1) +#define scalar_compress_d4 MLK_NAMESPACE(scalar_compress_d4) +#define scalar_compress_d5 MLK_NAMESPACE(scalar_compress_d5) +#define scalar_compress_d10 MLK_NAMESPACE(scalar_compress_d10) +#define scalar_compress_d11 MLK_NAMESPACE(scalar_compress_d11) +#define scalar_decompress_d4 MLK_NAMESPACE(scalar_decompress_d4) +#define scalar_decompress_d5 MLK_NAMESPACE(scalar_decompress_d5) +#define scalar_decompress_d10 MLK_NAMESPACE(scalar_decompress_d10) +#define scalar_decompress_d11 MLK_NAMESPACE(scalar_decompress_d11) /* End of static namespacing */ /************************************************************ @@ -47,7 +47,7 @@ #pragma CPROVER check push #pragma CPROVER check disable "unsigned-overflow" #endif -static INLINE uint32_t scalar_compress_d1(uint16_t u) +static MLK_INLINE uint32_t scalar_compress_d1(uint16_t u) __contract__( requires(u <= MLKEM_Q - 1) ensures(return_value < 2) @@ -82,7 +82,7 @@ __contract__( #pragma CPROVER check push #pragma CPROVER check disable "unsigned-overflow" #endif -static INLINE uint32_t scalar_compress_d4(uint16_t u) +static MLK_INLINE uint32_t scalar_compress_d4(uint16_t u) __contract__( requires(u <= MLKEM_Q - 1) ensures(return_value < 16) @@ -106,7 +106,7 @@ __contract__( * Arguments: - u: Unsigned canonical modulus modulo 16 * to be decompressed. ************************************************************/ -static INLINE uint16_t scalar_decompress_d4(uint32_t u) +static MLK_INLINE uint16_t scalar_decompress_d4(uint32_t u) __contract__( requires(0 <= u && u < 16) ensures(return_value <= (MLKEM_Q - 1)) @@ -131,7 +131,7 @@ __contract__( #pragma CPROVER check push #pragma CPROVER check disable "unsigned-overflow" #endif -static INLINE uint32_t scalar_compress_d5(uint16_t u) +static MLK_INLINE uint32_t scalar_compress_d5(uint16_t u) __contract__( requires(u <= MLKEM_Q - 1) ensures(return_value < 32) @@ -155,7 +155,7 @@ __contract__( * Arguments: - u: Unsigned canonical modulus modulo 32 * to be decompressed. ************************************************************/ -static INLINE uint16_t scalar_decompress_d5(uint32_t u) +static MLK_INLINE uint16_t scalar_decompress_d5(uint32_t u) __contract__( requires(0 <= u && u < 32) ensures(return_value <= MLKEM_Q - 1) @@ -180,7 +180,7 @@ __contract__( #pragma CPROVER check push #pragma CPROVER check disable "unsigned-overflow" #endif -static INLINE uint32_t scalar_compress_d10(uint16_t u) +static MLK_INLINE uint32_t scalar_compress_d10(uint16_t u) __contract__( requires(u <= MLKEM_Q - 1) ensures(return_value < (1u << 10)) @@ -205,7 +205,7 @@ __contract__( * Arguments: - u: Unsigned canonical modulus modulo 16 * to be decompressed. ************************************************************/ -static INLINE uint16_t scalar_decompress_d10(uint32_t u) +static MLK_INLINE uint16_t scalar_decompress_d10(uint32_t u) __contract__( requires(0 <= u && u < 1024) ensures(return_value <= (MLKEM_Q - 1)) @@ -230,7 +230,7 @@ __contract__( #pragma CPROVER check push #pragma CPROVER check disable "unsigned-overflow" #endif -static INLINE uint32_t scalar_compress_d11(uint16_t u) +static MLK_INLINE uint32_t scalar_compress_d11(uint16_t u) __contract__( requires(u <= MLKEM_Q - 1) ensures(return_value < (1u << 11)) @@ -255,15 +255,14 @@ __contract__( * Arguments: - u: Unsigned canonical modulus modulo 16 * to be decompressed. ************************************************************/ -static INLINE uint16_t scalar_decompress_d11(uint32_t u) +static MLK_INLINE uint16_t scalar_decompress_d11(uint32_t u) __contract__( requires(0 <= u && u < 2048) ensures(return_value <= (MLKEM_Q - 1)) ) { return ((u * MLKEM_Q) + 1024) >> 11; } -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || \ - (MLKEM_K == 2 || MLKEM_K == 3) -#define poly_compress_d4 MLKEM_NAMESPACE(poly_compress_d4) +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 || MLKEM_K == 3) +#define poly_compress_d4 MLK_NAMESPACE(poly_compress_d4) /************************************************* * Name: poly_compress_d4 * @@ -276,10 +275,10 @@ __contract__( * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_compress_d4(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], const poly *a); -#define poly_compress_d10 MLKEM_NAMESPACE(poly_compress_d10) +#define poly_compress_d10 MLK_NAMESPACE(poly_compress_d10) /************************************************* * Name: poly_compress_d10 * @@ -292,10 +291,10 @@ void poly_compress_d4(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], const poly *a); * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_compress_d10(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], const poly *a); -#define poly_decompress_d4 MLKEM_NAMESPACE(poly_decompress_d4) +#define poly_decompress_d4 MLK_NAMESPACE(poly_decompress_d4) /************************************************* * Name: poly_decompress_d4 * @@ -310,10 +309,10 @@ void poly_compress_d10(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], const poly *a); * (non-negative and smaller than MLKEM_Q). * **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_decompress_d4(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]); -#define poly_decompress_d10 MLKEM_NAMESPACE(poly_decompress_d10) +#define poly_decompress_d10 MLK_NAMESPACE(poly_decompress_d10) /************************************************* * Name: poly_decompress_d10 * @@ -328,14 +327,14 @@ void poly_decompress_d4(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]); * (non-negative and smaller than MLKEM_Q). * **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_decompress_d10(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]); -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ || MLKEM_K == 3) */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 -#define poly_compress_d5 MLKEM_NAMESPACE(poly_compress_d5) +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +#define poly_compress_d5 MLK_NAMESPACE(poly_compress_d5) /************************************************* * Name: poly_compress_d5 * @@ -348,10 +347,10 @@ void poly_decompress_d10(poly *r, * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_compress_d5(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], const poly *a); -#define poly_compress_d11 MLKEM_NAMESPACE(poly_compress_d11) +#define poly_compress_d11 MLK_NAMESPACE(poly_compress_d11) /************************************************* * Name: poly_compress_d11 * @@ -364,10 +363,10 @@ void poly_compress_d5(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], const poly *a); * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_compress_d11(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], const poly *a); -#define poly_decompress_d5 MLKEM_NAMESPACE(poly_decompress_d5) +#define poly_decompress_d5 MLK_NAMESPACE(poly_decompress_d5) /************************************************* * Name: poly_decompress_d5 * @@ -382,10 +381,10 @@ void poly_compress_d11(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], const poly *a); * (non-negative and smaller than MLKEM_Q). * **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_decompress_d5(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]); -#define poly_decompress_d11 MLKEM_NAMESPACE(poly_decompress_d11) +#define poly_decompress_d11 MLK_NAMESPACE(poly_decompress_d11) /************************************************* * Name: poly_decompress_d11 * @@ -400,13 +399,13 @@ void poly_decompress_d5(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]); * (non-negative and smaller than MLKEM_Q). * **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_decompress_d11(poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]); -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 \ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 \ */ -#define poly_tobytes MLKEM_NAMESPACE(poly_tobytes) +#define poly_tobytes MLK_NAMESPACE(poly_tobytes) /************************************************* * Name: poly_tobytes * @@ -421,7 +420,7 @@ void poly_decompress_d11(poly *r, * - r: pointer to output byte array * (of MLKEM_POLYBYTES bytes) **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_tobytes(uint8_t r[MLKEM_POLYBYTES], const poly *a) __contract__( requires(memory_no_alias(r, MLKEM_POLYBYTES)) @@ -431,7 +430,7 @@ __contract__( ); -#define poly_frombytes MLKEM_NAMESPACE(poly_frombytes) +#define poly_frombytes MLK_NAMESPACE(poly_frombytes) /************************************************* * Name: poly_frombytes * @@ -445,17 +444,17 @@ __contract__( * each coefficient unsigned and in the range * 0 .. 4095 **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_frombytes(poly *r, const uint8_t a[MLKEM_POLYBYTES]) __contract__( requires(memory_no_alias(a, MLKEM_POLYBYTES)) requires(memory_no_alias(r, sizeof(poly))) assigns(memory_slice(r, sizeof(poly))) - ensures(array_bound(r->coeffs, 0, MLKEM_N, 0, UINT12_LIMIT)) + ensures(array_bound(r->coeffs, 0, MLKEM_N, 0, MLKEM_UINT12_LIMIT)) ); -#define poly_frommsg MLKEM_NAMESPACE(poly_frommsg) +#define poly_frommsg MLK_NAMESPACE(poly_frommsg) /************************************************* * Name: poly_frommsg * @@ -464,7 +463,7 @@ __contract__( * Arguments: - poly *r: pointer to output polynomial * - const uint8_t *msg: pointer to input message **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_frommsg(poly *r, const uint8_t msg[MLKEM_INDCPA_MSGBYTES]) __contract__( requires(memory_no_alias(msg, MLKEM_INDCPA_MSGBYTES)) @@ -473,7 +472,7 @@ __contract__( ensures(array_bound(r->coeffs, 0, MLKEM_N, 0, MLKEM_Q)) ); -#define poly_tomsg MLKEM_NAMESPACE(poly_tomsg) +#define poly_tomsg MLK_NAMESPACE(poly_tomsg) /************************************************* * Name: poly_tomsg * @@ -483,7 +482,7 @@ __contract__( * - const poly *r: pointer to input polynomial * Coefficients must be unsigned canonical **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_tomsg(uint8_t msg[MLKEM_INDCPA_MSGBYTES], const poly *r) __contract__( requires(memory_no_alias(msg, MLKEM_INDCPA_MSGBYTES)) @@ -492,4 +491,4 @@ __contract__( assigns(object_whole(msg)) ); -#endif /* MLKEM_NATIVE_COMPRESS_H */ +#endif /* MLK_COMPRESS_H */ diff --git a/mlkem/config.h b/mlkem/config.h index 43bd20280..3e92722a0 100644 --- a/mlkem/config.h +++ b/mlkem/config.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_CONFIG_H -#define MLKEM_NATIVE_CONFIG_H +#ifndef MLK_CONFIG_H +#define MLK_CONFIG_H /****************************************************************************** * Name: MLKEM_K @@ -22,45 +22,45 @@ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_CONFIG_FILE + * Name: MLK_CONFIG_FILE * * Description: If defined, this is a header that will be included instead * of this default configuration file mlkem/config.h. * * When you need to build mlkem-native in multiple configurations, - * using varying MLKEM_NATIVE_CONFIG_FILE can be more convenient + * using varying MLK_CONFIG_FILE can be more convenient * then configuring everything through CFLAGS. * - * To use, MLKEM_NATIVE_CONFIG_FILE _must_ be defined prior + * To use, MLK_CONFIG_FILE _must_ be defined prior * to the inclusion of any mlkem-native headers. For example, - * it can be set by passing `-DMLKEM_NATIVE_CONFIG_FILE="..."` + * it can be set by passing `-DMLK_CONFIG_FILE="..."` * on the command line. * *****************************************************************************/ -/* #define MLKEM_NATIVE_CONFIG_FILE "config.h" */ +/* #define MLK_CONFIG_FILE "config.h" */ /****************************************************************************** - * Name: MLKEM_NAMESPACE_PREFIX + * Name: MLK_NAMESPACE_PREFIX * * Description: The prefix to use to namespace global symbols from mlkem/. * * Level-dependent symbols will additionally be prefixed with the - * security level if MLKEM_NAMESPACE_PREFIX_ADD_LEVEL is set. + * security level if MLK_NAMESPACE_PREFIX_ADD_LEVEL is set. * * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_NAMESPACE_PREFIX) -#define MLKEM_NAMESPACE_PREFIX MLKEM_DEFAULT_NAMESPACE_PREFIX +#if !defined(MLK_NAMESPACE_PREFIX) +#define MLK_NAMESPACE_PREFIX MLK_DEFAULT_NAMESPACE_PREFIX #endif /****************************************************************************** - * Name: MLKEM_NAMESPACE_PREFIX_ADD_LEVEL + * Name: MLK_NAMESPACE_PREFIX_ADD_LEVEL * * Description: If set, the level (512, 768, 1024) is added to the namespace - * prefix MLKEM_NAMESPACE_PREFIX for all functions which are + * prefix MLK_NAMESPACE_PREFIX for all functions which are * level-dependent. Level-independent functions will have there - * symbol prefixed by MLKEM_NAMESPACE_PREFIX only. + * symbol prefixed by MLK_NAMESPACE_PREFIX only. * * This is intended to be used for multi-level builds where * level-independent code should be shared across levels. @@ -68,10 +68,10 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -/* #define MLKEM_NAMESPACE_PREFIX_ADD_LEVEL */ +/* #define MLK_NAMESPACE_PREFIX_ADD_LEVEL */ /****************************************************************************** - * Name: MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED + * Name: MLK_MULTILEVEL_BUILD_WITH_SHARED * * Description: This is for multi-level builds of mlkem-native only. If you * need only a single security level build of mlkem-native, @@ -87,8 +87,8 @@ * * To build mlkem-native with support for all security levels, * build it three times -- once per level -- and set the option - * MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED for exactly one of - * them, and MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED for the + * MLK_MULTILEVEL_BUILD_WITH_SHARED for exactly one of + * them, and MLK_MULTILEVEL_BUILD_NO_SHARED for the * others. * * See examples/multilevel_build for an example. @@ -96,10 +96,10 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -/* #define MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED */ +/* #define MLK_MULTILEVEL_BUILD_WITH_SHARED */ /****************************************************************************** - * Name: MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED + * Name: MLK_MULTILEVEL_BUILD_NO_SHARED * * Description: This is for multi-level builds of mlkem-native only. If you * need only a single security level build of mlkem-native, @@ -110,8 +110,8 @@ * * To build mlkem-native with support for all security levels, * build it three times -- once per level -- and set the option - * MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED for exactly one of - * them, and MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED for the + * MLK_MULTILEVEL_BUILD_WITH_SHARED for exactly one of + * them, and MLK_MULTILEVEL_BUILD_NO_SHARED for the * others. * * See examples/multilevel_build for an example. @@ -119,10 +119,10 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -/* #define MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +/* #define MLK_MULTILEVEL_BUILD_NO_SHARED */ /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_ARITH + * Name: MLK_USE_NATIVE_BACKEND_ARITH * * Description: Determines whether an native arithmetic backend should be used. * @@ -132,7 +132,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the arithmetic backend to be use is - * determined by MLKEM_NATIVE_ARITH_BACKEND: If the latter is + * determined by MLK_ARITH_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -140,32 +140,31 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_ARITH) -/* #define MLKEM_USE_NATIVE_BACKEND_ARITH */ +#if !defined(MLK_USE_NATIVE_BACKEND_ARITH) +/* #define MLK_USE_NATIVE_BACKEND_ARITH */ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_ARITH_BACKEND_FILE + * Name: MLK_ARITH_BACKEND_FILE * * Description: The arithmetic backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is unset, this option + * If MLK_USE_NATIVE_BACKEND_ARITH is unset, this option * is ignored. * - * If MLKEM_USE_NATIVE_BACKEND_ARITH is set, this option must + * If MLK_USE_NATIVE_BACKEND_ARITH is set, this option must * either be undefined or the filename of an arithmetic backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_ARITH) && \ - !defined(MLKEM_NATIVE_ARITH_BACKEND_FILE) -#define MLKEM_NATIVE_ARITH_BACKEND_FILE "native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_ARITH) && !defined(MLK_ARITH_BACKEND_FILE) +#define MLK_ARITH_BACKEND_FILE "native/meta.h" #endif /****************************************************************************** - * Name: MLKEM_USE_NATIVE_BACKEND_FIPS202 + * Name: MLK_USE_NATIVE_BACKEND_FIPS202 * * Description: Determines whether an native FIPS202 backend should be used. * @@ -175,7 +174,7 @@ * If this option is unset, the C backend will be used. * * If this option is set, the FIPS202 backend to be use is - * determined by MLKEM_NATIVE_FIPS202_BACKEND: If the latter is + * determined by MLK_FIPS202_BACKEND: If the latter is * unset, the default backend for your the target architecture * will be used. If set, it must be the name of a backend metadata * file. @@ -183,25 +182,25 @@ * This can also be set using CFLAGS. * *****************************************************************************/ -#if !defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) -/* #define MLKEM_USE_NATIVE_BACKEND_FIPS202 */ +#if !defined(MLK_USE_NATIVE_BACKEND_FIPS202) +/* #define MLK_USE_NATIVE_BACKEND_FIPS202 */ #endif /****************************************************************************** - * Name: MLKEM_NATIVE_FIPS202_BACKEND_FILE + * Name: MLK_FIPS202_BACKEND_FILE * * Description: The FIPS-202 backend to use. * - * If MLKEM_USE_NATIVE_BACKEND_FIPS202 is set, this option must + * If MLK_USE_NATIVE_BACKEND_FIPS202 is set, this option must * either be undefined or the filename of a FIPS202 backend. * If unset, the default backend will be used. * * This can be set using CFLAGS. * *****************************************************************************/ -#if defined(MLKEM_USE_NATIVE_BACKEND_FIPS202) && \ - !defined(MLKEM_NATIVE_FIPS202_BACKEND_FILE) -#define MLKEM_NATIVE_FIPS202_BACKEND_FILE "fips202/native/meta.h" +#if defined(MLK_USE_NATIVE_BACKEND_FIPS202) && \ + !defined(MLK_FIPS202_BACKEND_FILE) +#define MLK_FIPS202_BACKEND_FILE "fips202/native/meta.h" #endif /************************* Config internals ********************************/ @@ -209,7 +208,7 @@ /* Default namespace * * Don't change this. If you need a different namespace, re-define - * MLKEM_NAMESPACE_PREFIX above instead, and remove the following. + * MLK_NAMESPACE_PREFIX above instead, and remove the following. * * The default MLKEM namespace is * @@ -219,11 +218,11 @@ */ #if MLKEM_K == 2 -#define MLKEM_DEFAULT_NAMESPACE_PREFIX PQCP_MLKEM_NATIVE_MLKEM512 +#define MLK_DEFAULT_NAMESPACE_PREFIX PQCP_MLKEM_NATIVE_MLKEM512 #elif MLKEM_K == 3 -#define MLKEM_DEFAULT_NAMESPACE_PREFIX PQCP_MLKEM_NATIVE_MLKEM768 +#define MLK_DEFAULT_NAMESPACE_PREFIX PQCP_MLKEM_NATIVE_MLKEM768 #elif MLKEM_K == 4 -#define MLKEM_DEFAULT_NAMESPACE_PREFIX PQCP_MLKEM_NATIVE_MLKEM1024 +#define MLK_DEFAULT_NAMESPACE_PREFIX PQCP_MLKEM_NATIVE_MLKEM1024 #endif -#endif /* MLKEM_NATIVE_CONFIG_H */ +#endif /* MLK_CONFIG_H */ diff --git a/mlkem/debug.c b/mlkem/debug.c index 12adbe9bd..66fed302e 100644 --- a/mlkem/debug.c +++ b/mlkem/debug.c @@ -7,21 +7,20 @@ #include "common.h" -#if !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && defined(MLKEM_DEBUG) +#if !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && defined(MLKEM_DEBUG) #include #include #include "debug.h" -#define MLKEM_NATIVE_DEBUG_ERROR_HEADER "[ERROR:%s:%04d] " +#define MLK_DEBUG_ERROR_HEADER "[ERROR:%s:%04d] " void mlkem_debug_assert(const char *file, int line, const int val) { if (val == 0) { - fprintf(stderr, - MLKEM_NATIVE_DEBUG_ERROR_HEADER "Assertion failed (value %d)\n", + fprintf(stderr, MLK_DEBUG_ERROR_HEADER "Assertion failed (value %d)\n", file, line, val); exit(1); } @@ -40,7 +39,7 @@ void mlkem_debug_check_bounds(const char *file, int line, const int16_t *ptr, { fprintf( stderr, - MLKEM_NATIVE_DEBUG_ERROR_HEADER + MLK_DEBUG_ERROR_HEADER "Bounds assertion failed: Index %u, value %d out of bounds (%d,%d)\n", file, line, i, (int)val, lower_bound_exclusive, upper_bound_exclusive); @@ -52,12 +51,12 @@ void mlkem_debug_check_bounds(const char *file, int line, const int16_t *ptr, exit(1); } -#else /* !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED && MLKEM_DEBUG */ +#else /* !MLK_MULTILEVEL_BUILD_NO_SHARED && MLKEM_DEBUG */ -MLKEM_NATIVE_EMPTY_CU(debug) +MLK_EMPTY_CU(debug) -#endif /* !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED && MLKEM_DEBUG */ +#endif /* !MLK_MULTILEVEL_BUILD_NO_SHARED && MLKEM_DEBUG */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ -#undef MLKEM_NATIVE_DEBUG_ERROR_HEADER +#undef MLK_DEBUG_ERROR_HEADER diff --git a/mlkem/debug.h b/mlkem/debug.h index 7e4d4fcef..6623aa2a5 100644 --- a/mlkem/debug.h +++ b/mlkem/debug.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_DEBUG_H -#define MLKEM_NATIVE_DEBUG_H +#ifndef MLK_DEBUG_H +#define MLK_DEBUG_H #include "common.h" #if defined(MLKEM_DEBUG) @@ -21,7 +21,7 @@ * - line: line number * - val: Value asserted to be non-zero **************************************************/ -#define mlkem_debug_assert MLKEM_NAMESPACE(mlkem_debug_assert) +#define mlkem_debug_assert MLK_NAMESPACE(mlkem_debug_assert) void mlkem_debug_assert(const char *file, int line, const int val); /************************************************* @@ -40,7 +40,7 @@ void mlkem_debug_assert(const char *file, int line, const int val); * - lower_bound_exclusive: Exclusive lower bound * - upper_bound_exclusive: Exclusive upper bound **************************************************/ -#define mlkem_debug_check_bounds MLKEM_NAMESPACE(mlkem_debug_check_bounds) +#define mlkem_debug_check_bounds MLK_NAMESPACE(mlkem_debug_check_bounds) void mlkem_debug_check_bounds(const char *file, int line, const int16_t *ptr, unsigned len, int lower_bound_exclusive, int upper_bound_exclusive); @@ -127,4 +127,4 @@ void mlkem_debug_check_bounds(const char *file, int line, const int16_t *ptr, #endif /* MLKEM_DEBUG */ -#endif /* MLKEM_NATIVE_DEBUG_H */ +#endif /* MLK_DEBUG_H */ diff --git a/mlkem/fips202/fips202.c b/mlkem/fips202/fips202.c index b726acabe..c58bdc5af 100644 --- a/mlkem/fips202/fips202.c +++ b/mlkem/fips202/fips202.c @@ -12,7 +12,7 @@ * by Gilles Van Assche, Daniel J. Bernstein, and Peter Schwabe */ #include "../common.h" -#if !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include @@ -24,9 +24,9 @@ * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define keccak_absorb_once MLKEM_NAMESPACE(keccak_absorb_once) -#define keccak_squeeze_once MLKEM_NAMESPACE(keccak_squeeze_once) -#define keccak_squeezeblocks MLKEM_NAMESPACE(keccak_squeezeblocks) +#define keccak_absorb_once MLK_NAMESPACE(keccak_absorb_once) +#define keccak_squeeze_once MLK_NAMESPACE(keccak_squeeze_once) +#define keccak_squeezeblocks MLK_NAMESPACE(keccak_squeezeblocks) /* End of static namespacing */ /************************************************* @@ -186,7 +186,7 @@ void shake128_squeezeblocks(uint8_t *output, size_t nblocks, shake128ctx *state) void shake128_init(shake128ctx *state) { (void)state; } void shake128_release(shake128ctx *state) { (void)state; } -#define shake256ctx MLKEM_NAMESPACE(shake256ctx) +#define shake256ctx MLK_NAMESPACE(shake256ctx) typedef shake128ctx shake256ctx; void shake256(uint8_t *output, size_t outlen, const uint8_t *input, size_t inlen) @@ -216,11 +216,11 @@ void sha3_512(uint8_t *output, const uint8_t *input, size_t inlen) keccak_squeeze_once(output, 64, ctx, SHA3_512_RATE); } -#else /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#else /* MLK_MULTILEVEL_BUILD_NO_SHARED */ -MLKEM_NATIVE_EMPTY_CU(fips202) +MLK_EMPTY_CU(fips202) -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_MULTILEVEL_BUILD_NO_SHARED */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mlkem/fips202/fips202.h b/mlkem/fips202/fips202.h index 8aefeb5cf..62e5fc468 100644 --- a/mlkem/fips202/fips202.h +++ b/mlkem/fips202/fips202.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_FIPS202_H -#define MLKEM_NATIVE_FIPS202_FIPS202_H +#ifndef MLK_FIPS202_FIPS202_H +#define MLK_FIPS202_FIPS202_H #include #include #include "../cbmc.h" @@ -16,13 +16,13 @@ #define SHA3_512_RATE 72 /* Context for non-incremental API */ -#define shake128ctx MLKEM_NAMESPACE(shake128ctx) +#define shake128ctx MLK_NAMESPACE(shake128ctx) typedef struct { uint64_t ctx[25]; } shake128ctx; -#define shake128_absorb_once MLKEM_NAMESPACE(shake128_absorb_once) +#define shake128_absorb_once MLK_NAMESPACE(shake128_absorb_once) /************************************************* * Name: shake128_absorb_once * @@ -53,7 +53,7 @@ __contract__( assigns(memory_slice(state, sizeof(shake128ctx))) ); -#define shake128_squeezeblocks MLKEM_NAMESPACE(shake128_squeezeblocks) +#define shake128_squeezeblocks MLK_NAMESPACE(shake128_squeezeblocks) /************************************************* * Name: shake128_squeezeblocks * @@ -74,15 +74,15 @@ __contract__( assigns(memory_slice(output, nblocks * SHAKE128_RATE), memory_slice(state, sizeof(shake128ctx))) ); -#define shake128_init MLKEM_NAMESPACE(shake128_init) +#define shake128_init MLK_NAMESPACE(shake128_init) void shake128_init(shake128ctx *state); -#define shake128_release MLKEM_NAMESPACE(shake128_release) +#define shake128_release MLK_NAMESPACE(shake128_release) void shake128_release(shake128ctx *state); /* One-stop SHAKE256 call. Aliasing between input and * output is not permitted */ -#define shake256 MLKEM_NAMESPACE(shake256) +#define shake256 MLK_NAMESPACE(shake256) /************************************************* * Name: shake256 * @@ -104,7 +104,7 @@ __contract__( /* One-stop SHA3_256 call. Aliasing between input and * output is not permitted */ #define SHA3_256_HASHBYTES 32 -#define sha3_256 MLKEM_NAMESPACE(sha3_256) +#define sha3_256 MLK_NAMESPACE(sha3_256) /************************************************* * Name: sha3_256 * @@ -124,7 +124,7 @@ __contract__( /* One-stop SHA3_512 call. Aliasing between input and * output is not permitted */ #define SHA3_512_HASHBYTES 64 -#define sha3_512 MLKEM_NAMESPACE(sha3_512) +#define sha3_512 MLK_NAMESPACE(sha3_512) /************************************************* * Name: sha3_512 * @@ -142,9 +142,9 @@ __contract__( ); #include "fips202_backend.h" -#if !defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL) || \ - (!defined(MLKEM_USE_FIPS202_X2_NATIVE) && \ - !defined(MLKEM_USE_FIPS202_X4_NATIVE)) +#if !defined(MLK_FIPS202_BACKEND_IMPL) || \ + (!defined(MLK_USE_FIPS202_X2_NATIVE) && \ + !defined(MLK_USE_FIPS202_X4_NATIVE)) /* If you provide your own FIPS-202 implementation where the x4- * Keccak-f1600-x4 implementation falls back to 4-fold Keccak-f1600, * set this to gain a small speedup. */ @@ -152,4 +152,4 @@ __contract__( #endif -#endif /* MLKEM_NATIVE_FIPS202_FIPS202_H */ +#endif /* MLK_FIPS202_FIPS202_H */ diff --git a/mlkem/fips202/fips202_backend.h b/mlkem/fips202/fips202_backend.h index 981199356..fd5c4c650 100644 --- a/mlkem/fips202/fips202_backend.h +++ b/mlkem/fips202/fips202_backend.h @@ -3,13 +3,13 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_FIPS202_BACKEND_H -#define MLKEM_NATIVE_FIPS202_FIPS202_BACKEND_H +#ifndef MLK_FIPS202_FIPS202_BACKEND_H +#define MLK_FIPS202_FIPS202_BACKEND_H #include "../common.h" -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL) -#include MLKEM_NATIVE_FIPS202_BACKEND_IMPL +#if defined(MLK_FIPS202_BACKEND_IMPL) +#include MLK_FIPS202_BACKEND_IMPL /* Include to enforce consistency of API and implementation, * and conduct sanity checks on the backend. @@ -17,9 +17,9 @@ * Keep this _after_ the inclusion of the backend; otherwise, * the sanity checks won't have an effect. */ -#if defined(MLKEM_NATIVE_CHECK_APIS) +#if defined(MLK_CHECK_APIS) #include "native/api.h" #endif #endif -#endif /* MLKEM_NATIVE_FIPS202_FIPS202_BACKEND_H */ +#endif /* MLK_FIPS202_FIPS202_BACKEND_H */ diff --git a/mlkem/fips202/fips202x4.c b/mlkem/fips202/fips202x4.c index 11295e477..bc3b68a2a 100644 --- a/mlkem/fips202/fips202x4.c +++ b/mlkem/fips202/fips202x4.c @@ -3,24 +3,24 @@ * SPDX-License-Identifier: Apache-2.0 */ #include "../common.h" -#if !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "fips202.h" #include "fips202x4.h" #include "keccakf1600.h" -#define shake256x4_ctx MLKEM_NAMESPACE(shake256x4_ctx) +#define shake256x4_ctx MLK_NAMESPACE(shake256x4_ctx) typedef shake128x4ctx shake256x4_ctx; /* Static namespacing * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define keccak_absorb_once_x4 MLKEM_NAMESPACE(keccak_absorb_once_x4) -#define keccak_squeezeblocks_x4 MLKEM_NAMESPACE(keccak_squeezeblocks_x4) -#define shake256x4_absorb_once MLKEM_NAMESPACE(shake256x4_absorb_once) -#define shake256x4_squeezeblocks MLKEM_NAMESPACE(shake256x4_squeezeblocks) +#define keccak_absorb_once_x4 MLK_NAMESPACE(keccak_absorb_once_x4) +#define keccak_squeezeblocks_x4 MLK_NAMESPACE(keccak_squeezeblocks_x4) +#define shake256x4_absorb_once MLK_NAMESPACE(shake256x4_absorb_once) +#define shake256x4_squeezeblocks MLK_NAMESPACE(shake256x4_squeezeblocks) /* End of static namespacing */ static void keccak_absorb_once_x4(uint64_t *s, uint32_t r, const uint8_t *in0, @@ -182,11 +182,11 @@ void shake256x4(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, } } -#else /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#else /* MLK_MULTILEVEL_BUILD_NO_SHARED */ -MLKEM_NATIVE_EMPTY_CU(fips202x4) +MLK_EMPTY_CU(fips202x4) -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_MULTILEVEL_BUILD_NO_SHARED */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mlkem/fips202/fips202x4.h b/mlkem/fips202/fips202x4.h index b5647aee4..40c118eb7 100644 --- a/mlkem/fips202/fips202x4.h +++ b/mlkem/fips202/fips202x4.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_FIPS202X4_H -#define MLKEM_NATIVE_FIPS202_FIPS202X4_H +#ifndef MLK_FIPS202_FIPS202X4_H +#define MLK_FIPS202_FIPS202X4_H #include #include @@ -15,13 +15,13 @@ #include "keccakf1600.h" /* Context for non-incremental API */ -#define shake128x4ctx MLKEM_NAMESPACE(shake128x4ctx) +#define shake128x4ctx MLK_NAMESPACE(shake128x4ctx) typedef struct { uint64_t ctx[KECCAK_LANES * KECCAK_WAY]; } shake128x4ctx; -#define shake128x4_absorb_once MLKEM_NAMESPACE(shake128x4_absorb_once) +#define shake128x4_absorb_once MLK_NAMESPACE(shake128x4_absorb_once) void shake128x4_absorb_once(shake128x4ctx *state, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, const uint8_t *in3, size_t inlen) @@ -34,7 +34,7 @@ __contract__( assigns(object_whole(state)) ); -#define shake128x4_squeezeblocks MLKEM_NAMESPACE(shake128x4_squeezeblocks) +#define shake128x4_squeezeblocks MLK_NAMESPACE(shake128x4_squeezeblocks) void shake128x4_squeezeblocks(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, size_t nblocks, shake128x4ctx *state) @@ -52,13 +52,13 @@ __contract__( object_whole(state)) ); -#define shake128x4_init MLKEM_NAMESPACE(shake128x4_init) +#define shake128x4_init MLK_NAMESPACE(shake128x4_init) void shake128x4_init(shake128x4ctx *state); -#define shake128x4_release MLKEM_NAMESPACE(shake128x4_release) +#define shake128x4_release MLK_NAMESPACE(shake128x4_release) void shake128x4_release(shake128x4ctx *state); -#define shake256x4 MLKEM_NAMESPACE(shake256x4) +#define shake256x4 MLK_NAMESPACE(shake256x4) void shake256x4(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, size_t outlen, uint8_t *in0, uint8_t *in1, uint8_t *in2, uint8_t *in3, size_t inlen) @@ -78,4 +78,4 @@ __contract__( assigns(memory_slice(out3, outlen)) ); -#endif /* MLKEM_NATIVE_FIPS202_FIPS202X4_H */ +#endif /* MLK_FIPS202_FIPS202X4_H */ diff --git a/mlkem/fips202/keccakf1600.c b/mlkem/fips202/keccakf1600.c index fc6980c22..ca7b98acf 100644 --- a/mlkem/fips202/keccakf1600.c +++ b/mlkem/fips202/keccakf1600.c @@ -14,7 +14,7 @@ #include #include "keccakf1600.h" -#if !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include "fips202_backend.h" @@ -25,42 +25,42 @@ * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define KeccakF_RoundConstants MLKEM_NAMESPACE(KeccakF_RoundConstants) +#define KeccakF_RoundConstants MLK_NAMESPACE(KeccakF_RoundConstants) /* End of static namespacing */ void KeccakF1600_StateExtractBytes(uint64_t *state, unsigned char *data, unsigned offset, unsigned length) { unsigned i; -#if defined(SYS_LITTLE_ENDIAN) +#if defined(MLK_SYS_LITTLE_ENDIAN) uint8_t *state_ptr = (uint8_t *)state + offset; for (i = 0; i < length; i++) __loop__(invariant(i <= length)) { data[i] = state_ptr[i]; } -#else /* SYS_LITTLE_ENDIAN */ +#else /* MLK_SYS_LITTLE_ENDIAN */ /* Portable version */ for (i = 0; i < length; i++) __loop__(invariant(i <= length)) { data[i] = (state[(offset + i) >> 3] >> (8 * ((offset + i) & 0x07))) & 0xFF; } -#endif /* SYS_LITTLE_ENDIAN */ +#endif /* MLK_SYS_LITTLE_ENDIAN */ } void KeccakF1600_StateXORBytes(uint64_t *state, const unsigned char *data, unsigned offset, unsigned length) { unsigned i; -#if defined(SYS_LITTLE_ENDIAN) +#if defined(MLK_SYS_LITTLE_ENDIAN) uint8_t *state_ptr = (uint8_t *)state + offset; for (i = 0; i < length; i++) __loop__(invariant(i <= length)) { state_ptr[i] ^= data[i]; } -#else /* SYS_LITTLE_ENDIAN */ +#else /* MLK_SYS_LITTLE_ENDIAN */ /* Portable version */ for (i = 0; i < length; i++) __loop__(invariant(i <= length)) @@ -68,7 +68,7 @@ void KeccakF1600_StateXORBytes(uint64_t *state, const unsigned char *data, state[(offset + i) >> 3] ^= (uint64_t)data[i] << (8 * ((offset + i) & 0x07)); } -#endif /* SYS_LITTLE_ENDIAN */ +#endif /* MLK_SYS_LITTLE_ENDIAN */ } void KeccakF1600x4_StateExtractBytes(uint64_t *state, unsigned char *data0, @@ -100,9 +100,9 @@ void KeccakF1600x4_StateXORBytes(uint64_t *state, const unsigned char *data0, void KeccakF1600x4_StatePermute(uint64_t *state) { -#if defined(MLKEM_USE_FIPS202_X4_NATIVE) +#if defined(MLK_USE_FIPS202_X4_NATIVE) keccak_f1600_x4_native(state); -#elif defined(MLKEM_USE_FIPS202_X2_NATIVE) +#elif defined(MLK_USE_FIPS202_X2_NATIVE) keccak_f1600_x2_native(state + 0 * KECCAK_LANES); keccak_f1600_x2_native(state + 2 * KECCAK_LANES); #else @@ -110,10 +110,10 @@ void KeccakF1600x4_StatePermute(uint64_t *state) KeccakF1600_StatePermute(state + KECCAK_LANES * 1); KeccakF1600_StatePermute(state + KECCAK_LANES * 2); KeccakF1600_StatePermute(state + KECCAK_LANES * 3); -#endif /* !MLKEM_USE_FIPS202_X2_NATIVE && !MLKEM_USE_FIPS202_X4_NATIVE */ +#endif /* !MLK_USE_FIPS202_X2_NATIVE && !MLK_USE_FIPS202_X4_NATIVE */ } -#if !defined(MLKEM_USE_FIPS202_X1_NATIVE) +#if !defined(MLK_USE_FIPS202_X1_NATIVE) static const uint64_t KeccakF_RoundConstants[NROUNDS] = { (uint64_t)0x0000000000000001ULL, (uint64_t)0x0000000000008082ULL, (uint64_t)0x800000000000808aULL, (uint64_t)0x8000000080008000ULL, @@ -395,18 +395,18 @@ void KeccakF1600_StatePermute(uint64_t *state) #undef round } -#else /* !MLKEM_USE_FIPS202_X1_NATIVE */ +#else /* !MLK_USE_FIPS202_X1_NATIVE */ void KeccakF1600_StatePermute(uint64_t *state) { keccak_f1600_x1_native(state); } -#endif /* !MLKEM_USE_FIPS202_X1_NATIVE */ +#endif /* !MLK_USE_FIPS202_X1_NATIVE */ -#else /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED */ +#else /* MLK_MULTILEVEL_BUILD_WITH_SHARED */ -MLKEM_NATIVE_EMPTY_CU(keccakf1600) +MLK_EMPTY_CU(keccakf1600) -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mlkem/fips202/keccakf1600.h b/mlkem/fips202/keccakf1600.h index bd531df03..ee6e2d578 100644 --- a/mlkem/fips202/keccakf1600.h +++ b/mlkem/fips202/keccakf1600.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_KECCAKF1600_H -#define MLKEM_NATIVE_FIPS202_KECCAKF1600_H +#ifndef MLK_FIPS202_KECCAKF1600_H +#define MLK_FIPS202_KECCAKF1600_H #include #include "../cbmc.h" #include "../common.h" @@ -19,7 +19,7 @@ */ #define KeccakF1600_StateExtractBytes \ - MLKEM_NAMESPACE(KeccakF1600_StateExtractBytes) + MLK_NAMESPACE(KeccakF1600_StateExtractBytes) void KeccakF1600_StateExtractBytes(uint64_t *state, unsigned char *data, unsigned offset, unsigned length) __contract__( @@ -30,7 +30,7 @@ __contract__( assigns(memory_slice(data, length)) ); -#define KeccakF1600_StateXORBytes MLKEM_NAMESPACE(KeccakF1600_StateXORBytes) +#define KeccakF1600_StateXORBytes MLK_NAMESPACE(KeccakF1600_StateXORBytes) void KeccakF1600_StateXORBytes(uint64_t *state, const unsigned char *data, unsigned offset, unsigned length) __contract__( @@ -42,7 +42,7 @@ __contract__( ); #define KeccakF1600x4_StateExtractBytes \ - MLKEM_NAMESPACE(KeccakF1600x4_StateExtractBytes) + MLK_NAMESPACE(KeccakF1600x4_StateExtractBytes) void KeccakF1600x4_StateExtractBytes(uint64_t *state, unsigned char *data0, unsigned char *data1, unsigned char *data2, unsigned char *data3, unsigned offset, @@ -61,7 +61,7 @@ __contract__( assigns(memory_slice(data3, length)) ); -#define KeccakF1600x4_StateXORBytes MLKEM_NAMESPACE(KeccakF1600x4_StateXORBytes) +#define KeccakF1600x4_StateXORBytes MLK_NAMESPACE(KeccakF1600x4_StateXORBytes) void KeccakF1600x4_StateXORBytes(uint64_t *state, const unsigned char *data0, const unsigned char *data1, const unsigned char *data2, @@ -83,7 +83,7 @@ __contract__( ); -#define KeccakF1600x4_StatePermute MLKEM_NAMESPACE(KeccakF1600x4_StatePermute) +#define KeccakF1600x4_StatePermute MLK_NAMESPACE(KeccakF1600x4_StatePermute) void KeccakF1600x4_StatePermute(uint64_t *state) __contract__( requires(memory_no_alias(state, sizeof(uint64_t) * KECCAK_LANES * KECCAK_WAY)) @@ -91,8 +91,8 @@ __contract__( ); -#if !defined(MLKEM_USE_FIPS202_X1_ASM) -#define KeccakF1600_StatePermute MLKEM_NAMESPACE(KeccakF1600_StatePermute) +#if !defined(MLK_USE_FIPS202_X1_ASM) +#define KeccakF1600_StatePermute MLK_NAMESPACE(KeccakF1600_StatePermute) void KeccakF1600_StatePermute(uint64_t *state) __contract__( requires(memory_no_alias(state, sizeof(uint64_t) * KECCAK_LANES)) @@ -100,7 +100,7 @@ __contract__( ); #else -#define KeccakF1600_StatePermute MLKEM_NAMESPACE(keccak_f1600_x1_asm) +#define KeccakF1600_StatePermute MLK_NAMESPACE(keccak_f1600_x1_asm) #endif -#endif /* MLKEM_NATIVE_FIPS202_KECCAKF1600_H */ +#endif /* MLK_FIPS202_KECCAKF1600_H */ diff --git a/mlkem/fips202/native/aarch64/meta.h b/mlkem/fips202/native/aarch64/meta.h index 0d892f465..2e4fa399e 100644 --- a/mlkem/fips202/native/aarch64/meta.h +++ b/mlkem/fips202/native/aarch64/meta.h @@ -3,26 +3,26 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_META_H -#define MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_META_H +#ifndef MLK_FIPS202_NATIVE_AARCH64_META_H +#define MLK_FIPS202_NATIVE_AARCH64_META_H /* Default FIPS202 assembly profile for AArch64 systems */ -#ifdef FIPS202_NATIVE_PROFILE_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_H +#define MLK_FIPS202_NATIVE_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT +#define MLK_FIPS202_BACKEND_AARCH64_DEFAULT -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME AARCH64_DEFAULT +#define MLK_FIPS202_BACKEND_NAME AARCH64_DEFAULT /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_IMPL "native/aarch64/src/default_impl.h" +#define MLK_FIPS202_BACKEND_IMPL "native/aarch64/src/default_impl.h" -#endif /* FIPS202_NATIVE_PROFILE_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_H */ -#endif /* MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_META_H */ +#endif /* MLK_FIPS202_NATIVE_AARCH64_META_H */ diff --git a/mlkem/fips202/native/aarch64/meta_cortex_a55.h b/mlkem/fips202/native/aarch64/meta_cortex_a55.h index 4cecedc95..2a4a448c9 100644 --- a/mlkem/fips202/native/aarch64/meta_cortex_a55.h +++ b/mlkem/fips202/native/aarch64/meta_cortex_a55.h @@ -3,26 +3,26 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_META_CORTEX_A55_H -#define MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_META_CORTEX_A55_H +#ifndef MLK_FIPS202_NATIVE_AARCH64_META_CORTEX_A55_H +#define MLK_FIPS202_NATIVE_AARCH64_META_CORTEX_A55_H /* FIPS202 assembly profile targeting Cortex-A55 */ -#ifdef FIPS202_NATIVE_PROFILE_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_H +#define MLK_FIPS202_NATIVE_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55 +#define MLK_FIPS202_BACKEND_AARCH64_A55 -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME AARCH64_A55 +#define MLK_FIPS202_BACKEND_NAME AARCH64_A55 /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_IMPL "native/aarch64/src/cortex_a55_impl.h" +#define MLK_FIPS202_BACKEND_IMPL "native/aarch64/src/cortex_a55_impl.h" -#endif /* FIPS202_NATIVE_PROFILE_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_H */ -#endif /* MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_META_CORTEX_A55_H */ +#endif /* MLK_FIPS202_NATIVE_AARCH64_META_CORTEX_A55_H */ diff --git a/mlkem/fips202/native/aarch64/src/cortex_a55_impl.h b/mlkem/fips202/native/aarch64/src/cortex_a55_impl.h index 862205694..b188c6418 100644 --- a/mlkem/fips202/native/aarch64/src/cortex_a55_impl.h +++ b/mlkem/fips202/native/aarch64/src/cortex_a55_impl.h @@ -3,14 +3,14 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_SRC_CORTEX_A55_IMPL_H -#define MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_SRC_CORTEX_A55_IMPL_H +#ifndef MLK_FIPS202_NATIVE_AARCH64_SRC_CORTEX_A55_IMPL_H +#define MLK_FIPS202_NATIVE_AARCH64_SRC_CORTEX_A55_IMPL_H /* FIPS202 assembly profile targeting Cortex-A55 */ -#ifdef FIPS202_NATIVE_PROFILE_IMPL_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_IMPL_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_IMPL_H +#define MLK_FIPS202_NATIVE_PROFILE_IMPL_H #include "fips202_native_aarch64.h" @@ -18,12 +18,12 @@ * On Cortex-A55, we use lazy rotation assembly for Keccak-x1, * but no batched assembly implementation. */ -#define MLKEM_USE_FIPS202_X1_NATIVE -static INLINE void keccak_f1600_x1_native(uint64_t *state) +#define MLK_USE_FIPS202_X1_NATIVE +static MLK_INLINE void keccak_f1600_x1_native(uint64_t *state) { keccak_f1600_x1_scalar_asm_opt(state, keccakf1600_round_constants); } -#endif /* FIPS202_NATIVE_PROFILE_IMPL_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_IMPL_H */ -#endif /* MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_SRC_CORTEX_A55_IMPL_H */ +#endif /* MLK_FIPS202_NATIVE_AARCH64_SRC_CORTEX_A55_IMPL_H */ diff --git a/mlkem/fips202/native/aarch64/src/default_impl.h b/mlkem/fips202/native/aarch64/src/default_impl.h index 5a00cd937..dc361df33 100644 --- a/mlkem/fips202/native/aarch64/src/default_impl.h +++ b/mlkem/fips202/native/aarch64/src/default_impl.h @@ -3,14 +3,14 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_SRC_DEFAULT_IMPL_H -#define MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_SRC_DEFAULT_IMPL_H +#ifndef MLK_FIPS202_NATIVE_AARCH64_SRC_DEFAULT_IMPL_H +#define MLK_FIPS202_NATIVE_AARCH64_SRC_DEFAULT_IMPL_H /* Default FIPS202 assembly profile for AArch64 systems */ -#ifdef FIPS202_NATIVE_PROFILE_IMPL_H +#ifdef MLK_FIPS202_NATIVE_PROFILE_IMPL_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define FIPS202_NATIVE_PROFILE_IMPL_H +#define MLK_FIPS202_NATIVE_PROFILE_IMPL_H #include "fips202_native_aarch64.h" @@ -26,24 +26,24 @@ * Keccak-f1600 * * - On Arm-based Apple CPUs, we pick a pure Neon implementation. - * - Otherwise, unless SYS_AARCH64_SLOW_BARREL_SHIFTER is set, + * - Otherwise, unless MLK_SYS_AARCH64_SLOW_BARREL_SHIFTER is set, * we use lazy-rotation scalar assembly from [1]. - * - Otherwise, if SYS_AARCH64_SLOW_BARREL_SHIFTER is set, we + * - Otherwise, if MLK_SYS_AARCH64_SLOW_BARREL_SHIFTER is set, we * fall back to the standard C implementation. */ #if defined(__ARM_FEATURE_SHA3) && defined(__APPLE__) -#define MLKEM_USE_FIPS202_X1_NATIVE -static INLINE void keccak_f1600_x1_native(uint64_t *state) +#define MLK_USE_FIPS202_X1_NATIVE +static MLK_INLINE void keccak_f1600_x1_native(uint64_t *state) { keccak_f1600_x1_v84a_asm_clean(state, keccakf1600_round_constants); } -#elif !defined(SYS_AARCH64_SLOW_BARREL_SHIFTER) -#define MLKEM_USE_FIPS202_X1_NATIVE -static INLINE void keccak_f1600_x1_native(uint64_t *state) +#elif !defined(MLK_SYS_AARCH64_SLOW_BARREL_SHIFTER) +#define MLK_USE_FIPS202_X1_NATIVE +static MLK_INLINE void keccak_f1600_x1_native(uint64_t *state) { keccak_f1600_x1_scalar_asm_opt(state, keccakf1600_round_constants); } -#endif /* !SYS_AARCH64_SLOW_BARREL_SHIFTER */ +#endif /* !MLK_SYS_AARCH64_SLOW_BARREL_SHIFTER */ /* * Keccak-f1600x2/x4 @@ -65,14 +65,14 @@ static INLINE void keccak_f1600_x1_native(uint64_t *state) * instructions only. */ #if defined(__APPLE__) -#define MLKEM_USE_FIPS202_X2_NATIVE -static INLINE void keccak_f1600_x2_native(uint64_t *state) +#define MLK_USE_FIPS202_X2_NATIVE +static MLK_INLINE void keccak_f1600_x2_native(uint64_t *state) { keccak_f1600_x2_v84a_asm_clean(state, keccakf1600_round_constants); } #else /* __APPLE__ */ -#define MLKEM_USE_FIPS202_X4_NATIVE -static INLINE void keccak_f1600_x4_native(uint64_t *state) +#define MLK_USE_FIPS202_X4_NATIVE +static MLK_INLINE void keccak_f1600_x4_native(uint64_t *state) { keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt(state, keccakf1600_round_constants); @@ -81,14 +81,14 @@ static INLINE void keccak_f1600_x4_native(uint64_t *state) #else /* __ARM_FEATURE_SHA3 */ -#define MLKEM_USE_FIPS202_X4_NATIVE -static INLINE void keccak_f1600_x4_native(uint64_t *state) +#define MLK_USE_FIPS202_X4_NATIVE +static MLK_INLINE void keccak_f1600_x4_native(uint64_t *state) { keccak_f1600_x4_scalar_v8a_asm_hybrid_opt(state, keccakf1600_round_constants); } #endif /* __ARM_FEATURE_SHA3 */ -#endif /* FIPS202_NATIVE_PROFILE_H */ +#endif /* MLK_FIPS202_NATIVE_PROFILE_H */ -#endif /* MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_SRC_DEFAULT_IMPL_H */ +#endif /* MLK_FIPS202_NATIVE_AARCH64_SRC_DEFAULT_IMPL_H */ diff --git a/mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h b/mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h index 4cfa1f67f..62777fd6f 100644 --- a/mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h +++ b/mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h @@ -2,44 +2,44 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H -#define MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H +#ifndef MLK_FIPS202_NATIVE_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H +#define MLK_FIPS202_NATIVE_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H #include #include "../../../../common.h" #define keccak_f1600_x1_scalar_asm_opt \ - MLKEM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt) + MLK_NAMESPACE(keccak_f1600_x1_scalar_asm_opt) void keccak_f1600_x1_scalar_asm_opt(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x1_v84a_asm_clean \ - MLKEM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean) + MLK_NAMESPACE(keccak_f1600_x1_v84a_asm_clean) void keccak_f1600_x1_v84a_asm_clean(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x2_v84a_asm_clean \ - MLKEM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean) + MLK_NAMESPACE(keccak_f1600_x2_v84a_asm_clean) void keccak_f1600_x2_v84a_asm_clean(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x2_v8a_v84a_asm_hybrid \ - MLKEM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid) + MLK_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid) void keccak_f1600_x2_v8a_v84a_asm_hybrid(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x4_scalar_v8a_asm_hybrid_opt \ - MLKEM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) + MLK_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) void keccak_f1600_x4_scalar_v8a_asm_hybrid_opt(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x4_scalar_v84a_asm_hybrid_opt \ - MLKEM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) + MLK_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) void keccak_f1600_x4_scalar_v84a_asm_hybrid_opt(uint64_t *state, uint64_t const *rc); #define keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt \ - MLKEM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt) + MLK_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt) void keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt(uint64_t *state, uint64_t const *rc); -#define keccakf1600_round_constants MLKEM_NAMESPACE(keccakf1600_round_constants) +#define keccakf1600_round_constants MLK_NAMESPACE(keccakf1600_round_constants) extern const uint64_t keccakf1600_round_constants[]; -#endif /* MLKEM_NATIVE_FIPS202_NATIVE_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H */ +#endif /* MLK_FIPS202_NATIVE_AARCH64_SRC_FIPS202_NATIVE_AARCH64_H */ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S index 0fdbf1d44..609311fc6 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm_opt.S @@ -28,9 +28,9 @@ // Author: Matthias Kannwischer #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -40,8 +40,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt) -MLKEM_ASM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt): +.global MLK_ASM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt) +MLK_ASM_NAMESPACE(keccak_f1600_x1_scalar_asm_opt): sub sp, sp, #0x80 stp x19, x20, [sp, #0x20] @@ -336,6 +336,6 @@ keccak_f1600_x1_scalar_loop: add sp, sp, #0x80 ret -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S index 60a208fe6..0f7a30fe8 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm_clean.S @@ -38,9 +38,9 @@ // #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) @@ -52,8 +52,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean) -MLKEM_ASM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean): +.global MLK_ASM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean) +MLK_ASM_NAMESPACE(keccak_f1600_x1_v84a_asm_clean): sub sp, sp, #0xa0 stp d8, d9, [sp] @@ -169,6 +169,6 @@ keccak_f1600_x1_v84a_loop: #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S index 649abb37d..6374d8ca9 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm_clean.S @@ -38,9 +38,9 @@ // #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) @@ -52,8 +52,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean) -MLKEM_ASM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean): +.global MLK_ASM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean) +MLK_ASM_NAMESPACE(keccak_f1600_x2_v84a_asm_clean): sub sp, sp, #0xa0 stp d8, d9, [sp] @@ -195,6 +195,6 @@ keccak_f1600_x2_v84a_loop: #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S index 9e0217d82..21bf7807f 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x2_v8a_v84a_asm_hybrid.S @@ -38,9 +38,9 @@ // #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) @@ -52,8 +52,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid) -MLKEM_ASM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid): +.global MLK_ASM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid) +MLK_ASM_NAMESPACE(keccak_f1600_x2_v8a_v84a_asm_hybrid): sub sp, sp, #0xa0 stp x19, x20, [sp, #0x40] @@ -254,6 +254,6 @@ keccak_f1600_x2_v8a_v84a_loop: #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S index 7d11591c9..7750645f1 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_scalar_v84a_asm_hybrid_opt.S @@ -28,9 +28,9 @@ // Author: Matthias Kannwischer #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) @@ -42,8 +42,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) -MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt): +.global MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) +MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt): sub sp, sp, #0xe0 stp x19, x20, [sp, #0x30] @@ -810,6 +810,6 @@ keccak_f1600_x4_scalar_v84a_hybrid_done: #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S index e09ded2bb..7f07e8df5 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm_opt.S @@ -28,9 +28,9 @@ // Author: Matthias Kannwischer #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -40,8 +40,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) -MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt): +.global MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) +MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt): sub sp, sp, #0xe0 stp x19, x20, [sp, #0x30] @@ -992,6 +992,6 @@ keccak_f1600_x4_v8a_scalar_hybrid_done: add sp, sp, #0xe0 ret -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S index db5994051..1d077e995 100644 --- a/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S +++ b/mlkem/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm_opt.S @@ -28,9 +28,9 @@ // Author: Matthias Kannwischer #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #if defined(__ARM_FEATURE_SHA3) @@ -42,8 +42,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt) -MLKEM_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt): +.global MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt) +MLK_ASM_NAMESPACE(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt): sub sp, sp, #0xe0 stp x19, x20, [sp, #0x30] @@ -902,6 +902,6 @@ keccak_f1600_x4_v8a_v84a_scalar_hybrid_done: #endif /* __ARM_FEATURE_SHA3 */ -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c b/mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c index 29101c742..793329584 100644 --- a/mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c +++ b/mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c @@ -5,14 +5,14 @@ #include "../../../../common.h" -#if (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55)) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "fips202_native_aarch64.h" -ALIGN const uint64_t keccakf1600_round_constants[] = { +MLK_ALIGN const uint64_t keccakf1600_round_constants[] = { 0x0000000000000001, 0x0000000000008082, 0x800000000000808a, 0x8000000080008000, 0x000000000000808b, 0x0000000080000001, 0x8000000080008081, 0x8000000000008009, 0x000000000000008a, @@ -23,12 +23,12 @@ ALIGN const uint64_t keccakf1600_round_constants[] = { 0x8000000000008080, 0x0000000080000001, 0x8000000080008008, }; -#else /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#else /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ -MLKEM_NATIVE_EMPTY_CU(fips202_aarch64_round_constants) +MLK_EMPTY_CU(fips202_aarch64_round_constants) -#endif /* (defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT) || \ - defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)*/ +#endif /* (defined(MLK_FIPS202_BACKEND_AARCH64_DEFAULT) || \ + defined(MLK_FIPS202_BACKEND_AARCH64_A55) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)*/ diff --git a/mlkem/fips202/native/api.h b/mlkem/fips202/native/api.h index 08e70b8b7..973e49945 100644 --- a/mlkem/fips202/native/api.h +++ b/mlkem/fips202/native/api.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_NATIVE_API_H -#define MLKEM_NATIVE_FIPS202_NATIVE_API_H +#ifndef MLK_FIPS202_NATIVE_API_H +#define MLK_FIPS202_NATIVE_API_H /* * FIPS-202 native interface * @@ -21,28 +21,28 @@ * A _backend_ is a specific implementation of parts of this interface. * * You can replace 1-fold, 2-fold, or 4-fold batched Keccak-F1600. - * To enable, set MLKEM_USE_FIPS202_X{1,2,4}_NATIVE in your backend, + * To enable, set MLK_USE_FIPS202_X{1,2,4}_NATIVE in your backend, * and define the inline wrapper keccak_f1600_x{1,2,4}_native() to * forward to your implementation. */ -#if defined(MLKEM_USE_FIPS202_X1_NATIVE) -static INLINE void keccak_f1600_x1_native(uint64_t *state) +#if defined(MLK_USE_FIPS202_X1_NATIVE) +static MLK_INLINE void keccak_f1600_x1_native(uint64_t *state) __contract__( requires(memory_no_alias(state, sizeof(uint64_t) * 25 * 1)) assigns(memory_slice(state, sizeof(uint64_t) * 25 * 1))); #endif -#if defined(MLKEM_USE_FIPS202_X2_NATIVE) -static INLINE void keccak_f1600_x2_native(uint64_t *state) +#if defined(MLK_USE_FIPS202_X2_NATIVE) +static MLK_INLINE void keccak_f1600_x2_native(uint64_t *state) __contract__( requires(memory_no_alias(state, sizeof(uint64_t) * 25 * 2)) assigns(memory_slice(state, sizeof(uint64_t) * 25 * 2))); #endif -#if defined(MLKEM_USE_FIPS202_X4_NATIVE) -static INLINE void keccak_f1600_x4_native(uint64_t *state) +#if defined(MLK_USE_FIPS202_X4_NATIVE) +static MLK_INLINE void keccak_f1600_x4_native(uint64_t *state) __contract__( requires(memory_no_alias(state, sizeof(uint64_t) * 25 * 4)) assigns(memory_slice(state, sizeof(uint64_t) * 25 * 4))); #endif -#endif /* MLKEM_NATIVE_FIPS202_NATIVE_API_H */ +#endif /* MLK_FIPS202_NATIVE_API_H */ diff --git a/mlkem/fips202/native/meta.h b/mlkem/fips202/native/meta.h index 511bd8af7..a3a2ceaa8 100644 --- a/mlkem/fips202/native/meta.h +++ b/mlkem/fips202/native/meta.h @@ -3,20 +3,20 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_NATIVE_META_H -#define MLKEM_NATIVE_FIPS202_NATIVE_META_H +#ifndef MLK_FIPS202_NATIVE_META_H +#define MLK_FIPS202_NATIVE_META_H /* * Default FIPS202 backend */ #include "../../sys.h" -#if defined(SYS_AARCH64) +#if defined(MLK_SYS_AARCH64) #include "aarch64/meta.h" #endif -#if defined(SYS_X86_64) && defined(SYS_X86_64_AVX2) +#if defined(MLK_SYS_X86_64) && defined(MLK_SYS_X86_64_AVX2) #include "x86_64/meta.h" #endif -#endif /* MLKEM_NATIVE_FIPS202_NATIVE_META_H */ +#endif /* MLK_FIPS202_NATIVE_META_H */ diff --git a/mlkem/fips202/native/x86_64/meta.h b/mlkem/fips202/native/x86_64/meta.h index f077bc756..761679168 100644 --- a/mlkem/fips202/native/x86_64/meta.h +++ b/mlkem/fips202/native/x86_64/meta.h @@ -3,27 +3,26 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_NATIVE_X86_64_META_H -#define MLKEM_NATIVE_FIPS202_NATIVE_X86_64_META_H +#ifndef MLK_FIPS202_NATIVE_X86_64_META_H +#define MLK_FIPS202_NATIVE_X86_64_META_H /* Default FIPS202 assembly profile for AArch64 systems */ -#ifdef MLKEM_NATIVE_FIPS202_PROFILE_H +#ifdef MLK_FIPS202_PROFILE_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_FIPS202_PROFILE_H +#define MLK_FIPS202_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP +#define MLK_FIPS202_BACKEND_X86_64_XKCP -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME X86_64_XKCP +#define MLK_FIPS202_BACKEND_NAME X86_64_XKCP /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_IMPL \ - "../fips202/native/x86_64/src/xkcp_impl.h" +#define MLK_FIPS202_BACKEND_IMPL "../fips202/native/x86_64/src/xkcp_impl.h" -#endif /* MLKEM_NATIVE_FIPS202_PROFILE_H */ +#endif /* MLK_FIPS202_PROFILE_H */ -#endif /* MLKEM_NATIVE_FIPS202_NATIVE_X86_64_META_H */ +#endif /* MLK_FIPS202_NATIVE_X86_64_META_H */ diff --git a/mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c b/mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c index dbf696cbd..96459df8e 100644 --- a/mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c +++ b/mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c @@ -25,15 +25,15 @@ and related or neighboring rights to the source code in this file. */ #include "../../../../common.h" -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_FIPS202_BACKEND_X86_64_XKCP) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include #include "xkcp_impl.h" -#ifndef SYS_LITTLE_ENDIAN +#ifndef MLK_SYS_LITTLE_ENDIAN #error Expecting a little-endian platform #endif @@ -302,7 +302,7 @@ static const uint64_t rho56[4] = {0x0007060504030201, 0x080F0E0D0C0B0A09, E##su = XOR256(Bsu, ANDnu256(Bsa, Bse)); -static ALIGN const uint64_t KeccakF1600RoundConstants[24] = { +static MLK_ALIGN const uint64_t KeccakF1600RoundConstants[24] = { (uint64_t)0x0000000000000001ULL, (uint64_t)0x0000000000008082ULL, (uint64_t)0x800000000000808aULL, (uint64_t)0x8000000080008000ULL, (uint64_t)0x000000000000808bULL, (uint64_t)0x0000000080000001ULL, @@ -454,13 +454,13 @@ void KeccakP1600times4_PermuteAll_24rounds(void *states) rounds24 copyToState(statesAsLanes, A) } -#else /* defined(MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_FIPS202_BACKEND_X86_64_XKCP) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(fips202_avx2_keccakx4) +MLK_EMPTY_CU(fips202_avx2_keccakx4) -#endif /* defined(MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_FIPS202_BACKEND_X86_64_XKCP) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mlkem/fips202/native/x86_64/src/xkcp_impl.h b/mlkem/fips202/native/x86_64/src/xkcp_impl.h index cc050923f..56ad21e2d 100644 --- a/mlkem/fips202/native/x86_64/src/xkcp_impl.h +++ b/mlkem/fips202/native/x86_64/src/xkcp_impl.h @@ -3,27 +3,27 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_FIPS202_NATIVE_X86_64_SRC_XKCP_IMPL_H -#define MLKEM_NATIVE_FIPS202_NATIVE_X86_64_SRC_XKCP_IMPL_H +#ifndef MLK_FIPS202_NATIVE_X86_64_SRC_XKCP_IMPL_H +#define MLK_FIPS202_NATIVE_X86_64_SRC_XKCP_IMPL_H /* Default FIPS202 assembly profile for AArch64 systems */ -#ifdef MLKEM_NATIVE_FIPS202_PROFILE_IMPL_H +#ifdef MLK_FIPS202_PROFILE_IMPL_H #error Only one FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_FIPS202_PROFILE_IMPL_H +#define MLK_FIPS202_PROFILE_IMPL_H #include "../../../../common.h" #define KeccakP1600times4_PermuteAll_24rounds \ - MLKEM_NAMESPACE(KeccakP1600times4_PermuteAll_24rounds) + MLK_NAMESPACE(KeccakP1600times4_PermuteAll_24rounds) void KeccakP1600times4_PermuteAll_24rounds(void *states); -#define MLKEM_USE_FIPS202_X4_NATIVE -static INLINE void keccak_f1600_x4_native(uint64_t *state) +#define MLK_USE_FIPS202_X4_NATIVE +static MLK_INLINE void keccak_f1600_x4_native(uint64_t *state) { KeccakP1600times4_PermuteAll_24rounds(state); } -#endif /* MLKEM_NATIVE_FIPS202_PROFILE_IMPL_H */ +#endif /* MLK_FIPS202_PROFILE_IMPL_H */ -#endif /* MLKEM_NATIVE_FIPS202_NATIVE_X86_64_SRC_XKCP_IMPL_H */ +#endif /* MLK_FIPS202_NATIVE_X86_64_SRC_XKCP_IMPL_H */ diff --git a/mlkem/indcpa.c b/mlkem/indcpa.c index f6ae2ffb8..ee2431787 100644 --- a/mlkem/indcpa.c +++ b/mlkem/indcpa.c @@ -26,13 +26,13 @@ * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define pack_pk MLKEM_NAMESPACE_K(pack_pk) -#define unpack_pk MLKEM_NAMESPACE_K(unpack_pk) -#define pack_sk MLKEM_NAMESPACE_K(pack_sk) -#define unpack_sk MLKEM_NAMESPACE_K(unpack_sk) -#define pack_ciphertext MLKEM_NAMESPACE_K(pack_ciphertext) -#define unpack_ciphertext MLKEM_NAMESPACE_K(unpack_ciphertext) -#define matvec_mul MLKEM_NAMESPACE_K(matvec_mul) +#define pack_pk MLK_NAMESPACE_K(pack_pk) +#define unpack_pk MLK_NAMESPACE_K(unpack_pk) +#define pack_sk MLK_NAMESPACE_K(pack_sk) +#define unpack_sk MLK_NAMESPACE_K(unpack_sk) +#define pack_ciphertext MLK_NAMESPACE_K(pack_ciphertext) +#define unpack_ciphertext MLK_NAMESPACE_K(unpack_ciphertext) +#define matvec_mul MLK_NAMESPACE_K(matvec_mul) /* End of static namespacing */ /************************************************* @@ -76,7 +76,7 @@ static void unpack_pk(polyvec *pk, uint8_t seed[MLKEM_SYMBYTES], /* NOTE: If a modulus check was conducted on the PK, we know at this * point that the coefficients of `pk` are unsigned canonical. The * specifications and proofs, however, do _not_ assume this, and instead - * work with the easily provable bound by UINT12_LIMIT. */ + * work with the easily provable bound by MLKEM_UINT12_LIMIT. */ } /************************************************* @@ -144,13 +144,13 @@ static void unpack_ciphertext(polyvec *b, poly *v, poly_decompress_dv(v, c + MLKEM_POLYVECCOMPRESSEDBYTES_DU); } -#if !defined(MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER) +#if !defined(MLK_USE_NATIVE_NTT_CUSTOM_ORDER) /* This namespacing is not done at the top to avoid a naming conflict * with native backends, which are currently not yet namespaced. */ #define poly_permute_bitrev_to_custom \ - MLKEM_NAMESPACE_K(poly_permute_bitrev_to_custom) + MLK_NAMESPACE_K(poly_permute_bitrev_to_custom) -static INLINE void poly_permute_bitrev_to_custom(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_permute_bitrev_to_custom(int16_t data[MLKEM_N]) __contract__( /* We don't specify that this should be a permutation, but only * that it does not change the bound established at the end of gen_matrix. */ @@ -158,10 +158,10 @@ __contract__( requires(array_bound(data, 0, MLKEM_N, 0, MLKEM_Q)) assigns(memory_slice(data, sizeof(poly))) ensures(array_bound(data, 0, MLKEM_N, 0, MLKEM_Q))) { ((void)data); } -#endif /* MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER */ +#endif /* MLK_USE_NATIVE_NTT_CUSTOM_ORDER */ /* Not static for benchmarking */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void gen_matrix(polyvec *a, const uint8_t seed[MLKEM_SYMBYTES], int transposed) { unsigned i, j; @@ -171,10 +171,10 @@ void gen_matrix(polyvec *a, const uint8_t seed[MLKEM_SYMBYTES], int transposed) * of the same parent object. */ - ALIGN uint8_t seed0[MLKEM_SYMBYTES + 2]; - ALIGN uint8_t seed1[MLKEM_SYMBYTES + 2]; - ALIGN uint8_t seed2[MLKEM_SYMBYTES + 2]; - ALIGN uint8_t seed3[MLKEM_SYMBYTES + 2]; + MLK_ALIGN uint8_t seed0[MLKEM_SYMBYTES + 2]; + MLK_ALIGN uint8_t seed1[MLKEM_SYMBYTES + 2]; + MLK_ALIGN uint8_t seed2[MLKEM_SYMBYTES + 2]; + MLK_ALIGN uint8_t seed3[MLKEM_SYMBYTES + 2]; uint8_t *seedxy[4]; seedxy[0] = seed0; seedxy[1] = seed1; @@ -273,7 +273,7 @@ __contract__( requires(memory_no_alias(vc, sizeof(polyvec_mulcache))) requires(forall(k0, 0, MLKEM_K, forall(k1, 0, MLKEM_K, - array_bound(a[k0].vec[k1].coeffs, 0, MLKEM_N, 0, UINT12_LIMIT)))) + array_bound(a[k0].vec[k1].coeffs, 0, MLKEM_N, 0, MLKEM_UINT12_LIMIT)))) assigns(object_whole(out))) { unsigned i; @@ -286,18 +286,18 @@ __contract__( } } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void indcpa_keypair_derand(uint8_t pk[MLKEM_INDCPA_PUBLICKEYBYTES], uint8_t sk[MLKEM_INDCPA_SECRETKEYBYTES], const uint8_t coins[MLKEM_SYMBYTES]) { - ALIGN uint8_t buf[2 * MLKEM_SYMBYTES]; + MLK_ALIGN uint8_t buf[2 * MLKEM_SYMBYTES]; const uint8_t *publicseed = buf; const uint8_t *noiseseed = buf + MLKEM_SYMBYTES; polyvec a[MLKEM_K], e, pkpv, skpv; polyvec_mulcache skpv_cache; - ALIGN uint8_t coins_with_domain_separator[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t coins_with_domain_separator[MLKEM_SYMBYTES + 1]; /* Concatenate coins with MLKEM_K for domain separation of security levels */ memcpy(coins_with_domain_separator, coins, MLKEM_SYMBYTES); coins_with_domain_separator[MLKEM_SYMBYTES] = MLKEM_K; @@ -355,13 +355,13 @@ void indcpa_keypair_derand(uint8_t pk[MLKEM_INDCPA_PUBLICKEYBYTES], } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void indcpa_enc(uint8_t c[MLKEM_INDCPA_BYTES], const uint8_t m[MLKEM_INDCPA_MSGBYTES], const uint8_t pk[MLKEM_INDCPA_PUBLICKEYBYTES], const uint8_t coins[MLKEM_SYMBYTES]) { - ALIGN uint8_t seed[MLKEM_SYMBYTES]; + MLK_ALIGN uint8_t seed[MLKEM_SYMBYTES]; polyvec sp, pkpv, ep, at[MLKEM_K], b; poly v, k, epp; polyvec_mulcache sp_cache; @@ -423,7 +423,7 @@ void indcpa_enc(uint8_t c[MLKEM_INDCPA_BYTES], pack_ciphertext(c, &b, &v); } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void indcpa_dec(uint8_t m[MLKEM_INDCPA_MSGBYTES], const uint8_t c[MLKEM_INDCPA_BYTES], const uint8_t sk[MLKEM_INDCPA_SECRETKEYBYTES]) diff --git a/mlkem/indcpa.h b/mlkem/indcpa.h index c728144e7..c8ef76916 100644 --- a/mlkem/indcpa.h +++ b/mlkem/indcpa.h @@ -2,15 +2,15 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_INDCPA_H -#define MLKEM_NATIVE_INDCPA_H +#ifndef MLK_INDCPA_H +#define MLK_INDCPA_H #include #include "cbmc.h" #include "common.h" #include "poly_k.h" -#define gen_matrix MLKEM_NAMESPACE_K(gen_matrix) +#define gen_matrix MLK_NAMESPACE_K(gen_matrix) /************************************************* * Name: gen_matrix * @@ -23,7 +23,7 @@ * - const uint8_t *seed: pointer to input seed * - int transposed: boolean deciding whether A or A^T is generated **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void gen_matrix(polyvec *a, const uint8_t seed[MLKEM_SYMBYTES], int transposed) __contract__( requires(memory_no_alias(a, sizeof(polyvec) * MLKEM_K)) @@ -34,7 +34,7 @@ __contract__( array_bound(a[x].vec[y].coeffs, 0, MLKEM_N, 0, MLKEM_Q)))); ); -#define indcpa_keypair_derand MLKEM_NAMESPACE_K(indcpa_keypair_derand) +#define indcpa_keypair_derand MLK_NAMESPACE_K(indcpa_keypair_derand) /************************************************* * Name: indcpa_keypair_derand * @@ -48,7 +48,7 @@ __contract__( * - const uint8_t *coins: pointer to input randomness * (of length MLKEM_SYMBYTES bytes) **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void indcpa_keypair_derand(uint8_t pk[MLKEM_INDCPA_PUBLICKEYBYTES], uint8_t sk[MLKEM_INDCPA_SECRETKEYBYTES], const uint8_t coins[MLKEM_SYMBYTES]) @@ -60,7 +60,7 @@ __contract__( assigns(object_whole(sk)) ); -#define indcpa_enc MLKEM_NAMESPACE_K(indcpa_enc) +#define indcpa_enc MLK_NAMESPACE_K(indcpa_enc) /************************************************* * Name: indcpa_enc * @@ -76,7 +76,7 @@ __contract__( * - const uint8_t *coins: pointer to input random coins used as *seed (of length MLKEM_SYMBYTES) to deterministically generate all randomness **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void indcpa_enc(uint8_t c[MLKEM_INDCPA_BYTES], const uint8_t m[MLKEM_INDCPA_MSGBYTES], const uint8_t pk[MLKEM_INDCPA_PUBLICKEYBYTES], @@ -89,7 +89,7 @@ __contract__( assigns(object_whole(c)) ); -#define indcpa_dec MLKEM_NAMESPACE_K(indcpa_dec) +#define indcpa_dec MLK_NAMESPACE_K(indcpa_dec) /************************************************* * Name: indcpa_dec * @@ -103,7 +103,7 @@ __contract__( * - const uint8_t *sk: pointer to input secret key * (of length MLKEM_INDCPA_SECRETKEYBYTES) **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void indcpa_dec(uint8_t m[MLKEM_INDCPA_MSGBYTES], const uint8_t c[MLKEM_INDCPA_BYTES], const uint8_t sk[MLKEM_INDCPA_SECRETKEYBYTES]) @@ -114,4 +114,4 @@ __contract__( assigns(object_whole(m)) ); -#endif /* MLKEM_NATIVE_INDCPA_H */ +#endif /* MLK_INDCPA_H */ diff --git a/mlkem/kem.c b/mlkem/kem.c index 8102678fe..f768df07b 100644 --- a/mlkem/kem.c +++ b/mlkem/kem.c @@ -20,8 +20,8 @@ * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define check_pk MLKEM_NAMESPACE_K(check_pk) -#define check_sk MLKEM_NAMESPACE_K(check_sk) +#define check_pk MLK_NAMESPACE_K(check_pk) +#define check_sk MLK_NAMESPACE_K(check_sk) /* End of static namespacing */ #if defined(CBMC) @@ -77,7 +77,7 @@ static int check_pk(const uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES]) **************************************************/ static int check_sk(const uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES]) { - ALIGN uint8_t test[MLKEM_SYMBYTES]; + MLK_ALIGN uint8_t test[MLKEM_SYMBYTES]; /* * The parts of `sk` being hashed and compared here are public, so * no public information is leaked through the runtime or the return value @@ -118,7 +118,7 @@ int crypto_kem_keypair_derand(uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES], int crypto_kem_keypair(uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES], uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES]) { - ALIGN uint8_t coins[2 * MLKEM_SYMBYTES]; + MLK_ALIGN uint8_t coins[2 * MLKEM_SYMBYTES]; randombytes(coins, 2 * MLKEM_SYMBYTES); crypto_kem_keypair_derand(pk, sk, coins); return 0; @@ -129,9 +129,9 @@ int crypto_kem_enc_derand(uint8_t ct[MLKEM_INDCCA_CIPHERTEXTBYTES], const uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES], const uint8_t coins[MLKEM_SYMBYTES]) { - ALIGN uint8_t buf[2 * MLKEM_SYMBYTES]; + MLK_ALIGN uint8_t buf[2 * MLKEM_SYMBYTES]; /* Will contain key, coins */ - ALIGN uint8_t kr[2 * MLKEM_SYMBYTES]; + MLK_ALIGN uint8_t kr[2 * MLKEM_SYMBYTES]; if (check_pk(pk)) { @@ -155,7 +155,7 @@ int crypto_kem_enc(uint8_t ct[MLKEM_INDCCA_CIPHERTEXTBYTES], uint8_t ss[MLKEM_SSBYTES], const uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES]) { - ALIGN uint8_t coins[MLKEM_SYMBYTES]; + MLK_ALIGN uint8_t coins[MLKEM_SYMBYTES]; randombytes(coins, MLKEM_SYMBYTES); return crypto_kem_enc_derand(ct, ss, pk, coins); } @@ -165,9 +165,9 @@ int crypto_kem_dec(uint8_t ss[MLKEM_SSBYTES], const uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES]) { uint8_t fail; - ALIGN uint8_t buf[2 * MLKEM_SYMBYTES]; + MLK_ALIGN uint8_t buf[2 * MLKEM_SYMBYTES]; /* Will contain key, coins */ - ALIGN uint8_t kr[2 * MLKEM_SYMBYTES]; + MLK_ALIGN uint8_t kr[2 * MLKEM_SYMBYTES]; const uint8_t *pk = sk + MLKEM_INDCPA_SECRETKEYBYTES; if (check_sk(sk)) @@ -185,7 +185,7 @@ int crypto_kem_dec(uint8_t ss[MLKEM_SSBYTES], /* Recompute and compare ciphertext */ { /* Temporary buffer */ - ALIGN uint8_t cmp[MLKEM_INDCCA_CIPHERTEXTBYTES]; + MLK_ALIGN uint8_t cmp[MLKEM_INDCCA_CIPHERTEXTBYTES]; /* coins are in kr+MLKEM_SYMBYTES */ indcpa_enc(cmp, buf, pk, kr + MLKEM_SYMBYTES); fail = ct_memcmp(ct, cmp, MLKEM_INDCCA_CIPHERTEXTBYTES); @@ -194,7 +194,7 @@ int crypto_kem_dec(uint8_t ss[MLKEM_SSBYTES], /* Compute rejection key */ { /* Temporary buffer */ - ALIGN uint8_t tmp[MLKEM_SYMBYTES + MLKEM_INDCCA_CIPHERTEXTBYTES]; + MLK_ALIGN uint8_t tmp[MLKEM_SYMBYTES + MLKEM_INDCCA_CIPHERTEXTBYTES]; memcpy(tmp, sk + MLKEM_INDCCA_SECRETKEYBYTES - MLKEM_SYMBYTES, MLKEM_SYMBYTES); memcpy(tmp + MLKEM_SYMBYTES, ct, MLKEM_INDCCA_CIPHERTEXTBYTES); diff --git a/mlkem/kem.h b/mlkem/kem.h index e4ee78a67..f6bdb9332 100644 --- a/mlkem/kem.h +++ b/mlkem/kem.h @@ -2,14 +2,14 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_KEM_H -#define MLKEM_NATIVE_KEM_H +#ifndef MLK_KEM_H +#define MLK_KEM_H #include #include "cbmc.h" #include "common.h" -#if defined(MLKEM_NATIVE_CHECK_APIS) +#if defined(MLK_CHECK_APIS) /* Include to ensure consistency between internal kem.h * and external mlkem_native.h. */ #include "mlkem_native.h" @@ -27,11 +27,11 @@ #endif #else -#define crypto_kem_keypair_derand MLKEM_NAMESPACE_K(keypair_derand) -#define crypto_kem_keypair MLKEM_NAMESPACE_K(keypair) -#define crypto_kem_enc_derand MLKEM_NAMESPACE_K(enc_derand) -#define crypto_kem_enc MLKEM_NAMESPACE_K(enc) -#define crypto_kem_dec MLKEM_NAMESPACE_K(dec) +#define crypto_kem_keypair_derand MLK_NAMESPACE_K(keypair_derand) +#define crypto_kem_keypair MLK_NAMESPACE_K(keypair) +#define crypto_kem_enc_derand MLK_NAMESPACE_K(enc_derand) +#define crypto_kem_enc MLK_NAMESPACE_K(enc) +#define crypto_kem_dec MLK_NAMESPACE_K(dec) #endif /************************************************* @@ -180,4 +180,4 @@ __contract__( assigns(object_whole(ss)) ); -#endif /* MLKEM_NATIVE_KEM_H */ +#endif /* MLK_KEM_H */ diff --git a/mlkem/mlkem_native.h b/mlkem/mlkem_native.h index 8cc33a971..fb395b11f 100644 --- a/mlkem/mlkem_native.h +++ b/mlkem/mlkem_native.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_H -#define MLKEM_NATIVE_H +#ifndef MLK_H +#define MLK_H /* * Public API for mlkem-native * @@ -13,8 +13,8 @@ * To use this header, make sure one of the following holds: * * - The config.h used for the build is available in the include paths. - * - The values of BUILD_INFO_LVL and BUILD_INFO_NAMESPACE are set, reflecting - * the security level (512/768/1024) and namespace of the build. + * - The values of MLK_BUILD_INFO_LVL and MLK_BUILD_INFO_NAMESPACE are set, + * reflecting the security level (512/768/1024) and namespace of the build. * * This header specifies a build of mlkem-native for a fixed security level. * If you need multiple builds, e.g. to build a library offering multiple @@ -27,55 +27,55 @@ /*************************** Build information ********************************/ /* - * Provide security level (BUILD_INFO_LVL) and namespacing - * (BUILD_INFO_NAMESPACE) + * Provide security level (MLK_BUILD_INFO_LVL) and namespacing + * (MLK_BUILD_INFO_NAMESPACE) * * By default, this is extracted from the configuration used for the build, * but you can also set it manually to avoid a dependency on the build config. */ -/* Skip this if BUILD_INFO_LVL has already been set */ -#if !defined(BUILD_INFO_LVL) +/* Skip this if MLK_BUILD_INFO_LVL has already been set */ +#if !defined(MLK_BUILD_INFO_LVL) /* Option 1: Extract from config */ -#if defined(MLKEM_NATIVE_CONFIG_FILE) -#include MLKEM_NATIVE_CONFIG_FILE +#if defined(MLK_CONFIG_FILE) +#include MLK_CONFIG_FILE #else #include "config.h" #endif #if MLKEM_K == 2 -#define BUILD_INFO_LVL 512 +#define MLK_BUILD_INFO_LVL 512 #elif MLKEM_K == 3 -#define BUILD_INFO_LVL 768 +#define MLK_BUILD_INFO_LVL 768 #elif MLKEM_K == 4 -#define BUILD_INFO_LVL 1024 +#define MLK_BUILD_INFO_LVL 1024 #else #error MLKEM_K not set by config file #endif -#ifndef MLKEM_NAMESPACE_PREFIX -#error MLKEM_NAMESPACE_PREFIX not set by config file +#ifndef MLK_NAMESPACE_PREFIX +#error MLK_NAMESPACE_PREFIX not set by config file #endif -#if defined(MLKEM_NATIVE_NAMESPACE_PREFIX_ADD_LEVEL) -#define BUILD_INFO_CONCAT3_(x, y, z) x##y##_##z -#define BUILD_INFO_CONCAT3(x, y, z) BUILD_INFO_CONCAT_(x, y, z) -#define BUILD_INFO_NAMESPACE(sym) \ - BUILD_INFO_CONCAT3(MLKEM_NAMESPACE_PREFIX, BUILD_INFO_LVL, sym) +#if defined(MLK_NAMESPACE_PREFIX_ADD_LEVEL) +#define MLK_BUILD_INFO_CONCAT3_(x, y, z) x##y##_##z +#define MLK_BUILD_INFO_CONCAT3(x, y, z) MLK_BUILD_INFO_CONCAT_(x, y, z) +#define MLK_BUILD_INFO_NAMESPACE(sym) \ + MLK_BUILD_INFO_CONCAT3(MLK_NAMESPACE_PREFIX, MLK_BUILD_INFO_LVL, sym) #else -#define BUILD_INFO_CONCAT2_(x, y) x##_##y -#define BUILD_INFO_CONCAT2(x, y) BUILD_INFO_CONCAT2_(x, y) -#define BUILD_INFO_NAMESPACE(sym) \ - BUILD_INFO_CONCAT2(MLKEM_NAMESPACE_PREFIX, sym) +#define MLK_BUILD_INFO_CONCAT2_(x, y) x##_##y +#define MLK_BUILD_INFO_CONCAT2(x, y) MLK_BUILD_INFO_CONCAT2_(x, y) +#define MLK_BUILD_INFO_NAMESPACE(sym) \ + MLK_BUILD_INFO_CONCAT2(MLK_NAMESPACE_PREFIX, sym) #endif -#endif /* BUILD_INFO_LVL */ +#endif /* MLK_BUILD_INFO_LVL */ -/* Option 2: Provide BUILD_INFO_LVL and BUILD_INFO_NAMESPACE manually */ +/* Option 2: Provide MLK_BUILD_INFO_LVL and MLK_BUILD_INFO_NAMESPACE manually */ -/* #define BUILD_INFO_LVL ADJUSTME */ -/* #define BUILD_INFO_NAMESPACE(sym) ADJUSTME */ +/* #define MLK_BUILD_INFO_LVL ADJUSTME */ +/* #define MLK_BUILD_INFO_NAMESPACE(sym) ADJUSTME */ /******************************* Key sizes ************************************/ @@ -128,9 +128,9 @@ * * Returns 0 (success) **************************************************/ -int BUILD_INFO_NAMESPACE(keypair_derand)( - uint8_t pk[MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)], - uint8_t sk[MLKEM_SECRETKEYBYTES(BUILD_INFO_LVL)], const uint8_t *coins); +int MLK_BUILD_INFO_NAMESPACE(keypair_derand)( + uint8_t pk[MLKEM_PUBLICKEYBYTES(MLK_BUILD_INFO_LVL)], + uint8_t sk[MLKEM_SECRETKEYBYTES(MLK_BUILD_INFO_LVL)], const uint8_t *coins); /************************************************* * Name: crypto_kem_keypair @@ -145,9 +145,9 @@ int BUILD_INFO_NAMESPACE(keypair_derand)( * * Returns 0 (success) **************************************************/ -int BUILD_INFO_NAMESPACE(keypair)( - uint8_t pk[MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)], - uint8_t sk[MLKEM_SECRETKEYBYTES(BUILD_INFO_LVL)]); +int MLK_BUILD_INFO_NAMESPACE(keypair)( + uint8_t pk[MLKEM_PUBLICKEYBYTES(MLK_BUILD_INFO_LVL)], + uint8_t sk[MLKEM_SECRETKEYBYTES(MLK_BUILD_INFO_LVL)]); /************************************************* * Name: crypto_kem_enc_derand @@ -167,9 +167,10 @@ int BUILD_INFO_NAMESPACE(keypair)( * Returns 0 on success, and -1 if the public key modulus check (see Section 7.2 * of FIPS203) fails. **************************************************/ -int BUILD_INFO_NAMESPACE(enc_derand)( - uint8_t ct[MLKEM_CIPHERTEXTBYTES(BUILD_INFO_LVL)], uint8_t ss[MLKEM_BYTES], - const uint8_t pk[MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)], +int MLK_BUILD_INFO_NAMESPACE(enc_derand)( + uint8_t ct[MLKEM_CIPHERTEXTBYTES(MLK_BUILD_INFO_LVL)], + uint8_t ss[MLKEM_BYTES], + const uint8_t pk[MLKEM_PUBLICKEYBYTES(MLK_BUILD_INFO_LVL)], const uint8_t coins[MLKEM_SYMBYTES]); /************************************************* @@ -188,9 +189,10 @@ int BUILD_INFO_NAMESPACE(enc_derand)( * Returns 0 on success, and -1 if the public key modulus check (see Section 7.2 * of FIPS203) fails. **************************************************/ -int BUILD_INFO_NAMESPACE(enc)( - uint8_t ct[MLKEM_CIPHERTEXTBYTES(BUILD_INFO_LVL)], uint8_t ss[MLKEM_BYTES], - const uint8_t pk[MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)]); +int MLK_BUILD_INFO_NAMESPACE(enc)( + uint8_t ct[MLKEM_CIPHERTEXTBYTES(MLK_BUILD_INFO_LVL)], + uint8_t ss[MLKEM_BYTES], + const uint8_t pk[MLKEM_PUBLICKEYBYTES(MLK_BUILD_INFO_LVL)]); /************************************************* * Name: crypto_kem_dec @@ -210,10 +212,10 @@ int BUILD_INFO_NAMESPACE(enc)( * * On failure, ss will contain a pseudo-random value. **************************************************/ -int BUILD_INFO_NAMESPACE(dec)( +int MLK_BUILD_INFO_NAMESPACE(dec)( uint8_t ss[MLKEM_BYTES], - const uint8_t ct[MLKEM_CIPHERTEXTBYTES(BUILD_INFO_LVL)], - const uint8_t sk[MLKEM_SECRETKEYBYTES(BUILD_INFO_LVL)]); + const uint8_t ct[MLKEM_CIPHERTEXTBYTES(MLK_BUILD_INFO_LVL)], + const uint8_t sk[MLKEM_SECRETKEYBYTES(MLK_BUILD_INFO_LVL)]); /****************************** Standard API *********************************/ @@ -223,26 +225,26 @@ int BUILD_INFO_NAMESPACE(dec)( * Remove this if you don't need it, or if you need multiple instances * of this header. */ -#if !defined(BUILD_INFO_NO_STANDARD_API) -#define CRYPTO_SECRETKEYBYTES MLKEM_SECRETKEYBYTES(BUILD_INFO_LVL) -#define CRYPTO_PUBLICKEYBYTES MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL) -#define CRYPTO_CIPHERTEXTBYTES MLKEM_CIPHERTEXTBYTES(BUILD_INFO_LVL) +#if !defined(MLK_BUILD_INFO_NO_STANDARD_API) +#define CRYPTO_SECRETKEYBYTES MLKEM_SECRETKEYBYTES(MLK_BUILD_INFO_LVL) +#define CRYPTO_PUBLICKEYBYTES MLKEM_PUBLICKEYBYTES(MLK_BUILD_INFO_LVL) +#define CRYPTO_CIPHERTEXTBYTES MLKEM_CIPHERTEXTBYTES(MLK_BUILD_INFO_LVL) #define CRYPTO_SYMBYTES MLKEM_SYMBYTES #define CRYPTO_BYTES MLKEM_BYTES -#define crypto_kem_keypair_derand BUILD_INFO_NAMESPACE(keypair_derand) -#define crypto_kem_keypair BUILD_INFO_NAMESPACE(keypair) -#define crypto_kem_enc_derand BUILD_INFO_NAMESPACE(enc_derand) -#define crypto_kem_enc BUILD_INFO_NAMESPACE(enc) -#define crypto_kem_dec BUILD_INFO_NAMESPACE(dec) -#endif /* BUILD_INFO_NO_STANDARD_API */ +#define crypto_kem_keypair_derand MLK_BUILD_INFO_NAMESPACE(keypair_derand) +#define crypto_kem_keypair MLK_BUILD_INFO_NAMESPACE(keypair) +#define crypto_kem_enc_derand MLK_BUILD_INFO_NAMESPACE(enc_derand) +#define crypto_kem_enc MLK_BUILD_INFO_NAMESPACE(enc) +#define crypto_kem_dec MLK_BUILD_INFO_NAMESPACE(dec) +#endif /* MLK_BUILD_INFO_NO_STANDARD_API */ /********************************* Cleanup ************************************/ /* Unset build information to allow multiple instances of this header. * Keep this commented out when using the standard API. */ -/* #undef BUILD_INFO_LVL */ -/* #undef BUILD_INFO_NAMESPACE */ +/* #undef MLK_BUILD_INFO_LVL */ +/* #undef MLK_BUILD_INFO_NAMESPACE */ -#endif /* MLKEM_NATIVE_H */ +#endif /* MLK_H */ diff --git a/mlkem/native/aarch64/meta.h b/mlkem/native/aarch64/meta.h index eb3adb17c..3c0567ac0 100644 --- a/mlkem/native/aarch64/meta.h +++ b/mlkem/native/aarch64/meta.h @@ -3,24 +3,24 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_AARCH64_META_H -#define MLKEM_NATIVE_NATIVE_AARCH64_META_H -#ifdef MLKEM_NATIVE_ARITH_PROFILE_H +#ifndef MLK_NATIVE_AARCH64_META_H +#define MLK_NATIVE_AARCH64_META_H +#ifdef MLK_ARITH_PROFILE_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_H +#define MLK_ARITH_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT +#define MLK_ARITH_BACKEND_AARCH64_OPT -#define MLKEM_NATIVE_ARITH_BACKEND_NAME AARCH64_OPT +#define MLK_ARITH_BACKEND_NAME AARCH64_OPT /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_ARITH_BACKEND_IMPL "native/aarch64/src/opt_impl.h" +#define MLK_ARITH_BACKEND_IMPL "native/aarch64/src/opt_impl.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_H */ +#endif /* MLK_ARITH_PROFILE_H */ -#endif /* MLKEM_NATIVE_NATIVE_AARCH64_META_H */ +#endif /* MLK_NATIVE_AARCH64_META_H */ diff --git a/mlkem/native/aarch64/src/aarch64_zetas.c b/mlkem/native/aarch64/src/aarch64_zetas.c index 5a4e4be39..1b7184ec6 100644 --- a/mlkem/native/aarch64/src/aarch64_zetas.c +++ b/mlkem/native/aarch64/src/aarch64_zetas.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "arith_native_aarch64.h" @@ -20,7 +20,7 @@ * Table of zeta values used in the AArch64 forward NTT * See autogen for details. */ -ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = { +MLK_ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = { -1600, -15749, -749, -7373, -40, -394, -687, -6762, 630, 6201, -1432, -14095, 848, 8347, 0, 0, 1062, 10453, 296, 2914, -882, -8682, 0, 0, -1410, -13879, 1339, 13180, 1476, 14529, @@ -31,7 +31,7 @@ ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = { 0, 0, -1583, -15582, -1355, -13338, 821, 8081, 0, 0, }; -ALIGN const int16_t aarch64_ntt_zetas_layer56[] = { +MLK_ALIGN const int16_t aarch64_ntt_zetas_layer56[] = { 289, 289, 331, 331, -76, -76, -1573, -1573, 2845, 2845, 3258, 3258, -748, -748, -15483, -15483, 17, 17, 583, 583, 1637, 1637, -1041, -1041, 167, 167, 5739, @@ -77,7 +77,7 @@ ALIGN const int16_t aarch64_ntt_zetas_layer56[] = { 10129, 10129, -3878, -3878, -11566, -11566, }; -ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = { +MLK_ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = { 1583, 15582, -821, -8081, 1355, 13338, 0, 0, -569, -5601, 450, 4429, 936, 9213, 0, 0, 69, 679, 447, 4400, -535, -5266, 0, 0, 543, 5345, 1235, 12156, -1426, -14036, @@ -88,7 +88,7 @@ ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = { -848, -8347, 1432, 14095, -630, -6201, 687, 6762, 0, 0, }; -ALIGN const int16_t aarch64_invntt_zetas_layer56[] = { +MLK_ALIGN const int16_t aarch64_invntt_zetas_layer56[] = { -910, -910, -1227, -1227, 219, 219, 855, 855, -8957, -8957, -12078, -12078, 2156, 2156, 8416, 8416, 1175, 1175, 394, 394, -1029, -1029, -1212, -1212, 11566, 11566, 3878, @@ -134,7 +134,7 @@ ALIGN const int16_t aarch64_invntt_zetas_layer56[] = { -16113, -16113, -5739, -5739, -167, -167, }; -ALIGN const int16_t aarch64_zetas_mulcache_native[] = { +MLK_ALIGN const int16_t aarch64_zetas_mulcache_native[] = { 17, -17, -568, 568, 583, -583, -680, 680, 1637, -1637, 723, -723, -1041, 1041, 1100, -1100, 1409, -1409, -667, 667, -48, 48, 233, -233, 756, -756, -1173, 1173, -314, 314, -279, 279, -1626, @@ -149,7 +149,7 @@ ALIGN const int16_t aarch64_zetas_mulcache_native[] = { 1219, -394, 394, 885, -885, -1175, 1175, }; -ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = { +MLK_ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = { 167, -167, -5591, 5591, 5739, -5739, -6693, 6693, 16113, -16113, 7117, -7117, -10247, 10247, 10828, -10828, 13869, -13869, -6565, 6565, -472, 472, 2293, -2293, 7441, -7441, -11546, @@ -167,11 +167,11 @@ ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = { -11566, 11566, }; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(aarch64_zetas) +MLK_EMPTY_CU(aarch64_zetas) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/native/aarch64/src/arith_native_aarch64.h b/mlkem/native/aarch64/src/arith_native_aarch64.h index b630918f6..d3fd58a67 100644 --- a/mlkem/native/aarch64/src/arith_native_aarch64.h +++ b/mlkem/native/aarch64/src/arith_native_aarch64.h @@ -2,24 +2,22 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_AARCH64_SRC_ARITH_NATIVE_AARCH64_H -#define MLKEM_NATIVE_NATIVE_AARCH64_SRC_ARITH_NATIVE_AARCH64_H +#ifndef MLK_NATIVE_AARCH64_SRC_ARITH_NATIVE_AARCH64_H +#define MLK_NATIVE_AARCH64_SRC_ARITH_NATIVE_AARCH64_H #include #include "../../../common.h" -#define aarch64_ntt_zetas_layer01234 \ - MLKEM_NAMESPACE(aarch64_ntt_zetas_layer01234) -#define aarch64_ntt_zetas_layer56 MLKEM_NAMESPACE(aarch64_ntt_zetas_layer56) +#define aarch64_ntt_zetas_layer01234 MLK_NAMESPACE(aarch64_ntt_zetas_layer01234) +#define aarch64_ntt_zetas_layer56 MLK_NAMESPACE(aarch64_ntt_zetas_layer56) #define aarch64_invntt_zetas_layer01234 \ - MLKEM_NAMESPACE(aarch64_invntt_zetas_layer01234) -#define aarch64_invntt_zetas_layer56 \ - MLKEM_NAMESPACE(aarch64_invntt_zetas_layer56) + MLK_NAMESPACE(aarch64_invntt_zetas_layer01234) +#define aarch64_invntt_zetas_layer56 MLK_NAMESPACE(aarch64_invntt_zetas_layer56) #define aarch64_zetas_mulcache_native \ - MLKEM_NAMESPACE(aarch64_zetas_mulcache_native) + MLK_NAMESPACE(aarch64_zetas_mulcache_native) #define aarch64_zetas_mulcache_twisted_native \ - MLKEM_NAMESPACE(aarch64_zetas_mulcache_twisted_native) -#define rej_uniform_table MLKEM_NAMESPACE(rej_uniform_table) + MLK_NAMESPACE(aarch64_zetas_mulcache_twisted_native) +#define rej_uniform_table MLK_NAMESPACE(rej_uniform_table) extern const int16_t aarch64_ntt_zetas_layer01234[]; extern const int16_t aarch64_ntt_zetas_layer56[]; @@ -29,49 +27,49 @@ extern const int16_t aarch64_zetas_mulcache_native[]; extern const int16_t aarch64_zetas_mulcache_twisted_native[]; extern const uint8_t rej_uniform_table[]; -#define ntt_asm_opt MLKEM_NAMESPACE(ntt_asm_opt) +#define ntt_asm_opt MLK_NAMESPACE(ntt_asm_opt) void ntt_asm_opt(int16_t *, const int16_t *, const int16_t *); -#define intt_asm_opt MLKEM_NAMESPACE(intt_asm_opt) +#define intt_asm_opt MLK_NAMESPACE(intt_asm_opt) void intt_asm_opt(int16_t *, const int16_t *, const int16_t *); -#define poly_reduce_asm_opt MLKEM_NAMESPACE(poly_reduce_asm_opt) +#define poly_reduce_asm_opt MLK_NAMESPACE(poly_reduce_asm_opt) void poly_reduce_asm_opt(int16_t *); -#define poly_tomont_asm_opt MLKEM_NAMESPACE(poly_tomont_asm_opt) +#define poly_tomont_asm_opt MLK_NAMESPACE(poly_tomont_asm_opt) void poly_tomont_asm_opt(int16_t *); #define poly_mulcache_compute_asm_opt \ - MLKEM_NAMESPACE(poly_mulcache_compute_asm_opt) + MLK_NAMESPACE(poly_mulcache_compute_asm_opt) void poly_mulcache_compute_asm_opt(int16_t *, const int16_t *, const int16_t *, const int16_t *); -#define poly_tobytes_asm_opt MLKEM_NAMESPACE(poly_tobytes_asm_opt) +#define poly_tobytes_asm_opt MLK_NAMESPACE(poly_tobytes_asm_opt) void poly_tobytes_asm_opt(uint8_t *r, const int16_t *a); #define polyvec_basemul_acc_montgomery_cached_asm_k2_opt \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt) void polyvec_basemul_acc_montgomery_cached_asm_k2_opt(int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache); #define polyvec_basemul_acc_montgomery_cached_asm_k3_opt \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt) void polyvec_basemul_acc_montgomery_cached_asm_k3_opt(int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache); #define polyvec_basemul_acc_montgomery_cached_asm_k4_opt \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt) void polyvec_basemul_acc_montgomery_cached_asm_k4_opt(int16_t *r, const int16_t *a, const int16_t *b, const int16_t *b_cache); -#define rej_uniform_asm_clean MLKEM_NAMESPACE(rej_uniform_asm_clean) +#define rej_uniform_asm_clean MLK_NAMESPACE(rej_uniform_asm_clean) unsigned rej_uniform_asm_clean(int16_t *r, const uint8_t *buf, unsigned buflen, const uint8_t *table); -#endif /* MLKEM_NATIVE_NATIVE_AARCH64_SRC_ARITH_NATIVE_AARCH64_H */ +#endif /* MLK_NATIVE_AARCH64_SRC_ARITH_NATIVE_AARCH64_H */ diff --git a/mlkem/native/aarch64/src/consts.h b/mlkem/native/aarch64/src/consts.h index 913a3d139..4b6c8b0b0 100644 --- a/mlkem/native/aarch64/src/consts.h +++ b/mlkem/native/aarch64/src/consts.h @@ -3,17 +3,17 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_AARCH64_SRC_CONSTS_H -#define MLKEM_NATIVE_NATIVE_AARCH64_SRC_CONSTS_H +#ifndef MLK_NATIVE_AARCH64_SRC_CONSTS_H +#define MLK_NATIVE_AARCH64_SRC_CONSTS_H #include #include "../../../common.h" -#define zetas_mulcache_native MLKEM_NAMESPACE(zetas_mulcache_native) +#define zetas_mulcache_native MLK_NAMESPACE(zetas_mulcache_native) extern const int16_t zetas_mulcache_native[256]; #define zetas_mulcache_twisted_native \ - MLKEM_NAMESPACE(zetas_mulcache_twisted_native) + MLK_NAMESPACE(zetas_mulcache_twisted_native) extern const int16_t zetas_mulcache_twisted_native[256]; -#endif /* MLKEM_NATIVE_NATIVE_AARCH64_SRC_CONSTS_H */ +#endif /* MLK_NATIVE_AARCH64_SRC_CONSTS_H */ diff --git a/mlkem/native/aarch64/src/intt_opt.S b/mlkem/native/aarch64/src/intt_opt.S index f9dd5fefe..5ad75f750 100644 --- a/mlkem/native/aarch64/src/intt_opt.S +++ b/mlkem/native/aarch64/src/intt_opt.S @@ -24,8 +24,8 @@ /// #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -35,8 +35,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(intt_asm_opt) -MLKEM_ASM_NAMESPACE(intt_asm_opt): +.global MLK_ASM_NAMESPACE(intt_asm_opt) +MLK_ASM_NAMESPACE(intt_asm_opt): sub sp, sp, #0x40 stp d8, d9, [sp] @@ -417,5 +417,5 @@ layer012_start: add sp, sp, #0x40 ret -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/aarch64/src/ntt_opt.S b/mlkem/native/aarch64/src/ntt_opt.S index 8b74eb581..6ba6c9a23 100644 --- a/mlkem/native/aarch64/src/ntt_opt.S +++ b/mlkem/native/aarch64/src/ntt_opt.S @@ -25,8 +25,8 @@ /// #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -36,8 +36,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(ntt_asm_opt) -MLKEM_ASM_NAMESPACE(ntt_asm_opt): +.global MLK_ASM_NAMESPACE(ntt_asm_opt) +MLK_ASM_NAMESPACE(ntt_asm_opt): sub sp, sp, #0x40 stp d8, d9, [sp] @@ -365,5 +365,5 @@ ntt_opt_loop1: add sp, sp, #0x40 ret -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/aarch64/src/opt_impl.h b/mlkem/native/aarch64/src/opt_impl.h index 751d8f2b5..c4ea727e5 100644 --- a/mlkem/native/aarch64/src/opt_impl.h +++ b/mlkem/native/aarch64/src/opt_impl.h @@ -3,83 +3,83 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_AARCH64_SRC_OPT_IMPL_H -#define MLKEM_NATIVE_NATIVE_AARCH64_SRC_OPT_IMPL_H -#ifdef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#ifndef MLK_NATIVE_AARCH64_SRC_OPT_IMPL_H +#define MLK_NATIVE_AARCH64_SRC_OPT_IMPL_H +#ifdef MLK_ARITH_PROFILE_IMPL_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#define MLK_ARITH_PROFILE_IMPL_H #include "../../../params.h" #include "arith_native_aarch64.h" /* Set of primitives that this backend replaces */ -#define MLKEM_USE_NATIVE_NTT -#define MLKEM_USE_NATIVE_INTT -#define MLKEM_USE_NATIVE_POLY_REDUCE -#define MLKEM_USE_NATIVE_POLY_TOMONT -#define MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE -#define MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED -#define MLKEM_USE_NATIVE_POLY_TOBYTES -#define MLKEM_USE_NATIVE_REJ_UNIFORM +#define MLK_USE_NATIVE_NTT +#define MLK_USE_NATIVE_INTT +#define MLK_USE_NATIVE_POLY_REDUCE +#define MLK_USE_NATIVE_POLY_TOMONT +#define MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE +#define MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED +#define MLK_USE_NATIVE_POLY_TOBYTES +#define MLK_USE_NATIVE_REJ_UNIFORM -static INLINE void ntt_native(int16_t data[MLKEM_N]) +static MLK_INLINE void ntt_native(int16_t data[MLKEM_N]) { ntt_asm_opt(data, aarch64_ntt_zetas_layer01234, aarch64_ntt_zetas_layer56); } -static INLINE void intt_native(int16_t data[MLKEM_N]) +static MLK_INLINE void intt_native(int16_t data[MLKEM_N]) { intt_asm_opt(data, aarch64_invntt_zetas_layer01234, aarch64_invntt_zetas_layer56); } -static INLINE void poly_reduce_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_reduce_native(int16_t data[MLKEM_N]) { poly_reduce_asm_opt(data); } -static INLINE void poly_tomont_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_tomont_native(int16_t data[MLKEM_N]) { poly_tomont_asm_opt(data); } -static INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], - const int16_t y[MLKEM_N]) +static MLK_INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], + const int16_t y[MLKEM_N]) { poly_mulcache_compute_asm_opt(x, y, aarch64_zetas_mulcache_native, aarch64_zetas_mulcache_twisted_native); } -static INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( int16_t r[MLKEM_N], const int16_t a[2 * MLKEM_N], const int16_t b[2 * MLKEM_N], const int16_t b_cache[2 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_asm_k2_opt(r, a, b, b_cache); } -static INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( int16_t r[MLKEM_N], const int16_t a[3 * MLKEM_N], const int16_t b[3 * MLKEM_N], const int16_t b_cache[3 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_asm_k3_opt(r, a, b, b_cache); } -static INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( int16_t r[MLKEM_N], const int16_t a[4 * MLKEM_N], const int16_t b[4 * MLKEM_N], const int16_t b_cache[4 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_asm_k4_opt(r, a, b, b_cache); } -static INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], - const int16_t a[MLKEM_N]) +static MLK_INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], + const int16_t a[MLKEM_N]) { poly_tobytes_asm_opt(r, a); } -static INLINE int rej_uniform_native(int16_t *r, unsigned len, - const uint8_t *buf, unsigned buflen) +static MLK_INLINE int rej_uniform_native(int16_t *r, unsigned len, + const uint8_t *buf, unsigned buflen) { if (len != MLKEM_N || buflen % 24 != 0) { @@ -88,6 +88,6 @@ static INLINE int rej_uniform_native(int16_t *r, unsigned len, return (int)rej_uniform_asm_clean(r, buf, buflen, rej_uniform_table); } -#endif /* MLKEM_NATIVE_ARITH_PROFILE_IMPL_H */ +#endif /* MLK_ARITH_PROFILE_IMPL_H */ -#endif /* MLKEM_NATIVE_NATIVE_AARCH64_SRC_OPT_IMPL_H */ +#endif /* MLK_NATIVE_AARCH64_SRC_OPT_IMPL_H */ diff --git a/mlkem/native/aarch64/src/poly_mulcache_compute_asm_opt.S b/mlkem/native/aarch64/src/poly_mulcache_compute_asm_opt.S index e20291091..beeb79415 100644 --- a/mlkem/native/aarch64/src/poly_mulcache_compute_asm_opt.S +++ b/mlkem/native/aarch64/src/poly_mulcache_compute_asm_opt.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -15,8 +15,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(poly_mulcache_compute_asm_opt) -MLKEM_ASM_NAMESPACE(poly_mulcache_compute_asm_opt): +.global MLK_ASM_NAMESPACE(poly_mulcache_compute_asm_opt) +MLK_ASM_NAMESPACE(poly_mulcache_compute_asm_opt): mov w5, #0xd01 // =3329 dup v6.8h, w5 @@ -48,5 +48,5 @@ poly_mulcache_compute_asm_opt_loop: str q2, [x0], #0x10 ret -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/aarch64/src/poly_reduce_asm_opt.S b/mlkem/native/aarch64/src/poly_reduce_asm_opt.S index edfc20cd4..6e08a7218 100644 --- a/mlkem/native/aarch64/src/poly_reduce_asm_opt.S +++ b/mlkem/native/aarch64/src/poly_reduce_asm_opt.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -15,8 +15,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(poly_reduce_asm_opt) -MLKEM_ASM_NAMESPACE(poly_reduce_asm_opt): +.global MLK_ASM_NAMESPACE(poly_reduce_asm_opt) +MLK_ASM_NAMESPACE(poly_reduce_asm_opt): mov w2, #0xd01 // =3329 dup v3.8h, w2 @@ -94,5 +94,5 @@ poly_reduce_asm_opt_loop: stur q24, [x0, #-0x40] ret -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/aarch64/src/poly_tobytes_asm_opt.S b/mlkem/native/aarch64/src/poly_tobytes_asm_opt.S index 0123c94c2..c0eab8453 100644 --- a/mlkem/native/aarch64/src/poly_tobytes_asm_opt.S +++ b/mlkem/native/aarch64/src/poly_tobytes_asm_opt.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -15,8 +15,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(poly_tobytes_asm_opt) -MLKEM_ASM_NAMESPACE(poly_tobytes_asm_opt): +.global MLK_ASM_NAMESPACE(poly_tobytes_asm_opt) +MLK_ASM_NAMESPACE(poly_tobytes_asm_opt): mov x2, #0x10 // =16 @@ -32,5 +32,5 @@ poly_tobytes_asm_opt_asm_loop_start: cbnz x2, poly_tobytes_asm_opt_asm_loop_start ret -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/aarch64/src/poly_tomont_asm_opt.S b/mlkem/native/aarch64/src/poly_tomont_asm_opt.S index be77e54c3..facf06883 100644 --- a/mlkem/native/aarch64/src/poly_tomont_asm_opt.S +++ b/mlkem/native/aarch64/src/poly_tomont_asm_opt.S @@ -4,8 +4,8 @@ */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -15,8 +15,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(poly_tomont_asm_opt) -MLKEM_ASM_NAMESPACE(poly_tomont_asm_opt): +.global MLK_ASM_NAMESPACE(poly_tomont_asm_opt) +MLK_ASM_NAMESPACE(poly_tomont_asm_opt): mov w2, #0xd01 // =3329 dup v4.8h, w2 @@ -74,5 +74,5 @@ poly_tomont_asm_opt_loop: stur q23, [x0, #-0x40] ret -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT && - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT && + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S index 19c045b56..8d8296b1a 100644 --- a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S +++ b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2_opt.S @@ -10,9 +10,9 @@ // https://github.com/neon-ntt/neon-ntt #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -22,8 +22,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt) -MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt): +.global MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt) +MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k2_opt): sub sp, sp, #0x40 stp d8, d9, [sp] @@ -194,6 +194,6 @@ polyvec_basemul_acc_montgomery_cached_asm_k2_opt_loop: add sp, sp, #0x40 ret -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2) */ diff --git a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S index 3316ce865..99bbb7fdf 100644 --- a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S +++ b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3_opt.S @@ -10,9 +10,9 @@ // https://github.com/neon-ntt/neon-ntt #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -22,8 +22,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt) -MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt): +.global MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt) +MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k3_opt): sub sp, sp, #0x40 stp d8, d9, [sp] @@ -248,6 +248,6 @@ polyvec_basemul_acc_montgomery_cached_asm_k3_opt_loop: add sp, sp, #0x40 ret -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3) */ diff --git a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S index 44942e2f7..a1e84741b 100644 --- a/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S +++ b/mlkem/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4_opt.S @@ -10,9 +10,9 @@ // https://github.com/neon-ntt/neon-ntt #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -22,8 +22,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt) -MLKEM_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt): +.global MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt) +MLK_ASM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_asm_k4_opt): sub sp, sp, #0x40 stp d8, d9, [sp] @@ -302,6 +302,6 @@ polyvec_basemul_acc_montgomery_cached_asm_k4_opt_loop: add sp, sp, #0x40 ret -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) && \ - (defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) && \ + (defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4) */ diff --git a/mlkem/native/aarch64/src/rej_uniform_asm_clean.S b/mlkem/native/aarch64/src/rej_uniform_asm_clean.S index 731094e42..dac4c0bd4 100644 --- a/mlkem/native/aarch64/src/rej_uniform_asm_clean.S +++ b/mlkem/native/aarch64/src/rej_uniform_asm_clean.S @@ -19,9 +19,9 @@ * Returns number of sampled 16-bit integers (at most MLKEM_N). **************************************************/ #include "../../../common.h" -#if (defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) || \ - defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT)) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if (defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) || \ + defined(MLK_ARITH_BACKEND_AARCH64_OPT)) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -31,8 +31,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(rej_uniform_asm_clean) -MLKEM_ASM_NAMESPACE(rej_uniform_asm_clean): +.global MLK_ASM_NAMESPACE(rej_uniform_asm_clean) +MLK_ASM_NAMESPACE(rej_uniform_asm_clean): sub sp, sp, #0x240 mov x7, #0x1 // =1 @@ -185,6 +185,6 @@ return: add sp, sp, #0x240 ret -#endif /* (defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) || - defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT)) - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* (defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) || + defined(MLK_ARITH_BACKEND_AARCH64_OPT)) + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/native/aarch64/src/rej_uniform_table.c b/mlkem/native/aarch64/src/rej_uniform_table.c index 3feb0d2fc..c1b8e1319 100644 --- a/mlkem/native/aarch64/src/rej_uniform_table.c +++ b/mlkem/native/aarch64/src/rej_uniform_table.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "arith_native_aarch64.h" @@ -20,7 +20,7 @@ * Lookup table used by rejection sampling of the public matrix. * See autogen for details. */ -ALIGN const uint8_t rej_uniform_table[] = { +MLK_ALIGN const uint8_t rej_uniform_table[] = { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 /* 0 */, 0, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 /* 1 */, 2, 3, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 /* 2 */, @@ -279,10 +279,10 @@ ALIGN const uint8_t rej_uniform_table[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 /* 255 */, }; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(aarch64_rej_uniform_table) +MLK_EMPTY_CU(aarch64_rej_uniform_table) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) \ - && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_AARCH64_OPT) \ + && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/native/api.h b/mlkem/native/api.h index 8b4c18ead..81f05b963 100644 --- a/mlkem/native/api.h +++ b/mlkem/native/api.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_API_H -#define MLKEM_NATIVE_NATIVE_API_H +#ifndef MLK_NATIVE_API_H +#define MLK_NATIVE_API_H /* * Native arithmetic interface * @@ -39,10 +39,10 @@ * * A _backend_ is a specific implementation of (part of) this interface. * - * To add a function to a backend, define MLKEM_USE_NATIVE_XXX and + * To add a function to a backend, define MLK_USE_NATIVE_XXX and * implement `static inline xxx(...)` in the profile header. * - * The only exception is MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER. This option can + * The only exception is MLK_USE_NATIVE_NTT_CUSTOM_ORDER. This option can * be set if there are native implementations for all of NTT, invNTT, and * base multiplication, and allows the native implementation to use a * custom order of polynomial coefficients in NTT domain -- the use of such @@ -59,7 +59,7 @@ * implementation is present. */ -#if defined(MLKEM_USE_NATIVE_NTT) +#if defined(MLK_USE_NATIVE_NTT) /************************************************* * Name: ntt_native * @@ -68,34 +68,34 @@ * * The input polynomial is assumed to be in normal order. * The output polynomial is in bitreversed order, or of a - * custom order if MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER is set. - * See the documentation of MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER + * custom order if MLK_USE_NATIVE_NTT_CUSTOM_ORDER is set. + * See the documentation of MLK_USE_NATIVE_NTT_CUSTOM_ORDER * for more information. * * Arguments: - int16_t p[MLKEM_N]: pointer to in/output polynomial **************************************************/ -static INLINE void ntt_native(int16_t p[MLKEM_N]) +static MLK_INLINE void ntt_native(int16_t p[MLKEM_N]) __contract__( requires(memory_no_alias(p, sizeof(int16_t) * MLKEM_N)) requires(array_abs_bound(p, 0, MLKEM_N, MLKEM_Q)) assigns(memory_slice(p, sizeof(int16_t) * MLKEM_N)) ensures(array_abs_bound(p, 0, MLKEM_N, NTT_BOUND)) ); -#endif /* MLKEM_USE_NATIVE_NTT */ +#endif /* MLK_USE_NATIVE_NTT */ -#if defined(MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER) +#if defined(MLK_USE_NATIVE_NTT_CUSTOM_ORDER) /* * This must only be set if NTT, invNTT, basemul, mulcache, and * to/from byte stream conversions all have native implementations * that are adapted to the custom order. */ -#if !defined(MLKEM_USE_NATIVE_NTT) || !defined(MLKEM_USE_NATIVE_INTT) || \ - !defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE) || \ - !defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) || \ - !defined(MLKEM_USE_NATIVE_POLY_TOBYTES) || \ - !defined(MLKEM_USE_NATIVE_POLY_FROMBYTES) +#if !defined(MLK_USE_NATIVE_NTT) || !defined(MLK_USE_NATIVE_INTT) || \ + !defined(MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE) || \ + !defined(MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) || \ + !defined(MLK_USE_NATIVE_POLY_TOBYTES) || \ + !defined(MLK_USE_NATIVE_POLY_FROMBYTES) #error \ - "Invalid native profile: MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER can only be \ + "Invalid native profile: MLK_USE_NATIVE_NTT_CUSTOM_ORDER can only be \ set if there are native implementations for NTT, invNTT, mulcache, basemul, \ and to/from bytes conversions." #endif @@ -103,7 +103,7 @@ and to/from bytes conversions." /************************************************* * Name: poly_permute_bitrev_to_custom * - * Description: When MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER is defined, + * Description: When MLK_USE_NATIVE_NTT_CUSTOM_ORDER is defined, * convert a polynomial in NTT domain from bitreversed * order to the custom order output by the native NTT. * @@ -112,7 +112,7 @@ and to/from bytes conversions." * Arguments: - int16_t p[MLKEM_N]: pointer to in/output polynomial * **************************************************/ -static INLINE void poly_permute_bitrev_to_custom(int16_t p[MLKEM_N]) +static MLK_INLINE void poly_permute_bitrev_to_custom(int16_t p[MLKEM_N]) __contract__( /* We don't specify that this should be a permutation, but only * that it does not change the bound established at the end of gen_matrix. */ @@ -120,9 +120,9 @@ __contract__( requires(array_bound(p, 0, MLKEM_N, 0, MLKEM_Q)) assigns(memory_slice(p, sizeof(int16_t) * MLKEM_N)) ensures(array_bound(p, 0, MLKEM_N, 0, MLKEM_Q))); -#endif /* MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER */ +#endif /* MLK_USE_NATIVE_NTT_CUSTOM_ORDER */ -#if defined(MLKEM_USE_NATIVE_INTT) +#if defined(MLK_USE_NATIVE_INTT) /************************************************* * Name: intt_native * @@ -130,22 +130,22 @@ __contract__( * of a polynomial in place. * * The input polynomial is in bitreversed order, or of a - * custom order if MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER is set. - * See the documentation of MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER + * custom order if MLK_USE_NATIVE_NTT_CUSTOM_ORDER is set. + * See the documentation of MLK_USE_NATIVE_NTT_CUSTOM_ORDER * for more information. * The output polynomial is assumed to be in normal order. * * Arguments: - uint16_t *a: pointer to in/output polynomial **************************************************/ -static INLINE void intt_native(int16_t p[MLKEM_N]) +static MLK_INLINE void intt_native(int16_t p[MLKEM_N]) __contract__( requires(memory_no_alias(p, sizeof(int16_t) * MLKEM_N)) assigns(memory_slice(p, sizeof(int16_t) * MLKEM_N)) ensures(array_abs_bound(p, 0, MLKEM_N, INVNTT_BOUND)) ); -#endif /* MLKEM_USE_NATIVE_INTT */ +#endif /* MLK_USE_NATIVE_INTT */ -#if defined(MLKEM_USE_NATIVE_POLY_REDUCE) +#if defined(MLK_USE_NATIVE_POLY_REDUCE) /************************************************* * Name: poly_reduce_native * @@ -153,15 +153,15 @@ __contract__( * * Arguments: - int16_t r[MLKEM_N]: pointer to input/output polynomial **************************************************/ -static INLINE void poly_reduce_native(int16_t p[MLKEM_N]) +static MLK_INLINE void poly_reduce_native(int16_t p[MLKEM_N]) __contract__( requires(memory_no_alias(p, sizeof(int16_t) * MLKEM_N)) assigns(memory_slice(p, sizeof(int16_t) * MLKEM_N)) ensures(array_bound(p, 0, MLKEM_N, 0, MLKEM_Q)) ); -#endif /* MLKEM_USE_NATIVE_POLY_REDUCE */ +#endif /* MLK_USE_NATIVE_POLY_REDUCE */ -#if defined(MLKEM_USE_NATIVE_POLY_TOMONT) +#if defined(MLK_USE_NATIVE_POLY_TOMONT) /************************************************* * Name: poly_tomont_native * @@ -170,15 +170,15 @@ __contract__( * * Arguments: - int16_t r[MLKEM_N]: pointer to input/output polynomial **************************************************/ -static INLINE void poly_tomont_native(int16_t p[MLKEM_N]) +static MLK_INLINE void poly_tomont_native(int16_t p[MLKEM_N]) __contract__( requires(memory_no_alias(p, sizeof(int16_t) * MLKEM_N)) assigns(memory_slice(p, sizeof(int16_t) * MLKEM_N)) ensures(array_abs_bound(p, 0, MLKEM_N, MLKEM_Q)) ); -#endif /* MLKEM_USE_NATIVE_POLY_TOMONT */ +#endif /* MLK_USE_NATIVE_POLY_TOMONT */ -#if defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE) +#if defined(MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE) /************************************************* * Name: poly_mulcache_compute_native * @@ -194,23 +194,23 @@ __contract__( * Arguments: INPUT: * - poly: const pointer to input polynomial. * This must be in NTT domain and inin bitreversed order, or of - * a custom order if MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER is set. - * See the documentation of MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER + * a custom order if MLK_USE_NATIVE_NTT_CUSTOM_ORDER is set. + * See the documentation of MLK_USE_NATIVE_NTT_CUSTOM_ORDER * for more information. * OUTPUT * - cache: pointer to multiplication cache **************************************************/ -static INLINE void poly_mulcache_compute_native(int16_t cache[MLKEM_N / 2], - const int16_t poly[MLKEM_N]) +static MLK_INLINE void poly_mulcache_compute_native(int16_t cache[MLKEM_N / 2], + const int16_t poly[MLKEM_N]) __contract__( requires(memory_no_alias(cache, sizeof(int16_t) * (MLKEM_N / 2))) requires(memory_no_alias(poly, sizeof(int16_t) * MLKEM_N)) assigns(object_whole(cache)) ); -#endif /* MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE */ +#endif /* MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE */ -#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2 +#if defined(MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2 /************************************************* * Name: poly_mulcache_compute_k2_native * @@ -220,8 +220,8 @@ __contract__( * Arguments: INPUT: * - a: First polynomial vector operand. * This must be in NTT domain and in bitreversed order, or of - * a custom order if MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER is set. - * See the documentation of MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER + * a custom order if MLK_USE_NATIVE_NTT_CUSTOM_ORDER is set. + * See the documentation of MLK_USE_NATIVE_NTT_CUSTOM_ORDER * for more information. * - b: Second polynomial vector operand. * As for a. @@ -230,7 +230,7 @@ __contract__( * - r: The result of the scalar product. This is again * in NTT domain, and of the same ordering as a and b. **************************************************/ -static INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( int16_t r[MLKEM_N], const int16_t a[2 * MLKEM_N], const int16_t b[2 * MLKEM_N], const int16_t b_cache[2 * (MLKEM_N / 2)]) __contract__( @@ -243,17 +243,17 @@ __contract__( * * Once fixed, change to: * ``` - * requires(array_bound(a, 0, 2 * MLKEM_N, 0, UINT12_LIMIT)) + * requires(array_bound(a, 0, 2 * MLKEM_N, 0, MLKEM_UINT12_LIMIT)) * ``` */ requires(forall(kN, 0, 2, \ array_bound(&((int16_t(*)[MLKEM_N])(a))[kN][0], 0, MLKEM_N, \ - 0, UINT12_LIMIT))) + 0, MLKEM_UINT12_LIMIT))) assigns(memory_slice(r, sizeof(int16_t) * MLKEM_N)) ); -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 2 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 2 */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3 +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3 /************************************************* * Name: poly_mulcache_compute_k3_native * @@ -263,8 +263,8 @@ __contract__( * Arguments: INPUT: * - a: First polynomial vector operand. * This must be in NTT domain and in bitreversed order, or of - * a custom order if MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER is set. - * See the documentation of MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER + * a custom order if MLK_USE_NATIVE_NTT_CUSTOM_ORDER is set. + * See the documentation of MLK_USE_NATIVE_NTT_CUSTOM_ORDER * for more information. * - b: Second polynomial vector operand. * As for a. @@ -273,7 +273,7 @@ __contract__( * - r: The result of the scalar product. This is again * in NTT domain, and of the same ordering as a and b. **************************************************/ -static INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( int16_t r[MLKEM_N], const int16_t a[3 * MLKEM_N], const int16_t b[3 * MLKEM_N], const int16_t b_cache[3 * (MLKEM_N / 2)]) __contract__( @@ -286,17 +286,17 @@ __contract__( * * Once fixed, change to: * ``` - * requires(array_bound(a, 0, 3 * MLKEM_N, 0, UINT12_LIMIT)) + * requires(array_bound(a, 0, 3 * MLKEM_N, 0, MLKEM_UINT12_LIMIT)) * ``` */ requires(forall(kN, 0, 3, \ array_bound(&((int16_t(*)[MLKEM_N])(a))[kN][0], 0, MLKEM_N, \ - 0, UINT12_LIMIT))) + 0, MLKEM_UINT12_LIMIT))) assigns(memory_slice(r, sizeof(int16_t) * MLKEM_N)) ); -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 3 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 3 */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 /************************************************* * Name: poly_mulcache_compute_k4_native * @@ -306,8 +306,8 @@ __contract__( * Arguments: INPUT: * - a: First polynomial vector operand. * This must be in NTT domain and in bitreversed order, or of - * a custom order if MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER is set. - * See the documentation of MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER + * a custom order if MLK_USE_NATIVE_NTT_CUSTOM_ORDER is set. + * See the documentation of MLK_USE_NATIVE_NTT_CUSTOM_ORDER * for more information. * - b: Second polynomial vector operand. * As for a. @@ -316,7 +316,7 @@ __contract__( * - r: The result of the scalar product. This is again * in NTT domain, and of the same ordering as a and b. **************************************************/ -static INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( int16_t r[MLKEM_N], const int16_t a[4 * MLKEM_N], const int16_t b[4 * MLKEM_N], const int16_t b_cache[4 * (MLKEM_N / 2)]) __contract__( @@ -329,18 +329,18 @@ __contract__( * * Once fixed, change to: * ``` - * requires(array_bound(a, 0, 4 * MLKEM_N, 0, UINT12_LIMIT)) + * requires(array_bound(a, 0, 4 * MLKEM_N, 0, MLKEM_UINT12_LIMIT)) * ``` */ requires(forall(kN, 0, 4, \ array_bound(&((int16_t(*)[MLKEM_N])(a))[kN][0], 0, MLKEM_N, \ - 0, UINT12_LIMIT))) + 0, MLKEM_UINT12_LIMIT))) assigns(memory_slice(r, sizeof(int16_t) * MLKEM_N)) ); -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ -#endif /* MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ +#endif /* MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED */ -#if defined(MLKEM_USE_NATIVE_POLY_TOBYTES) +#if defined(MLK_USE_NATIVE_POLY_TOBYTES) /************************************************* * Name: poly_tobytes_native * @@ -355,17 +355,17 @@ __contract__( * - r: pointer to output byte array * (of MLKEM_POLYBYTES bytes) **************************************************/ -static INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], - const int16_t a[MLKEM_N]) +static MLK_INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], + const int16_t a[MLKEM_N]) __contract__( requires(memory_no_alias(r, MLKEM_POLYBYTES)) requires(memory_no_alias(a, sizeof(int16_t) * MLKEM_N)) requires(array_bound(a, 0, MLKEM_N, 0, MLKEM_Q)) assigns(object_whole(r)) ); -#endif /* MLKEM_USE_NATIVE_POLY_TOBYTES */ +#endif /* MLK_USE_NATIVE_POLY_TOBYTES */ -#if defined(MLKEM_USE_NATIVE_POLY_FROMBYTES) +#if defined(MLK_USE_NATIVE_POLY_FROMBYTES) /************************************************* * Name: poly_frombytes_native * @@ -379,17 +379,17 @@ __contract__( * - a: const pointer to input byte aray * (of MLKEM_POLYBYTES bytes) **************************************************/ -static INLINE void poly_frombytes_native(int16_t a[MLKEM_N], - const uint8_t r[MLKEM_POLYBYTES]) +static MLK_INLINE void poly_frombytes_native(int16_t a[MLKEM_N], + const uint8_t r[MLKEM_POLYBYTES]) __contract__( requires(memory_no_alias(r, MLKEM_POLYBYTES)) requires(memory_no_alias(a, sizeof(int16_t) * MLKEM_N)) assigns(memory_slice(a, sizeof(int16_t) * MLKEM_N)) - ensures(array_bound(a, 0, MLKEM_N, 0, UINT12_LIMIT)) + ensures(array_bound(a, 0, MLKEM_N, 0, MLKEM_UINT12_LIMIT)) ); -#endif /* MLKEM_USE_NATIVE_POLY_FROMBYTES */ +#endif /* MLK_USE_NATIVE_POLY_FROMBYTES */ -#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM) +#if defined(MLK_USE_NATIVE_REJ_UNIFORM) /************************************************* * Name: rej_uniform_native * @@ -407,8 +407,8 @@ __contract__( * Otherwise, returns non-negative number of sampled 16-bit integers (at most * len). **************************************************/ -static INLINE int rej_uniform_native(int16_t *r, unsigned len, - const uint8_t *buf, unsigned buflen) +static MLK_INLINE int rej_uniform_native(int16_t *r, unsigned len, + const uint8_t *buf, unsigned buflen) __contract__( requires(len <= 4096 && buflen <= 4096 && buflen % 3 == 0) requires(memory_no_alias(r, sizeof(int16_t) * len)) @@ -417,11 +417,10 @@ __contract__( ensures(return_value == -1 || (0 <= return_value && return_value <= len)) ensures(return_value != -1 ==> array_bound(r, 0, (unsigned) return_value, 0, MLKEM_Q)) ); -#endif /* MLKEM_USE_NATIVE_REJ_UNIFORM */ +#endif /* MLK_USE_NATIVE_REJ_UNIFORM */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || \ - (MLKEM_K == 2 || MLKEM_K == 3) -#if defined(MLKEM_USE_NATIVE_POLY_COMPRESS_D4) +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 || MLKEM_K == 3) +#if defined(MLK_USE_NATIVE_POLY_COMPRESS_D4) /************************************************* * Name: poly_compress_d4_native * @@ -434,11 +433,11 @@ __contract__( * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -static INLINE void poly_compress_d4_native( +static MLK_INLINE void poly_compress_d4_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], const int16_t a[MLKEM_N]); -#endif /* MLKEM_USE_NATIVE_POLY_COMPRESS_D4 */ +#endif /* MLK_USE_NATIVE_POLY_COMPRESS_D4 */ -#if defined(MLKEM_USE_NATIVE_POLY_COMPRESS_D10) +#if defined(MLK_USE_NATIVE_POLY_COMPRESS_D10) /************************************************* * Name: poly_compress_d10_native * @@ -451,11 +450,11 @@ static INLINE void poly_compress_d4_native( * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -static INLINE void poly_compress_d10_native( +static MLK_INLINE void poly_compress_d10_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], const int16_t a[MLKEM_N]); -#endif /* MLKEM_USE_NATIVE_POLY_COMPRESS_D10 */ +#endif /* MLK_USE_NATIVE_POLY_COMPRESS_D10 */ -#if defined(MLKEM_USE_NATIVE_POLY_DECOMPRESS_D4) +#if defined(MLK_USE_NATIVE_POLY_DECOMPRESS_D4) /************************************************* * Name: poly_decompress_d4 * @@ -470,11 +469,11 @@ static INLINE void poly_compress_d10_native( * (non-negative and smaller than MLKEM_Q). * **************************************************/ -static INLINE void poly_decompress_d4_native( +static MLK_INLINE void poly_decompress_d4_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]); -#endif /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D4 */ +#endif /* MLK_USE_NATIVE_POLY_DECOMPRESS_D4 */ -#if defined(MLKEM_USE_NATIVE_POLY_DECOMPRESS_D10) +#if defined(MLK_USE_NATIVE_POLY_DECOMPRESS_D10) /************************************************* * Name: poly_decompress_d10_native * @@ -489,14 +488,14 @@ static INLINE void poly_decompress_d4_native( * (non-negative and smaller than MLKEM_Q). * **************************************************/ -static INLINE void poly_decompress_d10_native( +static MLK_INLINE void poly_decompress_d10_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]); -#endif /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D10 */ -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ +#endif /* MLK_USE_NATIVE_POLY_DECOMPRESS_D10 */ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ || MLKEM_K == 3) */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 -#if defined(MLKEM_USE_NATIVE_POLY_COMPRESS_D5) +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +#if defined(MLK_USE_NATIVE_POLY_COMPRESS_D5) /************************************************* * Name: poly_compress_d5_native * @@ -509,11 +508,11 @@ static INLINE void poly_decompress_d10_native( * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -static INLINE void poly_compress_d5_native( +static MLK_INLINE void poly_compress_d5_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], const int16_t a[MLKEM_N]); -#endif /* MLKEM_USE_NATIVE_POLY_COMPRESS_D5 */ +#endif /* MLK_USE_NATIVE_POLY_COMPRESS_D5 */ -#if defined(MLKEM_USE_NATIVE_POLY_COMPRESS_D11) +#if defined(MLK_USE_NATIVE_POLY_COMPRESS_D11) /************************************************* * Name: poly_compress_d11_native * @@ -526,11 +525,11 @@ static INLINE void poly_compress_d5_native( * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -static INLINE void poly_compress_d11_native( +static MLK_INLINE void poly_compress_d11_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], const int16_t a[MLKEM_N]); -#endif /* MLKEM_USE_NATIVE_POLY_COMPRESS_D11 */ +#endif /* MLK_USE_NATIVE_POLY_COMPRESS_D11 */ -#if defined(MLKEM_USE_NATIVE_POLY_DECOMPRESS_D5) +#if defined(MLK_USE_NATIVE_POLY_DECOMPRESS_D5) /************************************************* * Name: poly_decompress_d5_native * @@ -545,11 +544,11 @@ static INLINE void poly_compress_d11_native( * (non-negative and smaller than MLKEM_Q). * **************************************************/ -static INLINE void poly_decompress_d5_native( +static MLK_INLINE void poly_decompress_d5_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]); -#endif /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D5 */ +#endif /* MLK_USE_NATIVE_POLY_DECOMPRESS_D5 */ -#if defined(MLKEM_USE_NATIVE_POLY_DECOMPRESS_D11) +#if defined(MLK_USE_NATIVE_POLY_DECOMPRESS_D11) /************************************************* * Name: poly_decompress_d11_native * @@ -564,10 +563,10 @@ static INLINE void poly_decompress_d5_native( * (non-negative and smaller than MLKEM_Q). * **************************************************/ -static INLINE void poly_decompress_d11_native( +static MLK_INLINE void poly_decompress_d11_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]); -#endif /* MLKEM_USE_NATIVE_POLY_DECOMPRESS_D11 */ -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 \ +#endif /* MLK_USE_NATIVE_POLY_DECOMPRESS_D11 */ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 \ */ -#endif /* MLKEM_NATIVE_NATIVE_API_H */ +#endif /* MLK_NATIVE_API_H */ diff --git a/mlkem/native/meta.h b/mlkem/native/meta.h index 14e7fe140..bd5673753 100644 --- a/mlkem/native/meta.h +++ b/mlkem/native/meta.h @@ -2,20 +2,20 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_META_H -#define MLKEM_NATIVE_NATIVE_META_H +#ifndef MLK_NATIVE_META_H +#define MLK_NATIVE_META_H /* * Default arithmetic backend */ #include "../sys.h" -#ifdef SYS_AARCH64 +#ifdef MLK_SYS_AARCH64 #include "aarch64/meta.h" -#endif /* SYS_AARCH64 */ +#endif /* MLK_SYS_AARCH64 */ -#ifdef SYS_X86_64_AVX2 +#ifdef MLK_SYS_X86_64_AVX2 #include "x86_64/meta.h" -#endif /* SYS_X86_64 */ +#endif /* MLK_SYS_X86_64 */ -#endif /* MLKEM_NATIVE_NATIVE_META_H */ +#endif /* MLK_NATIVE_META_H */ diff --git a/mlkem/native/x86_64/meta.h b/mlkem/native/x86_64/meta.h index 9c2fc866c..a99f0b37d 100644 --- a/mlkem/native/x86_64/meta.h +++ b/mlkem/native/x86_64/meta.h @@ -3,26 +3,26 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_X86_64_META_H -#define MLKEM_NATIVE_NATIVE_X86_64_META_H +#ifndef MLK_NATIVE_X86_64_META_H +#define MLK_NATIVE_X86_64_META_H /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_H +#ifdef MLK_ARITH_PROFILE_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_H +#define MLK_ARITH_PROFILE_H /* Identifier for this backend so that source and assembly files * in the build can be appropriately guarded. */ -#define MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT +#define MLK_ARITH_BACKEND_X86_64_DEFAULT -#define MLKEM_NATIVE_ARITH_BACKEND_NAME X86_64_DEFAULT +#define MLK_ARITH_BACKEND_NAME X86_64_DEFAULT /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_ARITH_BACKEND_IMPL "native/x86_64/src/default_impl.h" +#define MLK_ARITH_BACKEND_IMPL "native/x86_64/src/default_impl.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_H */ +#endif /* MLK_ARITH_PROFILE_H */ -#endif /* MLKEM_NATIVE_NATIVE_X86_64_META_H */ +#endif /* MLK_NATIVE_X86_64_META_H */ diff --git a/mlkem/native/x86_64/src/align.h b/mlkem/native/x86_64/src/align.h index 8b5a40f2a..15c4543d8 100644 --- a/mlkem/native/x86_64/src/align.h +++ b/mlkem/native/x86_64/src/align.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_X86_64_SRC_ALIGN_H -#define MLKEM_NATIVE_NATIVE_X86_64_SRC_ALIGN_H +#ifndef MLK_NATIVE_X86_64_SRC_ALIGN_H +#define MLK_NATIVE_X86_64_SRC_ALIGN_H /* * Implementation from Kyber reference repository * https://github.com/pq-crystals/kyber/blob/main/avx2/align.h @@ -32,4 +32,4 @@ #endif -#endif /* MLKEM_NATIVE_NATIVE_X86_64_SRC_ALIGN_H */ +#endif /* MLK_NATIVE_X86_64_SRC_ALIGN_H */ diff --git a/mlkem/native/x86_64/src/arith_native_x86_64.h b/mlkem/native/x86_64/src/arith_native_x86_64.h index 8c4082b85..93930e018 100644 --- a/mlkem/native/x86_64/src/arith_native_x86_64.h +++ b/mlkem/native/x86_64/src/arith_native_x86_64.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_X86_64_SRC_ARITH_NATIVE_X86_64_H -#define MLKEM_NATIVE_NATIVE_X86_64_SRC_ARITH_NATIVE_X86_64_H +#ifndef MLK_NATIVE_X86_64_SRC_ARITH_NATIVE_X86_64_H +#define MLK_NATIVE_X86_64_SRC_ARITH_NATIVE_X86_64_H #include "../../../common.h" @@ -15,70 +15,70 @@ #define REJ_UNIFORM_AVX_BUFLEN \ (3 * 168) /* REJ_UNIFORM_AVX_BUFLEN * SHAKE128_RATE */ -#define rej_uniform_avx2 MLKEM_NAMESPACE(rej_uniform_avx2) +#define rej_uniform_avx2 MLK_NAMESPACE(rej_uniform_avx2) unsigned rej_uniform_avx2(int16_t *r, const uint8_t *buf); -#define rej_uniform_table MLKEM_NAMESPACE(rej_uniform_table) +#define rej_uniform_table MLK_NAMESPACE(rej_uniform_table) extern const uint8_t rej_uniform_table[256][8]; -#define ntt_avx2 MLKEM_NAMESPACE(ntt_avx2) +#define ntt_avx2 MLK_NAMESPACE(ntt_avx2) void ntt_avx2(__m256i *r, const __m256i *qdata); -#define invntt_avx2 MLKEM_NAMESPACE(invntt_avx2) +#define invntt_avx2 MLK_NAMESPACE(invntt_avx2) void invntt_avx2(__m256i *r, const __m256i *qdata); -#define nttpack_avx2 MLKEM_NAMESPACE(nttpack_avx2) +#define nttpack_avx2 MLK_NAMESPACE(nttpack_avx2) void nttpack_avx2(__m256i *r, const __m256i *qdata); -#define nttunpack_avx2 MLKEM_NAMESPACE(nttunpack_avx2) +#define nttunpack_avx2 MLK_NAMESPACE(nttunpack_avx2) void nttunpack_avx2(__m256i *r, const __m256i *qdata); -#define reduce_avx2 MLKEM_NAMESPACE(reduce_avx2) +#define reduce_avx2 MLK_NAMESPACE(reduce_avx2) void reduce_avx2(__m256i *r, const __m256i *qdata); -#define basemul_avx2 MLKEM_NAMESPACE(basemul_avx2) +#define basemul_avx2 MLK_NAMESPACE(basemul_avx2) void basemul_avx2(__m256i *r, const __m256i *a, const __m256i *b, const __m256i *qdata); #define polyvec_basemul_acc_montgomery_cached_avx2 \ - MLKEM_NAMESPACE(polyvec_basemul_acc_montgomery_cached_avx2) + MLK_NAMESPACE(polyvec_basemul_acc_montgomery_cached_avx2) void polyvec_basemul_acc_montgomery_cached_avx2(unsigned k, int16_t r[MLKEM_N], const int16_t *a, const int16_t *b, const int16_t *kb_cache); -#define ntttobytes_avx2 MLKEM_NAMESPACE(ntttobytes_avx2) +#define ntttobytes_avx2 MLK_NAMESPACE(ntttobytes_avx2) void ntttobytes_avx2(uint8_t *r, const __m256i *a, const __m256i *qdata); -#define nttfrombytes_avx2 MLKEM_NAMESPACE(nttfrombytes_avx2) +#define nttfrombytes_avx2 MLK_NAMESPACE(nttfrombytes_avx2) void nttfrombytes_avx2(__m256i *r, const uint8_t *a, const __m256i *qdata); -#define tomont_avx2 MLKEM_NAMESPACE(tomont_avx2) +#define tomont_avx2 MLK_NAMESPACE(tomont_avx2) void tomont_avx2(__m256i *r, const __m256i *qdata); -#define poly_compress_d4_avx2 MLKEM_NAMESPACE(poly_compress_d4_avx2) +#define poly_compress_d4_avx2 MLK_NAMESPACE(poly_compress_d4_avx2) void poly_compress_d4_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], - const __m256i *RESTRICT a); -#define poly_decompress_d4_avx2 MLKEM_NAMESPACE(poly_decompress_d4_avx2) -void poly_decompress_d4_avx2(__m256i *RESTRICT r, + const __m256i *MLK_RESTRICT a); +#define poly_decompress_d4_avx2 MLK_NAMESPACE(poly_decompress_d4_avx2) +void poly_decompress_d4_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]); -#define poly_compress_d10_avx2 MLKEM_NAMESPACE(poly_compress10_avx2) +#define poly_compress_d10_avx2 MLK_NAMESPACE(poly_compress10_avx2) void poly_compress_d10_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], - const __m256i *RESTRICT a); -#define poly_decompress_d10_avx2 MLKEM_NAMESPACE(poly_decompress10_avx2) -void poly_decompress_d10_avx2(__m256i *RESTRICT r, + const __m256i *MLK_RESTRICT a); +#define poly_decompress_d10_avx2 MLK_NAMESPACE(poly_decompress10_avx2) +void poly_decompress_d10_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]); -#define poly_compress_d5_avx2 MLKEM_NAMESPACE(poly_compress_d5_avx2) +#define poly_compress_d5_avx2 MLK_NAMESPACE(poly_compress_d5_avx2) void poly_compress_d5_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], - const __m256i *RESTRICT a); -#define poly_decompress_d5_avx2 MLKEM_NAMESPACE(poly_decompress_d5_avx2) -void poly_decompress_d5_avx2(__m256i *RESTRICT r, + const __m256i *MLK_RESTRICT a); +#define poly_decompress_d5_avx2 MLK_NAMESPACE(poly_decompress_d5_avx2) +void poly_decompress_d5_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]); -#define poly_compress_d11_avx2 MLKEM_NAMESPACE(poly_compress11_avx2) +#define poly_compress_d11_avx2 MLK_NAMESPACE(poly_compress11_avx2) void poly_compress_d11_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], - const __m256i *RESTRICT a); -#define poly_decompress_d11_avx2 MLKEM_NAMESPACE(poly_decompress11_avx2) -void poly_decompress_d11_avx2(__m256i *RESTRICT r, + const __m256i *MLK_RESTRICT a); +#define poly_decompress_d11_avx2 MLK_NAMESPACE(poly_decompress11_avx2) +void poly_decompress_d11_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]); -#endif /* MLKEM_NATIVE_NATIVE_X86_64_SRC_ARITH_NATIVE_X86_64_H */ +#endif /* MLK_NATIVE_X86_64_SRC_ARITH_NATIVE_X86_64_H */ diff --git a/mlkem/native/x86_64/src/basemul.S b/mlkem/native/x86_64/src/basemul.S index 7ee18d851..06291dbec 100644 --- a/mlkem/native/x86_64/src/basemul.S +++ b/mlkem/native/x86_64/src/basemul.S @@ -7,8 +7,8 @@ // https://github.com/pq-crystals/kyber/blob/main/avx2 #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -18,8 +18,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(basemul_avx2) -MLKEM_ASM_NAMESPACE(basemul_avx2): +.global MLK_ASM_NAMESPACE(basemul_avx2) +MLK_ASM_NAMESPACE(basemul_avx2): movq %rsp, %r8 andq $-0x20, %rsp @@ -291,5 +291,5 @@ MLKEM_ASM_NAMESPACE(basemul_avx2): movq %r8, %rsp retq -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/native/x86_64/src/basemul.c b/mlkem/native/x86_64/src/basemul.c index 331421466..93491aa46 100644 --- a/mlkem/native/x86_64/src/basemul.c +++ b/mlkem/native/x86_64/src/basemul.c @@ -5,8 +5,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include "arith_native_x86_64.h" #include "consts.h" @@ -43,7 +43,7 @@ void polyvec_basemul_acc_montgomery_cached_avx2(unsigned k, int16_t r[MLKEM_N], const int16_t *b_cache) { unsigned i; - int16_t t[MLKEM_N] ALIGN; + int16_t t[MLKEM_N] MLK_ALIGN; /* TODO: Use mulcache for AVX2. So far, it is unused. */ ((void)b_cache); @@ -59,10 +59,10 @@ void polyvec_basemul_acc_montgomery_cached_avx2(unsigned k, int16_t r[MLKEM_N], } } -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(avx2_basemul) +MLK_EMPTY_CU(avx2_basemul) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/native/x86_64/src/compress_avx2.c b/mlkem/native/x86_64/src/compress_avx2.c index e7f5cd524..a66593b82 100644 --- a/mlkem/native/x86_64/src/compress_avx2.c +++ b/mlkem/native/x86_64/src/compress_avx2.c @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include @@ -17,10 +17,9 @@ #include "arith_native_x86_64.h" #include "consts.h" -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || \ - (MLKEM_K == 2 || MLKEM_K == 3) +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 || MLKEM_K == 3) void poly_compress_d4_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], - const __m256i *RESTRICT a) + const __m256i *MLK_RESTRICT a) { unsigned int i; __m256i f0, f1, f2, f3; @@ -59,7 +58,7 @@ void poly_compress_d4_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], } } -void poly_decompress_d4_avx2(__m256i *RESTRICT r, +void poly_decompress_d4_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]) { unsigned int i; @@ -86,7 +85,7 @@ void poly_decompress_d4_avx2(__m256i *RESTRICT r, } void poly_compress_d10_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], - const __m256i *RESTRICT a) + const __m256i *MLK_RESTRICT a) { unsigned int i; __m256i f0, f1, f2; @@ -129,7 +128,7 @@ void poly_compress_d10_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], } } -void poly_decompress_d10_avx2(__m256i *RESTRICT r, +void poly_decompress_d10_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]) { unsigned int i; @@ -165,12 +164,12 @@ void poly_decompress_d10_avx2(__m256i *RESTRICT r, _mm256_store_si256(&r[i], f); } -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ || MLKEM_K == 3) */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 void poly_compress_d5_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], - const __m256i *RESTRICT a) + const __m256i *MLK_RESTRICT a) { unsigned int i; __m256i f0, f1; @@ -211,7 +210,7 @@ void poly_compress_d5_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], } } -void poly_decompress_d5_avx2(__m256i *RESTRICT r, +void poly_decompress_d5_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]) { unsigned int i; @@ -243,7 +242,7 @@ void poly_decompress_d5_avx2(__m256i *RESTRICT r, } void poly_compress_d11_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], - const __m256i *RESTRICT a) + const __m256i *MLK_RESTRICT a) { unsigned int i; __m256i f0, f1, f2; @@ -315,7 +314,7 @@ void poly_compress_d11_avx2(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], memcpy(&r[22 * i + 16], &t1, 6); } -void poly_decompress_d11_avx2(__m256i *RESTRICT r, +void poly_decompress_d11_avx2(__m256i *MLK_RESTRICT r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]) { unsigned int i; @@ -359,12 +358,12 @@ void poly_decompress_d11_avx2(__m256i *RESTRICT r, _mm256_store_si256(&r[i], f); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD || MLKEM_K == 4 */ +#endif /* MLK_MULTILEVEL_BUILD || MLKEM_K == 4 */ -#else /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && \ - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#else /* MLK_ARITH_BACKEND_X86_64_DEFAULT && \ + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ -MLKEM_NATIVE_EMPTY_CU(avx2_poly_compress) +MLK_EMPTY_CU(avx2_poly_compress) -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && \ - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && \ + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/x86_64/src/consts.c b/mlkem/native/x86_64/src/consts.c index 5ac647c76..5747f4c64 100644 --- a/mlkem/native/x86_64/src/consts.c +++ b/mlkem/native/x86_64/src/consts.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include "align.h" #include "consts.h" @@ -86,13 +86,13 @@ const qdata_t qdata = {{ SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT}}; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(avx2_consts) +MLK_EMPTY_CU(avx2_consts) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mlkem/native/x86_64/src/consts.h b/mlkem/native/x86_64/src/consts.h index 1a70bfffa..5d30d3f72 100644 --- a/mlkem/native/x86_64/src/consts.h +++ b/mlkem/native/x86_64/src/consts.h @@ -3,8 +3,8 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_X86_64_SRC_CONSTS_H -#define MLKEM_NATIVE_NATIVE_X86_64_SRC_CONSTS_H +#ifndef MLK_NATIVE_X86_64_SRC_CONSTS_H +#define MLK_NATIVE_X86_64_SRC_CONSTS_H /* * Implementation from Kyber reference repository * https://github.com/pq-crystals/kyber/blob/main/avx2/consts.h @@ -35,8 +35,8 @@ #ifndef __ASSEMBLER__ #include "align.h" typedef ALIGNED_INT16(640) qdata_t; -#define qdata MLKEM_NAMESPACE(qdata) +#define qdata MLK_NAMESPACE(qdata) extern const qdata_t qdata; #endif -#endif /* MLKEM_NATIVE_NATIVE_X86_64_SRC_CONSTS_H */ +#endif /* MLK_NATIVE_X86_64_SRC_CONSTS_H */ diff --git a/mlkem/native/x86_64/src/default_impl.h b/mlkem/native/x86_64/src/default_impl.h index f1a87a247..b3f8522ad 100644 --- a/mlkem/native/x86_64/src/default_impl.h +++ b/mlkem/native/x86_64/src/default_impl.h @@ -3,47 +3,47 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_NATIVE_X86_64_SRC_DEFAULT_IMPL_H -#define MLKEM_NATIVE_NATIVE_X86_64_SRC_DEFAULT_IMPL_H +#ifndef MLK_NATIVE_X86_64_SRC_DEFAULT_IMPL_H +#define MLK_NATIVE_X86_64_SRC_DEFAULT_IMPL_H /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#ifdef MLK_ARITH_PROFILE_IMPL_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#define MLK_ARITH_PROFILE_IMPL_H #include #include "../../../params.h" #include "arith_native_x86_64.h" -#define MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER - -#define MLKEM_USE_NATIVE_REJ_UNIFORM -#define MLKEM_USE_NATIVE_NTT -#define MLKEM_USE_NATIVE_INTT -#define MLKEM_USE_NATIVE_POLY_REDUCE -#define MLKEM_USE_NATIVE_POLY_TOMONT -#define MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED -#define MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE -#define MLKEM_USE_NATIVE_POLY_TOBYTES -#define MLKEM_USE_NATIVE_POLY_FROMBYTES -#define MLKEM_USE_NATIVE_POLY_COMPRESS_D4 -#define MLKEM_USE_NATIVE_POLY_COMPRESS_D5 -#define MLKEM_USE_NATIVE_POLY_COMPRESS_D10 -#define MLKEM_USE_NATIVE_POLY_COMPRESS_D11 -#define MLKEM_USE_NATIVE_POLY_DECOMPRESS_D4 -#define MLKEM_USE_NATIVE_POLY_DECOMPRESS_D5 -#define MLKEM_USE_NATIVE_POLY_DECOMPRESS_D10 -#define MLKEM_USE_NATIVE_POLY_DECOMPRESS_D11 - -static INLINE void poly_permute_bitrev_to_custom(int16_t data[MLKEM_N]) +#define MLK_USE_NATIVE_NTT_CUSTOM_ORDER + +#define MLK_USE_NATIVE_REJ_UNIFORM +#define MLK_USE_NATIVE_NTT +#define MLK_USE_NATIVE_INTT +#define MLK_USE_NATIVE_POLY_REDUCE +#define MLK_USE_NATIVE_POLY_TOMONT +#define MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED +#define MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE +#define MLK_USE_NATIVE_POLY_TOBYTES +#define MLK_USE_NATIVE_POLY_FROMBYTES +#define MLK_USE_NATIVE_POLY_COMPRESS_D4 +#define MLK_USE_NATIVE_POLY_COMPRESS_D5 +#define MLK_USE_NATIVE_POLY_COMPRESS_D10 +#define MLK_USE_NATIVE_POLY_COMPRESS_D11 +#define MLK_USE_NATIVE_POLY_DECOMPRESS_D4 +#define MLK_USE_NATIVE_POLY_DECOMPRESS_D5 +#define MLK_USE_NATIVE_POLY_DECOMPRESS_D10 +#define MLK_USE_NATIVE_POLY_DECOMPRESS_D11 + +static MLK_INLINE void poly_permute_bitrev_to_custom(int16_t data[MLKEM_N]) { nttunpack_avx2((__m256i *)(data), qdata.vec); } -static INLINE int rej_uniform_native(int16_t *r, unsigned len, - const uint8_t *buf, unsigned buflen) +static MLK_INLINE int rej_uniform_native(int16_t *r, unsigned len, + const uint8_t *buf, unsigned buflen) { /* AVX2 implementation assumes specific buffer lengths */ if (len != MLKEM_N || buflen != REJ_UNIFORM_AVX_BUFLEN) @@ -54,127 +54,126 @@ static INLINE int rej_uniform_native(int16_t *r, unsigned len, return (int)rej_uniform_avx2(r, buf); } -static INLINE void ntt_native(int16_t data[MLKEM_N]) +static MLK_INLINE void ntt_native(int16_t data[MLKEM_N]) { ntt_avx2((__m256i *)data, qdata.vec); } -static INLINE void intt_native(int16_t data[MLKEM_N]) +static MLK_INLINE void intt_native(int16_t data[MLKEM_N]) { invntt_avx2((__m256i *)data, qdata.vec); } -static INLINE void poly_reduce_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_reduce_native(int16_t data[MLKEM_N]) { reduce_avx2((__m256i *)data, qdata.vec); } -static INLINE void poly_tomont_native(int16_t data[MLKEM_N]) +static MLK_INLINE void poly_tomont_native(int16_t data[MLKEM_N]) { tomont_avx2((__m256i *)data, qdata.vec); } -static INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], - const int16_t y[MLKEM_N]) +static MLK_INLINE void poly_mulcache_compute_native(int16_t x[MLKEM_N / 2], + const int16_t y[MLKEM_N]) { /* AVX2 backend does not use mulcache */ ((void)y); ((void)x); } -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2 -static INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 2 +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k2_native( int16_t r[MLKEM_N], const int16_t a[2 * MLKEM_N], const int16_t b[2 * MLKEM_N], const int16_t b_cache[2 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_avx2(2, r, a, b, b_cache); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 2 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 2 */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3 -static INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 3 +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k3_native( int16_t r[MLKEM_N], const int16_t a[3 * MLKEM_N], const int16_t b[3 * MLKEM_N], const int16_t b_cache[3 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_avx2(3, r, a, b, b_cache); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 3 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 3 */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 -static INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +static MLK_INLINE void polyvec_basemul_acc_montgomery_cached_k4_native( int16_t r[MLKEM_N], const int16_t a[4 * MLKEM_N], const int16_t b[4 * MLKEM_N], const int16_t b_cache[4 * (MLKEM_N / 2)]) { polyvec_basemul_acc_montgomery_cached_avx2(4, r, a, b, b_cache); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ -static INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], - const int16_t a[MLKEM_N]) +static MLK_INLINE void poly_tobytes_native(uint8_t r[MLKEM_POLYBYTES], + const int16_t a[MLKEM_N]) { ntttobytes_avx2(r, (const __m256i *)a, qdata.vec); } -static INLINE void poly_frombytes_native(int16_t r[MLKEM_N], - const uint8_t a[MLKEM_POLYBYTES]) +static MLK_INLINE void poly_frombytes_native(int16_t r[MLKEM_N], + const uint8_t a[MLKEM_POLYBYTES]) { nttfrombytes_avx2((__m256i *)r, a, qdata.vec); } -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || \ - (MLKEM_K == 2 || MLKEM_K == 3) -static INLINE void poly_compress_d4_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 || MLKEM_K == 3) +static MLK_INLINE void poly_compress_d4_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4], const int16_t a[MLKEM_N]) { poly_compress_d4_avx2(r, (const __m256i *)a); } -static INLINE void poly_compress_d10_native( +static MLK_INLINE void poly_compress_d10_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D10], const int16_t a[MLKEM_N]) { poly_compress_d10_avx2(r, (const __m256i *)a); } -static INLINE void poly_decompress_d4_native( +static MLK_INLINE void poly_decompress_d4_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D4]) { poly_decompress_d4_avx2((__m256i *)r, a); } -static INLINE void poly_decompress_d10_native( +static MLK_INLINE void poly_decompress_d10_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D10]) { poly_decompress_d10_avx2((__m256i *)r, a); } -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ || MLKEM_K == 3) */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 -static INLINE void poly_compress_d5_native( +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +static MLK_INLINE void poly_compress_d5_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5], const int16_t a[MLKEM_N]) { poly_compress_d5_avx2(r, (const __m256i *)a); } -static INLINE void poly_compress_d11_native( +static MLK_INLINE void poly_compress_d11_native( uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D11], const int16_t a[MLKEM_N]) { poly_compress_d11_avx2(r, (const __m256i *)a); } -static INLINE void poly_decompress_d5_native( +static MLK_INLINE void poly_decompress_d5_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D5]) { poly_decompress_d5_avx2((__m256i *)r, a); } -static INLINE void poly_decompress_d11_native( +static MLK_INLINE void poly_decompress_d11_native( int16_t r[MLKEM_N], const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_D11]) { poly_decompress_d11_avx2((__m256i *)r, a); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ -#endif /* MLKEM_NATIVE_ARITH_PROFILE_IMPL_H */ +#endif /* MLK_ARITH_PROFILE_IMPL_H */ -#endif /* MLKEM_NATIVE_NATIVE_X86_64_SRC_DEFAULT_IMPL_H */ +#endif /* MLK_NATIVE_X86_64_SRC_DEFAULT_IMPL_H */ diff --git a/mlkem/native/x86_64/src/intt.S b/mlkem/native/x86_64/src/intt.S index f3af89b24..ab2209b44 100644 --- a/mlkem/native/x86_64/src/intt.S +++ b/mlkem/native/x86_64/src/intt.S @@ -10,8 +10,8 @@ * been made to simplify reasoning of non-overflow */ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -21,8 +21,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(invntt_avx2) -MLKEM_ASM_NAMESPACE(invntt_avx2): +.global MLK_ASM_NAMESPACE(invntt_avx2) +MLK_ASM_NAMESPACE(invntt_avx2): vmovdqa (%rsi), %ymm0 vmovdqa 0x60(%rsi), %ymm2 @@ -675,5 +675,5 @@ MLKEM_ASM_NAMESPACE(invntt_avx2): vmovdqa %ymm11, 0x1e0(%rdi) retq -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/native/x86_64/src/ntt.S b/mlkem/native/x86_64/src/ntt.S index 1012e446a..f10219dc6 100644 --- a/mlkem/native/x86_64/src/ntt.S +++ b/mlkem/native/x86_64/src/ntt.S @@ -7,8 +7,8 @@ // https://github.com/pq-crystals/kyber/blob/main/avx2 #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -18,8 +18,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(ntt_avx2) -MLKEM_ASM_NAMESPACE(ntt_avx2): +.global MLK_ASM_NAMESPACE(ntt_avx2) +MLK_ASM_NAMESPACE(ntt_avx2): vmovdqa (%rsi), %ymm0 vpbroadcastq 0x140(%rsi), %ymm15 @@ -608,5 +608,5 @@ MLKEM_ASM_NAMESPACE(ntt_avx2): vmovdqa %ymm11, 0x1e0(%rdi) retq -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/native/x86_64/src/nttfrombytes.S b/mlkem/native/x86_64/src/nttfrombytes.S index e15ff493c..236e85aa9 100644 --- a/mlkem/native/x86_64/src/nttfrombytes.S +++ b/mlkem/native/x86_64/src/nttfrombytes.S @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -19,8 +19,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(nttfrombytes_avx2) -MLKEM_ASM_NAMESPACE(nttfrombytes_avx2): +.global MLK_ASM_NAMESPACE(nttfrombytes_avx2) +MLK_ASM_NAMESPACE(nttfrombytes_avx2): vmovdqa 0xe0(%rdx), %ymm0 callq nttfrombytes128_avx @@ -104,5 +104,5 @@ nttfrombytes128_avx: vmovdqa %ymm1, 0xe0(%rdi) retq -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/x86_64/src/nttpack.S b/mlkem/native/x86_64/src/nttpack.S index c12d47406..1832b58c8 100644 --- a/mlkem/native/x86_64/src/nttpack.S +++ b/mlkem/native/x86_64/src/nttpack.S @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -19,8 +19,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(nttpack_avx2) -MLKEM_ASM_NAMESPACE(nttpack_avx2): +.global MLK_ASM_NAMESPACE(nttpack_avx2) +MLK_ASM_NAMESPACE(nttpack_avx2): vmovdqa (%rdi), %ymm4 vmovdqa 0x20(%rdi), %ymm5 @@ -88,5 +88,5 @@ MLKEM_ASM_NAMESPACE(nttpack_avx2): vmovdqa %ymm11, 0xe0(%rdi) retq -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/x86_64/src/ntttobytes.S b/mlkem/native/x86_64/src/ntttobytes.S index 46025e911..596de142e 100644 --- a/mlkem/native/x86_64/src/ntttobytes.S +++ b/mlkem/native/x86_64/src/ntttobytes.S @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -19,8 +19,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(ntttobytes_avx2) -MLKEM_ASM_NAMESPACE(ntttobytes_avx2): +.global MLK_ASM_NAMESPACE(ntttobytes_avx2) +MLK_ASM_NAMESPACE(ntttobytes_avx2): vmovdqa (%rdx), %ymm0 callq ntttobytes128_avx @@ -98,5 +98,5 @@ ntttobytes128_avx: vmovdqu %ymm9, 0xa0(%rdi) retq -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/x86_64/src/nttunpack.S b/mlkem/native/x86_64/src/nttunpack.S index c437754e9..1403e3762 100644 --- a/mlkem/native/x86_64/src/nttunpack.S +++ b/mlkem/native/x86_64/src/nttunpack.S @@ -8,8 +8,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -19,8 +19,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(nttunpack_avx2) -MLKEM_ASM_NAMESPACE(nttunpack_avx2): +.global MLK_ASM_NAMESPACE(nttunpack_avx2) +MLK_ASM_NAMESPACE(nttunpack_avx2): callq nttunpack128_avx2 addq $0x100, %rdi # imm = 0x100 @@ -94,5 +94,5 @@ nttunpack128_avx2: vmovdqa %ymm11, 0xe0(%rdi) retq -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/x86_64/src/reduce.S b/mlkem/native/x86_64/src/reduce.S index a98f7a8f6..7ba64f0ab 100644 --- a/mlkem/native/x86_64/src/reduce.S +++ b/mlkem/native/x86_64/src/reduce.S @@ -13,8 +13,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -24,8 +24,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(reduce_avx2) -MLKEM_ASM_NAMESPACE(reduce_avx2): +.global MLK_ASM_NAMESPACE(reduce_avx2) +MLK_ASM_NAMESPACE(reduce_avx2): vmovdqa (%rsi), %ymm0 vmovdqa 0x40(%rsi), %ymm1 @@ -117,5 +117,5 @@ reduce128_avx2: vmovdqa %ymm9, 0xe0(%rdi) retq -#endif /* MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT && - ! MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_ARITH_BACKEND_X86_64_DEFAULT && + ! MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/native/x86_64/src/rej_uniform_avx2.c b/mlkem/native/x86_64/src/rej_uniform_avx2.c index d53306828..c9de341f2 100644 --- a/mlkem/native/x86_64/src/rej_uniform_avx2.c +++ b/mlkem/native/x86_64/src/rej_uniform_avx2.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include @@ -19,7 +19,7 @@ #include "arith_native_x86_64.h" #include "consts.h" -unsigned rej_uniform_avx2(int16_t *RESTRICT r, const uint8_t *buf) +unsigned rej_uniform_avx2(int16_t *MLK_RESTRICT r, const uint8_t *buf) { unsigned ctr, pos; uint16_t val0, val1; @@ -124,10 +124,10 @@ unsigned rej_uniform_avx2(int16_t *RESTRICT r, const uint8_t *buf) return ctr; } -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(avx2_rej_uniform) +MLK_EMPTY_CU(avx2_rej_uniform) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/native/x86_64/src/rej_uniform_table.c b/mlkem/native/x86_64/src/rej_uniform_table.c index 2d4ea6ab4..c411e35e4 100644 --- a/mlkem/native/x86_64/src/rej_uniform_table.c +++ b/mlkem/native/x86_64/src/rej_uniform_table.c @@ -10,8 +10,8 @@ #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include "arith_native_x86_64.h" @@ -20,7 +20,7 @@ * Lookup table used by rejection sampling of the public matrix. * See autogen for details. */ -ALIGN const uint8_t rej_uniform_table[256][8] = { +MLK_ALIGN const uint8_t rej_uniform_table[256][8] = { {-1, -1, -1, -1, -1, -1, -1, -1}, {0, -1, -1, -1, -1, -1, -1, -1}, {2, -1, -1, -1, -1, -1, -1, -1}, {0, 2, -1, -1, -1, -1, -1, -1}, {4, -1, -1, -1, -1, -1, -1, -1}, {0, 4, -1, -1, -1, -1, -1, -1}, @@ -151,10 +151,10 @@ ALIGN const uint8_t rej_uniform_table[256][8] = { {2, 4, 6, 8, 10, 12, 14, -1}, {0, 2, 4, 6, 8, 10, 12, 14}, }; -#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#else /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ -MLKEM_NATIVE_EMPTY_CU(avx2_rej_uniform_table) +MLK_EMPTY_CU(avx2_rej_uniform_table) -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/native/x86_64/src/tomont.S b/mlkem/native/x86_64/src/tomont.S index 7418de23c..d1dbb8117 100644 --- a/mlkem/native/x86_64/src/tomont.S +++ b/mlkem/native/x86_64/src/tomont.S @@ -12,8 +12,8 @@ // semantics of poly_reduce(). #include "../../../common.h" -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * WARNING: This file is auto-derived from the mlkem-native source file @@ -23,8 +23,8 @@ .text .balign 4 -.global MLKEM_ASM_NAMESPACE(tomont_avx2) -MLKEM_ASM_NAMESPACE(tomont_avx2): +.global MLK_ASM_NAMESPACE(tomont_avx2) +MLK_ASM_NAMESPACE(tomont_avx2): vmovdqa (%rsi), %ymm0 vmovdqa 0xa0(%rsi), %ymm1 @@ -85,5 +85,5 @@ tomont128_avx2: vmovdqa %ymm10, 0xe0(%rdi) retq -#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */ +#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */ diff --git a/mlkem/params.h b/mlkem/params.h index 15109be95..2b859ac27 100644 --- a/mlkem/params.h +++ b/mlkem/params.h @@ -2,14 +2,14 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_PARAMS_H -#define MLKEM_NATIVE_PARAMS_H +#ifndef MLK_PARAMS_H +#define MLK_PARAMS_H -#if defined(MLKEM_NATIVE_CONFIG_FILE) -#include MLKEM_NATIVE_CONFIG_FILE +#if defined(MLK_CONFIG_FILE) +#include MLK_CONFIG_FILE #else #include "config.h" -#endif /* MLKEM_NATIVE_CONFIG_FILE */ +#endif /* MLK_CONFIG_FILE */ #if !defined(MLKEM_K) #error MLKEM_K is not defined @@ -18,7 +18,7 @@ #define MLKEM_N 256 #define MLKEM_Q 3329 #define MLKEM_Q_HALF ((MLKEM_Q + 1) / 2) /* 1665 */ -#define UINT12_LIMIT 4096 +#define MLKEM_UINT12_LIMIT 4096 #define MLKEM_SYMBYTES 32 /* size in bytes of hashes, and seeds */ #define MLKEM_SSBYTES 32 /* size in bytes of shared key */ @@ -72,4 +72,4 @@ 2 * MLKEM_SYMBYTES) #define MLKEM_INDCCA_CIPHERTEXTBYTES (MLKEM_INDCPA_BYTES) -#endif /* MLKEM_NATIVE_PARAMS_H */ +#endif /* MLK_PARAMS_H */ diff --git a/mlkem/poly.c b/mlkem/poly.c index 8f62b1a82..aad40970c 100644 --- a/mlkem/poly.c +++ b/mlkem/poly.c @@ -3,7 +3,7 @@ * SPDX-License-Identifier: Apache-2.0 */ #include "common.h" -#if !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include #include @@ -20,17 +20,17 @@ * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define fqmul MLKEM_NAMESPACE(fqmul) -#define barrett_reduce MLKEM_NAMESPACE(barrett_reduce) -#define scalar_signed_to_unsigned_q MLKEM_NAMESPACE(scalar_signed_to_unsigned_q) -#define ntt_butterfly_block MLKEM_NAMESPACE(ntt_butterfly_block) -#define ntt_layer MLKEM_NAMESPACE(ntt_layer) -#define invntt_layer MLKEM_NAMESPACE(invntt_layer) +#define fqmul MLK_NAMESPACE(fqmul) +#define barrett_reduce MLK_NAMESPACE(barrett_reduce) +#define scalar_signed_to_unsigned_q MLK_NAMESPACE(scalar_signed_to_unsigned_q) +#define ntt_butterfly_block MLK_NAMESPACE(ntt_butterfly_block) +#define ntt_layer MLK_NAMESPACE(ntt_layer) +#define invntt_layer MLK_NAMESPACE(invntt_layer) /* End of static namespacing */ -#if !defined(MLKEM_USE_NATIVE_POLY_TOMONT) || \ - !defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE) || \ - !defined(MLKEM_USE_NATIVE_NTT) || !defined(MLKEM_USE_NATIVE_INTT) +#if !defined(MLK_USE_NATIVE_POLY_TOMONT) || \ + !defined(MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE) || \ + !defined(MLK_USE_NATIVE_NTT) || !defined(MLK_USE_NATIVE_INTT) /************************************************* * Name: fqmul * @@ -45,7 +45,7 @@ * smaller than q in absolute value. * **************************************************/ -static INLINE int16_t fqmul(int16_t a, int16_t b) +static MLK_INLINE int16_t fqmul(int16_t a, int16_t b) __contract__( requires(b > -MLKEM_Q_HALF && b < MLKEM_Q_HALF) ensures(return_value > -MLKEM_Q && return_value < MLKEM_Q) @@ -65,12 +65,12 @@ __contract__( debug_assert_abs_bound(&res, 1, MLKEM_Q); return res; } -#endif /* !defined(MLKEM_USE_NATIVE_POLY_TOMONT) || \ - !defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE) || \ - !defined(MLKEM_USE_NATIVE_NTT) || \ - !defined(MLKEM_USE_NATIVE_INTT) */ +#endif /* !defined(MLK_USE_NATIVE_POLY_TOMONT) || \ + !defined(MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE) || \ + !defined(MLK_USE_NATIVE_NTT) || \ + !defined(MLK_USE_NATIVE_INTT) */ -#if !defined(MLKEM_USE_NATIVE_POLY_REDUCE) || !defined(MLKEM_USE_NATIVE_INTT) +#if !defined(MLK_USE_NATIVE_POLY_REDUCE) || !defined(MLK_USE_NATIVE_INTT) /************************************************* * Name: barrett_reduce * @@ -82,7 +82,7 @@ __contract__( * * Returns: integer in {-(q-1)/2,...,(q-1)/2} congruent to a modulo q. **************************************************/ -static INLINE int16_t barrett_reduce(int16_t a) +static MLK_INLINE int16_t barrett_reduce(int16_t a) __contract__( ensures(return_value > -MLKEM_Q_HALF && return_value < MLKEM_Q_HALF) ) @@ -112,11 +112,11 @@ __contract__( debug_assert_abs_bound(&res, 1, MLKEM_Q_HALF); return res; } -#endif /* !defined(MLKEM_USE_NATIVE_POLY_REDUCE) || \ - !defined(MLKEM_USE_NATIVE_INTT) */ +#endif /* !defined(MLK_USE_NATIVE_POLY_REDUCE) || \ + !defined(MLK_USE_NATIVE_INTT) */ -#if !defined(MLKEM_USE_NATIVE_POLY_TOMONT) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_TOMONT) +MLK_INTERNAL_API void poly_tomont(poly *r) { unsigned i; @@ -131,16 +131,16 @@ void poly_tomont(poly *r) debug_assert_abs_bound(r, MLKEM_N, MLKEM_Q); } -#else /* MLKEM_USE_NATIVE_POLY_TOMONT */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_TOMONT */ +MLK_INTERNAL_API void poly_tomont(poly *r) { poly_tomont_native(r->coeffs); debug_assert_abs_bound(r, MLKEM_N, MLKEM_Q); } -#endif /* MLKEM_USE_NATIVE_POLY_TOMONT */ +#endif /* MLK_USE_NATIVE_POLY_TOMONT */ -#if !defined(MLKEM_USE_NATIVE_POLY_REDUCE) +#if !defined(MLK_USE_NATIVE_POLY_REDUCE) /************************************************************ * Name: scalar_signed_to_unsigned_q * @@ -159,7 +159,7 @@ void poly_tomont(poly *r) * * Arguments: c: signed coefficient to be converted ************************************************************/ -static INLINE uint16_t scalar_signed_to_unsigned_q(int16_t c) +static MLK_INLINE uint16_t scalar_signed_to_unsigned_q(int16_t c) __contract__( requires(c > -MLKEM_Q && c < MLKEM_Q) ensures(return_value >= 0 && return_value < MLKEM_Q) @@ -175,7 +175,7 @@ __contract__( return (uint16_t)c; } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_reduce(poly *r) { unsigned i; @@ -192,16 +192,16 @@ void poly_reduce(poly *r) debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#else /* MLKEM_USE_NATIVE_POLY_REDUCE */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_REDUCE */ +MLK_INTERNAL_API void poly_reduce(poly *r) { poly_reduce_native(r->coeffs); debug_assert_bound(r, MLKEM_N, 0, MLKEM_Q); } -#endif /* MLKEM_USE_NATIVE_POLY_REDUCE */ +#endif /* MLK_USE_NATIVE_POLY_REDUCE */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_add(poly *r, const poly *b) { unsigned i; @@ -215,7 +215,7 @@ void poly_add(poly *r, const poly *b) } } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_sub(poly *r, const poly *b) { unsigned i; @@ -229,8 +229,8 @@ void poly_sub(poly *r, const poly *b) } } -#if !defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE) +MLK_INTERNAL_API void poly_mulcache_compute(poly_mulcache *x, const poly *a) { unsigned i; @@ -251,8 +251,8 @@ void poly_mulcache_compute(poly_mulcache *x, const poly *a) */ debug_assert_abs_bound(x, MLKEM_N / 2, MLKEM_Q); } -#else /* MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE */ -MLKEM_NATIVE_INTERNAL_API +#else /* MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE */ +MLK_INTERNAL_API void poly_mulcache_compute(poly_mulcache *x, const poly *a) { poly_mulcache_compute_native(x->coeffs, a->coeffs); @@ -260,9 +260,9 @@ void poly_mulcache_compute(poly_mulcache *x, const poly *a) * decide not to use a mulcache. Note that the C backend implementation * of poly_basemul_montgomery_cached() does still include the check. */ } -#endif /* MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE */ +#endif /* MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE */ -#if !defined(MLKEM_USE_NATIVE_NTT) +#if !defined(MLK_USE_NATIVE_NTT) /* * Computes a block CT butterflies with a fixed twiddle factor, * using Montgomery multiplication. @@ -371,7 +371,7 @@ __contract__( * the proof may need strengthening. */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_ntt(poly *p) { unsigned len, layer; @@ -390,18 +390,18 @@ void poly_ntt(poly *p) /* Check the stronger bound */ debug_assert_abs_bound(p, MLKEM_N, NTT_BOUND); } -#else /* MLKEM_USE_NATIVE_NTT */ +#else /* MLK_USE_NATIVE_NTT */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_ntt(poly *p) { debug_assert_abs_bound(p, MLKEM_N, MLKEM_Q); ntt_native(p->coeffs); debug_assert_abs_bound(p, MLKEM_N, NTT_BOUND); } -#endif /* MLKEM_USE_NATIVE_NTT */ +#endif /* MLK_USE_NATIVE_NTT */ -#if !defined(MLKEM_USE_NATIVE_INTT) +#if !defined(MLK_USE_NATIVE_INTT) /* Compute one layer of inverse NTT */ static void invntt_layer(int16_t *r, unsigned len, unsigned layer) @@ -440,7 +440,7 @@ __contract__( } } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_invntt_tomont(poly *p) { /* @@ -471,21 +471,21 @@ void poly_invntt_tomont(poly *p) debug_assert_abs_bound(p, MLKEM_N, INVNTT_BOUND); } -#else /* MLKEM_USE_NATIVE_INTT */ +#else /* MLK_USE_NATIVE_INTT */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_invntt_tomont(poly *p) { intt_native(p->coeffs); debug_assert_abs_bound(p, MLKEM_N, INVNTT_BOUND); } -#endif /* MLKEM_USE_NATIVE_INTT */ +#endif /* MLK_USE_NATIVE_INTT */ -#else /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#else /* MLK_MULTILEVEL_BUILD_NO_SHARED */ -MLKEM_NATIVE_EMPTY_CU(poly) +MLK_EMPTY_CU(poly) -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_MULTILEVEL_BUILD_NO_SHARED */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mlkem/poly.h b/mlkem/poly.h index b42f014ae..388546e8e 100644 --- a/mlkem/poly.h +++ b/mlkem/poly.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_POLY_H -#define MLKEM_NATIVE_POLY_H +#ifndef MLK_POLY_H +#define MLK_POLY_H #include #include @@ -18,30 +18,30 @@ /* Absolute exclusive upper bound for the output of the forward NTT */ #define NTT_BOUND (8 * MLKEM_Q) -#define zetas MLKEM_NAMESPACE(zetas) +#define zetas MLK_NAMESPACE(zetas) extern const int16_t zetas[128]; /* * Elements of R_q = Z_q[X]/(X^n + 1). Represents polynomial * coeffs[0] + X*coeffs[1] + X^2*coeffs[2] + ... + X^{n-1}*coeffs[n-1] */ -#define poly MLKEM_NAMESPACE(poly) +#define poly MLK_NAMESPACE(poly) typedef struct { int16_t coeffs[MLKEM_N]; -} ALIGN poly; +} MLK_ALIGN poly; /* * INTERNAL presentation of precomputed data speeding up * the base multiplication of two polynomials in NTT domain. */ -#define poly_mulcache MLKEM_NAMESPACE(poly_mulcache) +#define poly_mulcache MLK_NAMESPACE(poly_mulcache) typedef struct { int16_t coeffs[MLKEM_N >> 1]; } poly_mulcache; -#define cast_uint16_to_int16 MLKEM_NAMESPACE(cast_uint16_to_int16) +#define cast_uint16_to_int16 MLK_NAMESPACE(cast_uint16_to_int16) /************************************************* * Name: cast_uint16_to_int16 * @@ -55,8 +55,8 @@ typedef struct #pragma CPROVER check push #pragma CPROVER check disable "conversion" #endif -ALWAYS_INLINE -static INLINE int16_t cast_uint16_to_int16(uint16_t x) +MLK_ALWAYS_INLINE +static MLK_INLINE int16_t cast_uint16_to_int16(uint16_t x) { /* * PORTABILITY: This relies on uint16_t -> int16_t @@ -71,7 +71,7 @@ static INLINE int16_t cast_uint16_to_int16(uint16_t x) #pragma CPROVER check pop #endif -#define montgomery_reduce MLKEM_NAMESPACE(montgomery_reduce) +#define montgomery_reduce MLK_NAMESPACE(montgomery_reduce) /************************************************* * Name: montgomery_reduce * @@ -85,8 +85,8 @@ static INLINE int16_t cast_uint16_to_int16(uint16_t x) * <= ceil(|a| / 2^16) + (MLKEM_Q + 1)/2 * **************************************************/ -ALWAYS_INLINE -static INLINE int16_t montgomery_reduce(int32_t a) +MLK_ALWAYS_INLINE +static MLK_INLINE int16_t montgomery_reduce(int32_t a) __contract__( requires(a < +(INT32_MAX - (((int32_t)1 << 15) * MLKEM_Q)) && a > -(INT32_MAX - (((int32_t)1 << 15) * MLKEM_Q))) @@ -130,7 +130,7 @@ __contract__( return (int16_t)r; } -#define poly_tomont MLKEM_NAMESPACE(poly_tomont) +#define poly_tomont MLK_NAMESPACE(poly_tomont) /************************************************* * Name: poly_tomont * @@ -141,7 +141,7 @@ __contract__( * * Arguments: - poly *r: pointer to input/output polynomial **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_tomont(poly *r) __contract__( requires(memory_no_alias(r, sizeof(poly))) @@ -149,7 +149,7 @@ __contract__( ensures(array_abs_bound(r->coeffs, 0, MLKEM_N, MLKEM_Q)) ); -#define poly_mulcache_compute MLKEM_NAMESPACE(poly_mulcache_compute) +#define poly_mulcache_compute MLK_NAMESPACE(poly_mulcache_compute) /************************************************************ * Name: poly_mulcache_compute * @@ -172,7 +172,7 @@ __contract__( * the mulcache with values in (-q,q), but this is not needed for the * higher level safety proofs, and thus not part of the spec. */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_mulcache_compute(poly_mulcache *x, const poly *a) __contract__( requires(memory_no_alias(x, sizeof(poly_mulcache))) @@ -180,7 +180,7 @@ __contract__( assigns(object_whole(x)) ); -#define poly_reduce MLKEM_NAMESPACE(poly_reduce) +#define poly_reduce MLK_NAMESPACE(poly_reduce) /************************************************* * Name: poly_reduce * @@ -198,7 +198,7 @@ __contract__( * outputs are better suited to the only remaining * use of poly_reduce() in the context of (de)serialization. */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_reduce(poly *r) __contract__( requires(memory_no_alias(r, sizeof(poly))) @@ -206,7 +206,7 @@ __contract__( ensures(array_bound(r->coeffs, 0, MLKEM_N, 0, MLKEM_Q)) ); -#define poly_add MLKEM_NAMESPACE(poly_add) +#define poly_add MLK_NAMESPACE(poly_add) /************************************************************ * Name: poly_add * @@ -224,7 +224,7 @@ __contract__( * NOTE: The reference implementation uses a 3-argument poly_add. * We specialize to the accumulator form to avoid reasoning about aliasing. */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_add(poly *r, const poly *b) __contract__( requires(memory_no_alias(r, sizeof(poly))) @@ -235,7 +235,7 @@ __contract__( assigns(memory_slice(r, sizeof(poly))) ); -#define poly_sub MLKEM_NAMESPACE(poly_sub) +#define poly_sub MLK_NAMESPACE(poly_sub) /************************************************* * Name: poly_sub * @@ -249,7 +249,7 @@ __contract__( * NOTE: The reference implementation uses a 3-argument poly_sub. * We specialize to the accumulator form to avoid reasoning about aliasing. */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_sub(poly *r, const poly *b) __contract__( requires(memory_no_alias(r, sizeof(poly))) @@ -260,7 +260,7 @@ __contract__( assigns(object_whole(r)) ); -#define poly_ntt MLKEM_NAMESPACE(poly_ntt) +#define poly_ntt MLK_NAMESPACE(poly_ntt) /************************************************* * Name: poly_ntt * @@ -278,7 +278,7 @@ __contract__( * * Arguments: - poly *p: pointer to in/output polynomial **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_ntt(poly *r) __contract__( requires(memory_no_alias(r, sizeof(poly))) @@ -287,7 +287,7 @@ __contract__( ensures(array_abs_bound(r->coeffs, 0, MLKEM_N, NTT_BOUND)) ); -#define poly_invntt_tomont MLKEM_NAMESPACE(poly_invntt_tomont) +#define poly_invntt_tomont MLK_NAMESPACE(poly_invntt_tomont) /************************************************* * Name: poly_invntt_tomont * @@ -304,7 +304,7 @@ __contract__( * * Arguments: - uint16_t *a: pointer to in/output polynomial **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_invntt_tomont(poly *r) __contract__( requires(memory_no_alias(r, sizeof(poly))) @@ -312,4 +312,4 @@ __contract__( ensures(array_abs_bound(r->coeffs, 0, MLKEM_N, INVNTT_BOUND)) ); -#endif /* MLKEM_NATIVE_POLY_H */ +#endif /* MLK_POLY_H */ diff --git a/mlkem/poly_k.c b/mlkem/poly_k.c index a7ee1a07f..532822043 100644 --- a/mlkem/poly_k.c +++ b/mlkem/poly_k.c @@ -16,11 +16,11 @@ * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define poly_cbd_eta1 MLKEM_NAMESPACE_K(poly_cbd_eta1) -#define poly_cbd_eta2 MLKEM_NAMESPACE_K(poly_cbd_eta2) +#define poly_cbd_eta1 MLK_NAMESPACE_K(poly_cbd_eta1) +#define poly_cbd_eta2 MLK_NAMESPACE_K(poly_cbd_eta2) /* End of static namespacing */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_compress_du(uint8_t r[MLKEM_POLYVECCOMPRESSEDBYTES_DU], const polyvec *a) { @@ -33,7 +33,7 @@ void polyvec_compress_du(uint8_t r[MLKEM_POLYVECCOMPRESSEDBYTES_DU], } } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_decompress_du(polyvec *r, const uint8_t a[MLKEM_POLYVECCOMPRESSEDBYTES_DU]) { @@ -46,7 +46,7 @@ void polyvec_decompress_du(polyvec *r, debug_assert_bound_2d(r, MLKEM_K, MLKEM_N, 0, MLKEM_Q); } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_tobytes(uint8_t r[MLKEM_POLYVECBYTES], const polyvec *a) { unsigned i; @@ -58,7 +58,7 @@ void polyvec_tobytes(uint8_t r[MLKEM_POLYVECBYTES], const polyvec *a) } } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_frombytes(polyvec *r, const uint8_t a[MLKEM_POLYVECBYTES]) { unsigned i; @@ -67,10 +67,10 @@ void polyvec_frombytes(polyvec *r, const uint8_t a[MLKEM_POLYVECBYTES]) poly_frombytes(&r->vec[i], a + i * MLKEM_POLYBYTES); } - debug_assert_bound_2d(r, MLKEM_K, MLKEM_N, 0, UINT12_LIMIT); + debug_assert_bound_2d(r, MLKEM_K, MLKEM_N, 0, MLKEM_UINT12_LIMIT); } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_ntt(polyvec *r) { unsigned i; @@ -82,7 +82,7 @@ void polyvec_ntt(polyvec *r) debug_assert_abs_bound_2d(r, MLKEM_K, MLKEM_N, NTT_BOUND); } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_invntt_tomont(polyvec *r) { unsigned i; @@ -94,14 +94,14 @@ void polyvec_invntt_tomont(polyvec *r) debug_assert_abs_bound_2d(r, MLKEM_K, MLKEM_N, INVNTT_BOUND); } -#if !defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) -MLKEM_NATIVE_INTERNAL_API +#if !defined(MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) +MLK_INTERNAL_API void polyvec_basemul_acc_montgomery_cached(poly *r, const polyvec *a, const polyvec *b, const polyvec_mulcache *b_cache) { unsigned i; - debug_assert_bound_2d(a, MLKEM_K, MLKEM_N, 0, UINT12_LIMIT); + debug_assert_bound_2d(a, MLKEM_K, MLKEM_N, 0, MLKEM_UINT12_LIMIT); for (i = 0; i < MLKEM_N / 2; i++) __loop__(invariant(i <= MLKEM_N / 2)) { @@ -110,10 +110,10 @@ void polyvec_basemul_acc_montgomery_cached(poly *r, const polyvec *a, for (k = 0; k < MLKEM_K; k++) __loop__( invariant(k <= MLKEM_K && - t[0] <= (int32_t) k * 2 * UINT12_LIMIT * 32768 && - t[0] >= - ((int32_t) k * 2 * UINT12_LIMIT * 32768) && - t[1] <= ((int32_t) k * 2 * UINT12_LIMIT * 32768) && - t[1] >= - ((int32_t) k * 2 * UINT12_LIMIT * 32768))) + t[0] <= (int32_t) k * 2 * MLKEM_UINT12_LIMIT * 32768 && + t[0] >= - ((int32_t) k * 2 * MLKEM_UINT12_LIMIT * 32768) && + t[1] <= ((int32_t) k * 2 * MLKEM_UINT12_LIMIT * 32768) && + t[1] >= - ((int32_t) k * 2 * MLKEM_UINT12_LIMIT * 32768))) { t[0] += (int32_t)a->vec[k].coeffs[2 * i + 1] * b_cache->vec[k].coeffs[i]; t[0] += (int32_t)a->vec[k].coeffs[2 * i] * b->vec[k].coeffs[2 * i]; @@ -125,13 +125,13 @@ void polyvec_basemul_acc_montgomery_cached(poly *r, const polyvec *a, } } -#else /* !MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED */ -MLKEM_NATIVE_INTERNAL_API +#else /* !MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED */ +MLK_INTERNAL_API void polyvec_basemul_acc_montgomery_cached(poly *r, const polyvec *a, const polyvec *b, const polyvec_mulcache *b_cache) { - debug_assert_bound_2d(a, MLKEM_K, MLKEM_N, 0, UINT12_LIMIT); + debug_assert_bound_2d(a, MLKEM_K, MLKEM_N, 0, MLKEM_UINT12_LIMIT); /* Omitting bounds assertion for cache since native implementations may * decide not to use a mulcache. Note that the C backend implementation * of poly_basemul_montgomery_cached() does still include the check. */ @@ -149,9 +149,9 @@ void polyvec_basemul_acc_montgomery_cached(poly *r, const polyvec *a, (const int16_t *)b_cache); #endif } -#endif /* MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED */ +#endif /* MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_basemul_acc_montgomery(poly *r, const polyvec *a, const polyvec *b) { polyvec_mulcache b_cache; @@ -159,7 +159,7 @@ void polyvec_basemul_acc_montgomery(poly *r, const polyvec *a, const polyvec *b) polyvec_basemul_acc_montgomery_cached(r, a, b, &b_cache); } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_mulcache_compute(polyvec_mulcache *x, const polyvec *a) { unsigned i; @@ -169,7 +169,7 @@ void polyvec_mulcache_compute(polyvec_mulcache *x, const polyvec *a) } } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_reduce(polyvec *r) { unsigned i; @@ -181,7 +181,7 @@ void polyvec_reduce(polyvec *r) debug_assert_bound_2d(r, MLKEM_K, MLKEM_N, 0, MLKEM_Q); } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_add(polyvec *r, const polyvec *b) { unsigned i; @@ -191,7 +191,7 @@ void polyvec_add(polyvec *r, const polyvec *b) } } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_tomont(polyvec *r) { unsigned i; @@ -214,8 +214,8 @@ void polyvec_tomont(polyvec *r) * Arguments: - poly *r: pointer to output polynomial * - const uint8_t *buf: pointer to input byte array **************************************************/ -static INLINE void poly_cbd_eta1(poly *r, - const uint8_t buf[MLKEM_ETA1 * MLKEM_N / 4]) +static MLK_INLINE void poly_cbd_eta1( + poly *r, const uint8_t buf[MLKEM_ETA1 * MLKEM_N / 4]) __contract__( requires(memory_no_alias(r, sizeof(poly))) requires(memory_no_alias(buf, MLKEM_ETA1 * MLKEM_N / 4)) @@ -232,19 +232,19 @@ __contract__( #endif } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_getnoise_eta1_4x(poly *r0, poly *r1, poly *r2, poly *r3, const uint8_t seed[MLKEM_SYMBYTES], uint8_t nonce0, uint8_t nonce1, uint8_t nonce2, uint8_t nonce3) { - ALIGN uint8_t buf0[MLKEM_ETA1 * MLKEM_N / 4]; - ALIGN uint8_t buf1[MLKEM_ETA1 * MLKEM_N / 4]; - ALIGN uint8_t buf2[MLKEM_ETA1 * MLKEM_N / 4]; - ALIGN uint8_t buf3[MLKEM_ETA1 * MLKEM_N / 4]; - ALIGN uint8_t extkey0[MLKEM_SYMBYTES + 1]; - ALIGN uint8_t extkey1[MLKEM_SYMBYTES + 1]; - ALIGN uint8_t extkey2[MLKEM_SYMBYTES + 1]; - ALIGN uint8_t extkey3[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t buf0[MLKEM_ETA1 * MLKEM_N / 4]; + MLK_ALIGN uint8_t buf1[MLKEM_ETA1 * MLKEM_N / 4]; + MLK_ALIGN uint8_t buf2[MLKEM_ETA1 * MLKEM_N / 4]; + MLK_ALIGN uint8_t buf3[MLKEM_ETA1 * MLKEM_N / 4]; + MLK_ALIGN uint8_t extkey0[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t extkey1[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t extkey2[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t extkey3[MLKEM_SYMBYTES + 1]; memcpy(extkey0, seed, MLKEM_SYMBYTES); memcpy(extkey1, seed, MLKEM_SYMBYTES); memcpy(extkey2, seed, MLKEM_SYMBYTES); @@ -276,8 +276,8 @@ void poly_getnoise_eta1_4x(poly *r0, poly *r1, poly *r2, poly *r3, * Arguments: - poly *r: pointer to output polynomial * - const uint8_t *buf: pointer to input byte array **************************************************/ -static INLINE void poly_cbd_eta2(poly *r, - const uint8_t buf[MLKEM_ETA2 * MLKEM_N / 4]) +static MLK_INLINE void poly_cbd_eta2( + poly *r, const uint8_t buf[MLKEM_ETA2 * MLKEM_N / 4]) __contract__( requires(memory_no_alias(r, sizeof(poly))) requires(memory_no_alias(buf, MLKEM_ETA2 * MLKEM_N / 4)) @@ -291,12 +291,12 @@ __contract__( #endif } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_getnoise_eta2(poly *r, const uint8_t seed[MLKEM_SYMBYTES], uint8_t nonce) { - ALIGN uint8_t buf[MLKEM_ETA2 * MLKEM_N / 4]; - ALIGN uint8_t extkey[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t buf[MLKEM_ETA2 * MLKEM_N / 4]; + MLK_ALIGN uint8_t extkey[MLKEM_SYMBYTES + 1]; memcpy(extkey, seed, MLKEM_SYMBYTES); extkey[MLKEM_SYMBYTES] = nonce; @@ -310,7 +310,7 @@ void poly_getnoise_eta2(poly *r, const uint8_t seed[MLKEM_SYMBYTES], #if MLKEM_K == 2 -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_getnoise_eta1122_4x(poly *r0, poly *r1, poly *r2, poly *r3, const uint8_t seed[MLKEM_SYMBYTES], uint8_t nonce0, uint8_t nonce1, uint8_t nonce2, @@ -319,16 +319,16 @@ void poly_getnoise_eta1122_4x(poly *r0, poly *r1, poly *r2, poly *r3, #if MLKEM_ETA2 >= MLKEM_ETA1 #error poly_getnoise_eta1122_4x assumes MLKEM_ETA1 > MLKEM_ETA2 #endif - ALIGN uint8_t buf0[MLKEM_ETA1 * MLKEM_N / 4]; - ALIGN uint8_t buf1[MLKEM_ETA1 * MLKEM_N / 4]; + MLK_ALIGN uint8_t buf0[MLKEM_ETA1 * MLKEM_N / 4]; + MLK_ALIGN uint8_t buf1[MLKEM_ETA1 * MLKEM_N / 4]; /* Pad to larger buffer */ - ALIGN uint8_t buf2[MLKEM_ETA1 * MLKEM_N / 4]; - ALIGN uint8_t buf3[MLKEM_ETA1 * MLKEM_N / 4]; + MLK_ALIGN uint8_t buf2[MLKEM_ETA1 * MLKEM_N / 4]; + MLK_ALIGN uint8_t buf3[MLKEM_ETA1 * MLKEM_N / 4]; - ALIGN uint8_t extkey0[MLKEM_SYMBYTES + 1]; - ALIGN uint8_t extkey1[MLKEM_SYMBYTES + 1]; - ALIGN uint8_t extkey2[MLKEM_SYMBYTES + 1]; - ALIGN uint8_t extkey3[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t extkey0[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t extkey1[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t extkey2[MLKEM_SYMBYTES + 1]; + MLK_ALIGN uint8_t extkey3[MLKEM_SYMBYTES + 1]; memcpy(extkey0, seed, MLKEM_SYMBYTES); memcpy(extkey1, seed, MLKEM_SYMBYTES); diff --git a/mlkem/poly_k.h b/mlkem/poly_k.h index 6899db3f0..ac02c840e 100644 --- a/mlkem/poly_k.h +++ b/mlkem/poly_k.h @@ -2,27 +2,27 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_POLY_K_H -#define MLKEM_NATIVE_POLY_K_H +#ifndef MLK_POLY_K_H +#define MLK_POLY_K_H #include #include "common.h" #include "compress.h" #include "poly.h" -#define polyvec MLKEM_NAMESPACE_K(polyvec) +#define polyvec MLK_NAMESPACE_K(polyvec) typedef struct { poly vec[MLKEM_K]; -} ALIGN polyvec; +} MLK_ALIGN polyvec; -#define polyvec_mulcache MLKEM_NAMESPACE_K(polyvec_mulcache) +#define polyvec_mulcache MLK_NAMESPACE_K(polyvec_mulcache) typedef struct { poly_mulcache vec[MLKEM_K]; } polyvec_mulcache; -#define poly_compress_du MLKEM_NAMESPACE_K(poly_compress_du) +#define poly_compress_du MLK_NAMESPACE_K(poly_compress_du) /************************************************* * Name: poly_compress_du * @@ -35,8 +35,8 @@ typedef struct * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -static INLINE void poly_compress_du(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_DU], - const poly *a) +static MLK_INLINE void poly_compress_du(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_DU], + const poly *a) __contract__( requires(memory_no_alias(r, MLKEM_POLYCOMPRESSEDBYTES_DU)) requires(memory_no_alias(a, sizeof(poly))) @@ -52,7 +52,7 @@ __contract__( #endif } -#define poly_decompress_du MLKEM_NAMESPACE_K(poly_decompress_du) +#define poly_decompress_du MLK_NAMESPACE_K(poly_decompress_du) /************************************************* * Name: poly_decompress_du * @@ -67,7 +67,7 @@ __contract__( * (non-negative and smaller than MLKEM_Q). * **************************************************/ -static INLINE void poly_decompress_du( +static MLK_INLINE void poly_decompress_du( poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_DU]) __contract__( requires(memory_no_alias(a, MLKEM_POLYCOMPRESSEDBYTES_DU)) @@ -84,7 +84,7 @@ __contract__( #endif } -#define poly_compress_dv MLKEM_NAMESPACE_K(poly_compress_dv) +#define poly_compress_dv MLK_NAMESPACE_K(poly_compress_dv) /************************************************* * Name: poly_compress_dv * @@ -97,8 +97,8 @@ __contract__( * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -static INLINE void poly_compress_dv(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_DV], - const poly *a) +static MLK_INLINE void poly_compress_dv(uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_DV], + const poly *a) __contract__( requires(memory_no_alias(r, MLKEM_POLYCOMPRESSEDBYTES_DV)) requires(memory_no_alias(a, sizeof(poly))) @@ -115,7 +115,7 @@ __contract__( } -#define poly_decompress_dv MLKEM_NAMESPACE_K(poly_decompress_dv) +#define poly_decompress_dv MLK_NAMESPACE_K(poly_decompress_dv) /************************************************* * Name: poly_decompress_dv * @@ -130,7 +130,7 @@ __contract__( * (non-negative and smaller than MLKEM_Q). * **************************************************/ -static INLINE void poly_decompress_dv( +static MLK_INLINE void poly_decompress_dv( poly *r, const uint8_t a[MLKEM_POLYCOMPRESSEDBYTES_DV]) __contract__( requires(memory_no_alias(a, MLKEM_POLYCOMPRESSEDBYTES_DV)) @@ -147,7 +147,7 @@ __contract__( #endif } -#define polyvec_compress_du MLKEM_NAMESPACE_K(polyvec_compress_du) +#define polyvec_compress_du MLK_NAMESPACE_K(polyvec_compress_du) /************************************************* * Name: polyvec_compress_du * @@ -159,7 +159,7 @@ __contract__( * Coefficients must be unsigned canonical, * i.e. in [0,1,..,MLKEM_Q-1]. **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_compress_du(uint8_t r[MLKEM_POLYVECCOMPRESSEDBYTES_DU], const polyvec *a) __contract__( @@ -170,7 +170,7 @@ __contract__( assigns(object_whole(r)) ); -#define polyvec_decompress_du MLKEM_NAMESPACE_K(polyvec_decompress_du) +#define polyvec_decompress_du MLK_NAMESPACE_K(polyvec_decompress_du) /************************************************* * Name: polyvec_decompress_du * @@ -182,7 +182,7 @@ __contract__( * - const uint8_t *a: pointer to input byte array * (of length MLKEM_POLYVECCOMPRESSEDBYTES_DU) **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_decompress_du(polyvec *r, const uint8_t a[MLKEM_POLYVECCOMPRESSEDBYTES_DU]) __contract__( @@ -193,7 +193,7 @@ __contract__( array_bound(r->vec[k0].coeffs, 0, MLKEM_N, 0, MLKEM_Q))) ); -#define polyvec_tobytes MLKEM_NAMESPACE_K(polyvec_tobytes) +#define polyvec_tobytes MLK_NAMESPACE_K(polyvec_tobytes) /************************************************* * Name: polyvec_tobytes * @@ -204,7 +204,7 @@ __contract__( * - const polyvec *a: pointer to input vector of polynomials * Each polynomial must have coefficients in [0,..,q-1]. **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_tobytes(uint8_t r[MLKEM_POLYVECBYTES], const polyvec *a) __contract__( requires(memory_no_alias(a, sizeof(polyvec))) @@ -214,7 +214,7 @@ __contract__( assigns(object_whole(r)) ); -#define polyvec_frombytes MLKEM_NAMESPACE_K(polyvec_frombytes) +#define polyvec_frombytes MLK_NAMESPACE_K(polyvec_frombytes) /************************************************* * Name: polyvec_frombytes * @@ -226,17 +226,17 @@ __contract__( * normalized in [0..4095]. * - uint8_t *r: pointer to input byte array **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_frombytes(polyvec *r, const uint8_t a[MLKEM_POLYVECBYTES]) __contract__( requires(memory_no_alias(r, sizeof(polyvec))) requires(memory_no_alias(a, MLKEM_POLYVECBYTES)) assigns(object_whole(r)) ensures(forall(k0, 0, MLKEM_K, - array_bound(r->vec[k0].coeffs, 0, MLKEM_N, 0, UINT12_LIMIT))) + array_bound(r->vec[k0].coeffs, 0, MLKEM_N, 0, MLKEM_UINT12_LIMIT))) ); -#define polyvec_ntt MLKEM_NAMESPACE_K(polyvec_ntt) +#define polyvec_ntt MLK_NAMESPACE_K(polyvec_ntt) /************************************************* * Name: polyvec_ntt * @@ -251,7 +251,7 @@ __contract__( * Arguments: - polyvec *r: pointer to in/output vector of polynomials * **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_ntt(polyvec *r) __contract__( requires(memory_no_alias(r, sizeof(polyvec))) @@ -262,7 +262,7 @@ __contract__( array_abs_bound(r->vec[j].coeffs, 0, MLKEM_N, NTT_BOUND))) ); -#define polyvec_invntt_tomont MLKEM_NAMESPACE_K(polyvec_invntt_tomont) +#define polyvec_invntt_tomont MLK_NAMESPACE_K(polyvec_invntt_tomont) /************************************************* * Name: polyvec_invntt_tomont * @@ -278,7 +278,7 @@ __contract__( * * Arguments: - polyvec *r: pointer to in/output vector of polynomials **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_invntt_tomont(polyvec *r) __contract__( requires(memory_no_alias(r, sizeof(polyvec))) @@ -288,7 +288,7 @@ __contract__( ); #define polyvec_basemul_acc_montgomery \ - MLKEM_NAMESPACE_K(polyvec_basemul_acc_montgomery) + MLK_NAMESPACE_K(polyvec_basemul_acc_montgomery) /************************************************* * Name: polyvec_basemul_acc_montgomery * @@ -299,20 +299,20 @@ __contract__( * - const polyvec *a: pointer to first input vector of polynomials * - const polyvec *b: pointer to second input vector of polynomials **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_basemul_acc_montgomery(poly *r, const polyvec *a, const polyvec *b) __contract__( requires(memory_no_alias(r, sizeof(poly))) requires(memory_no_alias(a, sizeof(polyvec))) requires(memory_no_alias(b, sizeof(polyvec))) requires(forall(k1, 0, MLKEM_K, - array_bound(a->vec[k1].coeffs, 0, MLKEM_N, 0, UINT12_LIMIT))) + array_bound(a->vec[k1].coeffs, 0, MLKEM_N, 0, MLKEM_UINT12_LIMIT))) assigns(memory_slice(r, sizeof(poly))) ); #define polyvec_basemul_acc_montgomery_cached \ - MLKEM_NAMESPACE_K(polyvec_basemul_acc_montgomery_cached) + MLK_NAMESPACE_K(polyvec_basemul_acc_montgomery_cached) /************************************************* * Name: polyvec_basemul_acc_montgomery_cached * @@ -330,7 +330,7 @@ __contract__( * for second input polynomial vector. Can be computed * via polyvec_mulcache_compute(). **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_basemul_acc_montgomery_cached(poly *r, const polyvec *a, const polyvec *b, const polyvec_mulcache *b_cache) @@ -340,11 +340,11 @@ __contract__( requires(memory_no_alias(b, sizeof(polyvec))) requires(memory_no_alias(b_cache, sizeof(polyvec_mulcache))) requires(forall(k1, 0, MLKEM_K, - array_bound(a->vec[k1].coeffs, 0, MLKEM_N, 0, UINT12_LIMIT))) + array_bound(a->vec[k1].coeffs, 0, MLKEM_N, 0, MLKEM_UINT12_LIMIT))) assigns(object_whole(r)) ); -#define polyvec_mulcache_compute MLKEM_NAMESPACE_K(polyvec_mulcache_compute) +#define polyvec_mulcache_compute MLK_NAMESPACE_K(polyvec_mulcache_compute) /************************************************************ * Name: polyvec_mulcache_compute * @@ -370,7 +370,7 @@ __contract__( * the mulcache with values in (-q,q), but this is not needed for the * higher level safety proofs, and thus not part of the spec. */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_mulcache_compute(polyvec_mulcache *x, const polyvec *a) __contract__( requires(memory_no_alias(x, sizeof(polyvec_mulcache))) @@ -378,7 +378,7 @@ __contract__( assigns(object_whole(x)) ); -#define polyvec_reduce MLKEM_NAMESPACE_K(polyvec_reduce) +#define polyvec_reduce MLK_NAMESPACE_K(polyvec_reduce) /************************************************* * Name: polyvec_reduce * @@ -395,7 +395,7 @@ __contract__( * outputs are better suited to the only remaining * use of poly_reduce() in the context of (de)serialization. */ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_reduce(polyvec *r) __contract__( requires(memory_no_alias(r, sizeof(polyvec))) @@ -404,7 +404,7 @@ __contract__( array_bound(r->vec[k0].coeffs, 0, MLKEM_N, 0, MLKEM_Q))) ); -#define polyvec_add MLKEM_NAMESPACE_K(polyvec_add) +#define polyvec_add MLK_NAMESPACE_K(polyvec_add) /************************************************* * Name: polyvec_add * @@ -421,7 +421,7 @@ __contract__( * to prove type-safety of calling units. Therefore, no stronger * ensures clause is required on this function. **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_add(polyvec *r, const polyvec *b) __contract__( requires(memory_no_alias(r, sizeof(polyvec))) @@ -435,7 +435,7 @@ __contract__( assigns(object_whole(r)) ); -#define polyvec_tomont MLKEM_NAMESPACE_K(polyvec_tomont) +#define polyvec_tomont MLK_NAMESPACE_K(polyvec_tomont) /************************************************* * Name: polyvec_tomont * @@ -445,7 +445,7 @@ __contract__( * Bounds: Output < q in absolute value. * **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void polyvec_tomont(polyvec *r) __contract__( requires(memory_no_alias(r, sizeof(polyvec))) @@ -455,7 +455,7 @@ __contract__( array_abs_bound(r->vec[j].coeffs, 0, MLKEM_N, MLKEM_Q))) ); -#define poly_getnoise_eta1_4x MLKEM_NAMESPACE_K(poly_getnoise_eta1_4x) +#define poly_getnoise_eta1_4x MLK_NAMESPACE_K(poly_getnoise_eta1_4x) /************************************************* * Name: poly_getnoise_eta1_4x * @@ -468,7 +468,7 @@ __contract__( * (of length MLKEM_SYMBYTES bytes) * - uint8_t nonce{0,1,2,3}: one-byte input nonce **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_getnoise_eta1_4x(poly *r0, poly *r1, poly *r2, poly *r3, const uint8_t seed[MLKEM_SYMBYTES], uint8_t nonce0, uint8_t nonce1, uint8_t nonce2, uint8_t nonce3) @@ -537,7 +537,7 @@ __contract__( #endif /* MLKEM_ETA1 == MLKEM_ETA2 */ #if MLKEM_K == 2 || MLKEM_K == 4 -#define poly_getnoise_eta2 MLKEM_NAMESPACE_K(poly_getnoise_eta2) +#define poly_getnoise_eta2 MLK_NAMESPACE_K(poly_getnoise_eta2) /************************************************* * Name: poly_getnoise_eta2 * @@ -550,7 +550,7 @@ __contract__( * (of length MLKEM_SYMBYTES bytes) * - uint8_t nonce: one-byte input nonce **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_getnoise_eta2(poly *r, const uint8_t seed[MLKEM_SYMBYTES], uint8_t nonce) __contract__( @@ -562,7 +562,7 @@ __contract__( #endif /* MLKEM_K == 2 || MLKEM_K == 4 */ #if MLKEM_K == 2 -#define poly_getnoise_eta1122_4x MLKEM_NAMESPACE_K(poly_getnoise_eta1122_4x) +#define poly_getnoise_eta1122_4x MLK_NAMESPACE_K(poly_getnoise_eta1122_4x) /************************************************* * Name: poly_getnoise_eta1122_4x * @@ -575,7 +575,7 @@ __contract__( * (of length MLKEM_SYMBYTES bytes) * - uint8_t nonce{0,1,2,3}: one-byte input nonce **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_getnoise_eta1122_4x(poly *r0, poly *r1, poly *r2, poly *r3, const uint8_t seed[MLKEM_SYMBYTES], uint8_t nonce0, uint8_t nonce1, uint8_t nonce2, @@ -593,4 +593,4 @@ __contract__( ); #endif /* MLKEM_K == 2 */ -#endif /* MLKEM_NATIVE_POLY_K_H */ +#endif /* MLK_POLY_K_H */ diff --git a/mlkem/randombytes.h b/mlkem/randombytes.h index 1c4387005..585a8a065 100644 --- a/mlkem/randombytes.h +++ b/mlkem/randombytes.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_RANDOMBYTES_H -#define MLKEM_NATIVE_RANDOMBYTES_H +#ifndef MLK_RANDOMBYTES_H +#define MLK_RANDOMBYTES_H #include #include @@ -16,4 +16,4 @@ __contract__( assigns(memory_slice(out, outlen)) ); -#endif /* MLKEM_NATIVE_RANDOMBYTES_H */ +#endif /* MLK_RANDOMBYTES_H */ diff --git a/mlkem/sampling.c b/mlkem/sampling.c index cc6e94151..dcc1cb7f5 100644 --- a/mlkem/sampling.c +++ b/mlkem/sampling.c @@ -3,7 +3,7 @@ * SPDX-License-Identifier: Apache-2.0 */ #include "common.h" -#if !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include "arith_backend.h" #include "debug.h" @@ -16,10 +16,10 @@ * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define rej_uniform MLKEM_NAMESPACE(rej_uniform) -#define rej_uniform_scalar MLKEM_NAMESPACE(rej_uniform_scalar) -#define load32_littleendian MLKEM_NAMESPACE(load32_littleendian) -#define load24_littleendian MLKEM_NAMESPACE(load24_littleendian) +#define rej_uniform MLK_NAMESPACE(rej_uniform) +#define rej_uniform_scalar MLK_NAMESPACE(rej_uniform_scalar) +#define load32_littleendian MLK_NAMESPACE(load32_littleendian) +#define load24_littleendian MLK_NAMESPACE(load24_littleendian) /* End of static namespacing */ static unsigned rej_uniform_scalar(int16_t *r, unsigned target, unsigned offset, @@ -113,7 +113,7 @@ __contract__( ensures(array_bound(r, 0, return_value, 0, MLKEM_Q)) ) { -#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM) +#if defined(MLK_USE_NATIVE_REJ_UNIFORM) if (offset == 0) { int ret = rej_uniform_native(r, target, buf, buflen); @@ -124,7 +124,7 @@ __contract__( return res; } } -#endif /* MLKEM_USE_NATIVE_REJ_UNIFORM */ +#endif /* MLK_USE_NATIVE_REJ_UNIFORM */ return rej_uniform_scalar(r, target, offset, buf, buflen); } @@ -134,14 +134,14 @@ __contract__( ((12 * MLKEM_N / 8 * (1 << 12) / MLKEM_Q + XOF_RATE) / XOF_RATE) #endif -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_rej_uniform_x4(poly *vec, uint8_t *seed[4]) { /* Temporary buffers for XOF output before rejection sampling */ - ALIGN uint8_t buf0[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; - ALIGN uint8_t buf1[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; - ALIGN uint8_t buf2[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; - ALIGN uint8_t buf3[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; + MLK_ALIGN uint8_t buf0[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; + MLK_ALIGN uint8_t buf1[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; + MLK_ALIGN uint8_t buf2[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; + MLK_ALIGN uint8_t buf3[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; /* Tracks the number of coefficients we have already sampled */ unsigned ctr[4]; @@ -192,11 +192,11 @@ void poly_rej_uniform_x4(poly *vec, uint8_t *seed[4]) xof_x4_release(&statex); } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_rej_uniform(poly *entry, uint8_t seed[MLKEM_SYMBYTES + 2]) { xof_ctx state; - ALIGN uint8_t buf[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; + MLK_ALIGN uint8_t buf[MLKEM_GEN_MATRIX_NBLOCKS * XOF_RATE]; unsigned ctr, buflen; xof_init(&state); @@ -228,8 +228,8 @@ void poly_rej_uniform(poly *entry, uint8_t seed[MLKEM_SYMBYTES + 2]) * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define load32_littleendian MLKEM_NAMESPACE(load32_littleendian) -#define load24_littleendian MLKEM_NAMESPACE(load24_littleendian) +#define load32_littleendian MLK_NAMESPACE(load32_littleendian) +#define load24_littleendian MLK_NAMESPACE(load24_littleendian) /* End of static namespacing */ /************************************************* @@ -252,7 +252,7 @@ static uint32_t load32_littleendian(const uint8_t x[4]) return r; } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_cbd2(poly *r, const uint8_t buf[2 * MLKEM_N / 4]) { unsigned i; @@ -278,7 +278,7 @@ void poly_cbd2(poly *r, const uint8_t buf[2 * MLKEM_N / 4]) } } -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_ETA1 == 3 +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_ETA1 == 3 /************************************************* * Name: load24_littleendian * @@ -299,7 +299,7 @@ static uint32_t load24_littleendian(const uint8_t x[3]) return r; } -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_cbd3(poly *r, const uint8_t buf[3 * MLKEM_N / 4]) { unsigned i; @@ -325,14 +325,14 @@ void poly_cbd3(poly *r, const uint8_t buf[3 * MLKEM_N / 4]) } } } -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_ETA1 == \ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_ETA1 == \ 3 */ -#else /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#else /* MLK_MULTILEVEL_BUILD_NO_SHARED */ -MLKEM_NATIVE_EMPTY_CU(sampling) +MLK_EMPTY_CU(sampling) -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_MULTILEVEL_BUILD_NO_SHARED */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mlkem/sampling.h b/mlkem/sampling.h index da032d4f2..1f31b6d64 100644 --- a/mlkem/sampling.h +++ b/mlkem/sampling.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_SAMPLING_H -#define MLKEM_NATIVE_SAMPLING_H +#ifndef MLK_SAMPLING_H +#define MLK_SAMPLING_H #include #include @@ -11,7 +11,7 @@ #include "common.h" #include "poly.h" -#define poly_cbd2 MLKEM_NAMESPACE(poly_cbd2) +#define poly_cbd2 MLK_NAMESPACE(poly_cbd2) /************************************************* * Name: poly_cbd2 * @@ -22,11 +22,11 @@ * Arguments: - poly *r: pointer to output polynomial * - const uint8_t *buf: pointer to input byte array **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_cbd2(poly *r, const uint8_t buf[2 * MLKEM_N / 4]); -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_ETA1 == 3 -#define poly_cbd3 MLKEM_NAMESPACE(poly_cbd3) +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_ETA1 == 3 +#define poly_cbd3 MLK_NAMESPACE(poly_cbd3) /************************************************* * Name: poly_cbd3 * @@ -38,11 +38,11 @@ void poly_cbd2(poly *r, const uint8_t buf[2 * MLKEM_N / 4]); * Arguments: - poly *r: pointer to output polynomial * - const uint8_t *buf: pointer to input byte array **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_cbd3(poly *r, const uint8_t buf[3 * MLKEM_N / 4]); -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD || MLKEM_ETA1 == 3 */ +#endif /* MLK_MULTILEVEL_BUILD || MLKEM_ETA1 == 3 */ -#define poly_rej_uniform_x4 MLKEM_NAMESPACE(poly_rej_uniform_x4) +#define poly_rej_uniform_x4 MLK_NAMESPACE(poly_rej_uniform_x4) /************************************************* * Name: poly_rej_uniform_x4 * @@ -56,7 +56,7 @@ void poly_cbd3(poly *r, const uint8_t buf[3 * MLKEM_N / 4]); * MLKEM_SYMBYTES + 2 each. * **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_rej_uniform_x4(poly *vec, uint8_t *seed[4]) __contract__( requires(memory_no_alias(vec, sizeof(poly) * 4)) @@ -71,7 +71,7 @@ __contract__( ensures(array_bound(vec[2].coeffs, 0, MLKEM_N, 0, MLKEM_Q)) ensures(array_bound(vec[3].coeffs, 0, MLKEM_N, 0, MLKEM_Q))); -#define poly_rej_uniform MLKEM_NAMESPACE(poly_rej_uniform) +#define poly_rej_uniform MLK_NAMESPACE(poly_rej_uniform) /************************************************* * Name: poly_rej_uniform * @@ -83,7 +83,7 @@ __contract__( * MLKEM_SYMBYTES + 2 each. * **************************************************/ -MLKEM_NATIVE_INTERNAL_API +MLK_INTERNAL_API void poly_rej_uniform(poly *entry, uint8_t seed[MLKEM_SYMBYTES + 2]) __contract__( requires(memory_no_alias(entry, sizeof(poly))) @@ -91,4 +91,4 @@ __contract__( assigns(memory_slice(entry, sizeof(poly))) ensures(array_bound(entry->coeffs, 0, MLKEM_N, 0, MLKEM_Q))); -#endif /* MLKEM_NATIVE_SAMPLING_H */ +#endif /* MLK_SAMPLING_H */ diff --git a/mlkem/symmetric.h b/mlkem/symmetric.h index 4b83da1f1..faaa9bc57 100644 --- a/mlkem/symmetric.h +++ b/mlkem/symmetric.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_SYMMETRIC_H -#define MLKEM_NATIVE_SYMMETRIC_H +#ifndef MLK_SYMMETRIC_H +#define MLK_SYMMETRIC_H #include #include @@ -52,4 +52,4 @@ #define XOF_RATE SHAKE128_RATE -#endif /* MLKEM_NATIVE_SYMMETRIC_H */ +#endif /* MLK_SYMMETRIC_H */ diff --git a/mlkem/sys.h b/mlkem/sys.h index 3bf6f18b7..ef678fca6 100644 --- a/mlkem/sys.h +++ b/mlkem/sys.h @@ -2,54 +2,56 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_SYS_H -#define MLKEM_NATIVE_SYS_H +#ifndef MLK_SYS_H +#define MLK_SYS_H /* Check if we're running on an AArch64 little endian system. _M_ARM64 is set by * MSVC. */ #if defined(__AARCH64EL__) || defined(_M_ARM64) -#define SYS_AARCH64 +#define MLK_SYS_AARCH64 #endif /* Check if we're running on an AArch64 big endian system. */ #if defined(__AARCH64EB__) -#define SYS_AARCH64_EB +#define MLK_SYS_AARCH64_EB #endif #if defined(__x86_64__) -#define SYS_X86_64 +#define MLK_SYS_X86_64 #if defined(__AVX2__) -#define SYS_X86_64_AVX2 +#define MLK_SYS_X86_64_AVX2 #endif #endif /* __x86_64__ */ /* Try to find endianness, if not forced through CFLAGS already */ -#if !defined(SYS_LITTLE_ENDIAN) && !defined(SYS_BIG_ENDIAN) +#if !defined(MLK_SYS_LITTLE_ENDIAN) && !defined(MLK_SYS_BIG_ENDIAN) #if defined(__BYTE_ORDER__) #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ -#define SYS_LITTLE_ENDIAN +#define MLK_SYS_LITTLE_ENDIAN #elif __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ -#define SYS_BIG_ENDIAN +#define MLK_SYS_BIG_ENDIAN #else /* __BYTE_ORER__ */ #error "__BYTE_ORDER__ defined, but don't recognize value." #endif /* __BYTE_ORER__ */ #endif /* !defined(__BYTE_ORER__) */ -#endif /* defined(SYS_LITTLE_ENDIAN) || defined(SYS_BIG_ENDIAN) */ +#endif /* defined(MLK_SYS_LITTLE_ENDIAN) || defined(MLK_SYS_BIG_ENDIAN) */ -/* If FORCE_AARCH64 is set, assert that we're indeed on an AArch64 system. */ -#if defined(FORCE_AARCH64) && !defined(SYS_AARCH64) -#error "FORCE_AARCH64 is set, but we don't seem to be on an AArch64 system." +/* If MLK_FORCE_AARCH64 is set, assert that we're indeed on an AArch64 system. + */ +#if defined(MLK_FORCE_AARCH64) && !defined(MLK_SYS_AARCH64) +#error "MLK_FORCE_AARCH64 is set, but we don't seem to be on an AArch64 system." #endif -/* If FORCE_AARCH64_EB is set, assert that we're indeed on a big endian AArch64 - * system. */ -#if defined(FORCE_AARCH64_EB) && !defined(SYS_AARCH64_EB) -#error "FORCE_AARCH64_EB is set, but we don't seem to be on an AArch64 system." +/* If MLK_FORCE_AARCH64_EB is set, assert that we're indeed on a big endian + * AArch64 system. */ +#if defined(MLK_FORCE_AARCH64_EB) && !defined(MLK_SYS_AARCH64_EB) +#error \ + "MLK_FORCE_AARCH64_EB is set, but we don't seem to be on an AArch64 system." #endif -/* If FORCE_X86_64 is set, assert that we're indeed on an X86_64 system. */ -#if defined(FORCE_X86_64) && !defined(SYS_X86_64) -#error "FORCE_X86_64 is set, but we don't seem to be on an X86_64 system." +/* If MLK_FORCE_X86_64 is set, assert that we're indeed on an X86_64 system. */ +#if defined(MLK_FORCE_X86_64) && !defined(MLK_SYS_X86_64) +#error "MLK_FORCE_X86_64 is set, but we don't seem to be on an X86_64 system." #endif /* @@ -62,22 +64,22 @@ */ /* Do not use inline for C90 builds*/ -#if !defined(INLINE) +#if !defined(MLK_INLINE) #if !defined(inline) #if defined(_MSC_VER) -#define INLINE __inline -#define ALWAYS_INLINE __forceinline +#define MLK_INLINE __inline +#define MLK_ALWAYS_INLINE __forceinline #elif defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L -#define INLINE inline -#define ALWAYS_INLINE __attribute__((always_inline)) +#define MLK_INLINE inline +#define MLK_ALWAYS_INLINE __attribute__((always_inline)) #else -#define INLINE __attribute__((unused)) -#define ALWAYS_INLINE +#define MLK_INLINE __attribute__((unused)) +#define MLK_ALWAYS_INLINE #endif #else -#define INLINE inline -#define ALWAYS_INLINE __attribute__((always_inline)) +#define MLK_INLINE inline +#define MLK_ALWAYS_INLINE __attribute__((always_inline)) #endif #endif @@ -87,23 +89,23 @@ */ #if !defined(restrict) #if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L -#define RESTRICT restrict +#define MLK_RESTRICT restrict #else -#define RESTRICT +#define MLK_RESTRICT #endif #else -#define RESTRICT restrict +#define MLK_RESTRICT restrict #endif -#define DEFAULT_ALIGN 32 +#define MLK_DEFAULT_ALIGN 32 #if defined(__GNUC__) -#define ALIGN __attribute__((aligned(DEFAULT_ALIGN))) +#define MLK_ALIGN __attribute__((aligned(MLK_DEFAULT_ALIGN))) #elif defined(_MSC_VER) -#define ALIGN __declspec(align(DEFAULT_ALIGN)) +#define MLK_ALIGN __declspec(align(MLK_DEFAULT_ALIGN)) #else -#define ALIGN /* No known support for alignment constraints */ +#define MLK_ALIGN /* No known support for alignment constraints */ #endif -#endif /* MLKEM_NATIVE_SYS_H */ +#endif /* MLK_SYS_H */ diff --git a/mlkem/verify.c b/mlkem/verify.c index 40ad621cd..343061584 100644 --- a/mlkem/verify.c +++ b/mlkem/verify.c @@ -4,8 +4,8 @@ */ #include "verify.h" -#if !defined(MLKEM_USE_ASM_VALUE_BARRIER) && \ - !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if !defined(MLK_USE_ASM_VALUE_BARRIER) && \ + !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) /* * Masking value used in constant-time functions from * verify.h to block the compiler's range analysis and @@ -13,10 +13,10 @@ */ volatile uint64_t ct_opt_blocker_u64 = 0; -#else /* MLKEM_USE_ASM_VALUE_BARRIER && \ - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#else /* MLK_USE_ASM_VALUE_BARRIER && \ + !MLK_MULTILEVEL_BUILD_NO_SHARED */ -MLKEM_NATIVE_EMPTY_CU(verify) +MLK_EMPTY_CU(verify) -#endif /* MLKEM_USE_ASM_VALUE_BARRIER && \ - !MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_USE_ASM_VALUE_BARRIER && \ + !MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/mlkem/verify.h b/mlkem/verify.h index 38565646d..49de7a91c 100644 --- a/mlkem/verify.h +++ b/mlkem/verify.h @@ -2,8 +2,8 @@ * Copyright (c) 2024-2025 The mlkem-native project authors * SPDX-License-Identifier: Apache-2.0 */ -#ifndef MLKEM_NATIVE_VERIFY_H -#define MLKEM_NATIVE_VERIFY_H +#ifndef MLK_VERIFY_H +#define MLK_VERIFY_H #include #include @@ -15,16 +15,16 @@ * This is to facilitate building multiple instances * of mlkem-native (e.g. with varying security levels) * within a single compilation unit. */ -#define value_barrier_u8 MLKEM_NAMESPACE(value_barrier_u8) -#define value_barrier_u32 MLKEM_NAMESPACE(value_barrier_u32) -#define value_barrier_i32 MLKEM_NAMESPACE(value_barrier_i32) -#define ct_cmask_neg_i16 MLKEM_NAMESPACE(ct_cmask_neg_i16) -#define ct_cmask_nonzero_u8 MLKEM_NAMESPACE(ct_cmask_nonzero_u8) -#define ct_cmask_nonzero_u16 MLKEM_NAMESPACE(ct_cmask_nonzero_u16) -#define ct_sel_uint8 MLKEM_NAMESPACE(ct_sel_uint8) -#define ct_sel_int16 MLKEM_NAMESPACE(ct_sel_int16) -#define ct_memcmp MLKEM_NAMESPACE(ct_memcmp) -#define ct_cmov_zero MLKEM_NAMESPACE(ct_cmov_zero) +#define value_barrier_u8 MLK_NAMESPACE(value_barrier_u8) +#define value_barrier_u32 MLK_NAMESPACE(value_barrier_u32) +#define value_barrier_i32 MLK_NAMESPACE(value_barrier_i32) +#define ct_cmask_neg_i16 MLK_NAMESPACE(ct_cmask_neg_i16) +#define ct_cmask_nonzero_u8 MLK_NAMESPACE(ct_cmask_nonzero_u8) +#define ct_cmask_nonzero_u16 MLK_NAMESPACE(ct_cmask_nonzero_u16) +#define ct_sel_uint8 MLK_NAMESPACE(ct_sel_uint8) +#define ct_sel_int16 MLK_NAMESPACE(ct_sel_int16) +#define ct_memcmp MLK_NAMESPACE(ct_memcmp) +#define ct_cmov_zero MLK_NAMESPACE(ct_cmov_zero) /* End of static namespacing */ /* Constant-time comparisons and conditional operations @@ -61,61 +61,61 @@ #if (defined(__GNUC__) || defined(__clang__)) && !defined(CBMC) && \ !defined(MLKEM_NO_ASM_VALUE_BARRIER) -#define MLKEM_USE_ASM_VALUE_BARRIER +#define MLK_USE_ASM_VALUE_BARRIER #endif -#if !defined(MLKEM_USE_ASM_VALUE_BARRIER) +#if !defined(MLK_USE_ASM_VALUE_BARRIER) /* * Declaration of global volatile that the global value barrier * is loading from and masking with. */ -#define ct_opt_blocker_u64 MLKEM_NAMESPACE(ct_opt_blocker_u64) +#define ct_opt_blocker_u64 MLK_NAMESPACE(ct_opt_blocker_u64) extern volatile uint64_t ct_opt_blocker_u64; /* Helper functions for obtaining masks of various sizes */ -static INLINE uint8_t get_optblocker_u8(void) +static MLK_INLINE uint8_t get_optblocker_u8(void) __contract__(ensures(return_value == 0)) { return (uint8_t)ct_opt_blocker_u64; } -static INLINE uint32_t get_optblocker_u32(void) +static MLK_INLINE uint32_t get_optblocker_u32(void) __contract__(ensures(return_value == 0)) { return ct_opt_blocker_u64; } -static INLINE uint32_t get_optblocker_i32(void) +static MLK_INLINE uint32_t get_optblocker_i32(void) __contract__(ensures(return_value == 0)) { return ct_opt_blocker_u64; } -static INLINE uint32_t value_barrier_u32(uint32_t b) +static MLK_INLINE uint32_t value_barrier_u32(uint32_t b) __contract__(ensures(return_value == b)) { return (b ^ get_optblocker_u32()); } -static INLINE int32_t value_barrier_i32(int32_t b) +static MLK_INLINE int32_t value_barrier_i32(int32_t b) __contract__(ensures(return_value == b)) { return (b ^ get_optblocker_i32()); } -static INLINE uint8_t value_barrier_u8(uint8_t b) +static MLK_INLINE uint8_t value_barrier_u8(uint8_t b) __contract__(ensures(return_value == b)) { return (b ^ get_optblocker_u8()); } -#else /* !MLKEM_USE_ASM_VALUE_BARRIER */ +#else /* !MLK_USE_ASM_VALUE_BARRIER */ -static INLINE uint32_t value_barrier_u32(uint32_t b) +static MLK_INLINE uint32_t value_barrier_u32(uint32_t b) __contract__(ensures(return_value == b)) { __asm__("" : "+r"(b)); return b; } -static INLINE int32_t value_barrier_i32(int32_t b) +static MLK_INLINE int32_t value_barrier_i32(int32_t b) __contract__(ensures(return_value == b)) { __asm__("" : "+r"(b)); return b; } -static INLINE uint8_t value_barrier_u8(uint8_t b) +static MLK_INLINE uint8_t value_barrier_u8(uint8_t b) __contract__(ensures(return_value == b)) { __asm__("" : "+r"(b)); return b; } -#endif /* MLKEM_USE_ASM_VALUE_BARRIER */ +#endif /* MLK_USE_ASM_VALUE_BARRIER */ /* * The ct_cmask_nonzero_xxx functions below make deliberate use of unsigned @@ -134,7 +134,7 @@ __contract__(ensures(return_value == b)) * * Arguments: uint16_t x: Value to be converted into a mask **************************************************/ -static INLINE uint16_t ct_cmask_nonzero_u16(uint16_t x) +static MLK_INLINE uint16_t ct_cmask_nonzero_u16(uint16_t x) __contract__(ensures(return_value == ((x == 0) ? 0 : 0xFFFF))) { uint32_t tmp = value_barrier_u32(-((uint32_t)x)); @@ -149,7 +149,7 @@ __contract__(ensures(return_value == ((x == 0) ? 0 : 0xFFFF))) * * Arguments: uint8_t x: Value to be converted into a mask **************************************************/ -static INLINE uint8_t ct_cmask_nonzero_u8(uint8_t x) +static MLK_INLINE uint8_t ct_cmask_nonzero_u8(uint8_t x) __contract__(ensures(return_value == ((x == 0) ? 0 : 0xFF))) { uint32_t tmp = value_barrier_u32(-((uint32_t)x)); @@ -179,7 +179,7 @@ __contract__(ensures(return_value == ((x == 0) ? 0 : 0xFF))) * * Arguments: uint16_t x: Value to be converted into a mask **************************************************/ -static INLINE uint16_t ct_cmask_neg_i16(int16_t x) +static MLK_INLINE uint16_t ct_cmask_neg_i16(int16_t x) __contract__(ensures(return_value == ((x < 0) ? 0xFFFF : 0))) { int32_t tmp = value_barrier_i32((int32_t)x); @@ -214,7 +214,7 @@ __contract__(ensures(return_value == ((x < 0) ? 0xFFFF : 0))) * int16_t b: Second alternative * uint16_t cond: Condition variable. **************************************************/ -static INLINE int16_t ct_sel_int16(int16_t a, int16_t b, uint16_t cond) +static MLK_INLINE int16_t ct_sel_int16(int16_t a, int16_t b, uint16_t cond) __contract__(ensures(return_value == (cond ? a : b))) { uint16_t au = a, bu = b; @@ -238,7 +238,7 @@ __contract__(ensures(return_value == (cond ? a : b))) * uint8_t b: Second alternative * uuint8_t cond: Condition variable. **************************************************/ -static INLINE uint8_t ct_sel_uint8(uint8_t a, uint8_t b, uint8_t cond) +static MLK_INLINE uint8_t ct_sel_uint8(uint8_t a, uint8_t b, uint8_t cond) __contract__(ensures(return_value == (cond ? a : b))) { return b ^ (ct_cmask_nonzero_u8(cond) & (a ^ b)); @@ -255,8 +255,8 @@ __contract__(ensures(return_value == (cond ? a : b))) * * Returns 0 if the byte arrays are equal, a non-zero value otherwise **************************************************/ -static INLINE uint8_t ct_memcmp(const uint8_t *a, const uint8_t *b, - const size_t len) +static MLK_INLINE uint8_t ct_memcmp(const uint8_t *a, const uint8_t *b, + const size_t len) __contract__( requires(memory_no_alias(a, len)) requires(memory_no_alias(b, len)) @@ -299,8 +299,8 @@ __contract__( * size_t len: Amount of bytes to be copied * uint8_t b: Condition value. **************************************************/ -static INLINE void ct_cmov_zero(uint8_t *r, const uint8_t *x, size_t len, - uint8_t b) +static MLK_INLINE void ct_cmov_zero(uint8_t *r, const uint8_t *x, size_t len, + uint8_t b) __contract__( requires(memory_no_alias(r, len)) requires(memory_no_alias(x, len)) @@ -314,4 +314,4 @@ __contract__( } } -#endif /* MLKEM_NATIVE_VERIFY_H */ +#endif /* MLK_VERIFY_H */ diff --git a/mlkem/zetas.c b/mlkem/zetas.c index 802a7190f..5afc99eb7 100644 --- a/mlkem/zetas.c +++ b/mlkem/zetas.c @@ -9,14 +9,14 @@ */ #include "common.h" -#if !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) +#if !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) #include "poly.h" /* * Table of zeta values used in the reference NTT and inverse NTT. * See autogen for details. */ -ALIGN const int16_t zetas[128] = { +MLK_ALIGN const int16_t zetas[128] = { -1044, -758, -359, -1517, 1493, 1422, 287, 202, -171, 622, 1577, 182, 962, -1202, -1474, 1468, 573, -1325, 264, 383, -829, 1458, -1602, -130, -681, 1017, 732, 608, -1542, 411, -205, -1571, 1223, @@ -31,8 +31,8 @@ ALIGN const int16_t zetas[128] = { -308, 996, 991, 958, -1460, 1522, 1628, }; -#else /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#else /* MLK_MULTILEVEL_BUILD_NO_SHARED */ -MLKEM_NATIVE_EMPTY_CU(zetas) +MLK_EMPTY_CU(zetas) -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */ +#endif /* MLK_MULTILEVEL_BUILD_NO_SHARED */ diff --git a/proofs/cbmc/KeccakF1600_StateExtractBytes/Makefile b/proofs/cbmc/KeccakF1600_StateExtractBytes/Makefile index fbf09004c..ead82ca33 100644 --- a/proofs/cbmc/KeccakF1600_StateExtractBytes/Makefile +++ b/proofs/cbmc/KeccakF1600_StateExtractBytes/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StateExtractBytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StateExtractBytes USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -29,7 +29,7 @@ CBMCFLAGS=--bitwuzla # CBMCFLAGS += --no-array-field-sensitivity --arrays-uf-always --slice-formula -FUNCTION_NAME = $(MLKEM_NAMESPACE)KeccakF1600_StateExtractBytes +FUNCTION_NAME = $(MLK_NAMESPACE)KeccakF1600_StateExtractBytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/KeccakF1600_StateExtractBytes_BE/Makefile b/proofs/cbmc/KeccakF1600_StateExtractBytes_BE/Makefile index 66e6af215..e3bbdd99e 100644 --- a/proofs/cbmc/KeccakF1600_StateExtractBytes_BE/Makefile +++ b/proofs/cbmc/KeccakF1600_StateExtractBytes_BE/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StateExtractBytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StateExtractBytes USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -26,9 +26,9 @@ USE_DYNAMIC_FRAMES=1 # Disable any setting of EXTERNAL_SAT_SOLVER, and choose SMT backend instead EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla --big-endian -DEFINES += -DSYS_BIG_ENDIAN=1 +DEFINES += -DMLK_SYS_BIG_ENDIAN=1 -FUNCTION_NAME = $(MLKEM_NAMESPACE)KeccakF1600_StateExtractBytes +FUNCTION_NAME = $(MLK_NAMESPACE)KeccakF1600_StateExtractBytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/KeccakF1600_StatePermute/Makefile b/proofs/cbmc/KeccakF1600_StatePermute/Makefile index 935fc57a1..cb29584d6 100644 --- a/proofs/cbmc/KeccakF1600_StatePermute/Makefile +++ b/proofs/cbmc/KeccakF1600_StatePermute/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StatePermute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StatePermute USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -38,7 +38,7 @@ CBMCFLAGS=--smt2 # a substantial improvement in proof performance. CBMCFLAGS += --no-array-field-sensitivity --arrays-uf-always --slice-formula -FUNCTION_NAME = $(MLKEM_NAMESPACE)KeccakF1600_StatePermute +FUNCTION_NAME = $(MLK_NAMESPACE)KeccakF1600_StatePermute # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/KeccakF1600_StatePermute_native/Makefile b/proofs/cbmc/KeccakF1600_StatePermute_native/Makefile index 103fa0cf1..a0260de8f 100644 --- a/proofs/cbmc/KeccakF1600_StatePermute_native/Makefile +++ b/proofs/cbmc/KeccakF1600_StatePermute_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = KeccakF1600_StatePermute_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = KeccakF1600_StatePermute_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_FIPS202 -DMLKEM_NATIVE_FIPS202_BACKEND_FILE="\"dummy_backend_fips202_x1.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_FIPS202 -DMLK_FIPS202_BACKEND_FILE="\"dummy_backend_fips202_x1.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StatePermute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StatePermute USE_FUNCTION_CONTRACTS=keccak_f1600_x1_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)KeccakF1600_StatePermute_native +FUNCTION_NAME = $(MLK_NAMESPACE)KeccakF1600_StatePermute_native # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/KeccakF1600_StateXORBytes/Makefile b/proofs/cbmc/KeccakF1600_StateXORBytes/Makefile index 7d28feb5c..6cfe6b8c5 100644 --- a/proofs/cbmc/KeccakF1600_StateXORBytes/Makefile +++ b/proofs/cbmc/KeccakF1600_StateXORBytes/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StateXORBytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StateXORBytes USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)KeccakF1600_StateXORBytes +FUNCTION_NAME = $(MLK_NAMESPACE)KeccakF1600_StateXORBytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/KeccakF1600_StateXORBytes_BE/Makefile b/proofs/cbmc/KeccakF1600_StateXORBytes_BE/Makefile index 44018898a..4edc9c423 100644 --- a/proofs/cbmc/KeccakF1600_StateXORBytes_BE/Makefile +++ b/proofs/cbmc/KeccakF1600_StateXORBytes_BE/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StateXORBytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StateXORBytes USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,9 +27,9 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla --big-endian -DEFINES += -DSYS_BIG_ENDIAN +DEFINES += -DMLK_SYS_BIG_ENDIAN -FUNCTION_NAME = $(MLKEM_NAMESPACE)KeccakF1600_StateXORBytes +FUNCTION_NAME = $(MLK_NAMESPACE)KeccakF1600_StateXORBytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/KeccakF1600x4_StateExtractBytes/Makefile b/proofs/cbmc/KeccakF1600x4_StateExtractBytes/Makefile index 70d556db6..5d657df4d 100644 --- a/proofs/cbmc/KeccakF1600x4_StateExtractBytes/Makefile +++ b/proofs/cbmc/KeccakF1600x4_StateExtractBytes/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600x4_StateExtractBytes -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StateExtractBytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600x4_StateExtractBytes +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StateExtractBytes APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -29,7 +29,7 @@ CBMCFLAGS=--bitwuzla # CBMCFLAGS += --no-array-field-sensitivity --arrays-uf-always --slice-formula -FUNCTION_NAME = $(MLKEM_NAMESPACE)KeccakF1600x4_StateExtractBytes +FUNCTION_NAME = $(MLK_NAMESPACE)KeccakF1600x4_StateExtractBytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/KeccakF1600x4_StatePermute/Makefile b/proofs/cbmc/KeccakF1600x4_StatePermute/Makefile index 2e73ec86f..2422a1c83 100644 --- a/proofs/cbmc/KeccakF1600x4_StatePermute/Makefile +++ b/proofs/cbmc/KeccakF1600x4_StatePermute/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600x4_StatePermute -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StatePermute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600x4_StatePermute +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StatePermute APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -38,7 +38,7 @@ CBMCFLAGS=--smt2 # a substantial improvement in proof performance. CBMCFLAGS += --no-array-field-sensitivity --arrays-uf-always --slice-formula -FUNCTION_NAME = $(MLKEM_NAMESPACE)KeccakF1600x4_StatePermute +FUNCTION_NAME = $(MLK_NAMESPACE)KeccakF1600x4_StatePermute # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/KeccakF1600x4_StatePermute_native_x2/Makefile b/proofs/cbmc/KeccakF1600x4_StatePermute_native_x2/Makefile index e46673cbf..598643f36 100644 --- a/proofs/cbmc/KeccakF1600x4_StatePermute_native_x2/Makefile +++ b/proofs/cbmc/KeccakF1600x4_StatePermute_native_x2/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = KeccakF1600x4_StatePermute_native_x2_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = KeccakF1600x4_StatePermute_native_x2 -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_FIPS202 -DMLKEM_NATIVE_FIPS202_BACKEND_FILE="\"dummy_backend_fips202_x2.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_FIPS202 -DMLK_FIPS202_BACKEND_FILE="\"dummy_backend_fips202_x2.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600x4_StatePermute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600x4_StatePermute USE_FUNCTION_CONTRACTS=keccak_f1600_x2_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/KeccakF1600x4_StatePermute_native_x4/Makefile b/proofs/cbmc/KeccakF1600x4_StatePermute_native_x4/Makefile index 305f0f768..aa984e811 100644 --- a/proofs/cbmc/KeccakF1600x4_StatePermute_native_x4/Makefile +++ b/proofs/cbmc/KeccakF1600x4_StatePermute_native_x4/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = KeccakF1600x4_StatePermute_native_x4_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = KeccakF1600x4_StatePermute_native_x4 -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_FIPS202 -DMLKEM_NATIVE_FIPS202_BACKEND_FILE="\"dummy_backend_fips202_x4.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_FIPS202 -DMLK_FIPS202_BACKEND_FILE="\"dummy_backend_fips202_x4.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600x4_StatePermute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600x4_StatePermute USE_FUNCTION_CONTRACTS=keccak_f1600_x4_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/KeccakF1600x4_StateXORBytes/Makefile b/proofs/cbmc/KeccakF1600x4_StateXORBytes/Makefile index 6ee0f58b6..af252ad23 100644 --- a/proofs/cbmc/KeccakF1600x4_StateXORBytes/Makefile +++ b/proofs/cbmc/KeccakF1600x4_StateXORBytes/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/keccakf1600.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600x4_StateXORBytes -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StateXORBytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600x4_StateXORBytes +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StateXORBytes APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)KeccakF1600x4_StateXORBytes +FUNCTION_NAME = $(MLK_NAMESPACE)KeccakF1600x4_StateXORBytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/Makefile.common b/proofs/cbmc/Makefile.common index 1dcd5fcfd..361454e82 100644 --- a/proofs/cbmc/Makefile.common +++ b/proofs/cbmc/Makefile.common @@ -538,8 +538,8 @@ endif DEFINES += -DMLKEM_K=$(MLKEM_K) # Give visibility to all static functions DEFINES += -Dstatic= -DEFINES += -DINLINE= -DEFINES += -DALWAYS_INLINE= +DEFINES += -DMLK_INLINE= +DEFINES += -DMLK_ALWAYS_INLINE= # CI currently assumes cbmc invocation has at most one --unwindset diff --git a/proofs/cbmc/Makefile_params.common b/proofs/cbmc/Makefile_params.common index d3df04182..43ce52ddb 100644 --- a/proofs/cbmc/Makefile_params.common +++ b/proofs/cbmc/Makefile_params.common @@ -7,11 +7,11 @@ endif MLKEM_K ?= 3 ifeq ($(MLKEM_K),2) - MLKEM_NAMESPACE=PQCP_MLKEM_NATIVE_MLKEM512_ + MLK_NAMESPACE=PQCP_MLKEM_NATIVE_MLKEM512_ else ifeq ($(MLKEM_K),3) - MLKEM_NAMESPACE=PQCP_MLKEM_NATIVE_MLKEM768_ + MLK_NAMESPACE=PQCP_MLKEM_NATIVE_MLKEM768_ else ifeq ($(MLKEM_K),4) - MLKEM_NAMESPACE=PQCP_MLKEM_NATIVE_MLKEM1024_ + MLK_NAMESPACE=PQCP_MLKEM_NATIVE_MLKEM1024_ else $(error Invalid value of MLKEM_K) endif diff --git a/proofs/cbmc/barrett_reduce/Makefile b/proofs/cbmc/barrett_reduce/Makefile index 45b3f7f66..2e88c321a 100644 --- a/proofs/cbmc/barrett_reduce/Makefile +++ b/proofs/cbmc/barrett_reduce/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)barrett_reduce +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)barrett_reduce USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/barrett_reduce/barrett_reduce_harness.c b/proofs/cbmc/barrett_reduce/barrett_reduce_harness.c index 56c759ce6..e3c3dee86 100644 --- a/proofs/cbmc/barrett_reduce/barrett_reduce_harness.c +++ b/proofs/cbmc/barrett_reduce/barrett_reduce_harness.c @@ -5,7 +5,7 @@ #include #include "common.h" -#define barrett_reduce MLKEM_NAMESPACE(barrett_reduce) +#define barrett_reduce MLK_NAMESPACE(barrett_reduce) int16_t barrett_reduce(int16_t a); void harness(void) diff --git a/proofs/cbmc/crypto_kem_dec/Makefile b/proofs/cbmc/crypto_kem_dec/Makefile index fea30ad7f..a0c8c0835 100644 --- a/proofs/cbmc/crypto_kem_dec/Makefile +++ b/proofs/cbmc/crypto_kem_dec/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/kem.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)dec -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)sha3_512 $(MLKEM_NAMESPACE)sha3_256 $(MLKEM_NAMESPACE)indcpa_enc $(MLKEM_NAMESPACE)indcpa_dec $(MLKEM_NAMESPACE)shake256 $(MLKEM_NAMESPACE)ct_memcmp $(MLKEM_NAMESPACE)ct_cmov_zero memcmp +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)dec +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)sha3_512 $(MLK_NAMESPACE)sha3_256 $(MLK_NAMESPACE)indcpa_enc $(MLK_NAMESPACE)indcpa_dec $(MLK_NAMESPACE)shake256 $(MLK_NAMESPACE)ct_memcmp $(MLK_NAMESPACE)ct_cmov_zero memcmp APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)dec +FUNCTION_NAME = $(MLK_NAMESPACE)dec # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/crypto_kem_enc/Makefile b/proofs/cbmc/crypto_kem_enc/Makefile index ea15e585d..98cb0380a 100644 --- a/proofs/cbmc/crypto_kem_enc/Makefile +++ b/proofs/cbmc/crypto_kem_enc/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/kem.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)enc -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)enc_derand randombytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)enc +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)enc_derand randombytes APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)enc +FUNCTION_NAME = $(MLK_NAMESPACE)enc # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/crypto_kem_enc_derand/Makefile b/proofs/cbmc/crypto_kem_enc_derand/Makefile index 5e4e806cb..47e849451 100644 --- a/proofs/cbmc/crypto_kem_enc_derand/Makefile +++ b/proofs/cbmc/crypto_kem_enc_derand/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/kem.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)enc_derand -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)sha3_256 $(MLKEM_NAMESPACE)sha3_512 $(MLKEM_NAMESPACE)indcpa_enc $(MLKEM_NAMESPACE)polyvec_frombytes $(MLKEM_NAMESPACE)polyvec_reduce $(MLKEM_NAMESPACE)polyvec_tobytes memcmp +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)enc_derand +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)sha3_256 $(MLK_NAMESPACE)sha3_512 $(MLK_NAMESPACE)indcpa_enc $(MLK_NAMESPACE)polyvec_frombytes $(MLK_NAMESPACE)polyvec_reduce $(MLK_NAMESPACE)polyvec_tobytes memcmp APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)enc_derand +FUNCTION_NAME = $(MLK_NAMESPACE)enc_derand # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/crypto_kem_keypair/Makefile b/proofs/cbmc/crypto_kem_keypair/Makefile index 5849cd101..7ef31af9f 100644 --- a/proofs/cbmc/crypto_kem_keypair/Makefile +++ b/proofs/cbmc/crypto_kem_keypair/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/kem.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keypair -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keypair_derand randombytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keypair +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keypair_derand randombytes APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)keypair +FUNCTION_NAME = $(MLK_NAMESPACE)keypair # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/crypto_kem_keypair_derand/Makefile b/proofs/cbmc/crypto_kem_keypair_derand/Makefile index 0ad4ed72a..be833d06c 100644 --- a/proofs/cbmc/crypto_kem_keypair_derand/Makefile +++ b/proofs/cbmc/crypto_kem_keypair_derand/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/kem.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keypair_derand -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)sha3_256 $(MLKEM_NAMESPACE)indcpa_keypair_derand +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keypair_derand +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)sha3_256 $(MLK_NAMESPACE)indcpa_keypair_derand APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)keypair_derand +FUNCTION_NAME = $(MLK_NAMESPACE)keypair_derand # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/ct_cmask_neg_i16/Makefile b/proofs/cbmc/ct_cmask_neg_i16/Makefile index 4366b81d3..bdb63f241 100644 --- a/proofs/cbmc/ct_cmask_neg_i16/Makefile +++ b/proofs/cbmc/ct_cmask_neg_i16/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c # Dummy because the Makefile wants _some_ project source -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_cmask_neg_i16 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)value_barrier_i32 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_cmask_neg_i16 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)value_barrier_i32 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/ct_cmask_nonzero_u16/Makefile b/proofs/cbmc/ct_cmask_nonzero_u16/Makefile index ef8a2b413..47558cd7f 100644 --- a/proofs/cbmc/ct_cmask_nonzero_u16/Makefile +++ b/proofs/cbmc/ct_cmask_nonzero_u16/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c # Dummy because the Makefile wants _some_ project source -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_cmask_nonzero_u16 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)value_barrier_u32 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_cmask_nonzero_u16 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)value_barrier_u32 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/ct_cmask_nonzero_u8/Makefile b/proofs/cbmc/ct_cmask_nonzero_u8/Makefile index 120aaf6e4..756188615 100644 --- a/proofs/cbmc/ct_cmask_nonzero_u8/Makefile +++ b/proofs/cbmc/ct_cmask_nonzero_u8/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c # Dummy because the Makefile wants _some_ project source -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_cmask_nonzero_u8 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)value_barrier_u32 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_cmask_nonzero_u8 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)value_barrier_u32 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/ct_cmov_zero/Makefile b/proofs/cbmc/ct_cmov_zero/Makefile index e12215c8e..898b3f0d8 100644 --- a/proofs/cbmc/ct_cmov_zero/Makefile +++ b/proofs/cbmc/ct_cmov_zero/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c # Dummy source -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_cmov_zero -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_sel_uint8 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_cmov_zero +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_sel_uint8 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/ct_memcmp/Makefile b/proofs/cbmc/ct_memcmp/Makefile index c122004a4..07b0cc797 100644 --- a/proofs/cbmc/ct_memcmp/Makefile +++ b/proofs/cbmc/ct_memcmp/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_memcmp -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)value_barrier_u8 $(MLKEM_NAMESPACE)ct_cmask_nonzero_u8 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_memcmp +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)value_barrier_u8 $(MLK_NAMESPACE)ct_cmask_nonzero_u8 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/ct_sel_int16/Makefile b/proofs/cbmc/ct_sel_int16/Makefile index 5cd1e0aca..e0a66afad 100644 --- a/proofs/cbmc/ct_sel_int16/Makefile +++ b/proofs/cbmc/ct_sel_int16/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c # Dummy because the Makefile wants _some_ project source -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_sel_int16 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_cmask_nonzero_u16 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_sel_int16 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_cmask_nonzero_u16 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/ct_sel_uint8/Makefile b/proofs/cbmc/ct_sel_uint8/Makefile index 88fe3640d..8d75e3792 100644 --- a/proofs/cbmc/ct_sel_uint8/Makefile +++ b/proofs/cbmc/ct_sel_uint8/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c # Dummy because the Makefile wants _some_ project source -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_sel_uint8 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_cmask_nonzero_u8 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_sel_uint8 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_cmask_nonzero_u8 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/dummy_backend.h b/proofs/cbmc/dummy_backend.h index 4100d4ab6..bb14442d5 100644 --- a/proofs/cbmc/dummy_backend.h +++ b/proofs/cbmc/dummy_backend.h @@ -3,16 +3,16 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_H +#ifdef MLK_ARITH_PROFILE_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_H +#define MLK_ARITH_PROFILE_H -#define MLKEM_NATIVE_ARITH_BACKEND_NAME DUMMY_BACKEND +#define MLK_ARITH_BACKEND_NAME DUMMY_BACKEND /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_ARITH_BACKEND_IMPL "dummy_backend_impl.h" +#define MLK_ARITH_BACKEND_IMPL "dummy_backend_impl.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_H */ +#endif /* MLK_ARITH_PROFILE_H */ diff --git a/proofs/cbmc/dummy_backend_fips202_x1.h b/proofs/cbmc/dummy_backend_fips202_x1.h index 344c4f1c9..4f4914f98 100644 --- a/proofs/cbmc/dummy_backend_fips202_x1.h +++ b/proofs/cbmc/dummy_backend_fips202_x1.h @@ -3,16 +3,16 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifdef MLKEM_NATIVE_FIPS202_PROFILE_H +#ifdef MLK_FIPS202_PROFILE_H #error Only one MLKEM_FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_FIPS202_PROFILE_H +#define MLK_FIPS202_PROFILE_H -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME DUMMY_BACKEND_FIPS202_X1 +#define MLK_FIPS202_BACKEND_NAME DUMMY_BACKEND_FIPS202_X1 /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_IMPL "dummy_backend_fips202_x1_impl.h" +#define MLK_FIPS202_BACKEND_IMPL "dummy_backend_fips202_x1_impl.h" -#endif /* MLKEM_NATIVE_FIPS202_PROFILE_H */ +#endif /* MLK_FIPS202_PROFILE_H */ diff --git a/proofs/cbmc/dummy_backend_fips202_x1_impl.h b/proofs/cbmc/dummy_backend_fips202_x1_impl.h index ff437b02e..b49d9e2e1 100644 --- a/proofs/cbmc/dummy_backend_fips202_x1_impl.h +++ b/proofs/cbmc/dummy_backend_fips202_x1_impl.h @@ -5,13 +5,13 @@ /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#ifdef MLK_ARITH_PROFILE_IMPL_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#define MLK_ARITH_PROFILE_IMPL_H -#define MLKEM_USE_FIPS202_X1_NATIVE +#define MLK_USE_FIPS202_X1_NATIVE #include "../mlkem/fips202/native/api.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_IMPL_H */ +#endif /* MLK_ARITH_PROFILE_IMPL_H */ diff --git a/proofs/cbmc/dummy_backend_fips202_x2.h b/proofs/cbmc/dummy_backend_fips202_x2.h index 0cafd4687..e1ec5997a 100644 --- a/proofs/cbmc/dummy_backend_fips202_x2.h +++ b/proofs/cbmc/dummy_backend_fips202_x2.h @@ -3,16 +3,16 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifdef MLKEM_NATIVE_FIPS202_PROFILE_H +#ifdef MLK_FIPS202_PROFILE_H #error Only one MLKEM_FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_FIPS202_PROFILE_H +#define MLK_FIPS202_PROFILE_H -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME DUMMY_BACKEND_FIPS202_X2 +#define MLK_FIPS202_BACKEND_NAME DUMMY_BACKEND_FIPS202_X2 /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_IMPL "dummy_backend_fips202_x2_impl.h" +#define MLK_FIPS202_BACKEND_IMPL "dummy_backend_fips202_x2_impl.h" -#endif /* MLKEM_NATIVE_FIPS202_PROFILE_H */ +#endif /* MLK_FIPS202_PROFILE_H */ diff --git a/proofs/cbmc/dummy_backend_fips202_x2_impl.h b/proofs/cbmc/dummy_backend_fips202_x2_impl.h index 790f35ca9..3fa86a132 100644 --- a/proofs/cbmc/dummy_backend_fips202_x2_impl.h +++ b/proofs/cbmc/dummy_backend_fips202_x2_impl.h @@ -5,13 +5,13 @@ /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#ifdef MLK_ARITH_PROFILE_IMPL_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#define MLK_ARITH_PROFILE_IMPL_H -#define MLKEM_USE_FIPS202_X2_NATIVE +#define MLK_USE_FIPS202_X2_NATIVE #include "../mlkem/fips202/native/api.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_IMPL_H */ +#endif /* MLK_ARITH_PROFILE_IMPL_H */ diff --git a/proofs/cbmc/dummy_backend_fips202_x4.h b/proofs/cbmc/dummy_backend_fips202_x4.h index 47b2ad955..6d573912d 100644 --- a/proofs/cbmc/dummy_backend_fips202_x4.h +++ b/proofs/cbmc/dummy_backend_fips202_x4.h @@ -3,16 +3,16 @@ * SPDX-License-Identifier: Apache-2.0 */ -#ifdef MLKEM_NATIVE_FIPS202_PROFILE_H +#ifdef MLK_FIPS202_PROFILE_H #error Only one MLKEM_FIPS202 assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_FIPS202_PROFILE_H +#define MLK_FIPS202_PROFILE_H -#define MLKEM_NATIVE_FIPS202_BACKEND_NAME DUMMY_BACKEND_FIPS202_X2 +#define MLK_FIPS202_BACKEND_NAME DUMMY_BACKEND_FIPS202_X2 /* Filename of the C backend implementation. * This is not inlined here because this header is included in assembly * files as well. */ -#define MLKEM_NATIVE_FIPS202_BACKEND_IMPL "dummy_backend_fips202_x4_impl.h" +#define MLK_FIPS202_BACKEND_IMPL "dummy_backend_fips202_x4_impl.h" -#endif /* MLKEM_NATIVE_FIPS202_PROFILE_H */ +#endif /* MLK_FIPS202_PROFILE_H */ diff --git a/proofs/cbmc/dummy_backend_fips202_x4_impl.h b/proofs/cbmc/dummy_backend_fips202_x4_impl.h index c3fc498b5..47c8463c2 100644 --- a/proofs/cbmc/dummy_backend_fips202_x4_impl.h +++ b/proofs/cbmc/dummy_backend_fips202_x4_impl.h @@ -5,13 +5,13 @@ /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#ifdef MLK_ARITH_PROFILE_IMPL_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#define MLK_ARITH_PROFILE_IMPL_H -#define MLKEM_USE_FIPS202_X4_NATIVE +#define MLK_USE_FIPS202_X4_NATIVE #include "../mlkem/fips202/native/api.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_IMPL_H */ +#endif /* MLK_ARITH_PROFILE_IMPL_H */ diff --git a/proofs/cbmc/dummy_backend_impl.h b/proofs/cbmc/dummy_backend_impl.h index 15363e164..7ac6c35f2 100644 --- a/proofs/cbmc/dummy_backend_impl.h +++ b/proofs/cbmc/dummy_backend_impl.h @@ -5,22 +5,22 @@ /* ML-KEM arithmetic native profile for clean assembly */ -#ifdef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#ifdef MLK_ARITH_PROFILE_IMPL_H #error Only one MLKEM_ARITH assembly profile can be defined -- did you include multiple profiles? #else -#define MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#define MLK_ARITH_PROFILE_IMPL_H -#define MLKEM_USE_NATIVE_REJ_UNIFORM -#define MLKEM_USE_NATIVE_NTT -#define MLKEM_USE_NATIVE_INTT -#define MLKEM_USE_NATIVE_POLY_REDUCE -#define MLKEM_USE_NATIVE_POLY_TOMONT -#define MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED -#define MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE -#define MLKEM_USE_NATIVE_POLY_TOBYTES -#define MLKEM_USE_NATIVE_POLY_FROMBYTES -#define MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER +#define MLK_USE_NATIVE_REJ_UNIFORM +#define MLK_USE_NATIVE_NTT +#define MLK_USE_NATIVE_INTT +#define MLK_USE_NATIVE_POLY_REDUCE +#define MLK_USE_NATIVE_POLY_TOMONT +#define MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED +#define MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE +#define MLK_USE_NATIVE_POLY_TOBYTES +#define MLK_USE_NATIVE_POLY_FROMBYTES +#define MLK_USE_NATIVE_NTT_CUSTOM_ORDER #include "../mlkem/native/api.h" -#endif /* MLKEM_NATIVE_ARITH_PROFILE_IMPL_H */ +#endif /* MLK_ARITH_PROFILE_IMPL_H */ diff --git a/proofs/cbmc/fqmul/Makefile b/proofs/cbmc/fqmul/Makefile index 589a0102d..32cb54cce 100644 --- a/proofs/cbmc/fqmul/Makefile +++ b/proofs/cbmc/fqmul/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c # Some unit including reduce.h -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)fqmul +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)fqmul USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/fqmul/fqmul_harness.c b/proofs/cbmc/fqmul/fqmul_harness.c index be8e3b069..b711a00d0 100644 --- a/proofs/cbmc/fqmul/fqmul_harness.c +++ b/proofs/cbmc/fqmul/fqmul_harness.c @@ -5,7 +5,7 @@ #include #include "common.h" -#define fqmul MLKEM_NAMESPACE(fqmul) +#define fqmul MLK_NAMESPACE(fqmul) int16_t fqmul(int16_t a, int16_t b); void harness(void) diff --git a/proofs/cbmc/gen_matrix/Makefile b/proofs/cbmc/gen_matrix/Makefile index 9e927981c..617d5ce9f 100644 --- a/proofs/cbmc/gen_matrix/Makefile +++ b/proofs/cbmc/gen_matrix/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)gen_matrix.0:4 $(MLKEM_NAMESPACE)gen_matrix.1:4 $(MLKEM_NAMESPACE)gen_matrix.2:4 $(MLKEM_NAMESPACE)gen_matrix.3:4 $(MLKEM_NAMESPACE)gen_matrix.4:4 +UNWINDSET += $(MLK_NAMESPACE)gen_matrix.0:4 $(MLK_NAMESPACE)gen_matrix.1:4 $(MLK_NAMESPACE)gen_matrix.2:4 $(MLK_NAMESPACE)gen_matrix.3:4 $(MLK_NAMESPACE)gen_matrix.4:4 PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/indcpa.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)gen_matrix -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_rej_uniform $(MLKEM_NAMESPACE)poly_rej_uniform_x4 $(MLKEM_NAMESPACE)poly_permute_bitrev_to_custom +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)gen_matrix +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_rej_uniform $(MLK_NAMESPACE)poly_rej_uniform_x4 $(MLK_NAMESPACE)poly_permute_bitrev_to_custom APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)gen_matrix +FUNCTION_NAME = $(MLK_NAMESPACE)gen_matrix # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/gen_matrix_native/Makefile b/proofs/cbmc/gen_matrix_native/Makefile index 640048d09..2a0aed9ba 100644 --- a/proofs/cbmc/gen_matrix_native/Makefile +++ b/proofs/cbmc/gen_matrix_native/Makefile @@ -9,17 +9,17 @@ HARNESS_FILE = gen_matrix_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = gen_matrix_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)gen_matrix.0:4 $(MLKEM_NAMESPACE)gen_matrix.1:4 $(MLKEM_NAMESPACE)gen_matrix.2:4 $(MLKEM_NAMESPACE)gen_matrix.3:4 $(MLKEM_NAMESPACE)gen_matrix.4:4 +UNWINDSET += $(MLK_NAMESPACE)gen_matrix.0:4 $(MLK_NAMESPACE)gen_matrix.1:4 $(MLK_NAMESPACE)gen_matrix.2:4 $(MLK_NAMESPACE)gen_matrix.3:4 $(MLK_NAMESPACE)gen_matrix.4:4 PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/indcpa.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)gen_matrix -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_rej_uniform $(MLKEM_NAMESPACE)poly_rej_uniform_x4 poly_permute_bitrev_to_custom +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)gen_matrix +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_rej_uniform $(MLK_NAMESPACE)poly_rej_uniform_x4 poly_permute_bitrev_to_custom APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)gen_matrix_native +FUNCTION_NAME = $(MLK_NAMESPACE)gen_matrix_native # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/indcpa_dec/Makefile b/proofs/cbmc/indcpa_dec/Makefile index 8a9f961b8..86b2dec70 100644 --- a/proofs/cbmc/indcpa_dec/Makefile +++ b/proofs/cbmc/indcpa_dec/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/indcpa.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)indcpa_dec +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)indcpa_dec USED_FUNCTIONS = polyvec_ntt USED_FUNCTIONS += polyvec_basemul_acc_montgomery @@ -30,7 +30,7 @@ USED_FUNCTIONS += polyvec_decompress_du USED_FUNCTIONS += poly_decompress_dv USED_FUNCTIONS += polyvec_frombytes USED_FUNCTIONS += polyvec_reduce -USE_FUNCTION_CONTRACTS=$(addprefix $(MLKEM_NAMESPACE),$(USED_FUNCTIONS)) +USE_FUNCTION_CONTRACTS=$(addprefix $(MLK_NAMESPACE),$(USED_FUNCTIONS)) APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -38,7 +38,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)indcpa_dec +FUNCTION_NAME = $(MLK_NAMESPACE)indcpa_dec # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/indcpa_enc/Makefile b/proofs/cbmc/indcpa_enc/Makefile index 675d8b999..85057e419 100644 --- a/proofs/cbmc/indcpa_enc/Makefile +++ b/proofs/cbmc/indcpa_enc/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/indcpa.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)indcpa_enc +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)indcpa_enc USED_FUNCTIONS = poly_frommsg USED_FUNCTIONS += gen_matrix @@ -46,7 +46,7 @@ USED_FUNCTIONS += poly_compress_dv USED_FUNCTIONS += polyvec_frombytes USED_FUNCTIONS += matvec_mul -USE_FUNCTION_CONTRACTS=$(addprefix $(MLKEM_NAMESPACE),$(USED_FUNCTIONS)) +USE_FUNCTION_CONTRACTS=$(addprefix $(MLK_NAMESPACE),$(USED_FUNCTIONS)) APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -54,7 +54,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)indcpa_enc +FUNCTION_NAME = $(MLK_NAMESPACE)indcpa_enc # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/indcpa_keypair_derand/Makefile b/proofs/cbmc/indcpa_keypair_derand/Makefile index 6a3b28280..aaedb0f3b 100644 --- a/proofs/cbmc/indcpa_keypair_derand/Makefile +++ b/proofs/cbmc/indcpa_keypair_derand/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/indcpa.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)indcpa_keypair_derand -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)sha3_512 $(MLKEM_NAMESPACE)gen_matrix $(MLKEM_NAMESPACE)poly_getnoise_eta1_4x $(MLKEM_NAMESPACE)polyvec_ntt $(MLKEM_NAMESPACE)polyvec_mulcache_compute $(MLKEM_NAMESPACE)matvec_mul $(MLKEM_NAMESPACE)polyvec_tomont $(MLKEM_NAMESPACE)polyvec_add $(MLKEM_NAMESPACE)polyvec_reduce $(MLKEM_NAMESPACE)polyvec_tobytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)indcpa_keypair_derand +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)sha3_512 $(MLK_NAMESPACE)gen_matrix $(MLK_NAMESPACE)poly_getnoise_eta1_4x $(MLK_NAMESPACE)polyvec_ntt $(MLK_NAMESPACE)polyvec_mulcache_compute $(MLK_NAMESPACE)matvec_mul $(MLK_NAMESPACE)polyvec_tomont $(MLK_NAMESPACE)polyvec_add $(MLK_NAMESPACE)polyvec_reduce $(MLK_NAMESPACE)polyvec_tobytes APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)indcpa_keypair_derand +FUNCTION_NAME = $(MLK_NAMESPACE)indcpa_keypair_derand # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/invntt_layer/Makefile b/proofs/cbmc/invntt_layer/Makefile index fde0e1370..d7137e1b0 100644 --- a/proofs/cbmc/invntt_layer/Makefile +++ b/proofs/cbmc/invntt_layer/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c $(SRCDIR)/mlkem/zetas.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)invntt_layer -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)fqmul $(MLKEM_NAMESPACE)barrett_reduce +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)invntt_layer +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)fqmul $(MLK_NAMESPACE)barrett_reduce APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/invntt_layer/invntt_layer_harness.c b/proofs/cbmc/invntt_layer/invntt_layer_harness.c index 053d33f51..d12758fab 100644 --- a/proofs/cbmc/invntt_layer/invntt_layer_harness.c +++ b/proofs/cbmc/invntt_layer/invntt_layer_harness.c @@ -5,7 +5,7 @@ #include #include "common.h" -#define invntt_layer MLKEM_NAMESPACE(invntt_layer) +#define invntt_layer MLK_NAMESPACE(invntt_layer) void invntt_layer(int16_t *p, unsigned len, unsigned layer); void harness(void) diff --git a/proofs/cbmc/keccak_absorb_once/Makefile b/proofs/cbmc/keccak_absorb_once/Makefile index 2cc389c63..a36d36435 100644 --- a/proofs/cbmc/keccak_absorb_once/Makefile +++ b/proofs/cbmc/keccak_absorb_once/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_absorb_once -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StateXORBytes $(MLKEM_NAMESPACE)KeccakF1600_StatePermute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_absorb_once +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StateXORBytes $(MLK_NAMESPACE)KeccakF1600_StatePermute APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/keccak_absorb_once/keccak_absorb_once_harness.c b/proofs/cbmc/keccak_absorb_once/keccak_absorb_once_harness.c index c3f83e9bd..d27fc850a 100644 --- a/proofs/cbmc/keccak_absorb_once/keccak_absorb_once_harness.c +++ b/proofs/cbmc/keccak_absorb_once/keccak_absorb_once_harness.c @@ -7,7 +7,7 @@ #include #include -#define keccak_absorb_once MLKEM_NAMESPACE(keccak_absorb_once) +#define keccak_absorb_once MLK_NAMESPACE(keccak_absorb_once) void keccak_absorb_once(uint64_t *s, uint32_t r, const uint8_t *m, size_t mlen, uint8_t p); diff --git a/proofs/cbmc/keccak_absorb_once_x4/Makefile b/proofs/cbmc/keccak_absorb_once_x4/Makefile index eb5bd95ad..2670f196b 100644 --- a/proofs/cbmc/keccak_absorb_once_x4/Makefile +++ b/proofs/cbmc/keccak_absorb_once_x4/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202x4.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_absorb_once_x4 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600x4_StatePermute $(MLKEM_NAMESPACE)KeccakF1600x4_StateXORBytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_absorb_once_x4 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600x4_StatePermute $(MLK_NAMESPACE)KeccakF1600x4_StateXORBytes APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/keccak_absorb_once_x4/keccak_absorb_once_x4_harness.c b/proofs/cbmc/keccak_absorb_once_x4/keccak_absorb_once_x4_harness.c index 4ee7bbdd6..7e91d69a9 100644 --- a/proofs/cbmc/keccak_absorb_once_x4/keccak_absorb_once_x4_harness.c +++ b/proofs/cbmc/keccak_absorb_once_x4/keccak_absorb_once_x4_harness.c @@ -7,7 +7,7 @@ #include #include -#define keccak_absorb_once_x4 MLKEM_NAMESPACE(keccak_absorb_once_x4) +#define keccak_absorb_once_x4 MLK_NAMESPACE(keccak_absorb_once_x4) void keccak_absorb_once_x4(uint64_t *s, uint32_t r, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, const uint8_t *in3, size_t inlen, uint8_t p); diff --git a/proofs/cbmc/keccak_squeeze_once/Makefile b/proofs/cbmc/keccak_squeeze_once/Makefile index 3615162d5..f14b78902 100644 --- a/proofs/cbmc/keccak_squeeze_once/Makefile +++ b/proofs/cbmc/keccak_squeeze_once/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_squeeze_once -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StateExtractBytes $(MLKEM_NAMESPACE)KeccakF1600_StatePermute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_squeeze_once +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StateExtractBytes $(MLK_NAMESPACE)KeccakF1600_StatePermute APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/keccak_squeeze_once/keccak_squeeze_once_harness.c b/proofs/cbmc/keccak_squeeze_once/keccak_squeeze_once_harness.c index d69251623..1f4cab848 100644 --- a/proofs/cbmc/keccak_squeeze_once/keccak_squeeze_once_harness.c +++ b/proofs/cbmc/keccak_squeeze_once/keccak_squeeze_once_harness.c @@ -7,7 +7,7 @@ #include #include -#define keccak_squeeze_once MLKEM_NAMESPACE(keccak_squeeze_once) +#define keccak_squeeze_once MLK_NAMESPACE(keccak_squeeze_once) void keccak_squeeze_once(uint8_t *h, size_t outlen, uint64_t *s, uint32_t r); void harness(void) diff --git a/proofs/cbmc/keccak_squeezeblocks/Makefile b/proofs/cbmc/keccak_squeezeblocks/Makefile index 9df75aefd..ba70dc8ab 100644 --- a/proofs/cbmc/keccak_squeezeblocks/Makefile +++ b/proofs/cbmc/keccak_squeezeblocks/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_squeezeblocks -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600_StateExtractBytes $(MLKEM_NAMESPACE)KeccakF1600_StatePermute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_squeezeblocks +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600_StateExtractBytes $(MLK_NAMESPACE)KeccakF1600_StatePermute APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/keccak_squeezeblocks/keccak_squeezeblocks_harness.c b/proofs/cbmc/keccak_squeezeblocks/keccak_squeezeblocks_harness.c index aa1e2cedf..52b86ac74 100644 --- a/proofs/cbmc/keccak_squeezeblocks/keccak_squeezeblocks_harness.c +++ b/proofs/cbmc/keccak_squeezeblocks/keccak_squeezeblocks_harness.c @@ -7,7 +7,7 @@ #include #include -#define keccak_squeezeblocks MLKEM_NAMESPACE(keccak_squeezeblocks) +#define keccak_squeezeblocks MLK_NAMESPACE(keccak_squeezeblocks) void keccak_squeezeblocks(uint8_t *h, size_t nblocks, uint64_t *s, uint32_t r); void harness(void) diff --git a/proofs/cbmc/keccak_squeezeblocks_x4/Makefile b/proofs/cbmc/keccak_squeezeblocks_x4/Makefile index 4e82e962f..c7bd13ef3 100644 --- a/proofs/cbmc/keccak_squeezeblocks_x4/Makefile +++ b/proofs/cbmc/keccak_squeezeblocks_x4/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202x4.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_squeezeblocks_x4 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)KeccakF1600x4_StateExtractBytes $(MLKEM_NAMESPACE)KeccakF1600x4_StatePermute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_squeezeblocks_x4 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)KeccakF1600x4_StateExtractBytes $(MLK_NAMESPACE)KeccakF1600x4_StatePermute APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/keccak_squeezeblocks_x4/keccak_squeezeblocks_x4_harness.c b/proofs/cbmc/keccak_squeezeblocks_x4/keccak_squeezeblocks_x4_harness.c index 5e8b5a456..e05bbb049 100644 --- a/proofs/cbmc/keccak_squeezeblocks_x4/keccak_squeezeblocks_x4_harness.c +++ b/proofs/cbmc/keccak_squeezeblocks_x4/keccak_squeezeblocks_x4_harness.c @@ -7,7 +7,7 @@ #include #include -#define keccak_squeezeblocks_x4 MLKEM_NAMESPACE(keccak_squeezeblocks_x4) +#define keccak_squeezeblocks_x4 MLK_NAMESPACE(keccak_squeezeblocks_x4) void keccak_squeezeblocks_x4(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, size_t nblocks, uint64_t *s, uint32_t r); diff --git a/proofs/cbmc/matvec_mul/Makefile b/proofs/cbmc/matvec_mul/Makefile index 1c0b31236..2e91f2f78 100644 --- a/proofs/cbmc/matvec_mul/Makefile +++ b/proofs/cbmc/matvec_mul/Makefile @@ -17,8 +17,8 @@ REMOVE_FUNCTION_BODY += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/indcpa.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)matvec_mul -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_basemul_acc_montgomery_cached +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)matvec_mul +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_basemul_acc_montgomery_cached APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -37,7 +37,7 @@ CBMCFLAGS=--smt2 # a substantial improvement in proof performance. CBMCFLAGS += --no-array-field-sensitivity --arrays-uf-always --slice-formula -FUNCTION_NAME = $(MLKEM_NAMESPACE)matvec_mul +FUNCTION_NAME = $(MLK_NAMESPACE)matvec_mul # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/matvec_mul/matvec_mul_harness.c b/proofs/cbmc/matvec_mul/matvec_mul_harness.c index c80a262ca..8ef1e7771 100644 --- a/proofs/cbmc/matvec_mul/matvec_mul_harness.c +++ b/proofs/cbmc/matvec_mul/matvec_mul_harness.c @@ -5,7 +5,7 @@ #include "indcpa.h" #include "poly_k.h" -#define matvec_mul MLKEM_NAMESPACE(matvec_mul) +#define matvec_mul MLK_NAMESPACE(matvec_mul) void matvec_mul(polyvec *out, polyvec const *a, polyvec const *v, polyvec_mulcache const *vc); diff --git a/proofs/cbmc/montgomery_reduce/Makefile b/proofs/cbmc/montgomery_reduce/Makefile index ba8015221..88a0e154c 100644 --- a/proofs/cbmc/montgomery_reduce/Makefile +++ b/proofs/cbmc/montgomery_reduce/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c # Some unit including reduce.h -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)montgomery_reduce +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)montgomery_reduce USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/montgomery_reduce/montgomery_reduce_harness.c b/proofs/cbmc/montgomery_reduce/montgomery_reduce_harness.c index a7934e88f..df4869743 100644 --- a/proofs/cbmc/montgomery_reduce/montgomery_reduce_harness.c +++ b/proofs/cbmc/montgomery_reduce/montgomery_reduce_harness.c @@ -5,7 +5,7 @@ #include #include "common.h" -#define montgomery_reduce MLKEM_NAMESPACE(montgomery_reduce) +#define montgomery_reduce MLK_NAMESPACE(montgomery_reduce) int16_t montgomery_reduce(int32_t a); void harness(void) diff --git a/proofs/cbmc/ntt_butterfly_block/Makefile b/proofs/cbmc/ntt_butterfly_block/Makefile index aa1fadd8a..b6fd50796 100644 --- a/proofs/cbmc/ntt_butterfly_block/Makefile +++ b/proofs/cbmc/ntt_butterfly_block/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ntt_butterfly_block -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)fqmul +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ntt_butterfly_block +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)fqmul APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/ntt_butterfly_block/ntt_butterfly_block_harness.c b/proofs/cbmc/ntt_butterfly_block/ntt_butterfly_block_harness.c index 129f49141..6d68bcd14 100644 --- a/proofs/cbmc/ntt_butterfly_block/ntt_butterfly_block_harness.c +++ b/proofs/cbmc/ntt_butterfly_block/ntt_butterfly_block_harness.c @@ -5,7 +5,7 @@ #include #include "common.h" -#define ntt_butterfly_block MLKEM_NAMESPACE(ntt_butterfly_block) +#define ntt_butterfly_block MLK_NAMESPACE(ntt_butterfly_block) void ntt_butterfly_block(int16_t *r, int16_t root, unsigned start, unsigned len, int bound); diff --git a/proofs/cbmc/ntt_layer/Makefile b/proofs/cbmc/ntt_layer/Makefile index 86632eabb..470edf4e8 100644 --- a/proofs/cbmc/ntt_layer/Makefile +++ b/proofs/cbmc/ntt_layer/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c $(SRCDIR)/mlkem/zetas.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ntt_layer -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ntt_butterfly_block +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ntt_layer +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ntt_butterfly_block APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/ntt_layer/ntt_layer_harness.c b/proofs/cbmc/ntt_layer/ntt_layer_harness.c index 8e6b0bc0e..731f5a552 100644 --- a/proofs/cbmc/ntt_layer/ntt_layer_harness.c +++ b/proofs/cbmc/ntt_layer/ntt_layer_harness.c @@ -4,7 +4,7 @@ #include "poly.h" -#define ntt_layer MLKEM_NAMESPACE(ntt_layer) +#define ntt_layer MLK_NAMESPACE(ntt_layer) void ntt_layer(int16_t *p, unsigned len, unsigned layer); void harness(void) diff --git a/proofs/cbmc/poly_add/Makefile b/proofs/cbmc/poly_add/Makefile index d4a3516b0..624d4c2bc 100644 --- a/proofs/cbmc/poly_add/Makefile +++ b/proofs/cbmc/poly_add/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_add +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_add USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_cbd_eta1/Makefile b/proofs/cbmc/poly_cbd_eta1/Makefile index abfb98bb7..8c16865a4 100644 --- a/proofs/cbmc/poly_cbd_eta1/Makefile +++ b/proofs/cbmc/poly_cbd_eta1/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/sampling.c $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_cbd_eta1 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_cbd_eta1 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_cbd_eta1 +FUNCTION_NAME = $(MLK_NAMESPACE)poly_cbd_eta1 # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_cbd_eta1/poly_cbd_eta1_harness.c b/proofs/cbmc/poly_cbd_eta1/poly_cbd_eta1_harness.c index 49ed2200a..c0d5b1ec8 100644 --- a/proofs/cbmc/poly_cbd_eta1/poly_cbd_eta1_harness.c +++ b/proofs/cbmc/poly_cbd_eta1/poly_cbd_eta1_harness.c @@ -4,7 +4,7 @@ #include "poly.h" -#define poly_cbd_eta1 MLKEM_NAMESPACE(poly_cbd_eta1) +#define poly_cbd_eta1 MLK_NAMESPACE(poly_cbd_eta1) void poly_cbd_eta1(poly *r, const uint8_t buf[MLKEM_ETA1 * MLKEM_N / 4]); void harness(void) diff --git a/proofs/cbmc/poly_cbd_eta2/Makefile b/proofs/cbmc/poly_cbd_eta2/Makefile index 33f04417f..5d5a6edda 100644 --- a/proofs/cbmc/poly_cbd_eta2/Makefile +++ b/proofs/cbmc/poly_cbd_eta2/Makefile @@ -20,9 +20,9 @@ PROJECT_SOURCES += $(SRCDIR)/mlkem/sampling.c $(SRCDIR)/mlkem/poly_k.c # Only relevant for K=2 or K=4 ifeq ($(MLKEM_K),2) -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_cbd_eta2 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_cbd_eta2 else ifeq ($(MLKEM_K),4) -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_cbd_eta2 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_cbd_eta2 else CHECK_FUNCTION_CONTRACTS= endif @@ -35,7 +35,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_cbd_eta2 +FUNCTION_NAME = $(MLK_NAMESPACE)poly_cbd_eta2 # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_cbd_eta2/poly_cbd_eta2_harness.c b/proofs/cbmc/poly_cbd_eta2/poly_cbd_eta2_harness.c index be9a8794e..b7799a376 100644 --- a/proofs/cbmc/poly_cbd_eta2/poly_cbd_eta2_harness.c +++ b/proofs/cbmc/poly_cbd_eta2/poly_cbd_eta2_harness.c @@ -4,7 +4,7 @@ #include "poly.h" -#define poly_cbd_eta2 MLKEM_NAMESPACE(poly_cbd_eta2) +#define poly_cbd_eta2 MLK_NAMESPACE(poly_cbd_eta2) void poly_cbd_eta2(poly *r, const uint8_t buf[MLKEM_ETA2 * MLKEM_N / 4]); void harness(void) diff --git a/proofs/cbmc/poly_compress_du/Makefile b/proofs/cbmc/poly_compress_du/Makefile index 8f5b030c8..0dbc3fa87 100644 --- a/proofs/cbmc/poly_compress_du/Makefile +++ b/proofs/cbmc/poly_compress_du/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_compress_du +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_compress_du USE_FUNCTION_CONTRACTS = # TODO: We should be calling scalar_decompress_xxx by contract here, @@ -37,7 +37,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_compress_du +FUNCTION_NAME = $(MLK_NAMESPACE)poly_compress_du # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_compress_dv/Makefile b/proofs/cbmc/poly_compress_dv/Makefile index 850163e66..36d462f3b 100644 --- a/proofs/cbmc/poly_compress_dv/Makefile +++ b/proofs/cbmc/poly_compress_dv/Makefile @@ -18,15 +18,15 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_compress_dv +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_compress_dv USE_FUNCTION_CONTRACTS = # TODO: We should be calling scalar_decompress_xxx by contract here, # but it does not seem to work yet because they are marked as static inline. # ifeq ($(MLKEM_K),4) -# USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_compress_d5 +# USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_compress_d5 # else -# USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_compress_d4 +# USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_compress_d4 # endif APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -35,7 +35,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_compress_dv +FUNCTION_NAME = $(MLK_NAMESPACE)poly_compress_dv # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_decompress_du/Makefile b/proofs/cbmc/poly_decompress_du/Makefile index 7f038096a..442c11ae8 100644 --- a/proofs/cbmc/poly_decompress_du/Makefile +++ b/proofs/cbmc/poly_decompress_du/Makefile @@ -18,16 +18,16 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_decompress_du +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_decompress_du USE_FUNCTION_CONTRACTS = # TODO: We should be calling scalar_decompress_xxx by contract here, # but it does not seem to work yet because they are marked as static inline. # For K = 2 or 3, the code calls scalar_decompress_d10, so # ifeq ($(MLKEM_K),4) -# USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_decompress_d11 +# USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_decompress_d11 # else -# USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_decompress_d10 +# USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_decompress_d10 # endif APPLY_LOOP_CONTRACTS=on @@ -37,7 +37,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_decompress_du +FUNCTION_NAME = $(MLK_NAMESPACE)poly_decompress_du # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_decompress_dv/Makefile b/proofs/cbmc/poly_decompress_dv/Makefile index 38f9ba533..368be3d90 100644 --- a/proofs/cbmc/poly_decompress_dv/Makefile +++ b/proofs/cbmc/poly_decompress_dv/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_decompress_dv +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_decompress_dv USE_FUNCTION_CONTRACTS = # TODO: We should be calling scalar_decompress_xxx by contract here, @@ -37,7 +37,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_decompress_dv +FUNCTION_NAME = $(MLK_NAMESPACE)poly_decompress_dv # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_frombytes/Makefile b/proofs/cbmc/poly_frombytes/Makefile index 1b41ea11a..13c8157b6 100644 --- a/proofs/cbmc/poly_frombytes/Makefile +++ b/proofs/cbmc/poly_frombytes/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_frombytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_frombytes USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_frombytes +FUNCTION_NAME = $(MLK_NAMESPACE)poly_frombytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_frombytes_native/Makefile b/proofs/cbmc/poly_frombytes_native/Makefile index 07ac7fe35..079b72377 100644 --- a/proofs/cbmc/poly_frombytes_native/Makefile +++ b/proofs/cbmc/poly_frombytes_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = poly_frombytes_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = poly_frombytes_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_frombytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_frombytes USE_FUNCTION_CONTRACTS=poly_frombytes_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_frommsg/Makefile b/proofs/cbmc/poly_frommsg/Makefile index 15448e3a3..4343054dd 100644 --- a/proofs/cbmc/poly_frommsg/Makefile +++ b/proofs/cbmc/poly_frommsg/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_frommsg -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_sel_int16 $(MLKEM_NAMESPACE)value_barrier_u8 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_frommsg +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_sel_int16 $(MLK_NAMESPACE)value_barrier_u8 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_frommsg +FUNCTION_NAME = $(MLK_NAMESPACE)poly_frommsg # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_getnoise_eta1122_4x/Makefile b/proofs/cbmc/poly_getnoise_eta1122_4x/Makefile index 4b55ef465..9300708b4 100644 --- a/proofs/cbmc/poly_getnoise_eta1122_4x/Makefile +++ b/proofs/cbmc/poly_getnoise_eta1122_4x/Makefile @@ -20,8 +20,8 @@ PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c # Only relevant for K=2 ifeq ($(MLKEM_K),2) -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_getnoise_eta1122_4x -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_cbd_eta1 $(MLKEM_NAMESPACE)poly_cbd_eta2 $(MLKEM_NAMESPACE)shake256 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_getnoise_eta1122_4x +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_cbd_eta1 $(MLK_NAMESPACE)poly_cbd_eta2 $(MLK_NAMESPACE)shake256 else CHECK_FUNCTION_CONTRACTS= USE_FUNCTION_CONTRACTS= @@ -33,7 +33,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_getnoise_eta1122_4x +FUNCTION_NAME = $(MLK_NAMESPACE)poly_getnoise_eta1122_4x # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_getnoise_eta1122_4x_native/Makefile b/proofs/cbmc/poly_getnoise_eta1122_4x_native/Makefile index 9330e4634..b1d58a505 100644 --- a/proofs/cbmc/poly_getnoise_eta1122_4x_native/Makefile +++ b/proofs/cbmc/poly_getnoise_eta1122_4x_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = poly_getnoise_eta1122_4x_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = poly_getnoise_eta1122_4x_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_FIPS202 -DMLKEM_NATIVE_FIPS202_BACKEND_FILE="\"dummy_backend_fips202_x2.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_FIPS202 -DMLK_FIPS202_BACKEND_FILE="\"dummy_backend_fips202_x2.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -20,8 +20,8 @@ PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c # Only relevant for K=2 ifeq ($(MLKEM_K),2) -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_getnoise_eta1122_4x -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_cbd_eta1 $(MLKEM_NAMESPACE)poly_cbd_eta2 $(MLKEM_NAMESPACE)shake256x4 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_getnoise_eta1122_4x +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_cbd_eta1 $(MLK_NAMESPACE)poly_cbd_eta2 $(MLK_NAMESPACE)shake256x4 else CHECK_FUNCTION_CONTRACTS= USE_FUNCTION_CONTRACTS= @@ -33,7 +33,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_getnoise_eta1122_4x +FUNCTION_NAME = $(MLK_NAMESPACE)poly_getnoise_eta1122_4x # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_getnoise_eta1_4x/Makefile b/proofs/cbmc/poly_getnoise_eta1_4x/Makefile index 96859a541..c0ae0d016 100644 --- a/proofs/cbmc/poly_getnoise_eta1_4x/Makefile +++ b/proofs/cbmc/poly_getnoise_eta1_4x/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_getnoise_eta1_4x -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_cbd_eta1 $(MLKEM_NAMESPACE)shake256x4 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_getnoise_eta1_4x +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_cbd_eta1 $(MLK_NAMESPACE)shake256x4 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_getnoise_eta1_4x +FUNCTION_NAME = $(MLK_NAMESPACE)poly_getnoise_eta1_4x # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_getnoise_eta2/Makefile b/proofs/cbmc/poly_getnoise_eta2/Makefile index b4d1dc859..d0f78c272 100644 --- a/proofs/cbmc/poly_getnoise_eta2/Makefile +++ b/proofs/cbmc/poly_getnoise_eta2/Makefile @@ -20,11 +20,11 @@ PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c # Only relevant for K=2 or K=4 ifeq ($(MLKEM_K),2) -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_getnoise_eta2 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_cbd_eta2 $(MLKEM_NAMESPACE)shake256 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_getnoise_eta2 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_cbd_eta2 $(MLK_NAMESPACE)shake256 else ifeq ($(MLKEM_K),4) -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_getnoise_eta2 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_cbd_eta2 $(MLKEM_NAMESPACE)shake256 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_getnoise_eta2 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_cbd_eta2 $(MLK_NAMESPACE)shake256 else CHECK_FUNCTION_CONTRACTS= USE_FUNCTION_CONTRACTS= @@ -37,7 +37,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_getnoise_eta2 +FUNCTION_NAME = $(MLK_NAMESPACE)poly_getnoise_eta2 # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_invntt_tomont/Makefile b/proofs/cbmc/poly_invntt_tomont/Makefile index 6772c2112..5b1129af2 100644 --- a/proofs/cbmc/poly_invntt_tomont/Makefile +++ b/proofs/cbmc/poly_invntt_tomont/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_invntt_tomont -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)invntt_layer $(MLKEM_NAMESPACE)fqmul +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_invntt_tomont +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)invntt_layer $(MLK_NAMESPACE)fqmul APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_invntt_tomont_native/Makefile b/proofs/cbmc/poly_invntt_tomont_native/Makefile index a72a91940..142e1f633 100644 --- a/proofs/cbmc/poly_invntt_tomont_native/Makefile +++ b/proofs/cbmc/poly_invntt_tomont_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = poly_invntt_tomont_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = poly_invntt_tomont_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_invntt_tomont +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_invntt_tomont USE_FUNCTION_CONTRACTS=intt_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_mulcache_compute/Makefile b/proofs/cbmc/poly_mulcache_compute/Makefile index 394301103..84347baeb 100644 --- a/proofs/cbmc/poly_mulcache_compute/Makefile +++ b/proofs/cbmc/poly_mulcache_compute/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c $(SRCDIR)/mlkem/zetas.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_mulcache_compute -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)fqmul +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_mulcache_compute +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)fqmul APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_mulcache_compute_native/Makefile b/proofs/cbmc/poly_mulcache_compute_native/Makefile index 642dbbaf9..70a0f066e 100644 --- a/proofs/cbmc/poly_mulcache_compute_native/Makefile +++ b/proofs/cbmc/poly_mulcache_compute_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = poly_mulcache_compute_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = poly_mulcache_compute_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c $(SRCDIR)/mlkem/zetas.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_mulcache_compute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_mulcache_compute USE_FUNCTION_CONTRACTS=poly_mulcache_compute_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_ntt/Makefile b/proofs/cbmc/poly_ntt/Makefile index 1ee5f2742..03a5fab49 100644 --- a/proofs/cbmc/poly_ntt/Makefile +++ b/proofs/cbmc/poly_ntt/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c - CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_ntt -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ntt_layer + CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_ntt +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ntt_layer APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_ntt +FUNCTION_NAME = $(MLK_NAMESPACE)poly_ntt # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_ntt_native/Makefile b/proofs/cbmc/poly_ntt_native/Makefile index 2f75237b3..056718470 100644 --- a/proofs/cbmc/poly_ntt_native/Makefile +++ b/proofs/cbmc/poly_ntt_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = poly_ntt_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = poly_ntt_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_ntt +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_ntt USE_FUNCTION_CONTRACTS=ntt_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_reduce/Makefile b/proofs/cbmc/poly_reduce/Makefile index 66bddb5e0..fa15cc30f 100644 --- a/proofs/cbmc/poly_reduce/Makefile +++ b/proofs/cbmc/poly_reduce/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_reduce -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_signed_to_unsigned_q $(MLKEM_NAMESPACE)barrett_reduce +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_reduce +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_signed_to_unsigned_q $(MLK_NAMESPACE)barrett_reduce APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_reduce +FUNCTION_NAME = $(MLK_NAMESPACE)poly_reduce # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_reduce_native/Makefile b/proofs/cbmc/poly_reduce_native/Makefile index 89f341e5e..f5cfbf3ee 100644 --- a/proofs/cbmc/poly_reduce_native/Makefile +++ b/proofs/cbmc/poly_reduce_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = poly_reduce_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = poly_reduce_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_reduce +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_reduce USE_FUNCTION_CONTRACTS=poly_reduce_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_rej_uniform/Makefile b/proofs/cbmc/poly_rej_uniform/Makefile index 396858333..08c2d577c 100644 --- a/proofs/cbmc/poly_rej_uniform/Makefile +++ b/proofs/cbmc/poly_rej_uniform/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/sampling.c $(SRCDIR)/mlkem/fips202/fips202.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_rej_uniform -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)shake128_absorb_once $(MLKEM_NAMESPACE)shake128_squeezeblocks $(MLKEM_NAMESPACE)rej_uniform +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_rej_uniform +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)shake128_absorb_once $(MLK_NAMESPACE)shake128_squeezeblocks $(MLK_NAMESPACE)rej_uniform APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_rej_uniform +FUNCTION_NAME = $(MLK_NAMESPACE)poly_rej_uniform # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_rej_uniform_x4/Makefile b/proofs/cbmc/poly_rej_uniform_x4/Makefile index 442245c22..eda43dccd 100644 --- a/proofs/cbmc/poly_rej_uniform_x4/Makefile +++ b/proofs/cbmc/poly_rej_uniform_x4/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/sampling.c $(SRCDIR)/mlkem/fips202/fips202x4.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_rej_uniform_x4 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)shake128x4_absorb_once $(MLKEM_NAMESPACE)shake128x4_squeezeblocks $(MLKEM_NAMESPACE)rej_uniform +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_rej_uniform_x4 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)shake128x4_absorb_once $(MLK_NAMESPACE)shake128x4_squeezeblocks $(MLK_NAMESPACE)rej_uniform APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_rej_uniform_x4 +FUNCTION_NAME = $(MLK_NAMESPACE)poly_rej_uniform_x4 # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_sub/Makefile b/proofs/cbmc/poly_sub/Makefile index 77efa4160..99c01d33a 100644 --- a/proofs/cbmc/poly_sub/Makefile +++ b/proofs/cbmc/poly_sub/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_sub +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_sub USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_tobytes/Makefile b/proofs/cbmc/poly_tobytes/Makefile index 0b175b440..ec332bbcd 100644 --- a/proofs/cbmc/poly_tobytes/Makefile +++ b/proofs/cbmc/poly_tobytes/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_tobytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_tobytes USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_tobytes +FUNCTION_NAME = $(MLK_NAMESPACE)poly_tobytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/poly_tobytes_native/Makefile b/proofs/cbmc/poly_tobytes_native/Makefile index 7b9422450..3036d5b9a 100644 --- a/proofs/cbmc/poly_tobytes_native/Makefile +++ b/proofs/cbmc/poly_tobytes_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = poly_tobytes_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = poly_tobytes_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_tobytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_tobytes USE_FUNCTION_CONTRACTS=poly_tobytes_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_tomont/Makefile b/proofs/cbmc/poly_tomont/Makefile index 55da07a8b..29f552ea3 100644 --- a/proofs/cbmc/poly_tomont/Makefile +++ b/proofs/cbmc/poly_tomont/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_tomont -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)fqmul +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_tomont +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)fqmul APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_tomont_native/Makefile b/proofs/cbmc/poly_tomont_native/Makefile index 62cda6ce9..25f0a6cff 100644 --- a/proofs/cbmc/poly_tomont_native/Makefile +++ b/proofs/cbmc/poly_tomont_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = poly_tomont_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = poly_tomont_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_tomont +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_tomont USE_FUNCTION_CONTRACTS=poly_tomont_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/poly_tomsg/Makefile b/proofs/cbmc/poly_tomsg/Makefile index 3ed79668e..6b4b265a0 100644 --- a/proofs/cbmc/poly_tomsg/Makefile +++ b/proofs/cbmc/poly_tomsg/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/compress.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_tomsg +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_tomsg USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_tomsg +FUNCTION_NAME = $(MLK_NAMESPACE)poly_tomsg # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/polyvec_add/Makefile b/proofs/cbmc/polyvec_add/Makefile index 2670efe07..653cdf5ef 100644 --- a/proofs/cbmc/polyvec_add/Makefile +++ b/proofs/cbmc/polyvec_add/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_add.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_add.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_add -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_add +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_add +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_add APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/polyvec_basemul_acc_montgomery/Makefile b/proofs/cbmc/polyvec_basemul_acc_montgomery/Makefile index 1c82e5765..0406bb78c 100644 --- a/proofs/cbmc/polyvec_basemul_acc_montgomery/Makefile +++ b/proofs/cbmc/polyvec_basemul_acc_montgomery/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_basemul_acc_montgomery -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_mulcache_compute $(MLKEM_NAMESPACE)polyvec_basemul_acc_montgomery_cached +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_basemul_acc_montgomery +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_mulcache_compute $(MLK_NAMESPACE)polyvec_basemul_acc_montgomery_cached APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/polyvec_basemul_acc_montgomery_cached/Makefile b/proofs/cbmc/polyvec_basemul_acc_montgomery_cached/Makefile index aa586bae2..2ebdd1f0b 100644 --- a/proofs/cbmc/polyvec_basemul_acc_montgomery_cached/Makefile +++ b/proofs/cbmc/polyvec_basemul_acc_montgomery_cached/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_basemul_acc_montgomery_cached -USE_FUNCTION_CONTRACTS= $(MLKEM_NAMESPACE)montgomery_reduce +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_basemul_acc_montgomery_cached +USE_FUNCTION_CONTRACTS= $(MLK_NAMESPACE)montgomery_reduce APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/polyvec_basemul_acc_montgomery_cached_native/Makefile b/proofs/cbmc/polyvec_basemul_acc_montgomery_cached_native/Makefile index 8f4e06a74..733ec3865 100644 --- a/proofs/cbmc/polyvec_basemul_acc_montgomery_cached_native/Makefile +++ b/proofs/cbmc/polyvec_basemul_acc_montgomery_cached_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = polyvec_basemul_acc_montgomery_cached_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = polyvec_basemul_acc_montgomery_cached_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_basemul_acc_montgomery_cached +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_basemul_acc_montgomery_cached USE_FUNCTION_CONTRACTS=polyvec_basemul_acc_montgomery_cached_k$(MLKEM_K)_native APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/polyvec_compress_du/Makefile b/proofs/cbmc/polyvec_compress_du/Makefile index a9ec93b56..61862a7b1 100644 --- a/proofs/cbmc/polyvec_compress_du/Makefile +++ b/proofs/cbmc/polyvec_compress_du/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_compress_du.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_compress_du.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_compress_du -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_compress_du +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_compress_du +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_compress_du APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)polyvec_compress_du +FUNCTION_NAME = $(MLK_NAMESPACE)polyvec_compress_du # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/polyvec_decompress_du/Makefile b/proofs/cbmc/polyvec_decompress_du/Makefile index b013bb381..60377f11b 100644 --- a/proofs/cbmc/polyvec_decompress_du/Makefile +++ b/proofs/cbmc/polyvec_decompress_du/Makefile @@ -13,14 +13,14 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_decompress_du.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_decompress_du.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_decompress_du +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_decompress_du -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_decompress_du +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_decompress_du APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -28,7 +28,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)polyvec_decompress_du +FUNCTION_NAME = $(MLK_NAMESPACE)polyvec_decompress_du # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/polyvec_frombytes/Makefile b/proofs/cbmc/polyvec_frombytes/Makefile index 9d09c1309..569bfb610 100644 --- a/proofs/cbmc/polyvec_frombytes/Makefile +++ b/proofs/cbmc/polyvec_frombytes/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_frombytes.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_frombytes.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_frombytes -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_frombytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_frombytes +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_frombytes APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)polyvec_frombytes +FUNCTION_NAME = $(MLK_NAMESPACE)polyvec_frombytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/polyvec_invntt_tomont/Makefile b/proofs/cbmc/polyvec_invntt_tomont/Makefile index 4dc0c1068..76c459c8c 100644 --- a/proofs/cbmc/polyvec_invntt_tomont/Makefile +++ b/proofs/cbmc/polyvec_invntt_tomont/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_invntt_tomont.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_invntt_tomont.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_invntt_tomont -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_invntt_tomont +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_invntt_tomont +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_invntt_tomont APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/polyvec_mulcache_compute/Makefile b/proofs/cbmc/polyvec_mulcache_compute/Makefile index d641360f2..e20e44e37 100644 --- a/proofs/cbmc/polyvec_mulcache_compute/Makefile +++ b/proofs/cbmc/polyvec_mulcache_compute/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_mulcache_compute.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_mulcache_compute.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_mulcache_compute -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_mulcache_compute +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_mulcache_compute +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_mulcache_compute APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/polyvec_ntt/Makefile b/proofs/cbmc/polyvec_ntt/Makefile index 2409fc7b1..ec79050d9 100644 --- a/proofs/cbmc/polyvec_ntt/Makefile +++ b/proofs/cbmc/polyvec_ntt/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_ntt.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_ntt.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_ntt -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_ntt +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_ntt +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_ntt APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/polyvec_reduce/Makefile b/proofs/cbmc/polyvec_reduce/Makefile index 3c9587c56..4d2db1e57 100644 --- a/proofs/cbmc/polyvec_reduce/Makefile +++ b/proofs/cbmc/polyvec_reduce/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_reduce.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_reduce.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_reduce -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_reduce +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_reduce +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_reduce APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)polyvec_reduce +FUNCTION_NAME = $(MLK_NAMESPACE)polyvec_reduce # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/polyvec_tobytes/Makefile b/proofs/cbmc/polyvec_tobytes/Makefile index 3158b0793..32c324682 100644 --- a/proofs/cbmc/polyvec_tobytes/Makefile +++ b/proofs/cbmc/polyvec_tobytes/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_tobytes.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_tobytes.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_tobytes -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_tobytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_tobytes +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_tobytes APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)polyvec_tobytes +FUNCTION_NAME = $(MLK_NAMESPACE)polyvec_tobytes # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/polyvec_tomont/Makefile b/proofs/cbmc/polyvec_tomont/Makefile index 78ac30814..4186d4a1d 100644 --- a/proofs/cbmc/polyvec_tomont/Makefile +++ b/proofs/cbmc/polyvec_tomont/Makefile @@ -13,13 +13,13 @@ DEFINES += INCLUDES += REMOVE_FUNCTION_BODY += -UNWINDSET += $(MLKEM_NAMESPACE)polyvec_tomont.0:4 # Largest value of MLKEM_K +UNWINDSET += $(MLK_NAMESPACE)polyvec_tomont.0:4 # Largest value of MLKEM_K PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly_k.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)polyvec_tomont -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_tomont +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)polyvec_tomont +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_tomont APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--smt2 -FUNCTION_NAME = $(MLKEM_NAMESPACE)polyvec_tomont +FUNCTION_NAME = $(MLK_NAMESPACE)polyvec_tomont # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/proof_guide.md b/proofs/cbmc/proof_guide.md index 5523c6b81..32c2f5f85 100644 --- a/proofs/cbmc/proof_guide.md +++ b/proofs/cbmc/proof_guide.md @@ -286,15 +286,15 @@ Edit the Makefile and update the definition of the following variables: * HARNESS_FILE - should be `XXX_harness` * PROOF_UID - should be `XXX` * PROJECT_SOURCES - should the files containing the source code of XXX -* CHECK_FUNCTION_CONTRACTS - set to the `XXX`, but including the `$(MLKEM_NAMESPACE)` prefix if required +* CHECK_FUNCTION_CONTRACTS - set to the `XXX`, but including the `$(MLK_NAMESPACE)` prefix if required * USE_FUNCTION_CONTRACTS - a list of functions that `XXX` calls where you want CBMC to use the contracts of the called - function for proof, rather than 'inlining' the called function for proof. Include the `$(MLKEM_NAMESPACE)` prefix if + function for proof, rather than 'inlining' the called function for proof. Include the `$(MLK_NAMESPACE)` prefix if required * EXTERNAL_SAT_SOLVER - should _always_ be "nothing" to prevent CBMC selecting a SAT backend over the selected SMT backend. * CBMCFLAGS - additional flags to pass to the final run of CBMC. This is normally set to `--smt2` which tells cbmc to run Z3 as its underlying solver. Can also be set to `--bitwuzla` which is sometimes better at generaing counter-examples when Z3 fails. -* FUNCTION_NAME - set to `XXX` with the `$(MLKEM_NAMESPACE)` prefix if required +* FUNCTION_NAME - set to `XXX` with the `$(MLK_NAMESPACE)` prefix if required * CBMC_OBJECT_BITS. Normally set to 8, but might need to be increased if CBMC runs out of memory for this proof. For documentation of these (and the other) options, see the [cbmc/Makefile.common](Makefile.common) file. @@ -416,9 +416,9 @@ The significant changes are: HARNESS_FILE = poly_tobytes_harness PROOF_UID = poly_tobytes PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)poly_tobytes +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)poly_tobytes USE_FUNCTION_CONTRACTS= -FUNCTION_NAME = $(MLKEM_NAMESPACE)poly_tobytes +FUNCTION_NAME = $(MLK_NAMESPACE)poly_tobytes ``` Note that `USE_FUNCTION_CONTRACTS` is left empty since `poly_tobytes()` is a leaf function that does not call any other functions at all. diff --git a/proofs/cbmc/rej_uniform/Makefile b/proofs/cbmc/rej_uniform/Makefile index d768bbf1e..88e70bc84 100644 --- a/proofs/cbmc/rej_uniform/Makefile +++ b/proofs/cbmc/rej_uniform/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/sampling.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)rej_uniform -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)rej_uniform_scalar +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)rej_uniform +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)rej_uniform_scalar APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)rej_uniform +FUNCTION_NAME = $(MLK_NAMESPACE)rej_uniform # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/rej_uniform/rej_uniform_harness.c b/proofs/cbmc/rej_uniform/rej_uniform_harness.c index d36027b3d..0a38d9baa 100644 --- a/proofs/cbmc/rej_uniform/rej_uniform_harness.c +++ b/proofs/cbmc/rej_uniform/rej_uniform_harness.c @@ -5,7 +5,7 @@ #include #include "cbmc.h" -#define rej_uniform MLKEM_NAMESPACE(rej_uniform) +#define rej_uniform MLK_NAMESPACE(rej_uniform) unsigned rej_uniform(int16_t *r, unsigned target, unsigned offset, const uint8_t *buf, unsigned buflen); diff --git a/proofs/cbmc/rej_uniform_native/Makefile b/proofs/cbmc/rej_uniform_native/Makefile index 013c1bc6c..1fc2ee10b 100644 --- a/proofs/cbmc/rej_uniform_native/Makefile +++ b/proofs/cbmc/rej_uniform_native/Makefile @@ -9,7 +9,7 @@ HARNESS_FILE = rej_uniform_native_harness # Litani dashboard. It can be human-readable and contain spaces if you wish. PROOF_UID = rej_uniform_native -DEFINES += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_NATIVE_ARITH_BACKEND_FILE="\"dummy_backend.h\"" +DEFINES += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_ARITH_BACKEND_FILE="\"dummy_backend.h\"" INCLUDES += REMOVE_FUNCTION_BODY += @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/sampling.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)rej_uniform -USE_FUNCTION_CONTRACTS=rej_uniform_native $(MLKEM_NAMESPACE)rej_uniform_scalar +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)rej_uniform +USE_FUNCTION_CONTRACTS=rej_uniform_native $(MLK_NAMESPACE)rej_uniform_scalar APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/rej_uniform_native/rej_uniform_native_harness.c b/proofs/cbmc/rej_uniform_native/rej_uniform_native_harness.c index d36027b3d..0a38d9baa 100644 --- a/proofs/cbmc/rej_uniform_native/rej_uniform_native_harness.c +++ b/proofs/cbmc/rej_uniform_native/rej_uniform_native_harness.c @@ -5,7 +5,7 @@ #include #include "cbmc.h" -#define rej_uniform MLKEM_NAMESPACE(rej_uniform) +#define rej_uniform MLK_NAMESPACE(rej_uniform) unsigned rej_uniform(int16_t *r, unsigned target, unsigned offset, const uint8_t *buf, unsigned buflen); diff --git a/proofs/cbmc/rej_uniform_scalar/Makefile b/proofs/cbmc/rej_uniform_scalar/Makefile index 0af5d930d..42777a873 100644 --- a/proofs/cbmc/rej_uniform_scalar/Makefile +++ b/proofs/cbmc/rej_uniform_scalar/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/sampling.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)rej_uniform_scalar +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)rej_uniform_scalar USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/rej_uniform_scalar/rej_uniform_scalar_harness.c b/proofs/cbmc/rej_uniform_scalar/rej_uniform_scalar_harness.c index 7e5356d29..b075d29bd 100644 --- a/proofs/cbmc/rej_uniform_scalar/rej_uniform_scalar_harness.c +++ b/proofs/cbmc/rej_uniform_scalar/rej_uniform_scalar_harness.c @@ -4,7 +4,7 @@ #include "sampling.h" -#define rej_uniform_scalar MLKEM_NAMESPACE(rej_uniform_scalar) +#define rej_uniform_scalar MLK_NAMESPACE(rej_uniform_scalar) unsigned rej_uniform_scalar(int16_t *r, unsigned target, unsigned offset, const uint8_t *buf, unsigned buflen); diff --git a/proofs/cbmc/scalar_compress_d1/Makefile b/proofs/cbmc/scalar_compress_d1/Makefile index 32a1e6977..6f229e6cf 100644 --- a/proofs/cbmc/scalar_compress_d1/Makefile +++ b/proofs/cbmc/scalar_compress_d1/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_compress_d1 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_compress_d1 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_compress_d10/Makefile b/proofs/cbmc/scalar_compress_d10/Makefile index ec15ccfe4..b41599211 100644 --- a/proofs/cbmc/scalar_compress_d10/Makefile +++ b/proofs/cbmc/scalar_compress_d10/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_compress_d10 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_compress_d10 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_compress_d11/Makefile b/proofs/cbmc/scalar_compress_d11/Makefile index 86076358b..d1b9051b5 100644 --- a/proofs/cbmc/scalar_compress_d11/Makefile +++ b/proofs/cbmc/scalar_compress_d11/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_compress_d11 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_compress_d11 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_compress_d4/Makefile b/proofs/cbmc/scalar_compress_d4/Makefile index 906c8f2b6..8377cd35e 100644 --- a/proofs/cbmc/scalar_compress_d4/Makefile +++ b/proofs/cbmc/scalar_compress_d4/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_compress_d4 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_compress_d4 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_compress_d5/Makefile b/proofs/cbmc/scalar_compress_d5/Makefile index c843a70a9..fc28411dc 100644 --- a/proofs/cbmc/scalar_compress_d5/Makefile +++ b/proofs/cbmc/scalar_compress_d5/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_compress_d5 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_compress_d5 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_decompress_d10/Makefile b/proofs/cbmc/scalar_decompress_d10/Makefile index 413ac3d8e..37349b2e0 100644 --- a/proofs/cbmc/scalar_decompress_d10/Makefile +++ b/proofs/cbmc/scalar_decompress_d10/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_decompress_d10 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_decompress_d10 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_decompress_d11/Makefile b/proofs/cbmc/scalar_decompress_d11/Makefile index f92eeb34a..ef8ba667d 100644 --- a/proofs/cbmc/scalar_decompress_d11/Makefile +++ b/proofs/cbmc/scalar_decompress_d11/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_decompress_d11 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_decompress_d11 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_decompress_d4/Makefile b/proofs/cbmc/scalar_decompress_d4/Makefile index c3dae80c2..7159a9afa 100644 --- a/proofs/cbmc/scalar_decompress_d4/Makefile +++ b/proofs/cbmc/scalar_decompress_d4/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_decompress_d4 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_decompress_d4 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_decompress_d5/Makefile b/proofs/cbmc/scalar_decompress_d5/Makefile index ecd943651..9f0137693 100644 --- a/proofs/cbmc/scalar_decompress_d5/Makefile +++ b/proofs/cbmc/scalar_decompress_d5/Makefile @@ -18,7 +18,7 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_decompress_d5 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_decompress_d5 USE_FUNCTION_CONTRACTS= APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_signed_to_unsigned_q/Makefile b/proofs/cbmc/scalar_signed_to_unsigned_q/Makefile index c613fe0e7..2483afb6a 100644 --- a/proofs/cbmc/scalar_signed_to_unsigned_q/Makefile +++ b/proofs/cbmc/scalar_signed_to_unsigned_q/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/poly.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)scalar_signed_to_unsigned_q -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)ct_sel_int16 $(MLKEM_NAMESPACE)ct_cmask_neg_i16 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)scalar_signed_to_unsigned_q +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)ct_sel_int16 $(MLK_NAMESPACE)ct_cmask_neg_i16 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 diff --git a/proofs/cbmc/scalar_signed_to_unsigned_q/scalar_signed_to_unsigned_q_harness.c b/proofs/cbmc/scalar_signed_to_unsigned_q/scalar_signed_to_unsigned_q_harness.c index 5512a02af..b0fa91a84 100644 --- a/proofs/cbmc/scalar_signed_to_unsigned_q/scalar_signed_to_unsigned_q_harness.c +++ b/proofs/cbmc/scalar_signed_to_unsigned_q/scalar_signed_to_unsigned_q_harness.c @@ -5,7 +5,7 @@ #include #include "common.h" -#define scalar_signed_to_unsigned_q MLKEM_NAMESPACE(scalar_signed_to_unsigned_q) +#define scalar_signed_to_unsigned_q MLK_NAMESPACE(scalar_signed_to_unsigned_q) uint16_t scalar_signed_to_unsigned_q(int16_t c); void harness(void) diff --git a/proofs/cbmc/sha3_256/Makefile b/proofs/cbmc/sha3_256/Makefile index 78c19a212..ed91efda3 100644 --- a/proofs/cbmc/sha3_256/Makefile +++ b/proofs/cbmc/sha3_256/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)sha3_256 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_absorb_once $(MLKEM_NAMESPACE)keccak_squeeze_once +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)sha3_256 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_absorb_once $(MLK_NAMESPACE)keccak_squeeze_once APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)sha3_256 +FUNCTION_NAME = $(MLK_NAMESPACE)sha3_256 # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/sha3_512/Makefile b/proofs/cbmc/sha3_512/Makefile index 30a380653..d76e3a489 100644 --- a/proofs/cbmc/sha3_512/Makefile +++ b/proofs/cbmc/sha3_512/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)sha3_512 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_absorb_once $(MLKEM_NAMESPACE)keccak_squeeze_once +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)sha3_512 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_absorb_once $(MLK_NAMESPACE)keccak_squeeze_once APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)sha3_512 +FUNCTION_NAME = $(MLK_NAMESPACE)sha3_512 # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/shake128_absorb_once/Makefile b/proofs/cbmc/shake128_absorb_once/Makefile index 34ed19d6b..33e42485c 100644 --- a/proofs/cbmc/shake128_absorb_once/Makefile +++ b/proofs/cbmc/shake128_absorb_once/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)shake128_absorb_once -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_absorb_once +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)shake128_absorb_once +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_absorb_once APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)shake128_absorb_once +FUNCTION_NAME = $(MLK_NAMESPACE)shake128_absorb_once # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/shake128_squeezeblocks/Makefile b/proofs/cbmc/shake128_squeezeblocks/Makefile index d2f5032db..53fe85de0 100644 --- a/proofs/cbmc/shake128_squeezeblocks/Makefile +++ b/proofs/cbmc/shake128_squeezeblocks/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)shake128_squeezeblocks -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_squeezeblocks +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)shake128_squeezeblocks +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_squeezeblocks APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)shake128_squeezeblocks +FUNCTION_NAME = $(MLK_NAMESPACE)shake128_squeezeblocks # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/shake128x4_absorb_once/Makefile b/proofs/cbmc/shake128x4_absorb_once/Makefile index 280530e1c..63a12b0f5 100644 --- a/proofs/cbmc/shake128x4_absorb_once/Makefile +++ b/proofs/cbmc/shake128x4_absorb_once/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202x4.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)shake128x4_absorb_once -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_absorb_once_x4 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)shake128x4_absorb_once +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_absorb_once_x4 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)shake128x4_absorb_once +FUNCTION_NAME = $(MLK_NAMESPACE)shake128x4_absorb_once # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/shake128x4_squeezeblocks/Makefile b/proofs/cbmc/shake128x4_squeezeblocks/Makefile index b7de82e0e..d59047c70 100644 --- a/proofs/cbmc/shake128x4_squeezeblocks/Makefile +++ b/proofs/cbmc/shake128x4_squeezeblocks/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202x4.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)shake128x4_squeezeblocks -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_squeezeblocks_x4 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)shake128x4_squeezeblocks +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_squeezeblocks_x4 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)shake128x4_squeezeblocks +FUNCTION_NAME = $(MLK_NAMESPACE)shake128x4_squeezeblocks # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/shake256/Makefile b/proofs/cbmc/shake256/Makefile index 02da46f21..75170af94 100644 --- a/proofs/cbmc/shake256/Makefile +++ b/proofs/cbmc/shake256/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)shake256 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_absorb_once $(MLKEM_NAMESPACE)keccak_squeeze_once +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)shake256 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_absorb_once $(MLK_NAMESPACE)keccak_squeeze_once APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)shake256 +FUNCTION_NAME = $(MLK_NAMESPACE)shake256 # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/cbmc/shake256x4/Makefile b/proofs/cbmc/shake256x4/Makefile index 68e9e6f92..d7160c9c6 100644 --- a/proofs/cbmc/shake256x4/Makefile +++ b/proofs/cbmc/shake256x4/Makefile @@ -18,8 +18,8 @@ UNWINDSET += PROOF_SOURCES += $(PROOFDIR)/$(HARNESS_FILE).c PROJECT_SOURCES += $(SRCDIR)/mlkem/fips202/fips202x4.c -CHECK_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)shake256x4 -USE_FUNCTION_CONTRACTS=$(MLKEM_NAMESPACE)keccak_absorb_once_x4 $(MLKEM_NAMESPACE)keccak_squeezeblocks_x4 +CHECK_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)shake256x4 +USE_FUNCTION_CONTRACTS=$(MLK_NAMESPACE)keccak_absorb_once_x4 $(MLK_NAMESPACE)keccak_squeezeblocks_x4 APPLY_LOOP_CONTRACTS=on USE_DYNAMIC_FRAMES=1 @@ -27,7 +27,7 @@ USE_DYNAMIC_FRAMES=1 EXTERNAL_SAT_SOLVER= CBMCFLAGS=--bitwuzla -FUNCTION_NAME = $(MLKEM_NAMESPACE)shake256x4 +FUNCTION_NAME = $(MLK_NAMESPACE)shake256x4 # If this proof is found to consume huge amounts of RAM, you can set the # EXPENSIVE variable. With new enough versions of the proof tools, this will diff --git a/proofs/hol_light/arm/mlkem/mlkem_intt.S b/proofs/hol_light/arm/mlkem/mlkem_intt.S index d5659c004..567613788 100644 --- a/proofs/hol_light/arm/mlkem/mlkem_intt.S +++ b/proofs/hol_light/arm/mlkem/mlkem_intt.S @@ -25,7 +25,7 @@ /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/intt_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/proofs/hol_light/arm/mlkem/mlkem_ntt.S b/proofs/hol_light/arm/mlkem/mlkem_ntt.S index 185fc651a..3b09c5df1 100644 --- a/proofs/hol_light/arm/mlkem/mlkem_ntt.S +++ b/proofs/hol_light/arm/mlkem/mlkem_ntt.S @@ -26,7 +26,7 @@ /* - * WARNING: This file is auto-derived from the mlkem-native source file + * WARNING: This file is auto-derived from the mlkem-native source file * dev/aarch64_opt/src/ntt_opt.S using scripts/simpasm. Do not modify it directly. */ diff --git a/scripts/autogen b/scripts/autogen index aa24f0698..547b5562a 100755 --- a/scripts/autogen +++ b/scripts/autogen @@ -111,22 +111,22 @@ def gen_c_zeta_file(dry_run=False): def gen(): yield from gen_header() yield '#include "common.h"' - yield "#if !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)" + yield "#if !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)" yield '#include "poly.h"' yield "" yield "/*" yield " * Table of zeta values used in the reference NTT and inverse NTT." yield " * See autogen for details." yield " */" - yield "ALIGN const int16_t zetas[128] = {" + yield "MLK_ALIGN const int16_t zetas[128] = {" yield from map(lambda t: str(t) + ",", gen_c_zetas()) yield "};" yield "" - yield "#else /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */" + yield "#else /* MLK_MULTILEVEL_BUILD_NO_SHARED */" yield "" - yield "MLKEM_NATIVE_EMPTY_CU(zetas)" + yield "MLK_EMPTY_CU(zetas)" yield "" - yield "#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED */" + yield "#endif /* MLK_MULTILEVEL_BUILD_NO_SHARED */" yield "" update_file("mlkem/zetas.c", "\n".join(gen()), dry_run=dry_run) @@ -325,8 +325,8 @@ def gen_aarch64_fwd_ntt_zeta_file(dry_run=False): yield from gen_header() yield '#include "../../../common.h"' yield "" - yield f"#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_{suffix.upper()}) && \\" - yield " !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)" + yield f"#if defined(MLK_ARITH_BACKEND_AARCH64_{suffix.upper()}) && \\" + yield " !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)" yield "" yield "#include " yield '#include "arith_native_aarch64.h"' @@ -335,38 +335,38 @@ def gen_aarch64_fwd_ntt_zeta_file(dry_run=False): yield " * Table of zeta values used in the AArch64 forward NTT" yield " * See autogen for details." yield " */" - yield "ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = {" + yield "MLK_ALIGN const int16_t aarch64_ntt_zetas_layer01234[] = {" yield from map(lambda t: str(t) + ",", gen_aarch64_fwd_ntt_zetas_layer01234()) yield "};" yield "" - yield "ALIGN const int16_t aarch64_ntt_zetas_layer56[] = {" + yield "MLK_ALIGN const int16_t aarch64_ntt_zetas_layer56[] = {" yield from map(lambda t: str(t) + ",", gen_aarch64_fwd_ntt_zetas_layer56()) yield "};" yield "" - yield "ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = {" + yield "MLK_ALIGN const int16_t aarch64_invntt_zetas_layer01234[] = {" yield from map(lambda t: str(t) + ",", gen_aarch64_inv_ntt_zetas_layer01234()) yield "};" yield "" - yield "ALIGN const int16_t aarch64_invntt_zetas_layer56[] = {" + yield "MLK_ALIGN const int16_t aarch64_invntt_zetas_layer56[] = {" yield from map(lambda t: str(t) + ",", gen_aarch64_inv_ntt_zetas_layer56()) yield "};" yield "" - yield "ALIGN const int16_t aarch64_zetas_mulcache_native[] = {" + yield "MLK_ALIGN const int16_t aarch64_zetas_mulcache_native[] = {" yield from map(lambda t: str(t) + ",", gen_aarch64_mulcache_twiddles()) yield "};" yield "" - yield "ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = {" + yield "MLK_ALIGN const int16_t aarch64_zetas_mulcache_twisted_native[] = {" yield from map(lambda t: str(t) + ",", gen_aarch64_mulcache_twiddles_twisted()) yield "};" yield "" - yield f"#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_{suffix.upper()})" - yield " && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */" + yield f"#else /* defined(MLK_ARITH_BACKEND_AARCH64_{suffix.upper()})" + yield " && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */" yield "" - yield "MLKEM_NATIVE_EMPTY_CU(aarch64_zetas)" + yield "MLK_EMPTY_CU(aarch64_zetas)" yield "" yield "" - yield f"#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_{suffix.upper()})" - yield " && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */" + yield f"#endif /* defined(MLK_ARITH_BACKEND_AARCH64_{suffix.upper()})" + yield " && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */" yield "" update_file( @@ -406,8 +406,8 @@ def gen_aarch64_rej_uniform_table(dry_run=False): yield from gen_header() yield '#include "../../../common.h"' yield "" - yield f"#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_{suffix.upper()}) && \\" - yield " !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)" + yield f"#if defined(MLK_ARITH_BACKEND_AARCH64_{suffix.upper()}) && \\" + yield " !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)" yield "" yield "#include " yield '#include "arith_native_aarch64.h"' @@ -416,17 +416,17 @@ def gen_aarch64_rej_uniform_table(dry_run=False): yield " * Lookup table used by rejection sampling of the public matrix." yield " * See autogen for details." yield " */" - yield "ALIGN const uint8_t rej_uniform_table[] = {" + yield "MLK_ALIGN const uint8_t rej_uniform_table[] = {" yield from map(lambda t: str(t) + ",", gen_aarch64_rej_uniform_table_rows()) yield "};" yield "" - yield f"#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_{suffix.upper()})" - yield " && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */" + yield f"#else /* defined(MLK_ARITH_BACKEND_AARCH64_{suffix.upper()})" + yield " && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */" yield "" - yield "MLKEM_NATIVE_EMPTY_CU(aarch64_rej_uniform_table)" + yield "MLK_EMPTY_CU(aarch64_rej_uniform_table)" yield "" - yield f"#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_{suffix.upper()})" - yield " && !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */" + yield f"#endif /* defined(MLK_ARITH_BACKEND_AARCH64_{suffix.upper()})" + yield " && !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */" yield "" update_file( @@ -465,8 +465,8 @@ def gen_avx2_rej_uniform_table(dry_run=False): yield from gen_header() yield '#include "../../../common.h"' yield "" - yield "#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \\" - yield " !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED)" + yield "#if defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \\" + yield " !defined(MLK_MULTILEVEL_BUILD_NO_SHARED)" yield "" yield "#include " yield '#include "arith_native_x86_64.h"' @@ -475,17 +475,17 @@ def gen_avx2_rej_uniform_table(dry_run=False): yield " * Lookup table used by rejection sampling of the public matrix." yield " * See autogen for details." yield " */" - yield "ALIGN const uint8_t rej_uniform_table[256][8] = {" + yield "MLK_ALIGN const uint8_t rej_uniform_table[256][8] = {" yield from map(lambda t: str(t) + ",", gen_avx2_rej_uniform_table_rows()) yield "};" yield "" - yield "#else /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \\" - yield " !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */" + yield "#else /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \\" + yield " !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */" yield "" - yield "MLKEM_NATIVE_EMPTY_CU(avx2_rej_uniform_table)" + yield "MLK_EMPTY_CU(avx2_rej_uniform_table)" yield "" - yield "#endif /* defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) && \\" - yield " !defined(MLKEM_NATIVE_MULTILEVEL_BUILD_NO_SHARED) */" + yield "#endif /* defined(MLK_ARITH_BACKEND_X86_64_DEFAULT) && \\" + yield " !defined(MLK_MULTILEVEL_BUILD_NO_SHARED) */" yield "" update_file( @@ -703,26 +703,26 @@ def gen_monolithic_source_file(dry_run=False): yield "" for c in filter(lambda c: not native(c), c_sources): yield f'#include "{c}"' - yield "#if defined(MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH)" - yield "#if defined(SYS_AARCH64)" + yield "#if defined(MLK_MONOBUILD_WITH_NATIVE_ARITH)" + yield "#if defined(MLK_SYS_AARCH64)" for c in filter(native_arith_aarch64, c_sources): yield f'#include "{c}"' - yield "#endif /* SYS_AARCH64 */" - yield "#if defined(SYS_X86_64)" + yield "#endif /* MLK_SYS_AARCH64 */" + yield "#if defined(MLK_SYS_X86_64)" for c in filter(native_arith_x86_64, c_sources): yield f'#include "{c}"' - yield "#endif /* SYS_X86_64 */" - yield "#endif /* MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_ARITH */" - yield "#if defined(MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202)" - yield "#if defined(SYS_AARCH64)" + yield "#endif /* MLK_SYS_X86_64 */" + yield "#endif /* MLK_MONOBUILD_WITH_NATIVE_ARITH */" + yield "#if defined(MLK_MONOBUILD_WITH_NATIVE_FIPS202)" + yield "#if defined(MLK_SYS_AARCH64)" for c in filter(native_fips202_aarch64, c_sources): yield f'#include "{c}"' - yield "#endif /* SYS_AARCH64 */" - yield "#if defined(SYS_X86_64)" + yield "#endif /* MLK_SYS_AARCH64 */" + yield "#if defined(MLK_SYS_X86_64)" for c in filter(native_fips202_x86_64, c_sources): yield f'#include "{c}"' - yield "#endif /* SYS_X86_64 */" - yield "#endif /* MLKEM_NATIVE_MONOBUILD_WITH_NATIVE_FIPS202 */" + yield "#endif /* MLK_SYS_X86_64 */" + yield "#endif /* MLK_MONOBUILD_WITH_NATIVE_FIPS202 */" yield "" yield from gen_monolithic_undef_all_core( filt=k_specific, desc="MLKEM_K-specific files" @@ -877,7 +877,7 @@ def gen_hol_light_asm(dry_run=False): f"dev/aarch64_opt/src/{infile}", "proofs/hol_light/arm/mlkem", outfile=outfile, - cflags="-Imlkem/native/aarch64/src -DMLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT", + cflags="-Imlkem/native/aarch64/src -DMLK_ARITH_BACKEND_AARCH64_OPT", preserve_header=False, dry_run=dry_run, ) @@ -991,13 +991,13 @@ def synchronize_backends( def adjust_header_guard_for_filename(content, header_file): content = content.split("\n") - exceptions = {"mlkem/mlkem_native.h": "MLKEM_NATIVE_H"} + exceptions = {"mlkem/mlkem_native.h": "MLK_H"} # Use full filename as the header guard, with '/' and '.' replaced by '_' guard_name = ( header_file.removeprefix("mlkem/").replace("/", "_").replace(".", "_").upper() ) - guard_name = "MLKEM_NATIVE_" + guard_name + guard_name = "MLK_" + guard_name if header_file in exceptions.keys(): guard_name = exceptions[header_file] diff --git a/scripts/tests b/scripts/tests index 0640a2b70..89dec7a78 100755 --- a/scripts/tests +++ b/scripts/tests @@ -199,7 +199,7 @@ class TEST_TYPES(Enum): ACVP = 6 BRING_YOUR_OWN_FIPS202 = 7 CUSTOM_BACKEND = 8 - MLKEM_NATIVE_AS_CODE_PACKAGE = 9 + MLK_AS_CODE_PACKAGE = 9 MONOLITHIC_BUILD = 10 MONOLITHIC_BUILD_MULTILEVEL = 11 MULTILEVEL_BUILD = 12 @@ -217,7 +217,7 @@ class TEST_TYPES(Enum): return [ TEST_TYPES.BRING_YOUR_OWN_FIPS202, TEST_TYPES.CUSTOM_BACKEND, - TEST_TYPES.MLKEM_NATIVE_AS_CODE_PACKAGE, + TEST_TYPES.MLK_AS_CODE_PACKAGE, TEST_TYPES.MONOLITHIC_BUILD, TEST_TYPES.MONOLITHIC_BUILD_MULTILEVEL, TEST_TYPES.MONOLITHIC_BUILD_MULTILEVEL_NATIVE, @@ -254,7 +254,7 @@ class TEST_TYPES(Enum): return "Example (Bring-Your-Own-FIPS202)" if self == TEST_TYPES.CUSTOM_BACKEND: return "Example (Custom Backend)" - if self == TEST_TYPES.MLKEM_NATIVE_AS_CODE_PACKAGE: + if self == TEST_TYPES.MLK_AS_CODE_PACKAGE: return "Example (mlkem-native as code package)" if self == TEST_TYPES.MONOLITHIC_BUILD: return "Example (monobuild)" @@ -272,7 +272,7 @@ class TEST_TYPES(Enum): return "examples/bring_your_own_fips202" if self == TEST_TYPES.CUSTOM_BACKEND: return "examples/custom_backend" - if self == TEST_TYPES.MLKEM_NATIVE_AS_CODE_PACKAGE: + if self == TEST_TYPES.MLK_AS_CODE_PACKAGE: return "examples/mlkem_native_as_code_package" if self == TEST_TYPES.MONOLITHIC_BUILD: return "examples/monolithic_build" @@ -303,7 +303,7 @@ class TEST_TYPES(Enum): return "" if self == TEST_TYPES.CUSTOM_BACKEND: return "" - if self == TEST_TYPES.MLKEM_NATIVE_AS_CODE_PACKAGE: + if self == TEST_TYPES.MLK_AS_CODE_PACKAGE: return "" if self == TEST_TYPES.MONOLITHIC_BUILD: return "" diff --git a/test/bench_components_mlkem.c b/test/bench_components_mlkem.c index 8f590d0db..f7b46983c 100644 --- a/test/bench_components_mlkem.c +++ b/test/bench_components_mlkem.c @@ -54,11 +54,11 @@ static int cmp_uint64_t(const void *a, const void *b) static int bench(void) { - ALIGN uint64_t data0[1024]; - ALIGN uint64_t data1[1024]; - ALIGN uint64_t data2[1024]; - ALIGN uint64_t data3[1024]; - ALIGN uint64_t data4[1024]; + MLK_ALIGN uint64_t data0[1024]; + MLK_ALIGN uint64_t data1[1024]; + MLK_ALIGN uint64_t data2[1024]; + MLK_ALIGN uint64_t data3[1024]; + MLK_ALIGN uint64_t data4[1024]; uint8_t *seed[4]; uint8_t nonce0 = 0, nonce1 = 1, nonce2 = 2, nonce3 = 3; uint64_t cyc[NTESTS]; @@ -185,7 +185,7 @@ static int bench(void) BENCH("gen_matrix", gen_matrix((polyvec *)data0, (uint8_t *)data1, 0)) -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN) +#if defined(MLK_ARITH_BACKEND_AARCH64_CLEAN) BENCH("ntt-clean", ntt_asm_clean((int16_t *)data0, (int16_t *)data1, (int16_t *)data2)); BENCH("intt-clean", @@ -213,9 +213,9 @@ static int bench(void) (int16_t *)data0, (int16_t *)data1, (int16_t *)data2, (int16_t *)data3)); #endif -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN */ +#endif /* MLK_ARITH_BACKEND_AARCH64_CLEAN */ -#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT) +#if defined(MLK_ARITH_BACKEND_AARCH64_OPT) BENCH("ntt-opt", ntt_asm_opt((int16_t *)data0, (int16_t *)data1, (int16_t *)data2)); BENCH("intt-opt", @@ -241,7 +241,7 @@ static int bench(void) (int16_t *)data0, (int16_t *)data1, (int16_t *)data2, (int16_t *)data3)); #endif -#endif /* MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT */ +#endif /* MLK_ARITH_BACKEND_AARCH64_OPT */ return 0; } diff --git a/test/gen_KAT.c b/test/gen_KAT.c index 648042e7b..a28b0da96 100644 --- a/test/gen_KAT.c +++ b/test/gen_KAT.c @@ -24,12 +24,12 @@ static void print_hex(const char *label, const uint8_t *data, size_t size) int main(void) { unsigned i; - ALIGN uint8_t coins[3 * CRYPTO_SYMBYTES]; - ALIGN uint8_t pk[CRYPTO_PUBLICKEYBYTES]; - ALIGN uint8_t sk[CRYPTO_SECRETKEYBYTES]; - ALIGN uint8_t ct[CRYPTO_CIPHERTEXTBYTES]; - ALIGN uint8_t ss1[CRYPTO_BYTES]; - ALIGN uint8_t ss2[CRYPTO_BYTES]; + MLK_ALIGN uint8_t coins[3 * CRYPTO_SYMBYTES]; + MLK_ALIGN uint8_t pk[CRYPTO_PUBLICKEYBYTES]; + MLK_ALIGN uint8_t sk[CRYPTO_SECRETKEYBYTES]; + MLK_ALIGN uint8_t ct[CRYPTO_CIPHERTEXTBYTES]; + MLK_ALIGN uint8_t ss1[CRYPTO_BYTES]; + MLK_ALIGN uint8_t ss2[CRYPTO_BYTES]; const uint8_t seed[64] = { 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, diff --git a/test/gen_NISTKAT.c b/test/gen_NISTKAT.c index 1c6fd2d70..4875c56e2 100644 --- a/test/gen_NISTKAT.c +++ b/test/gen_NISTKAT.c @@ -51,13 +51,13 @@ static void randombytes_nth(uint8_t *seed, size_t nth, size_t len) int main(void) { - uint8_t seed[48] ALIGN; + uint8_t seed[48] MLK_ALIGN; FILE *fh = stdout; - uint8_t public_key[CRYPTO_PUBLICKEYBYTES] ALIGN; - uint8_t secret_key[CRYPTO_SECRETKEYBYTES] ALIGN; - uint8_t ciphertext[CRYPTO_CIPHERTEXTBYTES] ALIGN; - uint8_t shared_secret_e[CRYPTO_BYTES] ALIGN; - uint8_t shared_secret_d[CRYPTO_BYTES] ALIGN; + uint8_t public_key[CRYPTO_PUBLICKEYBYTES] MLK_ALIGN; + uint8_t secret_key[CRYPTO_SECRETKEYBYTES] MLK_ALIGN; + uint8_t ciphertext[CRYPTO_CIPHERTEXTBYTES] MLK_ALIGN; + uint8_t shared_secret_e[CRYPTO_BYTES] MLK_ALIGN; + uint8_t shared_secret_d[CRYPTO_BYTES] MLK_ALIGN; int rc; int count = 0; diff --git a/test/mk/auto.mk b/test/mk/auto.mk index fcc1468f6..82fe89b25 100644 --- a/test/mk/auto.mk +++ b/test/mk/auto.mk @@ -4,11 +4,11 @@ ifeq ($(HOST_PLATFORM),Linux-x86_64) ifeq ($(CROSS_PREFIX),) CFLAGS += -mavx2 -mbmi2 -mpopcnt -maes - CFLAGS += -DFORCE_X86_64 + CFLAGS += -DMLK_FORCE_X86_64 else ifneq ($(findstring aarch64_be, $(CROSS_PREFIX)),) - CFLAGS += -DFORCE_AARCH64_EB + CFLAGS += -DMLK_FORCE_AARCH64_EB else ifneq ($(findstring aarch64, $(CROSS_PREFIX)),) - CFLAGS += -DFORCE_AARCH64 + CFLAGS += -DMLK_FORCE_AARCH64 else endif @@ -16,14 +16,14 @@ endif # linux aarch64 else ifeq ($(HOST_PLATFORM),Linux-aarch64) ifeq ($(CROSS_PREFIX),) - CFLAGS += -DFORCE_AARCH64 + CFLAGS += -DMLK_FORCE_AARCH64 else ifneq ($(findstring x86_64, $(CROSS_PREFIX)),) CFLAGS += -mavx2 -mbmi2 -mpopcnt -maes - CFLAGS += -DFORCE_X86_64 + CFLAGS += -DMLK_FORCE_X86_64 else endif # darwin aarch64 else ifeq ($(HOST_PLATFORM),Darwin-arm64) - CFLAGS += -DFORCE_AARCH64 + CFLAGS += -DMLK_FORCE_AARCH64 endif diff --git a/test/mk/components.mk b/test/mk/components.mk index 5443022c1..c06ce0d43 100644 --- a/test/mk/components.mk +++ b/test/mk/components.mk @@ -8,7 +8,7 @@ endif SOURCES += $(wildcard mlkem/*.c) ifeq ($(OPT),1) SOURCES += $(wildcard mlkem/native/aarch64/src/*.[csS]) $(wildcard mlkem/native/x86_64/src/*.[csS]) - CFLAGS += -DMLKEM_USE_NATIVE_BACKEND_ARITH -DMLKEM_USE_NATIVE_BACKEND_FIPS202 + CFLAGS += -DMLK_USE_NATIVE_BACKEND_ARITH -DMLK_USE_NATIVE_BACKEND_FIPS202 endif ALL_TESTS = test_mlkem acvp_mlkem bench_mlkem bench_components_mlkem gen_NISTKAT gen_KAT diff --git a/test/test_mlkem.c b/test/test_mlkem.c index 27b051d02..d8b739f88 100644 --- a/test/test_mlkem.c +++ b/test/test_mlkem.c @@ -243,8 +243,7 @@ static int test_invalid_ciphertext(void) * are therefore at risk of being overflowed by vectorized code. */ static int test_poly_compress_no_overflow(void) { -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || \ - (MLKEM_K == 2 || MLKEM_K == 3) +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 || MLKEM_K == 3) { uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D4]; poly s; @@ -272,10 +271,10 @@ static int test_poly_compress_no_overflow(void) memset(r, 0, sizeof(r)); poly_decompress_d10(&s, r); } -#endif /* defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ +#endif /* defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || (MLKEM_K == 2 \ || MLKEM_K == 3) */ -#if defined(MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 +#if defined(MLK_MULTILEVEL_BUILD_WITH_SHARED) || MLKEM_K == 4 { uint8_t r[MLKEM_POLYCOMPRESSEDBYTES_D5]; poly s; @@ -303,7 +302,7 @@ static int test_poly_compress_no_overflow(void) memset(r, 0, sizeof(r)); poly_decompress_d11(&s, r); } -#endif /* MLKEM_NATIVE_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ +#endif /* MLK_MULTILEVEL_BUILD_WITH_SHARED || MLKEM_K == 4 */ return 0; } From 739d752a55c6f2780c91a344ef5a65edba9f8d5a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 6 Feb 2025 04:30:04 +0000 Subject: [PATCH 6/8] CBMC: Remove unused FIPS202_NAMESPACE from Makefile.common Signed-off-by: Hanno Becker --- proofs/cbmc/Makefile_params.common | 2 -- 1 file changed, 2 deletions(-) diff --git a/proofs/cbmc/Makefile_params.common b/proofs/cbmc/Makefile_params.common index 43ce52ddb..0cc78275a 100644 --- a/proofs/cbmc/Makefile_params.common +++ b/proofs/cbmc/Makefile_params.common @@ -15,5 +15,3 @@ else ifeq ($(MLKEM_K),4) else $(error Invalid value of MLKEM_K) endif - -FIPS202_NAMESPACE=PQCP_MLKEM_NATIVE_FIPS202_ From b892137bebaae0af2c97914bdeccebb4fc549910 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 6 Feb 2025 04:57:25 +0000 Subject: [PATCH 7/8] CI: Replace ubuntu-24.04-arm by pqcp-arm64 runner The ubuntu-24.04-arm runner unfortunately seem to be rather flaky. Signed-off-by: Hanno Becker --- .github/workflows/ci.yml | 16 +++++----------- .github/workflows/ct-tests.yml | 2 +- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1717cf664..09c1e7158 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,7 +20,7 @@ jobs: strategy: fail-fast: false matrix: - system: [ubuntu-latest, ubuntu-24.04-arm] + system: [ubuntu-latest, pqcp-arm64] name: Linting runs-on: ${{ matrix.system }} steps: @@ -129,7 +129,7 @@ jobs: name: Quickcheck lib strategy: matrix: - system: [macos-latest, ubuntu-latest, ubuntu-24.04-arm] + system: [macos-latest, ubuntu-latest, pqcp-arm64] runs-on: ${{ matrix.system }} steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 @@ -140,7 +140,7 @@ jobs: name: Examples strategy: matrix: - system: [macos-latest, ubuntu-latest, ubuntu-24.04-arm] + system: [macos-latest, ubuntu-latest, pqcp-arm64] runs-on: ${{ matrix.system }} steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 @@ -170,7 +170,7 @@ jobs: strategy: fail-fast: false matrix: - system: [ubuntu-latest, ubuntu-24.04-arm] + system: [ubuntu-latest, pqcp-arm64] runs-on: ${{ matrix.system }} name: Check autogenerated files steps: @@ -196,7 +196,7 @@ jobs: name: Simplified - arg: '--no-simplify' name: Unmodified - runs-on: ubuntu-24.04-arm + runs-on: pqcp-arm64 name: AArch64 dev backend (${{ matrix.backend.name }}, ${{ matrix.simplify.name }}) steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 @@ -221,10 +221,6 @@ jobs: name: 'MacOS' arch: mac mode: native - - runner: ubuntu-24.04-arm - name: 'ubuntu-24.04-arm' - arch: aarch64 - mode: native - runner: pqcp-arm64 name: 'ubuntu-latest (aarch64)' arch: aarch64 @@ -321,8 +317,6 @@ jobs: target: - runner: pqcp-arm64 name: 'aarch64' - - runner: ubuntu-24.04-arm - name: 'ubuntu-24.04-arm' - runner: ubuntu-latest name: 'x86_64' - runner: macos-latest diff --git a/.github/workflows/ct-tests.yml b/.github/workflows/ct-tests.yml index 296e09acf..6efda2346 100644 --- a/.github/workflows/ct-tests.yml +++ b/.github/workflows/ct-tests.yml @@ -20,7 +20,7 @@ jobs: fail-fast: false max-parallel: 4 matrix: - system: [ubuntu-latest, ubuntu-24.04-arm] + system: [ubuntu-latest, pqcp-arm64] nix-shell: - ci_valgrind-varlat_clang14 - ci_valgrind-varlat_clang15 From 9a6b959cc764e53e139a07493c35b063c436bc32 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 6 Feb 2025 05:01:53 +0000 Subject: [PATCH 8/8] x86_64 backend: Remove double header guard and unused macro Signed-off-by: Hanno Becker --- dev/x86_64/src/align.h | 12 ------------ mlkem/native/x86_64/src/align.h | 12 ------------ 2 files changed, 24 deletions(-) diff --git a/dev/x86_64/src/align.h b/dev/x86_64/src/align.h index 401f50f68..052242a34 100644 --- a/dev/x86_64/src/align.h +++ b/dev/x86_64/src/align.h @@ -10,19 +10,9 @@ * https://github.com/pq-crystals/kyber/blob/main/avx2/align.h */ -#ifndef ALIGN_H -#define ALIGN_H - #include #include -#define ALIGNED_UINT8(N) \ - union \ - { \ - uint8_t coeffs[N]; \ - __m256i vec[(N + 31) / 32]; \ - } - #define ALIGNED_INT16(N) \ union \ { \ @@ -30,6 +20,4 @@ __m256i vec[(N + 15) / 16]; \ } -#endif - #endif /* MLK_DEV_X86_64_SRC_ALIGN_H */ diff --git a/mlkem/native/x86_64/src/align.h b/mlkem/native/x86_64/src/align.h index 15c4543d8..ec18d1023 100644 --- a/mlkem/native/x86_64/src/align.h +++ b/mlkem/native/x86_64/src/align.h @@ -10,19 +10,9 @@ * https://github.com/pq-crystals/kyber/blob/main/avx2/align.h */ -#ifndef ALIGN_H -#define ALIGN_H - #include #include -#define ALIGNED_UINT8(N) \ - union \ - { \ - uint8_t coeffs[N]; \ - __m256i vec[(N + 31) / 32]; \ - } - #define ALIGNED_INT16(N) \ union \ { \ @@ -30,6 +20,4 @@ __m256i vec[(N + 15) / 16]; \ } -#endif - #endif /* MLK_NATIVE_X86_64_SRC_ALIGN_H */