From 8ae28354e32222ed411dc882238270c3b0389142 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Tue, 18 Nov 2025 16:27:33 -0500 Subject: [PATCH 01/26] Attempt at reproducing mlkem-native's integration Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 3 +- oqsbuilder/oqsbuildfile.yml | 69 ++++++++++++++++++++++++++++++++++++- 2 files changed, 70 insertions(+), 2 deletions(-) diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index c53ba0dacd..860d32fd83 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -4,7 +4,8 @@ This is the replacement for `copy_from_upstream.py` **Progress**: - ✅ clone remote repository - ✅ apply patches -- ⚠️ move source file from upstream into `liboqs/src` +- 🚧 move source file from upstream into `liboqs/src` + - 🚧 ML-KEM - ⚠️ render `CMakeLists.txt` and other build files - ⚠️ figure out how to check feature parity with `copy_from_upstream.py` diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index cd3cedc42c..4ccffcee0a 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -1,3 +1,6 @@ +# NOTE: any field with the key "id" must consist of only the characters [A-Za-z0-9_-]. +# Field with the key "name" can use a broader character set and can include whitespace +# # NOTE: this copy of copy_from_upstream.yml is used to keep track of feature parity # between oqsbuilder and copy_from_upstream.yml upstreams: @@ -100,7 +103,71 @@ upstreams: git_commit: 1c3ca6f4f7286c0bde98d7d6f222cf63b9d52bff # sig_scheme_path: '.' # sig_meta_path: 'liboqs/META/{pretty_name_full}_META.yml' -# kems: +kems: + # TODO: what common fields exist across all KEM's? + families: + # The id of a KEM will be the directory name under src/kem + ml_kem: + name: "ML-KEM" + # NOTE: parameter sets are tied to the family, not individual implementations. + # These entries will be used to construct the public API + params: + ml_kem_512: + name: "ML-KEM-512" + pklen: 800 + sklen: 1632 + ctlen: 768 + sslen: 32 + keypair_seedlen: 64 + encap_seedlen: 32 + ml_kem_768: + name: "ML-KEM-768" + pklen: 1184 + sklen: 2400 + ctlen: 1088 + sslen: 32 + keypair_seedlen: 64 + encap_seedlen: 32 + ml_kem_1024: + name: "ML-KEM-1024" + pklen: 1568 + sklen: 3168 + ctlen: 1568 + sslen: 32 + keypair_seedlen: 64 + encap_seedlen: 32 + impls: + # TODO: what fields are needed? + cupqc_ml-kem-1024_cuda: + cupqc_ml-kem-512_cuda: + cupqc_ml-kem-768_cuda: + icicle_ml-kem-1024_icicle_cuda: + icicle_ml-kem-512_icicle_cuda: + icicle_ml-kem-768_icicle_cuda: + mlkem-native_ml-kem-1024_aarch64: + mlkem-native_ml-kem-1024_ref: + mlkem-native_ml-kem-1024_x86_64: + mlkem-native_ml-kem-512_aarch64: + mlkem-native_ml-kem-512_ref: + mlkem-native_ml-kem-512_x86_64: + mlkem-native_ml-kem-768_aarch64: + mlkem-native_ml-kem-768_ref: + mlkem-native_ml-kem-768_x86_64: + # upstream's value must match some key under "upstreams" + upstream: mlkem-native + sources: + # e.g. compress.c: mlkem/src/compress.c + dstpath: srcpath + includes: + # TODO: should this just be a string? + - "${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-768_x86_64" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + compile_opts: + public: + # TODO: these are not correct, yet + - "-DMLK_CONFIG_PARAMETER_SET=768" + - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" + private: [-mavx2, -mbmi2, -mpopcnt] # - # name: classic_mceliece # default_implementation: clean From 23ced8ebaecbc26dca8a44338e1a21a5099e58cb Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Tue, 18 Nov 2025 16:48:53 -0500 Subject: [PATCH 02/26] Converted list of upstreams into dictionary Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/__main__.py | 4 ++-- oqsbuilder/oqsbuildfile.yml | 35 ++++++++++++----------------------- 2 files changed, 14 insertions(+), 25 deletions(-) diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index 47ae2d8b2d..bee1e433af 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -41,10 +41,10 @@ def copy_from_upstream( print(f"Successfully loaded {oqsbuildfile}") upstreams = instructions["upstreams"] with TemporaryDirectory(dir=upstream_parent_dir) as tempdir: - for upstream in upstreams: + for name, upstream in upstreams.items(): upstream_dir = clone_remote_repo( tempdir, - upstream["name"], + name, upstream["git_url"], commit=upstream.get("git_commit", None), branch_or_tag=upstream.get("git_branch", None), diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index 4ccffcee0a..a4aadb2f6d 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -4,15 +4,14 @@ # NOTE: this copy of copy_from_upstream.yml is used to keep track of feature parity # between oqsbuilder and copy_from_upstream.yml upstreams: - - name: pq-code-package/slhdsa-c + slhdsa-c: git_url: https://github.com/pq-code-package/slhdsa-c.git git_branch: main git_commit: f3f41ecf831764a3d014c105be11415dc411d12a # sig_meta_path: "integration/liboqs/META.yml" # sig_scheme_path: "." # preserve_folder_structure: True - - - name: oldpqclean + oldpqclean: git_url: https://github.com/PQClean/PQClean.git git_branch: master git_commit: 8e220a87308154d48fdfac40abbb191ac7fce06a @@ -22,8 +21,7 @@ upstreams: # sig_scheme_path: 'crypto_sign/{pqclean_scheme}' patches: [pqclean-kyber-armneon-shake-fixes.patch, pqclean-kyber-armneon-768-1024-fixes.patch, pqclean-kyber-armneon-variable-timing-fix.patch, pqclean-kyber-armneon-asan.patch] # ignore: pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256f-simple_aarch64, pqclean_sphincs-shake-192s-simple_aarch64, pqclean_sphincs-shake-192f-simple_aarch64, pqclean_sphincs-shake-128s-simple_aarch64, pqclean_sphincs-shake-128f-simple_aarch64 - - - name: pqclean + pqclean: git_url: https://github.com/PQClean/PQClean.git git_branch: master git_commit: 1eacfdafc15ddc5d5759d0b85b4cef26627df181 @@ -33,16 +31,14 @@ upstreams: # sig_scheme_path: 'crypto_sign/{pqclean_scheme}' patches: [pqclean-sphincs.patch, classic_mceliece_memset.patch] # ignore: pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256s-simple_aarch64, pqclean_sphincs-shake-256f-simple_aarch64, pqclean_sphincs-shake-192s-simple_aarch64, pqclean_sphincs-shake-192f-simple_aarch64, pqclean_sphincs-shake-128s-simple_aarch64, pqclean_sphincs-shake-128f-simple_aarch64, pqclean_kyber512_aarch64, pqclean_kyber1024_aarch64, pqclean_kyber768_aarch64 - - - name: pqcrystals-kyber + pqcrystals-kyber: git_url: https://github.com/pq-crystals/kyber.git git_branch: master git_commit: 441c0519a07e8b86c8d079954a6b10bd31d29efc # kem_meta_path: '{pretty_name_full}_META.yml' # kem_scheme_path: '.' patches: [pqcrystals-kyber-yml.patch, pqcrystals-kyber-ref-shake-aes.patch, pqcrystals-kyber-avx2-shake-aes.patch] - - - name: mlkem-native + mlkem-native: git_url: https://github.com/pq-code-package/mlkem-native.git git_branch: v1.0.0 git_commit: 048fc2a7a7b4ba0ad4c989c1ac82491aa94d5bfa @@ -50,54 +46,47 @@ upstreams: # kem_scheme_path: '.' patches: [mlkem-native-encaps-derand.patch] # preserve_folder_structure: True - - - name: cupqc + cupqc: git_url: https://github.com/open-quantum-safe/liboqs-cupqc-meta.git git_branch: main git_commit: b026f4e5475cd9c20c2082c7d9bad80e5b0ba89e # kem_meta_path: '{pretty_name_full}_META.yml' # kem_scheme_path: '.' patches: [] - - - name: icicle + icicle: git_url: https://github.com/ingonyama-zk/icicle-liboqs.git git_branch: main git_commit: 4ea3e612ff26e3e72b5e5bcfff4cf3dda45dc0a8 # kem_meta_path: '{pretty_name_full}_META.yml' # kem_scheme_path: '.' patches: [] - - - name: pqcrystals-dilithium-standard + pqcrystals-dilithium-standard: git_url: https://github.com/pq-crystals/dilithium.git git_branch: master git_commit: 444cdcc84eb36b66fe27b3a2529ee48f6d8150c2 # sig_meta_path: '{pretty_name_full}_META.yml' # sig_scheme_path: '.' patches: [pqcrystals-ml_dsa.patch, pqcrystals-ml_dsa-SUF-CMA.patch] - - - name: pqmayo + pqmayo: git_url: https://github.com/PQCMayo/MAYO-C.git git_branch: main git_commit: 4b7cd94c96b9522864efe40c6ad1fa269584a807 # sig_meta_path: 'META/{pretty_name_full}_META.yml' # sig_scheme_path: '.' patches: [pqmayo-aes.patch, pqmayo-mem.patch] - - - name: upcross + upcross: git_url: https://github.com/CROSS-signature/CROSS-lib-oqs.git git_branch: master git_commit: c8f7411fed136f0e37600973fa3dbed53465e54f # sig_meta_path: 'generate/crypto_sign/{pqclean_scheme}/META.yml' # sig_scheme_path: 'generate/crypto_sign/{pqclean_scheme}' - - - name: pqov + pqov: git_url: https://github.com/pqov/pqov.git git_branch: main git_commit: 33fa5278754a32064c55901c3a17d48b06cc2351 # sig_scheme_path: '.' # sig_meta_path: 'integration/liboqs/{pretty_name_full}_META.yml' - - - name: snova + snova: git_url: https://github.com/vacuas/SNOVA-OQS git_branch: main git_commit: 1c3ca6f4f7286c0bde98d7d6f222cf63b9d52bff From 7f7ea5d28e71a796f751b8dc9bc839adb9e08621 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Wed, 19 Nov 2025 16:20:33 -0500 Subject: [PATCH 03/26] Can re-produce all content under src/kem/ml_kem/mlkem-native* Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 29 +++ oqsbuilder/__main__.py | 29 ++- oqsbuilder/oqsbuildfile.yml | 481 ++++++++++++++++++++++++++++++++++-- 3 files changed, 518 insertions(+), 21 deletions(-) diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index 860d32fd83..dfc6356d70 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -16,3 +16,32 @@ python -m oqsbuilder --version python -m oqsbuilder --file oqsbuilder/INTEGRATIONS.yml copy ``` + +# OQS Build File +The build file `oqsbuildfile.yml` is the single source of truth from which the entire library (source files, header files, build files, documentation) is assembled and/or generated. + +For each implementation, a `IMPL_KEY` will be defined like this. The value of `IMPL_KEY` is with the key of the corresponding implementation. + +```cmake +# src/kem/ml_kem/CMakeLists.txt + +if(OQS_ENABLE_KEM_ml_kem_512) + set(IMPL_KEY "mlkem-native_ml-kem-512_ref") + # ... other stuff ... +endif() +``` + +## Implementations +- Within each implementation, `includes` and `compile_opts` are all going to be literal strings. These literal strings may contain cmake variables that are processed by cmake. I do not want to complicate things with my own in-house "template render" unless absolutely necessary +- `copies` maps destination paths (relative to `src//`) to source path (relative to upstream root) +- `sources` lists the source files that will go into the corresponding object (see below), but this list is optional; if it is not specified, then we filter `copies` by file extensions + +```cmake +add_library(ml_kem_512_ref OBJECT <... list of source files ...>) +``` + +## KEMs +- KEM schemes are listed under the top-level key `kems`. Their files are listed under `src/kem`. +- The key of each KEM family is the name of the subdirectory. For example, ML-KEM files are located under `src/kem/ml_kem`. The key of each implementation under the same family is the name of the subdirectory. For example, the implementation `mlkem-native_ml-kem-512_ref` is located under `src/kem/ml_kem/mlkem-native_ml-kem-512_ref`. +- `sources` under each `impl` can contain both source files (`.c`, `.S`) and header/config files (`.h`) +- Each KEM family has a family-level `CMakeLists.txt` file. For example, ML-KEM has a `src/kem/ml_kem/CMakeLists.txt` file. There is no implementation-level list file. Under each implementation, the cmake variable `CMAKE_CURRENT_LIST_DIR` refers to the family-level list file. diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index bee1e433af..b8654789d3 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -1,5 +1,6 @@ import os import sys +import shutil from tempfile import TemporaryDirectory import yaml @@ -20,7 +21,6 @@ def copy_from_upstream( oqsbuildfile: str, patch_dir: str, upstream_parent_dir: str = LIBOQS_DIR, - headless: bool = True, ): """Copy implementations from upstream @@ -53,8 +53,31 @@ def copy_from_upstream( os.path.join(patch_dir, patch) for patch in upstream.get("patches", []) ] git_apply(upstream_dir, patches) - if not headless: - input("Press enter to continue") + print(f"SUCCESS: fetched {len(upstreams)} upstream repositories") + + kems = instructions["kems"] + kems_dir = os.path.join(LIBOQS_DIR, "src", "kem") + for kem_key, kem in kems["families"].items(): + kem_dir = os.path.join(kems_dir, kem_key) + print(f"Integrating {kem_key} into {kem_dir}") + for impl_key, impl in kem["impls"].items(): + upstream_key = impl["upstream"] + upstream_dir = os.path.join(tempdir, upstream_key) + impl_dir = os.path.join(kem_dir, impl_key) + if not os.path.isdir(upstream_dir): + raise FileNotFoundError( + f"{kem_key}.{impl_key}'s upstream {upstream_key} not found" + ) + for dst, src in impl["copies"].items(): + src = os.path.join(upstream_dir, src) + dst = os.path.join(impl_dir, dst) + dst_parent_dir = os.path.split(dst)[0] + if not os.path.isdir(dst_parent_dir): + print(f"mkdir -p {dst_parent_dir}") + os.makedirs(dst_parent_dir) + # use shutil instead of subprocess.run(["cp", ...]) for OS portability + shutil.copyfile(src, dst) + print(f"Copied {len(impl["copies"])} files into {impl_dir}") if __name__ == "__main__": diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index a4aadb2f6d..01203d7a65 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -98,8 +98,6 @@ kems: # The id of a KEM will be the directory name under src/kem ml_kem: name: "ML-KEM" - # NOTE: parameter sets are tied to the family, not individual implementations. - # These entries will be used to construct the public API params: ml_kem_512: name: "ML-KEM-512" @@ -126,37 +124,484 @@ kems: keypair_seedlen: 64 encap_seedlen: 32 impls: - # TODO: what fields are needed? - cupqc_ml-kem-1024_cuda: - cupqc_ml-kem-512_cuda: - cupqc_ml-kem-768_cuda: - icicle_ml-kem-1024_icicle_cuda: - icicle_ml-kem-512_icicle_cuda: - icicle_ml-kem-768_icicle_cuda: + # TODO: cupqc_ml-kem-1024_cuda: + # TODO: cupqc_ml-kem-512_cuda: + # TODO: cupqc_ml-kem-768_cuda: + # TODO: icicle_ml-kem-1024_icicle_cuda: + # TODO: icicle_ml-kem-512_icicle_cuda: + # TODO: icicle_ml-kem-768_icicle_cuda: mlkem-native_ml-kem-1024_aarch64: + upstream: mlkem-native + copies: + integration/liboqs/config_aarch64.h: integration/liboqs/config_aarch64.h + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/native/aarch64/README.md: mlkem/src/native/aarch64/README.md + mlkem/src/native/aarch64/meta.h: mlkem/src/native/aarch64/meta.h + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S + mlkem/src/native/aarch64/src/poly_tomont_asm.S: mlkem/src/native/aarch64/src/poly_tomont_asm.S + mlkem/src/native/aarch64/src/ntt.S: mlkem/src/native/aarch64/src/ntt.S + mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S: mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S + mlkem/src/native/aarch64/src/aarch64_zetas.c: mlkem/src/native/aarch64/src/aarch64_zetas.c + mlkem/src/native/aarch64/src/poly_reduce_asm.S: mlkem/src/native/aarch64/src/poly_reduce_asm.S + mlkem/src/native/aarch64/src/arith_native_aarch64.h: mlkem/src/native/aarch64/src/arith_native_aarch64.h + mlkem/src/native/aarch64/src/rej_uniform_asm.S: mlkem/src/native/aarch64/src/rej_uniform_asm.S + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S + mlkem/src/native/aarch64/src/rej_uniform_table.c: mlkem/src/native/aarch64/src/rej_uniform_table.c + mlkem/src/native/aarch64/src/consts.h: mlkem/src/native/aarch64/src/consts.h + mlkem/src/native/aarch64/src/poly_tobytes_asm.S: mlkem/src/native/aarch64/src/poly_tobytes_asm.S + mlkem/src/native/aarch64/src/intt.S: mlkem/src/native/aarch64/src/intt.S + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + includes: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + compile_opts: + public: + - "-DMLK_CONFIG_PARAMETER_SET=1024" + - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h\"" + private: [] mlkem-native_ml-kem-1024_ref: + upstream: mlkem-native + copies: + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/config_c.h: integration/liboqs/config_c.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + includes: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + compile_opts: + public: + - "-DMLK_CONFIG_PARAMETER_SET=1024" + - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" + private: [] mlkem-native_ml-kem-1024_x86_64: + upstream: mlkem-native + copies: + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/config_x86_64.h: integration/liboqs/config_x86_64.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/native/x86_64/meta.h: mlkem/src/native/x86_64/meta.h + # TODO: this README.md should be removed :( + mlkem/src/native/x86_64/README.md: mlkem/src/native/x86_64/README.md + mlkem/src/native/x86_64/src/fq.inc: mlkem/src/native/x86_64/src/fq.inc + mlkem/src/native/x86_64/src/rej_uniform_avx2.c: mlkem/src/native/x86_64/src/rej_uniform_avx2.c + mlkem/src/native/x86_64/src/align.h: mlkem/src/native/x86_64/src/align.h + mlkem/src/native/x86_64/src/consts.c: mlkem/src/native/x86_64/src/consts.c + mlkem/src/native/x86_64/src/basemul.c: mlkem/src/native/x86_64/src/basemul.c + mlkem/src/native/x86_64/src/x86_64_zetas.i: mlkem/src/native/x86_64/src/x86_64_zetas.i + mlkem/src/native/x86_64/src/ntt.S: mlkem/src/native/x86_64/src/ntt.S + mlkem/src/native/x86_64/src/compress_avx2.c: mlkem/src/native/x86_64/src/compress_avx2.c + mlkem/src/native/x86_64/src/rej_uniform_table.c: mlkem/src/native/x86_64/src/rej_uniform_table.c + mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i: mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i + mlkem/src/native/x86_64/src/reduce.S: mlkem/src/native/x86_64/src/reduce.S + mlkem/src/native/x86_64/src/tomont.S: mlkem/src/native/x86_64/src/tomont.S + mlkem/src/native/x86_64/src/basemul.S: mlkem/src/native/x86_64/src/basemul.S + mlkem/src/native/x86_64/src/consts.h: mlkem/src/native/x86_64/src/consts.h + mlkem/src/native/x86_64/src/nttfrombytes.S: mlkem/src/native/x86_64/src/nttfrombytes.S + mlkem/src/native/x86_64/src/arith_native_x86_64.h: mlkem/src/native/x86_64/src/arith_native_x86_64.h + mlkem/src/native/x86_64/src/ntttobytes.S: mlkem/src/native/x86_64/src/ntttobytes.S + mlkem/src/native/x86_64/src/intt.S: mlkem/src/native/x86_64/src/intt.S + mlkem/src/native/x86_64/src/mulcache_compute.S: mlkem/src/native/x86_64/src/mulcache_compute.S + mlkem/src/native/x86_64/src/nttunpack.S: mlkem/src/native/x86_64/src/nttunpack.S + mlkem/src/native/x86_64/src/shuffle.inc: mlkem/src/native/x86_64/src/shuffle.inc + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + includes: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + compile_opts: + public: + - "-DMLK_CONFIG_PARAMETER_SET=1024" + - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" + private: ["-mavx2", "-mbmi2", "-mpopcnt"] mlkem-native_ml-kem-512_aarch64: + upstream: mlkem-native + copies: + integration/liboqs/config_aarch64.h: integration/liboqs/config_aarch64.h + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/native/aarch64/README.md: mlkem/src/native/aarch64/README.md + mlkem/src/native/aarch64/meta.h: mlkem/src/native/aarch64/meta.h + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S + mlkem/src/native/aarch64/src/poly_tomont_asm.S: mlkem/src/native/aarch64/src/poly_tomont_asm.S + mlkem/src/native/aarch64/src/ntt.S: mlkem/src/native/aarch64/src/ntt.S + mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S: mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S + mlkem/src/native/aarch64/src/aarch64_zetas.c: mlkem/src/native/aarch64/src/aarch64_zetas.c + mlkem/src/native/aarch64/src/poly_reduce_asm.S: mlkem/src/native/aarch64/src/poly_reduce_asm.S + mlkem/src/native/aarch64/src/arith_native_aarch64.h: mlkem/src/native/aarch64/src/arith_native_aarch64.h + mlkem/src/native/aarch64/src/rej_uniform_asm.S: mlkem/src/native/aarch64/src/rej_uniform_asm.S + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S + mlkem/src/native/aarch64/src/rej_uniform_table.c: mlkem/src/native/aarch64/src/rej_uniform_table.c + mlkem/src/native/aarch64/src/consts.h: mlkem/src/native/aarch64/src/consts.h + mlkem/src/native/aarch64/src/poly_tobytes_asm.S: mlkem/src/native/aarch64/src/poly_tobytes_asm.S + mlkem/src/native/aarch64/src/intt.S: mlkem/src/native/aarch64/src/intt.S + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + includes: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + compile_opts: + public: + - "-DMLK_CONFIG_PARAMETER_SET=512" + - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h\"" + private: [] mlkem-native_ml-kem-512_ref: + upstream: mlkem-native + copies: + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/config_c.h: integration/liboqs/config_c.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + includes: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + compile_opts: + public: + - "-DMLK_CONFIG_PARAMETER_SET=512" + - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" + private: [] mlkem-native_ml-kem-512_x86_64: + upstream: mlkem-native + copies: + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/config_x86_64.h: integration/liboqs/config_x86_64.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/native/x86_64/meta.h: mlkem/src/native/x86_64/meta.h + # TODO: this README.md should be removed :( + mlkem/src/native/x86_64/README.md: mlkem/src/native/x86_64/README.md + mlkem/src/native/x86_64/src/fq.inc: mlkem/src/native/x86_64/src/fq.inc + mlkem/src/native/x86_64/src/rej_uniform_avx2.c: mlkem/src/native/x86_64/src/rej_uniform_avx2.c + mlkem/src/native/x86_64/src/align.h: mlkem/src/native/x86_64/src/align.h + mlkem/src/native/x86_64/src/consts.c: mlkem/src/native/x86_64/src/consts.c + mlkem/src/native/x86_64/src/basemul.c: mlkem/src/native/x86_64/src/basemul.c + mlkem/src/native/x86_64/src/x86_64_zetas.i: mlkem/src/native/x86_64/src/x86_64_zetas.i + mlkem/src/native/x86_64/src/ntt.S: mlkem/src/native/x86_64/src/ntt.S + mlkem/src/native/x86_64/src/compress_avx2.c: mlkem/src/native/x86_64/src/compress_avx2.c + mlkem/src/native/x86_64/src/rej_uniform_table.c: mlkem/src/native/x86_64/src/rej_uniform_table.c + mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i: mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i + mlkem/src/native/x86_64/src/reduce.S: mlkem/src/native/x86_64/src/reduce.S + mlkem/src/native/x86_64/src/tomont.S: mlkem/src/native/x86_64/src/tomont.S + mlkem/src/native/x86_64/src/basemul.S: mlkem/src/native/x86_64/src/basemul.S + mlkem/src/native/x86_64/src/consts.h: mlkem/src/native/x86_64/src/consts.h + mlkem/src/native/x86_64/src/nttfrombytes.S: mlkem/src/native/x86_64/src/nttfrombytes.S + mlkem/src/native/x86_64/src/arith_native_x86_64.h: mlkem/src/native/x86_64/src/arith_native_x86_64.h + mlkem/src/native/x86_64/src/ntttobytes.S: mlkem/src/native/x86_64/src/ntttobytes.S + mlkem/src/native/x86_64/src/intt.S: mlkem/src/native/x86_64/src/intt.S + mlkem/src/native/x86_64/src/mulcache_compute.S: mlkem/src/native/x86_64/src/mulcache_compute.S + mlkem/src/native/x86_64/src/nttunpack.S: mlkem/src/native/x86_64/src/nttunpack.S + mlkem/src/native/x86_64/src/shuffle.inc: mlkem/src/native/x86_64/src/shuffle.inc + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + includes: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + compile_opts: + public: + - "-DMLK_CONFIG_PARAMETER_SET=512" + - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" + private: ["-mavx2", "-mbmi2", "-mpopcnt"] mlkem-native_ml-kem-768_aarch64: + upstream: mlkem-native + copies: + integration/liboqs/config_aarch64.h: integration/liboqs/config_aarch64.h + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/native/aarch64/README.md: mlkem/src/native/aarch64/README.md + mlkem/src/native/aarch64/meta.h: mlkem/src/native/aarch64/meta.h + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S + mlkem/src/native/aarch64/src/poly_tomont_asm.S: mlkem/src/native/aarch64/src/poly_tomont_asm.S + mlkem/src/native/aarch64/src/ntt.S: mlkem/src/native/aarch64/src/ntt.S + mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S: mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S + mlkem/src/native/aarch64/src/aarch64_zetas.c: mlkem/src/native/aarch64/src/aarch64_zetas.c + mlkem/src/native/aarch64/src/poly_reduce_asm.S: mlkem/src/native/aarch64/src/poly_reduce_asm.S + mlkem/src/native/aarch64/src/arith_native_aarch64.h: mlkem/src/native/aarch64/src/arith_native_aarch64.h + mlkem/src/native/aarch64/src/rej_uniform_asm.S: mlkem/src/native/aarch64/src/rej_uniform_asm.S + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S + mlkem/src/native/aarch64/src/rej_uniform_table.c: mlkem/src/native/aarch64/src/rej_uniform_table.c + mlkem/src/native/aarch64/src/consts.h: mlkem/src/native/aarch64/src/consts.h + mlkem/src/native/aarch64/src/poly_tobytes_asm.S: mlkem/src/native/aarch64/src/poly_tobytes_asm.S + mlkem/src/native/aarch64/src/intt.S: mlkem/src/native/aarch64/src/intt.S + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + includes: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + compile_opts: + public: + - "-DMLK_CONFIG_PARAMETER_SET=768" + - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h\"" + private: [] mlkem-native_ml-kem-768_ref: + upstream: mlkem-native + copies: + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/config_c.h: integration/liboqs/config_c.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + includes: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + compile_opts: + public: + - "-DMLK_CONFIG_PARAMETER_SET=768" + - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" + private: [] mlkem-native_ml-kem-768_x86_64: - # upstream's value must match some key under "upstreams" upstream: mlkem-native - sources: - # e.g. compress.c: mlkem/src/compress.c - dstpath: srcpath + copies: + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/config_x86_64.h: integration/liboqs/config_x86_64.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/native/x86_64/meta.h: mlkem/src/native/x86_64/meta.h + # TODO: this README.md should be removed :( + mlkem/src/native/x86_64/README.md: mlkem/src/native/x86_64/README.md + mlkem/src/native/x86_64/src/fq.inc: mlkem/src/native/x86_64/src/fq.inc + mlkem/src/native/x86_64/src/rej_uniform_avx2.c: mlkem/src/native/x86_64/src/rej_uniform_avx2.c + mlkem/src/native/x86_64/src/align.h: mlkem/src/native/x86_64/src/align.h + mlkem/src/native/x86_64/src/consts.c: mlkem/src/native/x86_64/src/consts.c + mlkem/src/native/x86_64/src/basemul.c: mlkem/src/native/x86_64/src/basemul.c + mlkem/src/native/x86_64/src/x86_64_zetas.i: mlkem/src/native/x86_64/src/x86_64_zetas.i + mlkem/src/native/x86_64/src/ntt.S: mlkem/src/native/x86_64/src/ntt.S + mlkem/src/native/x86_64/src/compress_avx2.c: mlkem/src/native/x86_64/src/compress_avx2.c + mlkem/src/native/x86_64/src/rej_uniform_table.c: mlkem/src/native/x86_64/src/rej_uniform_table.c + mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i: mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i + mlkem/src/native/x86_64/src/reduce.S: mlkem/src/native/x86_64/src/reduce.S + mlkem/src/native/x86_64/src/tomont.S: mlkem/src/native/x86_64/src/tomont.S + mlkem/src/native/x86_64/src/basemul.S: mlkem/src/native/x86_64/src/basemul.S + mlkem/src/native/x86_64/src/consts.h: mlkem/src/native/x86_64/src/consts.h + mlkem/src/native/x86_64/src/nttfrombytes.S: mlkem/src/native/x86_64/src/nttfrombytes.S + mlkem/src/native/x86_64/src/arith_native_x86_64.h: mlkem/src/native/x86_64/src/arith_native_x86_64.h + mlkem/src/native/x86_64/src/ntttobytes.S: mlkem/src/native/x86_64/src/ntttobytes.S + mlkem/src/native/x86_64/src/intt.S: mlkem/src/native/x86_64/src/intt.S + mlkem/src/native/x86_64/src/mulcache_compute.S: mlkem/src/native/x86_64/src/mulcache_compute.S + mlkem/src/native/x86_64/src/nttunpack.S: mlkem/src/native/x86_64/src/nttunpack.S + mlkem/src/native/x86_64/src/shuffle.inc: mlkem/src/native/x86_64/src/shuffle.inc + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h includes: - # TODO: should this just be a string? - - "${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-768_x86_64" + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - # TODO: these are not correct, yet - "-DMLK_CONFIG_PARAMETER_SET=768" - - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" - private: [-mavx2, -mbmi2, -mpopcnt] + - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" + private: ["-mavx2", "-mbmi2", "-mpopcnt"] + # - # name: classic_mceliece # default_implementation: clean From ed256e53cb5138269ce3e94a5b2321af76d1797e Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Thu, 20 Nov 2025 14:34:04 -0500 Subject: [PATCH 04/26] The top-level "copies" section contains reusable file copy mappings Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 28 -- oqsbuilder/__main__.py | 12 +- oqsbuilder/oqsbuilder.py | 53 ++++ oqsbuilder/oqsbuildfile.yml | 520 ++++++++++-------------------------- 4 files changed, 199 insertions(+), 414 deletions(-) diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index dfc6356d70..f5b80fdbb6 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -17,31 +17,3 @@ python -m oqsbuilder --version python -m oqsbuilder --file oqsbuilder/INTEGRATIONS.yml copy ``` -# OQS Build File -The build file `oqsbuildfile.yml` is the single source of truth from which the entire library (source files, header files, build files, documentation) is assembled and/or generated. - -For each implementation, a `IMPL_KEY` will be defined like this. The value of `IMPL_KEY` is with the key of the corresponding implementation. - -```cmake -# src/kem/ml_kem/CMakeLists.txt - -if(OQS_ENABLE_KEM_ml_kem_512) - set(IMPL_KEY "mlkem-native_ml-kem-512_ref") - # ... other stuff ... -endif() -``` - -## Implementations -- Within each implementation, `includes` and `compile_opts` are all going to be literal strings. These literal strings may contain cmake variables that are processed by cmake. I do not want to complicate things with my own in-house "template render" unless absolutely necessary -- `copies` maps destination paths (relative to `src//`) to source path (relative to upstream root) -- `sources` lists the source files that will go into the corresponding object (see below), but this list is optional; if it is not specified, then we filter `copies` by file extensions - -```cmake -add_library(ml_kem_512_ref OBJECT <... list of source files ...>) -``` - -## KEMs -- KEM schemes are listed under the top-level key `kems`. Their files are listed under `src/kem`. -- The key of each KEM family is the name of the subdirectory. For example, ML-KEM files are located under `src/kem/ml_kem`. The key of each implementation under the same family is the name of the subdirectory. For example, the implementation `mlkem-native_ml-kem-512_ref` is located under `src/kem/ml_kem/mlkem-native_ml-kem-512_ref`. -- `sources` under each `impl` can contain both source files (`.c`, `.S`) and header/config files (`.h`) -- Each KEM family has a family-level `CMakeLists.txt` file. For example, ML-KEM has a `src/kem/ml_kem/CMakeLists.txt` file. There is no implementation-level list file. Under each implementation, the cmake variable `CMAKE_CURRENT_LIST_DIR` refers to the family-level list file. diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index b8654789d3..a04acee706 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -6,7 +6,12 @@ import oqsbuilder from oqsbuilder import LIBOQS_DIR -from oqsbuilder.oqsbuilder import clone_remote_repo, git_apply +from oqsbuilder.oqsbuilder import ( + clone_remote_repo, + git_apply, + CryptoPrimitive, + get_copies, +) def print_version(): @@ -68,7 +73,10 @@ def copy_from_upstream( raise FileNotFoundError( f"{kem_key}.{impl_key}'s upstream {upstream_key} not found" ) - for dst, src in impl["copies"].items(): + copies = get_copies( + instructions, CryptoPrimitive.KEM, kem_key, impl_key + ) + for dst, src in copies.items(): src = os.path.join(upstream_dir, src) dst = os.path.join(impl_dir, dst) dst_parent_dir = os.path.split(dst)[0] diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index d57c725610..e1fe8b15ea 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -1,7 +1,60 @@ +import enum import os import subprocess +class CryptoPrimitive(enum.Enum): + KEM = 1 + SIG = 2 + STFL_SIG = 3 + + def get_oqsbuildfile_key(self) -> str: + match self: + case CryptoPrimitive.KEM: + return "kems" + case CryptoPrimitive.SIG: + return "sigs" + case CryptoPrimitive.STFL_SIG: + return "stfl_sigs" + + def get_subdirectory_name(self) -> str: + # TODO: consider refactoring src/ so it matches the plural cases + match self: + case CryptoPrimitive.KEM: + return "kem" + case CryptoPrimitive.SIG: + return "sig" + case CryptoPrimitive.STFL_SIG: + return "stfl_sig" + + +def get_copies( + oqsbuild: dict, primitive: CryptoPrimitive, family_key: str, impl_key: str +) -> dict[str, str]: + """Return the copy dictionary of the specified implementation. A copy + dictionary maps destination path to source path. Destination path is relative + to the implementation sub-directory. Source path is relative to the upstream + repostiroy's root directory. + + :param oqsbuild: the data in oqsbuildfile + :param primitive: indicates whether to look under kems, sigs, or stfl_sigs + section under oqsbuildfile + :param family_key: the family key, such as "ml_kem" + :param impl_key: the implementation key, such as "mlkem-native_ml-kem-512_ref" + :return: a map from destination paths to source paths + """ + family = oqsbuild[primitive.get_oqsbuildfile_key()]["families"][family_key] + impl = family["impls"][impl_key] + impl_copies: str | dict[str, str] = impl["copies"] + if isinstance(impl_copies, str): + return oqsbuild["copies"][impl_copies] + elif isinstance(impl_copies, dict): + return impl_copies + raise TypeError( + f"Invalid type for {family_key}.{impl_key}.copies {type(impl_copies)}" + ) + + def get_git() -> str | None: """Check that git exists under current environment diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index 01203d7a65..42a9d1f603 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -1,6 +1,3 @@ -# NOTE: any field with the key "id" must consist of only the characters [A-Za-z0-9_-]. -# Field with the key "name" can use a broader character set and can include whitespace -# # NOTE: this copy of copy_from_upstream.yml is used to keep track of feature parity # between oqsbuilder and copy_from_upstream.yml upstreams: @@ -132,51 +129,7 @@ kems: # TODO: icicle_ml-kem-768_icicle_cuda: mlkem-native_ml-kem-1024_aarch64: upstream: mlkem-native - copies: - integration/liboqs/config_aarch64.h: integration/liboqs/config_aarch64.h - integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h - integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h - mlkem/src/poly_k.h: mlkem/src/poly_k.h - mlkem/src/debug.h: mlkem/src/debug.h - mlkem/src/poly.c: mlkem/src/poly.c - mlkem/src/params.h: mlkem/src/params.h - mlkem/src/native/api.h: mlkem/src/native/api.h - mlkem/src/native/meta.h: mlkem/src/native/meta.h - mlkem/src/native/aarch64/README.md: mlkem/src/native/aarch64/README.md - mlkem/src/native/aarch64/meta.h: mlkem/src/native/aarch64/meta.h - mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S - mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S - mlkem/src/native/aarch64/src/poly_tomont_asm.S: mlkem/src/native/aarch64/src/poly_tomont_asm.S - mlkem/src/native/aarch64/src/ntt.S: mlkem/src/native/aarch64/src/ntt.S - mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S: mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S - mlkem/src/native/aarch64/src/aarch64_zetas.c: mlkem/src/native/aarch64/src/aarch64_zetas.c - mlkem/src/native/aarch64/src/poly_reduce_asm.S: mlkem/src/native/aarch64/src/poly_reduce_asm.S - mlkem/src/native/aarch64/src/arith_native_aarch64.h: mlkem/src/native/aarch64/src/arith_native_aarch64.h - mlkem/src/native/aarch64/src/rej_uniform_asm.S: mlkem/src/native/aarch64/src/rej_uniform_asm.S - mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S - mlkem/src/native/aarch64/src/rej_uniform_table.c: mlkem/src/native/aarch64/src/rej_uniform_table.c - mlkem/src/native/aarch64/src/consts.h: mlkem/src/native/aarch64/src/consts.h - mlkem/src/native/aarch64/src/poly_tobytes_asm.S: mlkem/src/native/aarch64/src/poly_tobytes_asm.S - mlkem/src/native/aarch64/src/intt.S: mlkem/src/native/aarch64/src/intt.S - mlkem/src/randombytes.h: mlkem/src/randombytes.h - mlkem/src/compress.c: mlkem/src/compress.c - mlkem/src/sampling.c: mlkem/src/sampling.c - mlkem/src/verify.c: mlkem/src/verify.c - mlkem/src/kem.c: mlkem/src/kem.c - mlkem/src/indcpa.c: mlkem/src/indcpa.c - mlkem/src/symmetric.h: mlkem/src/symmetric.h - mlkem/src/debug.c: mlkem/src/debug.c - mlkem/src/cbmc.h: mlkem/src/cbmc.h - mlkem/src/common.h: mlkem/src/common.h - mlkem/src/poly_k.c: mlkem/src/poly_k.c - mlkem/src/compress.h: mlkem/src/compress.h - mlkem/src/sys.h: mlkem/src/sys.h - mlkem/src/poly.h: mlkem/src/poly.h - mlkem/src/sampling.h: mlkem/src/sampling.h - mlkem/src/indcpa.h: mlkem/src/indcpa.h - mlkem/src/zetas.inc: mlkem/src/zetas.inc - mlkem/src/kem.h: mlkem/src/kem.h - mlkem/src/verify.h: mlkem/src/verify.h + copies: mlkem-native_aarch64 includes: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" @@ -187,35 +140,7 @@ kems: private: [] mlkem-native_ml-kem-1024_ref: upstream: mlkem-native - copies: - integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h - integration/liboqs/config_c.h: integration/liboqs/config_c.h - integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h - mlkem/src/poly_k.h: mlkem/src/poly_k.h - mlkem/src/debug.h: mlkem/src/debug.h - mlkem/src/poly.c: mlkem/src/poly.c - mlkem/src/params.h: mlkem/src/params.h - mlkem/src/native/api.h: mlkem/src/native/api.h - mlkem/src/native/meta.h: mlkem/src/native/meta.h - mlkem/src/randombytes.h: mlkem/src/randombytes.h - mlkem/src/compress.c: mlkem/src/compress.c - mlkem/src/sampling.c: mlkem/src/sampling.c - mlkem/src/verify.c: mlkem/src/verify.c - mlkem/src/kem.c: mlkem/src/kem.c - mlkem/src/indcpa.c: mlkem/src/indcpa.c - mlkem/src/symmetric.h: mlkem/src/symmetric.h - mlkem/src/debug.c: mlkem/src/debug.c - mlkem/src/cbmc.h: mlkem/src/cbmc.h - mlkem/src/common.h: mlkem/src/common.h - mlkem/src/poly_k.c: mlkem/src/poly_k.c - mlkem/src/compress.h: mlkem/src/compress.h - mlkem/src/sys.h: mlkem/src/sys.h - mlkem/src/poly.h: mlkem/src/poly.h - mlkem/src/sampling.h: mlkem/src/sampling.h - mlkem/src/indcpa.h: mlkem/src/indcpa.h - mlkem/src/zetas.inc: mlkem/src/zetas.inc - mlkem/src/kem.h: mlkem/src/kem.h - mlkem/src/verify.h: mlkem/src/verify.h + copies: mlkem-native_ref includes: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" @@ -226,59 +151,7 @@ kems: private: [] mlkem-native_ml-kem-1024_x86_64: upstream: mlkem-native - copies: - integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h - integration/liboqs/config_x86_64.h: integration/liboqs/config_x86_64.h - integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h - mlkem/src/poly_k.h: mlkem/src/poly_k.h - mlkem/src/debug.h: mlkem/src/debug.h - mlkem/src/poly.c: mlkem/src/poly.c - mlkem/src/params.h: mlkem/src/params.h - mlkem/src/native/api.h: mlkem/src/native/api.h - mlkem/src/native/meta.h: mlkem/src/native/meta.h - mlkem/src/native/x86_64/meta.h: mlkem/src/native/x86_64/meta.h - # TODO: this README.md should be removed :( - mlkem/src/native/x86_64/README.md: mlkem/src/native/x86_64/README.md - mlkem/src/native/x86_64/src/fq.inc: mlkem/src/native/x86_64/src/fq.inc - mlkem/src/native/x86_64/src/rej_uniform_avx2.c: mlkem/src/native/x86_64/src/rej_uniform_avx2.c - mlkem/src/native/x86_64/src/align.h: mlkem/src/native/x86_64/src/align.h - mlkem/src/native/x86_64/src/consts.c: mlkem/src/native/x86_64/src/consts.c - mlkem/src/native/x86_64/src/basemul.c: mlkem/src/native/x86_64/src/basemul.c - mlkem/src/native/x86_64/src/x86_64_zetas.i: mlkem/src/native/x86_64/src/x86_64_zetas.i - mlkem/src/native/x86_64/src/ntt.S: mlkem/src/native/x86_64/src/ntt.S - mlkem/src/native/x86_64/src/compress_avx2.c: mlkem/src/native/x86_64/src/compress_avx2.c - mlkem/src/native/x86_64/src/rej_uniform_table.c: mlkem/src/native/x86_64/src/rej_uniform_table.c - mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i: mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i - mlkem/src/native/x86_64/src/reduce.S: mlkem/src/native/x86_64/src/reduce.S - mlkem/src/native/x86_64/src/tomont.S: mlkem/src/native/x86_64/src/tomont.S - mlkem/src/native/x86_64/src/basemul.S: mlkem/src/native/x86_64/src/basemul.S - mlkem/src/native/x86_64/src/consts.h: mlkem/src/native/x86_64/src/consts.h - mlkem/src/native/x86_64/src/nttfrombytes.S: mlkem/src/native/x86_64/src/nttfrombytes.S - mlkem/src/native/x86_64/src/arith_native_x86_64.h: mlkem/src/native/x86_64/src/arith_native_x86_64.h - mlkem/src/native/x86_64/src/ntttobytes.S: mlkem/src/native/x86_64/src/ntttobytes.S - mlkem/src/native/x86_64/src/intt.S: mlkem/src/native/x86_64/src/intt.S - mlkem/src/native/x86_64/src/mulcache_compute.S: mlkem/src/native/x86_64/src/mulcache_compute.S - mlkem/src/native/x86_64/src/nttunpack.S: mlkem/src/native/x86_64/src/nttunpack.S - mlkem/src/native/x86_64/src/shuffle.inc: mlkem/src/native/x86_64/src/shuffle.inc - mlkem/src/randombytes.h: mlkem/src/randombytes.h - mlkem/src/compress.c: mlkem/src/compress.c - mlkem/src/sampling.c: mlkem/src/sampling.c - mlkem/src/verify.c: mlkem/src/verify.c - mlkem/src/kem.c: mlkem/src/kem.c - mlkem/src/indcpa.c: mlkem/src/indcpa.c - mlkem/src/symmetric.h: mlkem/src/symmetric.h - mlkem/src/debug.c: mlkem/src/debug.c - mlkem/src/cbmc.h: mlkem/src/cbmc.h - mlkem/src/common.h: mlkem/src/common.h - mlkem/src/poly_k.c: mlkem/src/poly_k.c - mlkem/src/compress.h: mlkem/src/compress.h - mlkem/src/sys.h: mlkem/src/sys.h - mlkem/src/poly.h: mlkem/src/poly.h - mlkem/src/sampling.h: mlkem/src/sampling.h - mlkem/src/indcpa.h: mlkem/src/indcpa.h - mlkem/src/zetas.inc: mlkem/src/zetas.inc - mlkem/src/kem.h: mlkem/src/kem.h - mlkem/src/verify.h: mlkem/src/verify.h + copies: mlkem-native_x86_64 includes: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" @@ -289,51 +162,7 @@ kems: private: ["-mavx2", "-mbmi2", "-mpopcnt"] mlkem-native_ml-kem-512_aarch64: upstream: mlkem-native - copies: - integration/liboqs/config_aarch64.h: integration/liboqs/config_aarch64.h - integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h - integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h - mlkem/src/poly_k.h: mlkem/src/poly_k.h - mlkem/src/debug.h: mlkem/src/debug.h - mlkem/src/poly.c: mlkem/src/poly.c - mlkem/src/params.h: mlkem/src/params.h - mlkem/src/native/api.h: mlkem/src/native/api.h - mlkem/src/native/meta.h: mlkem/src/native/meta.h - mlkem/src/native/aarch64/README.md: mlkem/src/native/aarch64/README.md - mlkem/src/native/aarch64/meta.h: mlkem/src/native/aarch64/meta.h - mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S - mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S - mlkem/src/native/aarch64/src/poly_tomont_asm.S: mlkem/src/native/aarch64/src/poly_tomont_asm.S - mlkem/src/native/aarch64/src/ntt.S: mlkem/src/native/aarch64/src/ntt.S - mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S: mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S - mlkem/src/native/aarch64/src/aarch64_zetas.c: mlkem/src/native/aarch64/src/aarch64_zetas.c - mlkem/src/native/aarch64/src/poly_reduce_asm.S: mlkem/src/native/aarch64/src/poly_reduce_asm.S - mlkem/src/native/aarch64/src/arith_native_aarch64.h: mlkem/src/native/aarch64/src/arith_native_aarch64.h - mlkem/src/native/aarch64/src/rej_uniform_asm.S: mlkem/src/native/aarch64/src/rej_uniform_asm.S - mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S - mlkem/src/native/aarch64/src/rej_uniform_table.c: mlkem/src/native/aarch64/src/rej_uniform_table.c - mlkem/src/native/aarch64/src/consts.h: mlkem/src/native/aarch64/src/consts.h - mlkem/src/native/aarch64/src/poly_tobytes_asm.S: mlkem/src/native/aarch64/src/poly_tobytes_asm.S - mlkem/src/native/aarch64/src/intt.S: mlkem/src/native/aarch64/src/intt.S - mlkem/src/randombytes.h: mlkem/src/randombytes.h - mlkem/src/compress.c: mlkem/src/compress.c - mlkem/src/sampling.c: mlkem/src/sampling.c - mlkem/src/verify.c: mlkem/src/verify.c - mlkem/src/kem.c: mlkem/src/kem.c - mlkem/src/indcpa.c: mlkem/src/indcpa.c - mlkem/src/symmetric.h: mlkem/src/symmetric.h - mlkem/src/debug.c: mlkem/src/debug.c - mlkem/src/cbmc.h: mlkem/src/cbmc.h - mlkem/src/common.h: mlkem/src/common.h - mlkem/src/poly_k.c: mlkem/src/poly_k.c - mlkem/src/compress.h: mlkem/src/compress.h - mlkem/src/sys.h: mlkem/src/sys.h - mlkem/src/poly.h: mlkem/src/poly.h - mlkem/src/sampling.h: mlkem/src/sampling.h - mlkem/src/indcpa.h: mlkem/src/indcpa.h - mlkem/src/zetas.inc: mlkem/src/zetas.inc - mlkem/src/kem.h: mlkem/src/kem.h - mlkem/src/verify.h: mlkem/src/verify.h + copies: mlkem-native_aarch64 includes: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" @@ -344,35 +173,7 @@ kems: private: [] mlkem-native_ml-kem-512_ref: upstream: mlkem-native - copies: - integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h - integration/liboqs/config_c.h: integration/liboqs/config_c.h - integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h - mlkem/src/poly_k.h: mlkem/src/poly_k.h - mlkem/src/debug.h: mlkem/src/debug.h - mlkem/src/poly.c: mlkem/src/poly.c - mlkem/src/params.h: mlkem/src/params.h - mlkem/src/native/api.h: mlkem/src/native/api.h - mlkem/src/native/meta.h: mlkem/src/native/meta.h - mlkem/src/randombytes.h: mlkem/src/randombytes.h - mlkem/src/compress.c: mlkem/src/compress.c - mlkem/src/sampling.c: mlkem/src/sampling.c - mlkem/src/verify.c: mlkem/src/verify.c - mlkem/src/kem.c: mlkem/src/kem.c - mlkem/src/indcpa.c: mlkem/src/indcpa.c - mlkem/src/symmetric.h: mlkem/src/symmetric.h - mlkem/src/debug.c: mlkem/src/debug.c - mlkem/src/cbmc.h: mlkem/src/cbmc.h - mlkem/src/common.h: mlkem/src/common.h - mlkem/src/poly_k.c: mlkem/src/poly_k.c - mlkem/src/compress.h: mlkem/src/compress.h - mlkem/src/sys.h: mlkem/src/sys.h - mlkem/src/poly.h: mlkem/src/poly.h - mlkem/src/sampling.h: mlkem/src/sampling.h - mlkem/src/indcpa.h: mlkem/src/indcpa.h - mlkem/src/zetas.inc: mlkem/src/zetas.inc - mlkem/src/kem.h: mlkem/src/kem.h - mlkem/src/verify.h: mlkem/src/verify.h + copies: mlkem-native_ref includes: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" @@ -383,59 +184,7 @@ kems: private: [] mlkem-native_ml-kem-512_x86_64: upstream: mlkem-native - copies: - integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h - integration/liboqs/config_x86_64.h: integration/liboqs/config_x86_64.h - integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h - mlkem/src/poly_k.h: mlkem/src/poly_k.h - mlkem/src/debug.h: mlkem/src/debug.h - mlkem/src/poly.c: mlkem/src/poly.c - mlkem/src/params.h: mlkem/src/params.h - mlkem/src/native/api.h: mlkem/src/native/api.h - mlkem/src/native/meta.h: mlkem/src/native/meta.h - mlkem/src/native/x86_64/meta.h: mlkem/src/native/x86_64/meta.h - # TODO: this README.md should be removed :( - mlkem/src/native/x86_64/README.md: mlkem/src/native/x86_64/README.md - mlkem/src/native/x86_64/src/fq.inc: mlkem/src/native/x86_64/src/fq.inc - mlkem/src/native/x86_64/src/rej_uniform_avx2.c: mlkem/src/native/x86_64/src/rej_uniform_avx2.c - mlkem/src/native/x86_64/src/align.h: mlkem/src/native/x86_64/src/align.h - mlkem/src/native/x86_64/src/consts.c: mlkem/src/native/x86_64/src/consts.c - mlkem/src/native/x86_64/src/basemul.c: mlkem/src/native/x86_64/src/basemul.c - mlkem/src/native/x86_64/src/x86_64_zetas.i: mlkem/src/native/x86_64/src/x86_64_zetas.i - mlkem/src/native/x86_64/src/ntt.S: mlkem/src/native/x86_64/src/ntt.S - mlkem/src/native/x86_64/src/compress_avx2.c: mlkem/src/native/x86_64/src/compress_avx2.c - mlkem/src/native/x86_64/src/rej_uniform_table.c: mlkem/src/native/x86_64/src/rej_uniform_table.c - mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i: mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i - mlkem/src/native/x86_64/src/reduce.S: mlkem/src/native/x86_64/src/reduce.S - mlkem/src/native/x86_64/src/tomont.S: mlkem/src/native/x86_64/src/tomont.S - mlkem/src/native/x86_64/src/basemul.S: mlkem/src/native/x86_64/src/basemul.S - mlkem/src/native/x86_64/src/consts.h: mlkem/src/native/x86_64/src/consts.h - mlkem/src/native/x86_64/src/nttfrombytes.S: mlkem/src/native/x86_64/src/nttfrombytes.S - mlkem/src/native/x86_64/src/arith_native_x86_64.h: mlkem/src/native/x86_64/src/arith_native_x86_64.h - mlkem/src/native/x86_64/src/ntttobytes.S: mlkem/src/native/x86_64/src/ntttobytes.S - mlkem/src/native/x86_64/src/intt.S: mlkem/src/native/x86_64/src/intt.S - mlkem/src/native/x86_64/src/mulcache_compute.S: mlkem/src/native/x86_64/src/mulcache_compute.S - mlkem/src/native/x86_64/src/nttunpack.S: mlkem/src/native/x86_64/src/nttunpack.S - mlkem/src/native/x86_64/src/shuffle.inc: mlkem/src/native/x86_64/src/shuffle.inc - mlkem/src/randombytes.h: mlkem/src/randombytes.h - mlkem/src/compress.c: mlkem/src/compress.c - mlkem/src/sampling.c: mlkem/src/sampling.c - mlkem/src/verify.c: mlkem/src/verify.c - mlkem/src/kem.c: mlkem/src/kem.c - mlkem/src/indcpa.c: mlkem/src/indcpa.c - mlkem/src/symmetric.h: mlkem/src/symmetric.h - mlkem/src/debug.c: mlkem/src/debug.c - mlkem/src/cbmc.h: mlkem/src/cbmc.h - mlkem/src/common.h: mlkem/src/common.h - mlkem/src/poly_k.c: mlkem/src/poly_k.c - mlkem/src/compress.h: mlkem/src/compress.h - mlkem/src/sys.h: mlkem/src/sys.h - mlkem/src/poly.h: mlkem/src/poly.h - mlkem/src/sampling.h: mlkem/src/sampling.h - mlkem/src/indcpa.h: mlkem/src/indcpa.h - mlkem/src/zetas.inc: mlkem/src/zetas.inc - mlkem/src/kem.h: mlkem/src/kem.h - mlkem/src/verify.h: mlkem/src/verify.h + copies: mlkem-native_x86_64 includes: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" @@ -446,51 +195,7 @@ kems: private: ["-mavx2", "-mbmi2", "-mpopcnt"] mlkem-native_ml-kem-768_aarch64: upstream: mlkem-native - copies: - integration/liboqs/config_aarch64.h: integration/liboqs/config_aarch64.h - integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h - integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h - mlkem/src/poly_k.h: mlkem/src/poly_k.h - mlkem/src/debug.h: mlkem/src/debug.h - mlkem/src/poly.c: mlkem/src/poly.c - mlkem/src/params.h: mlkem/src/params.h - mlkem/src/native/api.h: mlkem/src/native/api.h - mlkem/src/native/meta.h: mlkem/src/native/meta.h - mlkem/src/native/aarch64/README.md: mlkem/src/native/aarch64/README.md - mlkem/src/native/aarch64/meta.h: mlkem/src/native/aarch64/meta.h - mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S - mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S - mlkem/src/native/aarch64/src/poly_tomont_asm.S: mlkem/src/native/aarch64/src/poly_tomont_asm.S - mlkem/src/native/aarch64/src/ntt.S: mlkem/src/native/aarch64/src/ntt.S - mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S: mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S - mlkem/src/native/aarch64/src/aarch64_zetas.c: mlkem/src/native/aarch64/src/aarch64_zetas.c - mlkem/src/native/aarch64/src/poly_reduce_asm.S: mlkem/src/native/aarch64/src/poly_reduce_asm.S - mlkem/src/native/aarch64/src/arith_native_aarch64.h: mlkem/src/native/aarch64/src/arith_native_aarch64.h - mlkem/src/native/aarch64/src/rej_uniform_asm.S: mlkem/src/native/aarch64/src/rej_uniform_asm.S - mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S - mlkem/src/native/aarch64/src/rej_uniform_table.c: mlkem/src/native/aarch64/src/rej_uniform_table.c - mlkem/src/native/aarch64/src/consts.h: mlkem/src/native/aarch64/src/consts.h - mlkem/src/native/aarch64/src/poly_tobytes_asm.S: mlkem/src/native/aarch64/src/poly_tobytes_asm.S - mlkem/src/native/aarch64/src/intt.S: mlkem/src/native/aarch64/src/intt.S - mlkem/src/randombytes.h: mlkem/src/randombytes.h - mlkem/src/compress.c: mlkem/src/compress.c - mlkem/src/sampling.c: mlkem/src/sampling.c - mlkem/src/verify.c: mlkem/src/verify.c - mlkem/src/kem.c: mlkem/src/kem.c - mlkem/src/indcpa.c: mlkem/src/indcpa.c - mlkem/src/symmetric.h: mlkem/src/symmetric.h - mlkem/src/debug.c: mlkem/src/debug.c - mlkem/src/cbmc.h: mlkem/src/cbmc.h - mlkem/src/common.h: mlkem/src/common.h - mlkem/src/poly_k.c: mlkem/src/poly_k.c - mlkem/src/compress.h: mlkem/src/compress.h - mlkem/src/sys.h: mlkem/src/sys.h - mlkem/src/poly.h: mlkem/src/poly.h - mlkem/src/sampling.h: mlkem/src/sampling.h - mlkem/src/indcpa.h: mlkem/src/indcpa.h - mlkem/src/zetas.inc: mlkem/src/zetas.inc - mlkem/src/kem.h: mlkem/src/kem.h - mlkem/src/verify.h: mlkem/src/verify.h + copies: mlkem-native_aarch64 includes: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" @@ -501,35 +206,7 @@ kems: private: [] mlkem-native_ml-kem-768_ref: upstream: mlkem-native - copies: - integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h - integration/liboqs/config_c.h: integration/liboqs/config_c.h - integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h - mlkem/src/poly_k.h: mlkem/src/poly_k.h - mlkem/src/debug.h: mlkem/src/debug.h - mlkem/src/poly.c: mlkem/src/poly.c - mlkem/src/params.h: mlkem/src/params.h - mlkem/src/native/api.h: mlkem/src/native/api.h - mlkem/src/native/meta.h: mlkem/src/native/meta.h - mlkem/src/randombytes.h: mlkem/src/randombytes.h - mlkem/src/compress.c: mlkem/src/compress.c - mlkem/src/sampling.c: mlkem/src/sampling.c - mlkem/src/verify.c: mlkem/src/verify.c - mlkem/src/kem.c: mlkem/src/kem.c - mlkem/src/indcpa.c: mlkem/src/indcpa.c - mlkem/src/symmetric.h: mlkem/src/symmetric.h - mlkem/src/debug.c: mlkem/src/debug.c - mlkem/src/cbmc.h: mlkem/src/cbmc.h - mlkem/src/common.h: mlkem/src/common.h - mlkem/src/poly_k.c: mlkem/src/poly_k.c - mlkem/src/compress.h: mlkem/src/compress.h - mlkem/src/sys.h: mlkem/src/sys.h - mlkem/src/poly.h: mlkem/src/poly.h - mlkem/src/sampling.h: mlkem/src/sampling.h - mlkem/src/indcpa.h: mlkem/src/indcpa.h - mlkem/src/zetas.inc: mlkem/src/zetas.inc - mlkem/src/kem.h: mlkem/src/kem.h - mlkem/src/verify.h: mlkem/src/verify.h + copies: mlkem-native_ref includes: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" @@ -540,59 +217,7 @@ kems: private: [] mlkem-native_ml-kem-768_x86_64: upstream: mlkem-native - copies: - integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h - integration/liboqs/config_x86_64.h: integration/liboqs/config_x86_64.h - integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h - mlkem/src/poly_k.h: mlkem/src/poly_k.h - mlkem/src/debug.h: mlkem/src/debug.h - mlkem/src/poly.c: mlkem/src/poly.c - mlkem/src/params.h: mlkem/src/params.h - mlkem/src/native/api.h: mlkem/src/native/api.h - mlkem/src/native/meta.h: mlkem/src/native/meta.h - mlkem/src/native/x86_64/meta.h: mlkem/src/native/x86_64/meta.h - # TODO: this README.md should be removed :( - mlkem/src/native/x86_64/README.md: mlkem/src/native/x86_64/README.md - mlkem/src/native/x86_64/src/fq.inc: mlkem/src/native/x86_64/src/fq.inc - mlkem/src/native/x86_64/src/rej_uniform_avx2.c: mlkem/src/native/x86_64/src/rej_uniform_avx2.c - mlkem/src/native/x86_64/src/align.h: mlkem/src/native/x86_64/src/align.h - mlkem/src/native/x86_64/src/consts.c: mlkem/src/native/x86_64/src/consts.c - mlkem/src/native/x86_64/src/basemul.c: mlkem/src/native/x86_64/src/basemul.c - mlkem/src/native/x86_64/src/x86_64_zetas.i: mlkem/src/native/x86_64/src/x86_64_zetas.i - mlkem/src/native/x86_64/src/ntt.S: mlkem/src/native/x86_64/src/ntt.S - mlkem/src/native/x86_64/src/compress_avx2.c: mlkem/src/native/x86_64/src/compress_avx2.c - mlkem/src/native/x86_64/src/rej_uniform_table.c: mlkem/src/native/x86_64/src/rej_uniform_table.c - mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i: mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i - mlkem/src/native/x86_64/src/reduce.S: mlkem/src/native/x86_64/src/reduce.S - mlkem/src/native/x86_64/src/tomont.S: mlkem/src/native/x86_64/src/tomont.S - mlkem/src/native/x86_64/src/basemul.S: mlkem/src/native/x86_64/src/basemul.S - mlkem/src/native/x86_64/src/consts.h: mlkem/src/native/x86_64/src/consts.h - mlkem/src/native/x86_64/src/nttfrombytes.S: mlkem/src/native/x86_64/src/nttfrombytes.S - mlkem/src/native/x86_64/src/arith_native_x86_64.h: mlkem/src/native/x86_64/src/arith_native_x86_64.h - mlkem/src/native/x86_64/src/ntttobytes.S: mlkem/src/native/x86_64/src/ntttobytes.S - mlkem/src/native/x86_64/src/intt.S: mlkem/src/native/x86_64/src/intt.S - mlkem/src/native/x86_64/src/mulcache_compute.S: mlkem/src/native/x86_64/src/mulcache_compute.S - mlkem/src/native/x86_64/src/nttunpack.S: mlkem/src/native/x86_64/src/nttunpack.S - mlkem/src/native/x86_64/src/shuffle.inc: mlkem/src/native/x86_64/src/shuffle.inc - mlkem/src/randombytes.h: mlkem/src/randombytes.h - mlkem/src/compress.c: mlkem/src/compress.c - mlkem/src/sampling.c: mlkem/src/sampling.c - mlkem/src/verify.c: mlkem/src/verify.c - mlkem/src/kem.c: mlkem/src/kem.c - mlkem/src/indcpa.c: mlkem/src/indcpa.c - mlkem/src/symmetric.h: mlkem/src/symmetric.h - mlkem/src/debug.c: mlkem/src/debug.c - mlkem/src/cbmc.h: mlkem/src/cbmc.h - mlkem/src/common.h: mlkem/src/common.h - mlkem/src/poly_k.c: mlkem/src/poly_k.c - mlkem/src/compress.h: mlkem/src/compress.h - mlkem/src/sys.h: mlkem/src/sys.h - mlkem/src/poly.h: mlkem/src/poly.h - mlkem/src/sampling.h: mlkem/src/sampling.h - mlkem/src/indcpa.h: mlkem/src/indcpa.h - mlkem/src/zetas.inc: mlkem/src/zetas.inc - mlkem/src/kem.h: mlkem/src/kem.h - mlkem/src/verify.h: mlkem/src/verify.h + copies: mlkem-native_x86_64 includes: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" @@ -601,6 +226,133 @@ kems: - "-DMLK_CONFIG_PARAMETER_SET=768" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" private: ["-mavx2", "-mbmi2", "-mpopcnt"] +copies: + mlkem-native_aarch64: + integration/liboqs/config_aarch64.h: integration/liboqs/config_aarch64.h + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/native/aarch64/README.md: mlkem/src/native/aarch64/README.md + mlkem/src/native/aarch64/meta.h: mlkem/src/native/aarch64/meta.h + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S + mlkem/src/native/aarch64/src/poly_tomont_asm.S: mlkem/src/native/aarch64/src/poly_tomont_asm.S + mlkem/src/native/aarch64/src/ntt.S: mlkem/src/native/aarch64/src/ntt.S + mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S: mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S + mlkem/src/native/aarch64/src/aarch64_zetas.c: mlkem/src/native/aarch64/src/aarch64_zetas.c + mlkem/src/native/aarch64/src/poly_reduce_asm.S: mlkem/src/native/aarch64/src/poly_reduce_asm.S + mlkem/src/native/aarch64/src/arith_native_aarch64.h: mlkem/src/native/aarch64/src/arith_native_aarch64.h + mlkem/src/native/aarch64/src/rej_uniform_asm.S: mlkem/src/native/aarch64/src/rej_uniform_asm.S + mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S: mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S + mlkem/src/native/aarch64/src/rej_uniform_table.c: mlkem/src/native/aarch64/src/rej_uniform_table.c + mlkem/src/native/aarch64/src/consts.h: mlkem/src/native/aarch64/src/consts.h + mlkem/src/native/aarch64/src/poly_tobytes_asm.S: mlkem/src/native/aarch64/src/poly_tobytes_asm.S + mlkem/src/native/aarch64/src/intt.S: mlkem/src/native/aarch64/src/intt.S + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + mlkem-native_x86_64: + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/config_x86_64.h: integration/liboqs/config_x86_64.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/native/x86_64/meta.h: mlkem/src/native/x86_64/meta.h + mlkem/src/native/x86_64/README.md: mlkem/src/native/x86_64/README.md + mlkem/src/native/x86_64/src/fq.inc: mlkem/src/native/x86_64/src/fq.inc + mlkem/src/native/x86_64/src/rej_uniform_avx2.c: mlkem/src/native/x86_64/src/rej_uniform_avx2.c + mlkem/src/native/x86_64/src/align.h: mlkem/src/native/x86_64/src/align.h + mlkem/src/native/x86_64/src/consts.c: mlkem/src/native/x86_64/src/consts.c + mlkem/src/native/x86_64/src/basemul.c: mlkem/src/native/x86_64/src/basemul.c + mlkem/src/native/x86_64/src/x86_64_zetas.i: mlkem/src/native/x86_64/src/x86_64_zetas.i + mlkem/src/native/x86_64/src/ntt.S: mlkem/src/native/x86_64/src/ntt.S + mlkem/src/native/x86_64/src/compress_avx2.c: mlkem/src/native/x86_64/src/compress_avx2.c + mlkem/src/native/x86_64/src/rej_uniform_table.c: mlkem/src/native/x86_64/src/rej_uniform_table.c + mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i: mlkem/src/native/x86_64/src/x86_64_mulcache_twiddles.i + mlkem/src/native/x86_64/src/reduce.S: mlkem/src/native/x86_64/src/reduce.S + mlkem/src/native/x86_64/src/tomont.S: mlkem/src/native/x86_64/src/tomont.S + mlkem/src/native/x86_64/src/basemul.S: mlkem/src/native/x86_64/src/basemul.S + mlkem/src/native/x86_64/src/consts.h: mlkem/src/native/x86_64/src/consts.h + mlkem/src/native/x86_64/src/nttfrombytes.S: mlkem/src/native/x86_64/src/nttfrombytes.S + mlkem/src/native/x86_64/src/arith_native_x86_64.h: mlkem/src/native/x86_64/src/arith_native_x86_64.h + mlkem/src/native/x86_64/src/ntttobytes.S: mlkem/src/native/x86_64/src/ntttobytes.S + mlkem/src/native/x86_64/src/intt.S: mlkem/src/native/x86_64/src/intt.S + mlkem/src/native/x86_64/src/mulcache_compute.S: mlkem/src/native/x86_64/src/mulcache_compute.S + mlkem/src/native/x86_64/src/nttunpack.S: mlkem/src/native/x86_64/src/nttunpack.S + mlkem/src/native/x86_64/src/shuffle.inc: mlkem/src/native/x86_64/src/shuffle.inc + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h + mlkem-native_ref: + integration/liboqs/fips202_glue.h: integration/liboqs/fips202_glue.h + integration/liboqs/config_c.h: integration/liboqs/config_c.h + integration/liboqs/fips202x4_glue.h: integration/liboqs/fips202x4_glue.h + mlkem/src/poly_k.h: mlkem/src/poly_k.h + mlkem/src/debug.h: mlkem/src/debug.h + mlkem/src/poly.c: mlkem/src/poly.c + mlkem/src/params.h: mlkem/src/params.h + mlkem/src/native/api.h: mlkem/src/native/api.h + mlkem/src/native/meta.h: mlkem/src/native/meta.h + mlkem/src/randombytes.h: mlkem/src/randombytes.h + mlkem/src/compress.c: mlkem/src/compress.c + mlkem/src/sampling.c: mlkem/src/sampling.c + mlkem/src/verify.c: mlkem/src/verify.c + mlkem/src/kem.c: mlkem/src/kem.c + mlkem/src/indcpa.c: mlkem/src/indcpa.c + mlkem/src/symmetric.h: mlkem/src/symmetric.h + mlkem/src/debug.c: mlkem/src/debug.c + mlkem/src/cbmc.h: mlkem/src/cbmc.h + mlkem/src/common.h: mlkem/src/common.h + mlkem/src/poly_k.c: mlkem/src/poly_k.c + mlkem/src/compress.h: mlkem/src/compress.h + mlkem/src/sys.h: mlkem/src/sys.h + mlkem/src/poly.h: mlkem/src/poly.h + mlkem/src/sampling.h: mlkem/src/sampling.h + mlkem/src/indcpa.h: mlkem/src/indcpa.h + mlkem/src/zetas.inc: mlkem/src/zetas.inc + mlkem/src/kem.h: mlkem/src/kem.h + mlkem/src/verify.h: mlkem/src/verify.h # - # name: classic_mceliece From 6326743def1591a0c337ef554918258cc12a889b Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Thu, 20 Nov 2025 15:32:09 -0500 Subject: [PATCH 05/26] Can fill in ICICLE and cuPQC ML-KEM copies Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/oqsbuildfile.yml | 101 +++++++++++++++++++++++++++--------- 1 file changed, 77 insertions(+), 24 deletions(-) diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index 42a9d1f603..1b5e273bc1 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -121,18 +121,62 @@ kems: keypair_seedlen: 64 encap_seedlen: 32 impls: - # TODO: cupqc_ml-kem-1024_cuda: - # TODO: cupqc_ml-kem-512_cuda: - # TODO: cupqc_ml-kem-768_cuda: - # TODO: icicle_ml-kem-1024_icicle_cuda: - # TODO: icicle_ml-kem-512_icicle_cuda: - # TODO: icicle_ml-kem-768_icicle_cuda: + cupqc_ml-kem-1024_cuda: + upstream: cupqc + copies: + cupqc_ml-kem.cu: cuda/ml-kem-1024/cupqc_ml-kem.cu + link_libs: + # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html + private: [cupqc-pk_static] + # FIX: `-arch=compute_70` and `CUDA_ARCHITECTURES OFF` seem to conflict? + cuda_arch: off + compile_opts: + private: ["$<$:-rdc=true -dlto -arch=compute_70>"] + cupqc_ml-kem-512_cuda: + upstream: cupqc + copies: + cupqc_ml-kem.cu: cuda/ml-kem-512/cupqc_ml-kem.cu + link_libs: + # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html + private: [cupqc-pk_static] + cuda_arch: off + compile_opts: + private: ["$<$:-rdc=true -dlto -arch=compute_70>"] + cupqc_ml-kem-768_cuda: + upstream: cupqc + copies: + cupqc_ml-kem.cu: cuda/ml-kem-768/cupqc_ml-kem.cu + link_libs: + # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html + private: [cupqc-pk_static] + cuda_arch: off + compile_opts: + private: ["$<$:-rdc=true -dlto -arch=compute_70>"] + icicle_ml-kem-1024_icicle_cuda: + upstream: icicle + copies: + icicle_ml-kem.cpp: icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp + link_libs: + private: [icicle::icicle_pqc_package] + icicle_ml-kem-512_icicle_cuda: + upstream: icicle + copies: + icicle_ml-kem.cpp: icicle_cuda/ml-kem-512/icicle_ml-kem.cpp + link_libs: + private: [icicle::icicle_pqc_package] + icicle_ml-kem-768_icicle_cuda: + upstream: icicle + copies: + icicle_ml-kem.cpp: icicle_cuda/ml-kem-768/icicle_ml-kem.cpp + link_libs: + private: [icicle::icicle_pqc_package] mlkem-native_ml-kem-1024_aarch64: upstream: mlkem-native copies: mlkem-native_aarch64 includes: - - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - "-DMLK_CONFIG_PARAMETER_SET=1024" @@ -142,8 +186,9 @@ kems: upstream: mlkem-native copies: mlkem-native_ref includes: - - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - "-DMLK_CONFIG_PARAMETER_SET=1024" @@ -153,8 +198,9 @@ kems: upstream: mlkem-native copies: mlkem-native_x86_64 includes: - - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - "-DMLK_CONFIG_PARAMETER_SET=1024" @@ -164,8 +210,9 @@ kems: upstream: mlkem-native copies: mlkem-native_aarch64 includes: - - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - "-DMLK_CONFIG_PARAMETER_SET=512" @@ -175,8 +222,9 @@ kems: upstream: mlkem-native copies: mlkem-native_ref includes: - - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - "-DMLK_CONFIG_PARAMETER_SET=512" @@ -186,8 +234,9 @@ kems: upstream: mlkem-native copies: mlkem-native_x86_64 includes: - - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - "-DMLK_CONFIG_PARAMETER_SET=512" @@ -197,8 +246,9 @@ kems: upstream: mlkem-native copies: mlkem-native_aarch64 includes: - - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - "-DMLK_CONFIG_PARAMETER_SET=768" @@ -208,8 +258,9 @@ kems: upstream: mlkem-native copies: mlkem-native_ref includes: - - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - "-DMLK_CONFIG_PARAMETER_SET=768" @@ -219,13 +270,15 @@ kems: upstream: mlkem-native copies: mlkem-native_x86_64 includes: - - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" - - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" compile_opts: public: - "-DMLK_CONFIG_PARAMETER_SET=768" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" private: ["-mavx2", "-mbmi2", "-mpopcnt"] + copies: mlkem-native_aarch64: integration/liboqs/config_aarch64.h: integration/liboqs/config_aarch64.h From 4576017bd209c67021abba71c19849a955c907a8 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Fri, 21 Nov 2025 13:36:56 -0500 Subject: [PATCH 06/26] Refactor copy_from_upstream, moved some nested loops into separate functions Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/__main__.py | 50 +++++----------------- oqsbuilder/oqsbuilder.py | 91 +++++++++++++++++++++++++++------------- 2 files changed, 72 insertions(+), 69 deletions(-) diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index a04acee706..e9fc7d9573 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -1,16 +1,15 @@ import os import sys -import shutil from tempfile import TemporaryDirectory import yaml import oqsbuilder from oqsbuilder import LIBOQS_DIR from oqsbuilder.oqsbuilder import ( - clone_remote_repo, - git_apply, CryptoPrimitive, + copy_copies, get_copies, + fetch_upstreams, ) @@ -42,50 +41,21 @@ def copy_from_upstream( :param headless: True if running in a non-interactive environment """ with open(oqsbuildfile, mode="r", encoding="utf-8") as f: - instructions = yaml.safe_load(f) - print(f"Successfully loaded {oqsbuildfile}") - upstreams = instructions["upstreams"] + oqsbuild = yaml.safe_load(f) with TemporaryDirectory(dir=upstream_parent_dir) as tempdir: - for name, upstream in upstreams.items(): - upstream_dir = clone_remote_repo( - tempdir, - name, - upstream["git_url"], - commit=upstream.get("git_commit", None), - branch_or_tag=upstream.get("git_branch", None), - ) - patches: list[str] = [ - os.path.join(patch_dir, patch) for patch in upstream.get("patches", []) - ] - git_apply(upstream_dir, patches) - print(f"SUCCESS: fetched {len(upstreams)} upstream repositories") - - kems = instructions["kems"] + upstream_dirs = fetch_upstreams(oqsbuild, tempdir, patch_dir) + kems = oqsbuild["kems"] kems_dir = os.path.join(LIBOQS_DIR, "src", "kem") for kem_key, kem in kems["families"].items(): kem_dir = os.path.join(kems_dir, kem_key) print(f"Integrating {kem_key} into {kem_dir}") for impl_key, impl in kem["impls"].items(): - upstream_key = impl["upstream"] - upstream_dir = os.path.join(tempdir, upstream_key) - impl_dir = os.path.join(kem_dir, impl_key) - if not os.path.isdir(upstream_dir): - raise FileNotFoundError( - f"{kem_key}.{impl_key}'s upstream {upstream_key} not found" - ) - copies = get_copies( - instructions, CryptoPrimitive.KEM, kem_key, impl_key + copies = get_copies(oqsbuild, CryptoPrimitive.KEM, kem_key, impl_key) + copy_copies( + copies, + upstream_dir=upstream_dirs[impl["upstream"]], + impl_dir=os.path.join(kem_dir, impl_key), ) - for dst, src in copies.items(): - src = os.path.join(upstream_dir, src) - dst = os.path.join(impl_dir, dst) - dst_parent_dir = os.path.split(dst)[0] - if not os.path.isdir(dst_parent_dir): - print(f"mkdir -p {dst_parent_dir}") - os.makedirs(dst_parent_dir) - # use shutil instead of subprocess.run(["cp", ...]) for OS portability - shutil.copyfile(src, dst) - print(f"Copied {len(impl["copies"])} files into {impl_dir}") if __name__ == "__main__": diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index e1fe8b15ea..3d09b0cbab 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -1,7 +1,11 @@ import enum import os +import shutil import subprocess +# TODO: make it into a proper schema with schema validation +OQSBuild = dict + class CryptoPrimitive(enum.Enum): KEM = 1 @@ -96,50 +100,36 @@ def git_apply( """ if not os.path.isdir(dstdir): raise FileNotFoundError(f"{dstdir} is not a valid directory") - if not gitdir: - gitdir = os.path.join(dstdir, ".git") + gitdir = os.path.join(dstdir, ".git") if not gitdir else gitdir if not os.path.isdir(gitdir): raise FileNotFoundError(f"{gitdir} is not a valid .git directory") - if not worktree: - worktree = dstdir + worktree = dstdir if not worktree else worktree if not os.path.isdir(worktree): raise FileNotFoundError(f"{worktree} is not a valid git work tree") - if not directory: - directory = dstdir + directory = dstdir if not directory else directory if not os.path.isdir(directory): raise FileNotFoundError(f"{directory} is not a valid directory") - if isinstance(patches, list): - if len(patches) == 0: - return - for patch in patches: - if not os.path.isfile(patch): - raise FileNotFoundError(f"{patch} is not a valid patch file") - else: - if not os.path.isfile(patches): - raise FileNotFoundError(f"{patches} is not a valid patch file") + patches = [patches] if isinstance(patches, str) else patches + if len(patches) == 0: + return + for patch in patches: + if not os.path.isfile(patch): + raise FileNotFoundError(f"{patch} is not a valid patch file") if not commit_msg: - if isinstance(patches, list): - patch_names: list[str] = [] - for patch in patches: - _, patch_filename = os.path.split(patch) - patch_name, _ = os.path.splitext(patch_filename) - patch_names.append(patch_name) - commit_msg = f"Applied {', '.join(patch_names)}" - else: - _, patch_filename = os.path.split(patches) + patch_names: list[str] = [] + for patch in patches: + _, patch_filename = os.path.split(patch) patch_name, _ = os.path.splitext(patch_filename) - commit_msg = f"Applied {patch_name}" + patch_names.append(patch_name) + commit_msg = f"Applied {', '.join(patch_names)}" git_apply_cmd = ( ["git", "--git-dir", gitdir, "--work-tree", worktree] + ["apply", "--unsafe-paths", "--verbose", "--whitespace", "fix"] + ["--directory", directory] ) - if isinstance(patches, list): - git_apply_cmd += patches - else: - git_apply_cmd += [patches] + git_apply_cmd += patches commands = [git_apply_cmd] if commit_after_apply: commands.append( @@ -211,3 +201,46 @@ def clone_remote_repo( else: subprocess.run(cmd, check=True) return dstdir + + +def fetch_upstreams( + oqsbuild: OQSBuild, upstream_parent_dir: str, patch_dir: str +) -> dict[str, str]: + """Clone upstream repositories into the specified parent directory and apply + patches. Return a mapping from upstream key to path to the upstream repository + """ + upstream_dirs = {} + for name, upstream in oqsbuild["upstreams"].items(): + upstream_dir = clone_remote_repo( + upstream_parent_dir, + name, + upstream["git_url"], + commit=upstream.get("git_commit", None), + branch_or_tag=upstream.get("git_branch", None), + ) + patches: list[str] = [ + os.path.join(patch_dir, patch) for patch in upstream.get("patches", []) + ] + git_apply(upstream_dir, patches) + upstream_dirs[name] = upstream_dir + print(f"SUCCESS: fetched {len(upstream_dirs)} upstream repositories") + return upstream_dirs + + +def copy_copies(copies: dict[str, str], upstream_dir: str, impl_dir: str): + """Copy the specified file from upstream_dir into impl_dir. + + :param copies: mapping from destination paths (relative to implementation + directory) to source paths (relative to upstream directory) + :param upstream_dir: path to the upstream directory + :param impl_dir: path to the implementation directory + """ + for dst, src in copies.items(): + src = os.path.join(upstream_dir, src) + dst = os.path.join(impl_dir, dst) + dst_parent_dir = os.path.split(dst)[0] + if not os.path.isdir(dst_parent_dir): + print(f"mkdir -p {dst_parent_dir}") + os.makedirs(dst_parent_dir) + shutil.copyfile(src, dst) + print(f"Copied {len(copies)} files into {impl_dir}") From 665f088038245c4d306ccc851200c7a2e3b40523 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Fri, 21 Nov 2025 16:59:20 -0500 Subject: [PATCH 07/26] Start implementing generating family-level cmakelist file Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/__main__.py | 15 +++-- oqsbuilder/oqsbuilder.py | 89 ++++++++++++++++++++++++++- oqsbuilder/oqsbuildfile.yml | 117 +++++++++++++++++++++--------------- oqsbuilder/templates.py | 8 +++ 4 files changed, 172 insertions(+), 57 deletions(-) create mode 100644 oqsbuilder/templates.py diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index e9fc7d9573..0603b19a23 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -8,6 +8,7 @@ from oqsbuilder.oqsbuilder import ( CryptoPrimitive, copy_copies, + generate_kem_cmake, get_copies, fetch_upstreams, ) @@ -44,18 +45,22 @@ def copy_from_upstream( oqsbuild = yaml.safe_load(f) with TemporaryDirectory(dir=upstream_parent_dir) as tempdir: upstream_dirs = fetch_upstreams(oqsbuild, tempdir, patch_dir) + kems = oqsbuild["kems"] kems_dir = os.path.join(LIBOQS_DIR, "src", "kem") for kem_key, kem in kems["families"].items(): kem_dir = os.path.join(kems_dir, kem_key) + cmake_path = os.path.join( + kem_dir, + # TODO: magic file name? + "CMakeLists.txt", + ) print(f"Integrating {kem_key} into {kem_dir}") for impl_key, impl in kem["impls"].items(): + impl_dir = os.path.join(kem_dir, impl_key) copies = get_copies(oqsbuild, CryptoPrimitive.KEM, kem_key, impl_key) - copy_copies( - copies, - upstream_dir=upstream_dirs[impl["upstream"]], - impl_dir=os.path.join(kem_dir, impl_key), - ) + copy_copies(copies, upstream_dirs[impl["upstream"]], impl_dir) + generate_kem_cmake(cmake_path, kem_key, kem, True) if __name__ == "__main__": diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 3d09b0cbab..d7dbd3a4b2 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -2,9 +2,13 @@ import os import shutil import subprocess +from typing import Dict + +from oqsbuilder.templates import FAMILY_CMAKE_HEADER # TODO: make it into a proper schema with schema validation -OQSBuild = dict +OQSBuild = Dict +UpstreamKey = UpstreamPath = str class CryptoPrimitive(enum.Enum): @@ -153,7 +157,7 @@ def clone_remote_repo( commit: str | None = None, branch_or_tag: str | None = None, dryrun: bool = False, -) -> str: +) -> UpstreamPath: """Clone a remote Git repository into a local destination directory. :param parentdir: Path to the parent directory where the repository will be cloned. @@ -205,7 +209,7 @@ def clone_remote_repo( def fetch_upstreams( oqsbuild: OQSBuild, upstream_parent_dir: str, patch_dir: str -) -> dict[str, str]: +) -> dict[UpstreamKey, UpstreamPath]: """Clone upstream repositories into the specified parent directory and apply patches. Return a mapping from upstream key to path to the upstream repository """ @@ -244,3 +248,82 @@ def copy_copies(copies: dict[str, str], upstream_dir: str, impl_dir: str): os.makedirs(dst_parent_dir) shutil.copyfile(src, dst) print(f"Copied {len(copies)} files into {impl_dir}") + + +def get_default_impl(family: dict, param_key: str) -> tuple[str, dict]: + """Get the implementation key and the implementation metadata for the + specified parameter set under the given family + """ + impl_key = family["params"][param_key]["default_impl"] + impl = family["impls"][impl_key] + impl_param_key = impl["param"] + if impl_param_key != param_key: + raise ValueError( + f"{param_key}'s default impl {impl_key} specified param set {impl_param_key}" + ) + return impl_key, impl + + +def get_impls( + family: dict, param_key: str, exclude_default: bool = False +) -> list[tuple[str, dict]]: + """Return a list of (impl_key, impl_metadata) for the specified parameter set""" + impls = [] + default_impl_key, _ = get_default_impl(family, param_key) + for impl_key, impl in family["impls"].items(): + exclude = exclude_default and (impl_key == default_impl_key) + if impl["param"] == param_key and (not exclude): + impls.append((impl_key, impl)) + return impls + +def add_obj_library(libname: str, impl_meta: dict) -> str: + """Given implementation metadata, return a CMake fragment that builds the + implementation into an object library + """ + # TODO: implement this + return "" + +def add_objs(kem_key: str, kem: dict) -> list[str]: + """Return a list of cmake "add_library" sections that build individual + implementations into an object + """ + targets = [] + + for param_key, param in kem["params"].items(): + default_impl_key, default_impl = get_default_impl(kem, param_key) + default_impl["enable_by"] = param["enable_by"] + targets.append(add_obj_library(default_impl_key, default_impl)) + for impl_key, impl in get_impls(kem, param_key, True): + targets.append(add_obj_library(impl_key, impl)) + + return targets + + +def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool): + """Generate the family-level CMakeLists.txt file for the input KEM scheme + + :param cmake_path: the cmake list file will be written to this file + :param kem_key: the family key of the KEM scheme + :param kem: the content in build file under the family key + """ + local_obj = f"_{kem_key}_OBJS".upper() + export_obj = f"{kem_key}_OBJS".upper() + + targets = add_objs(kem_key, kem) + targets = "\n\n".join(targets) + + data = f"""{FAMILY_CMAKE_HEADER} + +set({local_obj} "") + +{targets} + +set({export_obj} ${{{local_obj}}} PARENT_SCOPE) +""" + + if dryrun: + print(f">>> {cmake_path}:") + print(data) + return + with open(cmake_path, "w") as f: + f.write(data) diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index 1b5e273bc1..ae0682e822 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -104,6 +104,8 @@ kems: sslen: 32 keypair_seedlen: 64 encap_seedlen: 32 + enable_by: OQS_ENABLE_KEM_ml_kem_512 + default_impl: mlkem-native_ml-kem-512_ref ml_kem_768: name: "ML-KEM-768" pklen: 1184 @@ -112,6 +114,8 @@ kems: sslen: 32 keypair_seedlen: 64 encap_seedlen: 32 + enable_by: OQS_ENABLE_KEM_ml_kem_768 + default_impl: mlkem-native_ml-kem-768_ref ml_kem_1024: name: "ML-KEM-1024" pklen: 1568 @@ -120,58 +124,12 @@ kems: sslen: 32 keypair_seedlen: 64 encap_seedlen: 32 + enable_by: OQS_ENABLE_KEM_ml_kem_1024 + default_impl: mlkem-native_ml-kem-1024_ref impls: - cupqc_ml-kem-1024_cuda: - upstream: cupqc - copies: - cupqc_ml-kem.cu: cuda/ml-kem-1024/cupqc_ml-kem.cu - link_libs: - # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html - private: [cupqc-pk_static] - # FIX: `-arch=compute_70` and `CUDA_ARCHITECTURES OFF` seem to conflict? - cuda_arch: off - compile_opts: - private: ["$<$:-rdc=true -dlto -arch=compute_70>"] - cupqc_ml-kem-512_cuda: - upstream: cupqc - copies: - cupqc_ml-kem.cu: cuda/ml-kem-512/cupqc_ml-kem.cu - link_libs: - # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html - private: [cupqc-pk_static] - cuda_arch: off - compile_opts: - private: ["$<$:-rdc=true -dlto -arch=compute_70>"] - cupqc_ml-kem-768_cuda: - upstream: cupqc - copies: - cupqc_ml-kem.cu: cuda/ml-kem-768/cupqc_ml-kem.cu - link_libs: - # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html - private: [cupqc-pk_static] - cuda_arch: off - compile_opts: - private: ["$<$:-rdc=true -dlto -arch=compute_70>"] - icicle_ml-kem-1024_icicle_cuda: - upstream: icicle - copies: - icicle_ml-kem.cpp: icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp - link_libs: - private: [icicle::icicle_pqc_package] - icicle_ml-kem-512_icicle_cuda: - upstream: icicle - copies: - icicle_ml-kem.cpp: icicle_cuda/ml-kem-512/icicle_ml-kem.cpp - link_libs: - private: [icicle::icicle_pqc_package] - icicle_ml-kem-768_icicle_cuda: - upstream: icicle - copies: - icicle_ml-kem.cpp: icicle_cuda/ml-kem-768/icicle_ml-kem.cpp - link_libs: - private: [icicle::icicle_pqc_package] mlkem-native_ml-kem-1024_aarch64: upstream: mlkem-native + param: ml_kem_1024 copies: mlkem-native_aarch64 includes: private: @@ -184,6 +142,7 @@ kems: private: [] mlkem-native_ml-kem-1024_ref: upstream: mlkem-native + param: ml_kem_1024 copies: mlkem-native_ref includes: private: @@ -196,6 +155,7 @@ kems: private: [] mlkem-native_ml-kem-1024_x86_64: upstream: mlkem-native + param: ml_kem_1024 copies: mlkem-native_x86_64 includes: private: @@ -208,6 +168,7 @@ kems: private: ["-mavx2", "-mbmi2", "-mpopcnt"] mlkem-native_ml-kem-512_aarch64: upstream: mlkem-native + param: ml_kem_512 copies: mlkem-native_aarch64 includes: private: @@ -220,6 +181,7 @@ kems: private: [] mlkem-native_ml-kem-512_ref: upstream: mlkem-native + param: ml_kem_512 copies: mlkem-native_ref includes: private: @@ -232,6 +194,7 @@ kems: private: [] mlkem-native_ml-kem-512_x86_64: upstream: mlkem-native + param: ml_kem_512 copies: mlkem-native_x86_64 includes: private: @@ -244,6 +207,7 @@ kems: private: ["-mavx2", "-mbmi2", "-mpopcnt"] mlkem-native_ml-kem-768_aarch64: upstream: mlkem-native + param: ml_kem_768 copies: mlkem-native_aarch64 includes: private: @@ -256,6 +220,7 @@ kems: private: [] mlkem-native_ml-kem-768_ref: upstream: mlkem-native + param: ml_kem_768 copies: mlkem-native_ref includes: private: @@ -268,6 +233,7 @@ kems: private: [] mlkem-native_ml-kem-768_x86_64: upstream: mlkem-native + param: ml_kem_768 copies: mlkem-native_x86_64 includes: private: @@ -278,6 +244,59 @@ kems: - "-DMLK_CONFIG_PARAMETER_SET=768" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" private: ["-mavx2", "-mbmi2", "-mpopcnt"] + cupqc_ml-kem-1024_cuda: + upstream: cupqc + param: ml_kem_1024 + copies: + cupqc_ml-kem.cu: cuda/ml-kem-1024/cupqc_ml-kem.cu + link_libs: + # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html + private: [cupqc-pk_static] + # FIX: `-arch=compute_70` and `CUDA_ARCHITECTURES OFF` seem to conflict? + cuda_arch: off + compile_opts: + private: ["$<$:-rdc=true -dlto -arch=compute_70>"] + cupqc_ml-kem-512_cuda: + upstream: cupqc + param: ml_kem_512 + copies: + cupqc_ml-kem.cu: cuda/ml-kem-512/cupqc_ml-kem.cu + link_libs: + private: [cupqc-pk_static] + cuda_arch: off + compile_opts: + private: ["$<$:-rdc=true -dlto -arch=compute_70>"] + cupqc_ml-kem-768_cuda: + upstream: cupqc + param: ml_kem_768 + copies: + cupqc_ml-kem.cu: cuda/ml-kem-768/cupqc_ml-kem.cu + link_libs: + private: [cupqc-pk_static] + cuda_arch: off + compile_opts: + private: ["$<$:-rdc=true -dlto -arch=compute_70>"] + icicle_ml-kem-1024_icicle_cuda: + upstream: icicle + param: ml_kem_1024 + copies: + icicle_ml-kem.cpp: icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp + link_libs: + private: [icicle::icicle_pqc_package] + icicle_ml-kem-512_icicle_cuda: + upstream: icicle + param: ml_kem_512 + copies: + icicle_ml-kem.cpp: icicle_cuda/ml-kem-512/icicle_ml-kem.cpp + link_libs: + private: [icicle::icicle_pqc_package] + icicle_ml-kem-768_icicle_cuda: + upstream: icicle + param: ml_kem_768 + copies: + icicle_ml-kem.cpp: icicle_cuda/ml-kem-768/icicle_ml-kem.cpp + link_libs: + private: [icicle::icicle_pqc_package] copies: mlkem-native_aarch64: diff --git a/oqsbuilder/templates.py b/oqsbuilder/templates.py new file mode 100644 index 0000000000..427bcfe960 --- /dev/null +++ b/oqsbuilder/templates.py @@ -0,0 +1,8 @@ +"""Reusable templates and components + +Each component must not be surroudned by whitespaces +""" + +FAMILY_CMAKE_HEADER = """# SPDX-License-Identifier: MIT + +# This file was generated by OQS Builder""" From e996fedb09798445d4fc2a5584ee1f9ff5f045b0 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Fri, 21 Nov 2025 17:10:19 -0500 Subject: [PATCH 08/26] Checkpoint, will come back Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/oqsbuilder.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index d7dbd3a4b2..15812e644d 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -290,6 +290,10 @@ def add_objs(kem_key: str, kem: dict) -> list[str]: targets = [] for param_key, param in kem["params"].items(): + # TODO: default impl is special for two reasons: + # - default impl's enable_by is overwritten by parameter set's enable_by + # - default impl's obj library also contains a parameter-set-level .c file, + # for example: src/kem/ml_kem/kem_ml_kem_512.c default_impl_key, default_impl = get_default_impl(kem, param_key) default_impl["enable_by"] = param["enable_by"] targets.append(add_obj_library(default_impl_key, default_impl)) From 76c5caa118704e1b63ec4f2e15df1167a44a2a46 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Mon, 24 Nov 2025 15:00:11 -0500 Subject: [PATCH 09/26] At load_oqsbuildfile, the `copies` section of each implementation should expand into the complete "dst: src" mapping even when a "copies_key" is used [skip-ci] Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/__main__.py | 10 +-- oqsbuilder/oqsbuilder.py | 128 ++++++++++++++++++++++++++---------- oqsbuilder/oqsbuildfile.yml | 18 +++++ 3 files changed, 116 insertions(+), 40 deletions(-) diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index 0603b19a23..9ba18e45b2 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -1,15 +1,13 @@ import os import sys from tempfile import TemporaryDirectory -import yaml import oqsbuilder from oqsbuilder import LIBOQS_DIR from oqsbuilder.oqsbuilder import ( - CryptoPrimitive, copy_copies, generate_kem_cmake, - get_copies, + load_oqsbuildfile, fetch_upstreams, ) @@ -41,8 +39,7 @@ def copy_from_upstream( a temporary subdirectory under this directory :param headless: True if running in a non-interactive environment """ - with open(oqsbuildfile, mode="r", encoding="utf-8") as f: - oqsbuild = yaml.safe_load(f) + oqsbuild = load_oqsbuildfile(oqsbuildfile) with TemporaryDirectory(dir=upstream_parent_dir) as tempdir: upstream_dirs = fetch_upstreams(oqsbuild, tempdir, patch_dir) @@ -58,8 +55,7 @@ def copy_from_upstream( print(f"Integrating {kem_key} into {kem_dir}") for impl_key, impl in kem["impls"].items(): impl_dir = os.path.join(kem_dir, impl_key) - copies = get_copies(oqsbuild, CryptoPrimitive.KEM, kem_key, impl_key) - copy_copies(copies, upstream_dirs[impl["upstream"]], impl_dir) + copy_copies(impl["copies"], upstream_dirs[impl["upstream"]], impl_dir) generate_kem_cmake(cmake_path, kem_key, kem, True) diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 15812e644d..21e2a47333 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -2,13 +2,11 @@ import os import shutil import subprocess -from typing import Dict +from typing import Sequence -from oqsbuilder.templates import FAMILY_CMAKE_HEADER +import yaml -# TODO: make it into a proper schema with schema validation -OQSBuild = Dict -UpstreamKey = UpstreamPath = str +from oqsbuilder.templates import FAMILY_CMAKE_HEADER class CryptoPrimitive(enum.Enum): @@ -36,6 +34,31 @@ def get_subdirectory_name(self) -> str: return "stfl_sig" +def load_oqsbuildfile(path: str): + """Load oqsbuildfile from the specified path + + For each implementation, if the `copies` field is mapped to a `copies` key, + then the `copies` field will be instantiated with the actual dst:src mapping + under the top-level `copies` section. + """ + with open(path, mode="r", encoding="utf-8") as f: + oqsbuild = yaml.safe_load(f) + + for primitive in [ + CryptoPrimitive.KEM, + # FIX: uncomment this once sigs and stfl_sigs are filled in + # CryptoPrimitive.SIG, + # CryptoPrimitive.STFL_SIG, + ]: + for _, family in oqsbuild[primitive.get_oqsbuildfile_key()]["families"].items(): + for _, impl_meta in family["impls"].items(): + impl_copies = impl_meta["copies"] + if isinstance(impl_copies, str): + impl_meta["copies"] = oqsbuild["copies"][impl_copies] + + return oqsbuild + + def get_copies( oqsbuild: dict, primitive: CryptoPrimitive, family_key: str, impl_key: str ) -> dict[str, str]: @@ -157,7 +180,7 @@ def clone_remote_repo( commit: str | None = None, branch_or_tag: str | None = None, dryrun: bool = False, -) -> UpstreamPath: +) -> str: """Clone a remote Git repository into a local destination directory. :param parentdir: Path to the parent directory where the repository will be cloned. @@ -208,8 +231,8 @@ def clone_remote_repo( def fetch_upstreams( - oqsbuild: OQSBuild, upstream_parent_dir: str, patch_dir: str -) -> dict[UpstreamKey, UpstreamPath]: + oqsbuild: dict, upstream_parent_dir: str, patch_dir: str +) -> dict[str, str]: """Clone upstream repositories into the specified parent directory and apply patches. Return a mapping from upstream key to path to the upstream repository """ @@ -253,6 +276,8 @@ def copy_copies(copies: dict[str, str], upstream_dir: str, impl_dir: str): def get_default_impl(family: dict, param_key: str) -> tuple[str, dict]: """Get the implementation key and the implementation metadata for the specified parameter set under the given family + + :return: a tuple of (impl_key, impl_meta) """ impl_key = family["params"][param_key]["default_impl"] impl = family["impls"][impl_key] @@ -276,36 +301,73 @@ def get_impls( impls.append((impl_key, impl)) return impls -def add_obj_library(libname: str, impl_meta: dict) -> str: - """Given implementation metadata, return a CMake fragment that builds the - implementation into an object library - """ - # TODO: implement this - return "" -def add_objs(kem_key: str, kem: dict) -> list[str]: - """Return a list of cmake "add_library" sections that build individual - implementations into an object +def get_src_paths(impl_meta, src_exts: Sequence[str] = (".c", ".S")) -> list[str]: + """Return a list of source file paths relative to the implementation directory""" + # FIX: implement this + return [] + + +def generate_family_cmake_targets( + family_key: str, + family_meta: dict, + local_obj: str, + overwrite_default_impl_enable_by: bool = True, +) -> list[str]: + """Generate a list of family-level CMake fragments where each fragment builds + an object library target. Some targets contain individual implementations, + such as mlkem-native_ml-kem-512_ref. Other targets contain OQS APIs, such + as OQS_KEM_ml_kem_512_new (specified in kem_ml_kem_512.c) + + :param family_key: key of a family, such as ml_kem or ml_dsa + :param family_meta: this family's metadata + :param local_obj: the non-exported cmake variable that aggregates objects + for this family, such as `_ML_KEM_OBJS` in src/kem/ml_kem/CMakeLists.txt + :param overwrite_default_impl_enable_by: for each parameter set, overwrite + the `enable_by` flag of the default implementation with the `enable_by` + flag of the parameter set """ - targets = [] - - for param_key, param in kem["params"].items(): - # TODO: default impl is special for two reasons: - # - default impl's enable_by is overwritten by parameter set's enable_by - # - default impl's obj library also contains a parameter-set-level .c file, - # for example: src/kem/ml_kem/kem_ml_kem_512.c - default_impl_key, default_impl = get_default_impl(kem, param_key) - default_impl["enable_by"] = param["enable_by"] - targets.append(add_obj_library(default_impl_key, default_impl)) - for impl_key, impl in get_impls(kem, param_key, True): - targets.append(add_obj_library(impl_key, impl)) - - return targets + impl_targets = [] + for impl_key, impl_meta in family_meta["impls"].items(): + print(f"Generating implementation target for {family_key}.{impl_key}") + impl_enable_by = impl_meta["enable_by"] + impl_param_key = impl_meta["param"] + impl_param_meta = family_meta["params"][impl_param_key] + if overwrite_default_impl_enable_by and ( + get_default_impl(family_meta, impl_param_key)[0] == impl_key + ): + impl_enable_by = impl_param_meta["enable_by"] + srcpaths = get_src_paths(impl_meta) + target = f"""\ +if({impl_enable_by}) + add_library({impl_key} OBJECT) + set(IMPL_KEY {impl_key}) + set({local_obj} ${{{local_obj}}} $) +endif()""" + impl_targets.append(target) + + common_targets = [] + for param_key, param_meta in family_meta["params"].items(): + print(f"Generating common targets for {family_key}.{param_key}") + param_enable_by = param_meta["enable_by"] + param_api_src = param_meta["api_src"] + target = f"""\ +if({param_enable_by}) + add_library({param_key} OBJECT {param_api_src}) + set({local_obj} ${{{local_obj}}} $) +endif()""" + common_targets.append(target) + + return impl_targets + common_targets def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool): """Generate the family-level CMakeLists.txt file for the input KEM scheme + Each family-level list file (e.g. src/kem/ml_kem/CMakeLists.txt) exports a + cmake variable (e.g. ML_KEM_OBJS) that contains the compiled objects from + that family. + :param cmake_path: the cmake list file will be written to this file :param kem_key: the family key of the KEM scheme :param kem: the content in build file under the family key @@ -313,7 +375,7 @@ def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool): local_obj = f"_{kem_key}_OBJS".upper() export_obj = f"{kem_key}_OBJS".upper() - targets = add_objs(kem_key, kem) + targets = generate_family_cmake_targets(kem_key, kem, local_obj) targets = "\n\n".join(targets) data = f"""{FAMILY_CMAKE_HEADER} @@ -326,7 +388,7 @@ def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool): """ if dryrun: - print(f">>> {cmake_path}:") + print(f">>>>>>>>> {cmake_path}:") print(data) return with open(cmake_path, "w") as f: diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index ae0682e822..8f4d1ee5f4 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -106,6 +106,7 @@ kems: encap_seedlen: 32 enable_by: OQS_ENABLE_KEM_ml_kem_512 default_impl: mlkem-native_ml-kem-512_ref + api_src: kem_ml_kem_512.c ml_kem_768: name: "ML-KEM-768" pklen: 1184 @@ -116,6 +117,7 @@ kems: encap_seedlen: 32 enable_by: OQS_ENABLE_KEM_ml_kem_768 default_impl: mlkem-native_ml-kem-768_ref + api_src: kem_ml_kem_768.c ml_kem_1024: name: "ML-KEM-1024" pklen: 1568 @@ -126,11 +128,13 @@ kems: encap_seedlen: 32 enable_by: OQS_ENABLE_KEM_ml_kem_1024 default_impl: mlkem-native_ml-kem-1024_ref + api_src: kem_ml_kem_1024.c impls: mlkem-native_ml-kem-1024_aarch64: upstream: mlkem-native param: ml_kem_1024 copies: mlkem-native_aarch64 + enable_by: OQS_ENABLE_KEM_ml_kem_1024_aarch64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -144,6 +148,7 @@ kems: upstream: mlkem-native param: ml_kem_1024 copies: mlkem-native_ref + enable_by: OQS_ENABLE_KEM_ml_kem_1024_ref includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -157,6 +162,7 @@ kems: upstream: mlkem-native param: ml_kem_1024 copies: mlkem-native_x86_64 + enable_by: OQS_ENABLE_KEM_ml_kem_1024_x86_64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -170,6 +176,7 @@ kems: upstream: mlkem-native param: ml_kem_512 copies: mlkem-native_aarch64 + enable_by: OQS_ENABLE_KEM_ml_kem_512_aarch64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -183,6 +190,7 @@ kems: upstream: mlkem-native param: ml_kem_512 copies: mlkem-native_ref + enable_by: OQS_ENABLE_KEM_ml_kem_512_ref includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -196,6 +204,7 @@ kems: upstream: mlkem-native param: ml_kem_512 copies: mlkem-native_x86_64 + enable_by: OQS_ENABLE_KEM_ml_kem_512_x86_64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -209,6 +218,7 @@ kems: upstream: mlkem-native param: ml_kem_768 copies: mlkem-native_aarch64 + enable_by: OQS_ENABLE_KEM_ml_kem_768_aarch64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -222,6 +232,7 @@ kems: upstream: mlkem-native param: ml_kem_768 copies: mlkem-native_ref + enable_by: OQS_ENABLE_KEM_ml_kem_768_ref includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -235,6 +246,7 @@ kems: upstream: mlkem-native param: ml_kem_768 copies: mlkem-native_x86_64 + enable_by: OQS_ENABLE_KEM_ml_kem_768_x86_64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -249,6 +261,7 @@ kems: param: ml_kem_1024 copies: cupqc_ml-kem.cu: cuda/ml-kem-1024/cupqc_ml-kem.cu + enable_by: OQS_ENABLE_KEM_ml_kem_1024_cuda link_libs: # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html private: [cupqc-pk_static] @@ -261,6 +274,7 @@ kems: param: ml_kem_512 copies: cupqc_ml-kem.cu: cuda/ml-kem-512/cupqc_ml-kem.cu + enable_by: OQS_ENABLE_KEM_ml_kem_512_cuda link_libs: private: [cupqc-pk_static] cuda_arch: off @@ -271,6 +285,7 @@ kems: param: ml_kem_768 copies: cupqc_ml-kem.cu: cuda/ml-kem-768/cupqc_ml-kem.cu + enable_by: OQS_ENABLE_KEM_ml_kem_768_cuda link_libs: private: [cupqc-pk_static] cuda_arch: off @@ -281,6 +296,7 @@ kems: param: ml_kem_1024 copies: icicle_ml-kem.cpp: icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp + enable_by: OQS_ENABLE_KEM_ml_kem_1024_icicle_cuda link_libs: private: [icicle::icicle_pqc_package] icicle_ml-kem-512_icicle_cuda: @@ -288,6 +304,7 @@ kems: param: ml_kem_512 copies: icicle_ml-kem.cpp: icicle_cuda/ml-kem-512/icicle_ml-kem.cpp + enable_by: OQS_ENABLE_KEM_ml_kem_512_icicle_cuda link_libs: private: [icicle::icicle_pqc_package] icicle_ml-kem-768_icicle_cuda: @@ -295,6 +312,7 @@ kems: param: ml_kem_768 copies: icicle_ml-kem.cpp: icicle_cuda/ml-kem-768/icicle_ml-kem.cpp + enable_by: OQS_ENABLE_KEM_ml_kem_768_icicle_cuda link_libs: private: [icicle::icicle_pqc_package] From 3d1c4b07557329a18333e4ddf0fee08d2b7a429c Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Mon, 24 Nov 2025 15:30:15 -0500 Subject: [PATCH 10/26] Can correctly aggregate source files Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/oqsbuilder.py | 43 ++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 22 deletions(-) diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 21e2a47333..16fab5a044 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -2,12 +2,13 @@ import os import shutil import subprocess -from typing import Sequence import yaml from oqsbuilder.templates import FAMILY_CMAKE_HEADER +SRC_FILE_EXTS = (".c", ".s", ".S", ".cpp", ".cu") + class CryptoPrimitive(enum.Enum): KEM = 1 @@ -302,12 +303,6 @@ def get_impls( return impls -def get_src_paths(impl_meta, src_exts: Sequence[str] = (".c", ".S")) -> list[str]: - """Return a list of source file paths relative to the implementation directory""" - # FIX: implement this - return [] - - def generate_family_cmake_targets( family_key: str, family_meta: dict, @@ -327,6 +322,18 @@ def generate_family_cmake_targets( the `enable_by` flag of the default implementation with the `enable_by` flag of the parameter set """ + common_targets = [] + for param_key, param_meta in family_meta["params"].items(): + print(f"Generating common targets for {family_key}.{param_key}") + param_enable_by = param_meta["enable_by"] + param_api_src = param_meta["api_src"] + target = f"""\ +if({param_enable_by}) + add_library({param_key} OBJECT {param_api_src}) + set({local_obj} ${{{local_obj}}} $) +endif()""" + common_targets.append(target) + impl_targets = [] for impl_key, impl_meta in family_meta["impls"].items(): print(f"Generating implementation target for {family_key}.{impl_key}") @@ -337,28 +344,20 @@ def generate_family_cmake_targets( get_default_impl(family_meta, impl_param_key)[0] == impl_key ): impl_enable_by = impl_param_meta["enable_by"] - srcpaths = get_src_paths(impl_meta) + srcpaths = [ + os.path.join(impl_key, path) + for path in impl_meta["copies"] + if os.path.splitext(path)[1] in SRC_FILE_EXTS + ] target = f"""\ if({impl_enable_by}) - add_library({impl_key} OBJECT) + add_library({impl_key} OBJECT {" ".join(srcpaths)}) set(IMPL_KEY {impl_key}) set({local_obj} ${{{local_obj}}} $) endif()""" impl_targets.append(target) - common_targets = [] - for param_key, param_meta in family_meta["params"].items(): - print(f"Generating common targets for {family_key}.{param_key}") - param_enable_by = param_meta["enable_by"] - param_api_src = param_meta["api_src"] - target = f"""\ -if({param_enable_by}) - add_library({param_key} OBJECT {param_api_src}) - set({local_obj} ${{{local_obj}}} $) -endif()""" - common_targets.append(target) - - return impl_targets + common_targets + return common_targets + impl_targets def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool): From eee353338fc58190cb75aca9c88fd7a8e0dc7210 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Mon, 24 Nov 2025 15:38:54 -0500 Subject: [PATCH 11/26] Join target inner lines with line breaks to build target inner Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/oqsbuilder.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 16fab5a044..c082ece788 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -337,6 +337,7 @@ def generate_family_cmake_targets( impl_targets = [] for impl_key, impl_meta in family_meta["impls"].items(): print(f"Generating implementation target for {family_key}.{impl_key}") + target_inner_lines = [f" set(IMPL_KEY {impl_key})"] impl_enable_by = impl_meta["enable_by"] impl_param_key = impl_meta["param"] impl_param_meta = family_meta["params"][impl_param_key] @@ -349,11 +350,16 @@ def generate_family_cmake_targets( for path in impl_meta["copies"] if os.path.splitext(path)[1] in SRC_FILE_EXTS ] + target_inner_lines.append( + f" add_library({impl_key} OBJECT {" ".join(srcpaths)})" + ) + # FIX: add compiler options + target_inner_lines.append( + f" set({local_obj} ${{{local_obj}}} $)" + ) target = f"""\ if({impl_enable_by}) - add_library({impl_key} OBJECT {" ".join(srcpaths)}) - set(IMPL_KEY {impl_key}) - set({local_obj} ${{{local_obj}}} $) +{"\n".join(target_inner_lines)} endif()""" impl_targets.append(target) From 6223dc9cddfb0cb60200674f43ed8300e21f48c0 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Mon, 24 Nov 2025 16:11:12 -0500 Subject: [PATCH 12/26] [skip-ci] Can generate family-level cmake list file with source files, compiler options, include directories, link libraries, and CUDA_ARCHITECTURES. Still need testing. Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/oqsbuilder.py | 62 ++++++++++++++++++++++++++++++++++--- oqsbuilder/oqsbuildfile.yml | 6 ++-- 2 files changed, 61 insertions(+), 7 deletions(-) diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index c082ece788..5423509712 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -8,6 +8,7 @@ from oqsbuilder.templates import FAMILY_CMAKE_HEADER SRC_FILE_EXTS = (".c", ".s", ".S", ".cpp", ".cu") +SCOPE_OPTIONS = ("public", "private", "interface") class CryptoPrimitive(enum.Enum): @@ -303,6 +304,35 @@ def get_impls( return impls +def get_impl_compile_opts(impl_meta: dict, scope: str) -> list[str] | None: + """Return the list of public compiler options or None if there is none""" + assert scope in SCOPE_OPTIONS, f"scope must be in {SCOPE_OPTIONS}" + compile_opts = impl_meta.get("compile_opts", None) + if not compile_opts: + return None + return compile_opts.get(scope, None) + + +def get_impl_include_dirs(impl_meta: dict, scope: str) -> list[str] | None: + """Return the list of include directories or None""" + assert scope in SCOPE_OPTIONS, f"scope must be in {SCOPE_OPTIONS}" + include_dirs = impl_meta.get("includes", None) + if not include_dirs: + return None + return include_dirs.get(scope, None) + + +# TODO: get_impl_include_dirs, get_impl_link_libs, and get_impl_compile_opts +# are highly similar. Consider refactoring them into a single function +def get_impl_link_libs(impl_meta: dict, scope: str) -> list[str] | None: + """Return the list of include directories or None""" + assert scope in SCOPE_OPTIONS, f"scope must be in {SCOPE_OPTIONS}" + include_dirs = impl_meta.get("link_libs", None) + if not include_dirs: + return None + return include_dirs.get(scope, None) + + def generate_family_cmake_targets( family_key: str, family_meta: dict, @@ -337,7 +367,7 @@ def generate_family_cmake_targets( impl_targets = [] for impl_key, impl_meta in family_meta["impls"].items(): print(f"Generating implementation target for {family_key}.{impl_key}") - target_inner_lines = [f" set(IMPL_KEY {impl_key})"] + target_inner_lines = [f"set(IMPL_KEY {impl_key})"] impl_enable_by = impl_meta["enable_by"] impl_param_key = impl_meta["param"] impl_param_meta = family_meta["params"][impl_param_key] @@ -345,17 +375,41 @@ def generate_family_cmake_targets( get_default_impl(family_meta, impl_param_key)[0] == impl_key ): impl_enable_by = impl_param_meta["enable_by"] + # Find source files srcpaths = [ os.path.join(impl_key, path) for path in impl_meta["copies"] if os.path.splitext(path)[1] in SRC_FILE_EXTS ] target_inner_lines.append( - f" add_library({impl_key} OBJECT {" ".join(srcpaths)})" + f"add_library({impl_key} OBJECT {" ".join(srcpaths)})" ) - # FIX: add compiler options + # Add compile options, include directories + for scope in ("public", "private"): + compile_opts = get_impl_compile_opts(impl_meta, scope) + if compile_opts: + target_inner_lines.append( + f"target_compile_options({impl_key} {scope.upper()} {" ".join(compile_opts)})" + ) + include_dirs = get_impl_include_dirs(impl_meta, scope) + if include_dirs: + target_inner_lines.append( + f"target_include_directories({impl_key} {scope.upper()} {" ".join(include_dirs)})" + ) + link_libs = get_impl_link_libs(impl_meta, scope) + if link_libs: + target_inner_lines.append( + f"target_link_libraries({impl_key} {scope.upper()} {" ".join(link_libs)})" + ) + # CUDA Architecture if specified + cuda_arch = impl_meta.get("cuda_arch", None) + if cuda_arch: + target_inner_lines.append( + f"set_property(TARGET {impl_key} PROPERTY CUDA_ARCHITECTURES {cuda_arch})" + ) + # Aggregate objects to local obj variable target_inner_lines.append( - f" set({local_obj} ${{{local_obj}}} $)" + f"set({local_obj} ${{{local_obj}}} $)" ) target = f"""\ if({impl_enable_by}) diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index 8f4d1ee5f4..d93fbd4910 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -266,7 +266,7 @@ kems: # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html private: [cupqc-pk_static] # FIX: `-arch=compute_70` and `CUDA_ARCHITECTURES OFF` seem to conflict? - cuda_arch: off + cuda_arch: OFF compile_opts: private: ["$<$:-rdc=true -dlto -arch=compute_70>"] cupqc_ml-kem-512_cuda: @@ -277,7 +277,7 @@ kems: enable_by: OQS_ENABLE_KEM_ml_kem_512_cuda link_libs: private: [cupqc-pk_static] - cuda_arch: off + cuda_arch: OFF compile_opts: private: ["$<$:-rdc=true -dlto -arch=compute_70>"] cupqc_ml-kem-768_cuda: @@ -288,7 +288,7 @@ kems: enable_by: OQS_ENABLE_KEM_ml_kem_768_cuda link_libs: private: [cupqc-pk_static] - cuda_arch: off + cuda_arch: OFF compile_opts: private: ["$<$:-rdc=true -dlto -arch=compute_70>"] icicle_ml-kem-1024_icicle_cuda: From 90ec368b4676ba670596657e255f989e5a38749b Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Mon, 24 Nov 2025 20:12:34 -0500 Subject: [PATCH 13/26] [skip ci] Turned off family-level cmake dryrun; the generated src/kem/ml_kem/CMakeLists.txt can build and pass some basic pytest tests on my development machine Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/__main__.py | 7 ++++--- oqsbuilder/oqsbuildfile.yml | 6 ------ 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index 9ba18e45b2..51a8b6c60e 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -5,6 +5,7 @@ import oqsbuilder from oqsbuilder import LIBOQS_DIR from oqsbuilder.oqsbuilder import ( + CryptoPrimitive, copy_copies, generate_kem_cmake, load_oqsbuildfile, @@ -43,8 +44,8 @@ def copy_from_upstream( with TemporaryDirectory(dir=upstream_parent_dir) as tempdir: upstream_dirs = fetch_upstreams(oqsbuild, tempdir, patch_dir) - kems = oqsbuild["kems"] - kems_dir = os.path.join(LIBOQS_DIR, "src", "kem") + kems = oqsbuild[CryptoPrimitive.KEM.get_oqsbuildfile_key()] + kems_dir = os.path.join(LIBOQS_DIR, "src", CryptoPrimitive.KEM.get_subdirectory_name()) for kem_key, kem in kems["families"].items(): kem_dir = os.path.join(kems_dir, kem_key) cmake_path = os.path.join( @@ -56,7 +57,7 @@ def copy_from_upstream( for impl_key, impl in kem["impls"].items(): impl_dir = os.path.join(kem_dir, impl_key) copy_copies(impl["copies"], upstream_dirs[impl["upstream"]], impl_dir) - generate_kem_cmake(cmake_path, kem_key, kem, True) + generate_kem_cmake(cmake_path, kem_key, kem, dryrun=False) if __name__ == "__main__": diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index d93fbd4910..2abcd6d615 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -143,7 +143,6 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=1024" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h\"" - private: [] mlkem-native_ml-kem-1024_ref: upstream: mlkem-native param: ml_kem_1024 @@ -157,7 +156,6 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=1024" - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" - private: [] mlkem-native_ml-kem-1024_x86_64: upstream: mlkem-native param: ml_kem_1024 @@ -185,7 +183,6 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=512" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h\"" - private: [] mlkem-native_ml-kem-512_ref: upstream: mlkem-native param: ml_kem_512 @@ -199,7 +196,6 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=512" - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" - private: [] mlkem-native_ml-kem-512_x86_64: upstream: mlkem-native param: ml_kem_512 @@ -227,7 +223,6 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=768" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h\"" - private: [] mlkem-native_ml-kem-768_ref: upstream: mlkem-native param: ml_kem_768 @@ -241,7 +236,6 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=768" - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" - private: [] mlkem-native_ml-kem-768_x86_64: upstream: mlkem-native param: ml_kem_768 From 5016fd2562b195d73248634397389e61ec245ed1 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Mon, 24 Nov 2025 20:31:19 -0500 Subject: [PATCH 14/26] [skip ci] Documentation for oqsbuildfile Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 212 +++++++++++++++++++++++++++++++++- oqsbuilder/oqsbuilder.py | 2 +- src/kem/ml_kem/CMakeLists.txt | 194 ++++++++++++++++--------------- 3 files changed, 311 insertions(+), 97 deletions(-) diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index f5b80fdbb6..3766d4d332 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -6,14 +6,214 @@ This is the replacement for `copy_from_upstream.py` - ✅ apply patches - 🚧 move source file from upstream into `liboqs/src` - 🚧 ML-KEM -- ⚠️ render `CMakeLists.txt` and other build files +- 🚧 render `CMakeLists.txt` and other build files - ⚠️ figure out how to check feature parity with `copy_from_upstream.py` -## Spot checks -```bash -# Should print version -python -m oqsbuilder --version -python -m oqsbuilder --file oqsbuilder/INTEGRATIONS.yml copy +# OQS Build File +The build file `oqsbuildfile.yml` is the single source of truth from which the entire library (source files, header files, build files, documentation) is assembled and/or generated. + +## Upstreams +Upstreams are external repositories from which `liboqs` curates source code. + +### `git_url` + +### `git_branch` + +### `git_commit` + +### `patches` + +## Implementations +Each KEM, signature, and/or stateful signature can have one or more implementations.The `impls` field under each family maps one implementation key (e.g. `mlkem-native_ml_kem_768_aarch64`) to one set of implementation metadata. + +### `upstream` +An upstream key. It must match one of the upstreams described under the `upstreams` section. + +### `param` +Each implementation implements a single parameter set. + +### `.enable_by` +Define the C pre-processing macro and/or CMake variable with which this implementation will be enabled. For example: + +```yaml +cupqc_ml-kem-1024_cuda: + enable_by: OQS_ENABLE_KEM_ml_kem_512_cuda +``` + +Will translate to: + +```cmake +# src/kem/ml_kem/CMakeLists.txt +if(OQS_ENABLE_KEM_ml_kem_512_cuda) + # ... +endif() ``` +If not specified, then this implementation is always included. + +Notes: +- Some implementations are further hidden behind platform guards. For example, CUDA implementations also need `OQS_USE_CUPQC` in addition to the individual implementation `enable_by` + +### `copies` +A description of how the content of an implementation should be assembled. This field can be a single string or a dictionary. + - *Dictionary*: maps destination path to source path. Each destination path is relative to the implementation subdirectory (i.e. relative to `liboqs/src///`). Each source path is relative to the upstream repository's root directory. + - *Key*: references a reusable set of `dst:src` mappings. For example, `mlkem-native_ml_kem_<512|768|1024>_aarch` all use the same `copies` mapping, so each of the copy field could just be as follows: + +```yaml +ml_kem: + impls: + mlkem-native_ml-kem-512_aarch64: + copies: mlkem-native-aarch64-copies + mlkem-native_ml-kem-768_aarch64: + copies: mlkem-native-aarch64-copies + mlkem-native_ml-kem-1024_aarch64: + copies: mlkem-native-aarch64-copies + +copies: + mlkem-native-aarch64-copies: + dst1: src1 + dst2: src2 +``` + +### `includes` (optional) +A list of strings. Each item will be added to the cmake command `target_include_directories`. + +```yaml +ml_kem: + impls: + mlkem-native_ml-kem-1024_aarch64: + includes: + private: + - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" + - "${PROJECT_SOURCE_DIR}/src/common/pqclean_shims" +``` + +For example, the `includes` field above will be translated into: + +```cmake +target_include_directories( + ml_kem_1024_aarch64 + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-1024_aarch64 + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims +) +``` + +This field is optional. + +### `compile_opts` (optional) +List of compiler options that feed into `target_compile_options`. + +```yaml +compile_opts: + public: + - "-DMLK_CONFIG_PARAMETER_SET=1024" + - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" + private: ["-mavx2", "-mbmi2", "-mpopcnt"] +``` + +Translates to: + +```cmake +target_compile_options( + ml_kem_1024_x86_64 + PRIVATE + -mavx2 -mbmi2 -mpopcnt +) +target_compile_options( + ml_kem_1024_x86_64 + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=1024 + -DMLK_CONFIG_FILE=".../integration/liboqs/config_x86_64.h" +) +``` + +This field is optional. Each of `public`, `private` is also optional. + +### `link_libs` (optional) +List of library names that feed into `target_link_libraries`. + +```yaml +link_libs: + private: ["icicle::icicle_pqc_package"] +``` + +Translates to + +```cmake +target_link_libraries(_target PRIVATE icicle::icicle_pqc_package) +``` + +### `cuda_arch` (optional) +**Currently used for [cuPQC's](https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html) implementations only.** + +As of Nov 2025, liboqs has cuPQC's ML-KEM implementation, but cuPQC also has a ML-DSA implementation that we might want to integrate later. + +```yaml +cuda_arch: OFF +``` + +Will translate to the following settings for [`CUDA_ARCHITECTURES`](https://cmake.org/cmake/help/latest/prop_tgt/CUDA_ARCHITECTURES.html) + +```cmake +set_property(TARGET _target PROPERTY CUDA_ARCHITECTURES OFF) +``` + +## KEMs +- KEM schemes are listed under the top-level key `kems`. Their files are listed under `src/kem`. +- The key of each KEM family is the name of the subdirectory. For example, ML-KEM files are located under `src/kem/ml_kem`. The key of each implementation under the same family is the name of the subdirectory. For example, the implementation `mlkem-native_ml-kem-512_ref` is located under `src/kem/ml_kem/mlkem-native_ml-kem-512_ref`. +- `sources` under each `impl` can contain both source files (`.c`, `.S`) and header/config files (`.h`) +- Each KEM family has a family-level `CMakeLists.txt` file. For example, ML-KEM has a `src/kem/ml_kem/CMakeLists.txt` file. There is no implementation-level list file. Under each implementation, the cmake variable `CMAKE_CURRENT_LIST_DIR` refers to the family-level list file. + +## Parameter Set +Each KEM/SIG/STFL_SIG scheme can have one or more parameter sets listed under the `params` key. For example: + +```yaml +kems: + families: + ml_kem: + params: + ml_kem_512: # ... + ml_kem_768: # ... + ml_kem_1024: # ... +sigs: + families: + ml_dsa: + params: + ml_dsa_44: # ... + ml_dsa_65: # ... + ml_dsa_87: # ... +``` + +### `api_src` +Path to the source file (relative to the family directory) that contains the OQS common API (e.g. `OQS_KEM_ml_kem_512_new`) for this parameter set (e.g. `kem_ml_kem_512.c`) + +### `.enable_by` +Specify the C pre-processing macro that enables this parameter set. Note that if the parameter set is disabled, then no individual implementation will be enabled even if the individual implementation is enabled. + +For example: + +```yaml +ml_kem_512: + enable_by: OQS_ENABLE_KEM_ml_kem_512 +``` + +translates to the following cmake and C code: + +```cmake +if(OQS_ENABLE_KEM_ml_kem_512) + add_library(... OBJECT kem_ml_kem_512.c) +endif() +``` + +```c +#ifdef OQS_ENABLE_KEM_ml_kem_512 +OQS_KEM *OQS_KEM_ml_kem_512_new(void) { /* ... */ } +#endif /* OQS_ENABLE_KEM_ml_kem_512 */ +``` + +The cmake variable is translated to [C macro](https://github.com/open-quantum-safe/liboqs/blob/97f6b86b1b6d109cfd43cf276ae39c2e776aed80/src/oqsconfig.h.cmake) using [`cmakedefine`](https://cmake.org/cmake/help/latest/command/configure_file.html#transformations) directive. + +### `default_impl` +Specify a key to an implementation that implements this parameter set. The default implementation's [`enable_by`](#imple_keyenable_by) flag will be overwritten by this parameter set's [`enable_by`](#param_keyenable_by) flag so that if this parameter set is enabled, the default implementation is automatically enabled. diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 5423509712..a31b97ddfc 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -385,7 +385,7 @@ def generate_family_cmake_targets( f"add_library({impl_key} OBJECT {" ".join(srcpaths)})" ) # Add compile options, include directories - for scope in ("public", "private"): + for scope in SCOPE_OPTIONS: compile_opts = get_impl_compile_opts(impl_meta, scope) if compile_opts: target_inner_lines.append( diff --git a/src/kem/ml_kem/CMakeLists.txt b/src/kem/ml_kem/CMakeLists.txt index c1bd870557..9810ce3871 100644 --- a/src/kem/ml_kem/CMakeLists.txt +++ b/src/kem/ml_kem/CMakeLists.txt @@ -1,128 +1,142 @@ # SPDX-License-Identifier: MIT -# This file was generated by -# scripts/copy_from_upstream/copy_from_upstream.py +# This file was generated by OQS Builder set(_ML_KEM_OBJS "") if(OQS_ENABLE_KEM_ml_kem_512) - add_library(ml_kem_512_ref OBJECT kem_ml_kem_512.c mlkem-native_ml-kem-512_ref/mlkem/src/compress.c mlkem-native_ml-kem-512_ref/mlkem/src/debug.c mlkem-native_ml-kem-512_ref/mlkem/src/indcpa.c mlkem-native_ml-kem-512_ref/mlkem/src/kem.c mlkem-native_ml-kem-512_ref/mlkem/src/poly.c mlkem-native_ml-kem-512_ref/mlkem/src/poly_k.c mlkem-native_ml-kem-512_ref/mlkem/src/sampling.c mlkem-native_ml-kem-512_ref/mlkem/src/verify.c) - target_compile_options(ml_kem_512_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") - target_include_directories(ml_kem_512_ref PRIVATE ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-512_ref) - target_include_directories(ml_kem_512_ref PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) - target_compile_options(ml_kem_512_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + add_library(ml_kem_512 OBJECT kem_ml_kem_512.c) + set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_512_x86_64) - add_library(ml_kem_512_x86_64 OBJECT mlkem-native_ml-kem-512_x86_64/mlkem/src/compress.c mlkem-native_ml-kem-512_x86_64/mlkem/src/debug.c mlkem-native_ml-kem-512_x86_64/mlkem/src/indcpa.c mlkem-native_ml-kem-512_x86_64/mlkem/src/kem.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/basemul.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/basemul.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/compress_avx2.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/consts.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/intt.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/mulcache_compute.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/ntt.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/nttfrombytes.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/ntttobytes.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/nttunpack.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/reduce.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/rej_uniform_avx2.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/rej_uniform_table.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/tomont.S mlkem-native_ml-kem-512_x86_64/mlkem/src/poly.c mlkem-native_ml-kem-512_x86_64/mlkem/src/poly_k.c mlkem-native_ml-kem-512_x86_64/mlkem/src/sampling.c mlkem-native_ml-kem-512_x86_64/mlkem/src/verify.c) - target_include_directories(ml_kem_512_x86_64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-512_x86_64) - target_include_directories(ml_kem_512_x86_64 PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) - target_compile_options(ml_kem_512_x86_64 PRIVATE -mavx2 -mbmi2 -mpopcnt ) - target_compile_options(ml_kem_512_x86_64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="../../integration/liboqs/config_x86_64.h") - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_768) + add_library(ml_kem_768 OBJECT kem_ml_kem_768.c) + set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_512_aarch64) - add_library(ml_kem_512_aarch64 OBJECT mlkem-native_ml-kem-512_aarch64/mlkem/src/compress.c mlkem-native_ml-kem-512_aarch64/mlkem/src/debug.c mlkem-native_ml-kem-512_aarch64/mlkem/src/indcpa.c mlkem-native_ml-kem-512_aarch64/mlkem/src/kem.c mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/aarch64_zetas.c mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/intt.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/ntt.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_reduce_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_tobytes_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_tomont_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/rej_uniform_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/rej_uniform_table.c mlkem-native_ml-kem-512_aarch64/mlkem/src/poly.c mlkem-native_ml-kem-512_aarch64/mlkem/src/poly_k.c mlkem-native_ml-kem-512_aarch64/mlkem/src/sampling.c mlkem-native_ml-kem-512_aarch64/mlkem/src/verify.c) - target_include_directories(ml_kem_512_aarch64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-512_aarch64) - target_include_directories(ml_kem_512_aarch64 PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) - target_compile_options(ml_kem_512_aarch64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="../../integration/liboqs/config_aarch64.h") - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_1024) + add_library(ml_kem_1024 OBJECT kem_ml_kem_1024.c) + set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_512_cuda) - add_library(ml_kem_512_cuda OBJECT cupqc_ml-kem-512_cuda/cupqc_ml-kem.cu) - target_link_libraries(ml_kem_512_cuda cupqc) - set_property(TARGET ml_kem_512_cuda PROPERTY CUDA_ARCHITECTURES OFF) - target_compile_options(ml_kem_512_cuda PRIVATE $<$:-rdc=true -dlto -arch=compute_70>) - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_1024_aarch64) +set(IMPL_KEY mlkem-native_ml-kem-1024_aarch64) +add_library(mlkem-native_ml-kem-1024_aarch64 OBJECT mlkem-native_ml-kem-1024_aarch64/mlkem/src/poly.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_tomont_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/ntt.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/aarch64_zetas.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_reduce_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/rej_uniform_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/rej_uniform_table.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_tobytes_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/intt.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/compress.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/sampling.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/verify.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/kem.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/indcpa.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/debug.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/poly_k.c) +target_compile_options(mlkem-native_ml-kem-1024_aarch64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h") +target_include_directories(mlkem-native_ml-kem-1024_aarch64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_512_icicle_cuda) - add_library(ml_kem_512_icicle_cuda OBJECT icicle_ml-kem-512_icicle_cuda/icicle_ml-kem.cpp) - target_link_libraries(ml_kem_512_icicle_cuda PRIVATE icicle::icicle_pqc_package) - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_1024) +set(IMPL_KEY mlkem-native_ml-kem-1024_ref) +add_library(mlkem-native_ml-kem-1024_ref OBJECT mlkem-native_ml-kem-1024_ref/mlkem/src/poly.c mlkem-native_ml-kem-1024_ref/mlkem/src/compress.c mlkem-native_ml-kem-1024_ref/mlkem/src/sampling.c mlkem-native_ml-kem-1024_ref/mlkem/src/verify.c mlkem-native_ml-kem-1024_ref/mlkem/src/kem.c mlkem-native_ml-kem-1024_ref/mlkem/src/indcpa.c mlkem-native_ml-kem-1024_ref/mlkem/src/debug.c mlkem-native_ml-kem-1024_ref/mlkem/src/poly_k.c) +target_compile_options(mlkem-native_ml-kem-1024_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") +target_include_directories(mlkem-native_ml-kem-1024_ref PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_768) - add_library(ml_kem_768_ref OBJECT kem_ml_kem_768.c mlkem-native_ml-kem-768_ref/mlkem/src/compress.c mlkem-native_ml-kem-768_ref/mlkem/src/debug.c mlkem-native_ml-kem-768_ref/mlkem/src/indcpa.c mlkem-native_ml-kem-768_ref/mlkem/src/kem.c mlkem-native_ml-kem-768_ref/mlkem/src/poly.c mlkem-native_ml-kem-768_ref/mlkem/src/poly_k.c mlkem-native_ml-kem-768_ref/mlkem/src/sampling.c mlkem-native_ml-kem-768_ref/mlkem/src/verify.c) - target_compile_options(ml_kem_768_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") - target_include_directories(ml_kem_768_ref PRIVATE ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-768_ref) - target_include_directories(ml_kem_768_ref PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) - target_compile_options(ml_kem_768_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_1024_x86_64) +set(IMPL_KEY mlkem-native_ml-kem-1024_x86_64) +add_library(mlkem-native_ml-kem-1024_x86_64 OBJECT mlkem-native_ml-kem-1024_x86_64/mlkem/src/poly.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/rej_uniform_avx2.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/consts.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/basemul.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/ntt.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/compress_avx2.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/rej_uniform_table.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/reduce.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/tomont.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/basemul.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/nttfrombytes.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/ntttobytes.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/intt.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/mulcache_compute.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/nttunpack.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/compress.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/sampling.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/verify.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/kem.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/indcpa.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/debug.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/poly_k.c) +target_compile_options(mlkem-native_ml-kem-1024_x86_64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h") +target_compile_options(mlkem-native_ml-kem-1024_x86_64 PRIVATE -mavx2 -mbmi2 -mpopcnt) +target_include_directories(mlkem-native_ml-kem-1024_x86_64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_768_x86_64) - add_library(ml_kem_768_x86_64 OBJECT mlkem-native_ml-kem-768_x86_64/mlkem/src/compress.c mlkem-native_ml-kem-768_x86_64/mlkem/src/debug.c mlkem-native_ml-kem-768_x86_64/mlkem/src/indcpa.c mlkem-native_ml-kem-768_x86_64/mlkem/src/kem.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/basemul.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/basemul.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/compress_avx2.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/consts.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/intt.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/mulcache_compute.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/ntt.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/nttfrombytes.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/ntttobytes.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/nttunpack.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/reduce.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/rej_uniform_avx2.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/rej_uniform_table.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/tomont.S mlkem-native_ml-kem-768_x86_64/mlkem/src/poly.c mlkem-native_ml-kem-768_x86_64/mlkem/src/poly_k.c mlkem-native_ml-kem-768_x86_64/mlkem/src/sampling.c mlkem-native_ml-kem-768_x86_64/mlkem/src/verify.c) - target_include_directories(ml_kem_768_x86_64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-768_x86_64) - target_include_directories(ml_kem_768_x86_64 PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) - target_compile_options(ml_kem_768_x86_64 PRIVATE -mavx2 -mbmi2 -mpopcnt ) - target_compile_options(ml_kem_768_x86_64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="../../integration/liboqs/config_x86_64.h") - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_512_aarch64) +set(IMPL_KEY mlkem-native_ml-kem-512_aarch64) +add_library(mlkem-native_ml-kem-512_aarch64 OBJECT mlkem-native_ml-kem-512_aarch64/mlkem/src/poly.c mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_tomont_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/ntt.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/aarch64_zetas.c mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_reduce_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/rej_uniform_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/rej_uniform_table.c mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_tobytes_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/intt.S mlkem-native_ml-kem-512_aarch64/mlkem/src/compress.c mlkem-native_ml-kem-512_aarch64/mlkem/src/sampling.c mlkem-native_ml-kem-512_aarch64/mlkem/src/verify.c mlkem-native_ml-kem-512_aarch64/mlkem/src/kem.c mlkem-native_ml-kem-512_aarch64/mlkem/src/indcpa.c mlkem-native_ml-kem-512_aarch64/mlkem/src/debug.c mlkem-native_ml-kem-512_aarch64/mlkem/src/poly_k.c) +target_compile_options(mlkem-native_ml-kem-512_aarch64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h") +target_include_directories(mlkem-native_ml-kem-512_aarch64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_768_aarch64) - add_library(ml_kem_768_aarch64 OBJECT mlkem-native_ml-kem-768_aarch64/mlkem/src/compress.c mlkem-native_ml-kem-768_aarch64/mlkem/src/debug.c mlkem-native_ml-kem-768_aarch64/mlkem/src/indcpa.c mlkem-native_ml-kem-768_aarch64/mlkem/src/kem.c mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/aarch64_zetas.c mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/intt.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/ntt.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_reduce_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_tobytes_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_tomont_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/rej_uniform_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/rej_uniform_table.c mlkem-native_ml-kem-768_aarch64/mlkem/src/poly.c mlkem-native_ml-kem-768_aarch64/mlkem/src/poly_k.c mlkem-native_ml-kem-768_aarch64/mlkem/src/sampling.c mlkem-native_ml-kem-768_aarch64/mlkem/src/verify.c) - target_include_directories(ml_kem_768_aarch64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-768_aarch64) - target_include_directories(ml_kem_768_aarch64 PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) - target_compile_options(ml_kem_768_aarch64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="../../integration/liboqs/config_aarch64.h") - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_512) +set(IMPL_KEY mlkem-native_ml-kem-512_ref) +add_library(mlkem-native_ml-kem-512_ref OBJECT mlkem-native_ml-kem-512_ref/mlkem/src/poly.c mlkem-native_ml-kem-512_ref/mlkem/src/compress.c mlkem-native_ml-kem-512_ref/mlkem/src/sampling.c mlkem-native_ml-kem-512_ref/mlkem/src/verify.c mlkem-native_ml-kem-512_ref/mlkem/src/kem.c mlkem-native_ml-kem-512_ref/mlkem/src/indcpa.c mlkem-native_ml-kem-512_ref/mlkem/src/debug.c mlkem-native_ml-kem-512_ref/mlkem/src/poly_k.c) +target_compile_options(mlkem-native_ml-kem-512_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") +target_include_directories(mlkem-native_ml-kem-512_ref PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_768_cuda) - add_library(ml_kem_768_cuda OBJECT cupqc_ml-kem-768_cuda/cupqc_ml-kem.cu) - target_link_libraries(ml_kem_768_cuda cupqc) - set_property(TARGET ml_kem_768_cuda PROPERTY CUDA_ARCHITECTURES OFF) - target_compile_options(ml_kem_768_cuda PRIVATE $<$:-rdc=true -dlto -arch=compute_70>) - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_512_x86_64) +set(IMPL_KEY mlkem-native_ml-kem-512_x86_64) +add_library(mlkem-native_ml-kem-512_x86_64 OBJECT mlkem-native_ml-kem-512_x86_64/mlkem/src/poly.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/rej_uniform_avx2.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/consts.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/basemul.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/ntt.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/compress_avx2.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/rej_uniform_table.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/reduce.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/tomont.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/basemul.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/nttfrombytes.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/ntttobytes.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/intt.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/mulcache_compute.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/nttunpack.S mlkem-native_ml-kem-512_x86_64/mlkem/src/compress.c mlkem-native_ml-kem-512_x86_64/mlkem/src/sampling.c mlkem-native_ml-kem-512_x86_64/mlkem/src/verify.c mlkem-native_ml-kem-512_x86_64/mlkem/src/kem.c mlkem-native_ml-kem-512_x86_64/mlkem/src/indcpa.c mlkem-native_ml-kem-512_x86_64/mlkem/src/debug.c mlkem-native_ml-kem-512_x86_64/mlkem/src/poly_k.c) +target_compile_options(mlkem-native_ml-kem-512_x86_64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h") +target_compile_options(mlkem-native_ml-kem-512_x86_64 PRIVATE -mavx2 -mbmi2 -mpopcnt) +target_include_directories(mlkem-native_ml-kem-512_x86_64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_768_icicle_cuda) - add_library(ml_kem_768_icicle_cuda OBJECT icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp) - target_link_libraries(ml_kem_768_icicle_cuda PRIVATE icicle::icicle_pqc_package) - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_768_aarch64) +set(IMPL_KEY mlkem-native_ml-kem-768_aarch64) +add_library(mlkem-native_ml-kem-768_aarch64 OBJECT mlkem-native_ml-kem-768_aarch64/mlkem/src/poly.c mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_tomont_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/ntt.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/aarch64_zetas.c mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_reduce_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/rej_uniform_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/rej_uniform_table.c mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_tobytes_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/intt.S mlkem-native_ml-kem-768_aarch64/mlkem/src/compress.c mlkem-native_ml-kem-768_aarch64/mlkem/src/sampling.c mlkem-native_ml-kem-768_aarch64/mlkem/src/verify.c mlkem-native_ml-kem-768_aarch64/mlkem/src/kem.c mlkem-native_ml-kem-768_aarch64/mlkem/src/indcpa.c mlkem-native_ml-kem-768_aarch64/mlkem/src/debug.c mlkem-native_ml-kem-768_aarch64/mlkem/src/poly_k.c) +target_compile_options(mlkem-native_ml-kem-768_aarch64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h") +target_include_directories(mlkem-native_ml-kem-768_aarch64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_1024) - add_library(ml_kem_1024_ref OBJECT kem_ml_kem_1024.c mlkem-native_ml-kem-1024_ref/mlkem/src/compress.c mlkem-native_ml-kem-1024_ref/mlkem/src/debug.c mlkem-native_ml-kem-1024_ref/mlkem/src/indcpa.c mlkem-native_ml-kem-1024_ref/mlkem/src/kem.c mlkem-native_ml-kem-1024_ref/mlkem/src/poly.c mlkem-native_ml-kem-1024_ref/mlkem/src/poly_k.c mlkem-native_ml-kem-1024_ref/mlkem/src/sampling.c mlkem-native_ml-kem-1024_ref/mlkem/src/verify.c) - target_compile_options(ml_kem_1024_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") - target_include_directories(ml_kem_1024_ref PRIVATE ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-1024_ref) - target_include_directories(ml_kem_1024_ref PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) - target_compile_options(ml_kem_1024_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_768) +set(IMPL_KEY mlkem-native_ml-kem-768_ref) +add_library(mlkem-native_ml-kem-768_ref OBJECT mlkem-native_ml-kem-768_ref/mlkem/src/poly.c mlkem-native_ml-kem-768_ref/mlkem/src/compress.c mlkem-native_ml-kem-768_ref/mlkem/src/sampling.c mlkem-native_ml-kem-768_ref/mlkem/src/verify.c mlkem-native_ml-kem-768_ref/mlkem/src/kem.c mlkem-native_ml-kem-768_ref/mlkem/src/indcpa.c mlkem-native_ml-kem-768_ref/mlkem/src/debug.c mlkem-native_ml-kem-768_ref/mlkem/src/poly_k.c) +target_compile_options(mlkem-native_ml-kem-768_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") +target_include_directories(mlkem-native_ml-kem-768_ref PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_1024_x86_64) - add_library(ml_kem_1024_x86_64 OBJECT mlkem-native_ml-kem-1024_x86_64/mlkem/src/compress.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/debug.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/indcpa.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/kem.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/basemul.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/basemul.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/compress_avx2.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/consts.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/intt.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/mulcache_compute.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/ntt.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/nttfrombytes.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/ntttobytes.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/nttunpack.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/reduce.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/rej_uniform_avx2.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/rej_uniform_table.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/tomont.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/poly.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/poly_k.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/sampling.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/verify.c) - target_include_directories(ml_kem_1024_x86_64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-1024_x86_64) - target_include_directories(ml_kem_1024_x86_64 PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) - target_compile_options(ml_kem_1024_x86_64 PRIVATE -mavx2 -mbmi2 -mpopcnt ) - target_compile_options(ml_kem_1024_x86_64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="../../integration/liboqs/config_x86_64.h") - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_768_x86_64) +set(IMPL_KEY mlkem-native_ml-kem-768_x86_64) +add_library(mlkem-native_ml-kem-768_x86_64 OBJECT mlkem-native_ml-kem-768_x86_64/mlkem/src/poly.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/rej_uniform_avx2.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/consts.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/basemul.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/ntt.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/compress_avx2.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/rej_uniform_table.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/reduce.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/tomont.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/basemul.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/nttfrombytes.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/ntttobytes.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/intt.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/mulcache_compute.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/nttunpack.S mlkem-native_ml-kem-768_x86_64/mlkem/src/compress.c mlkem-native_ml-kem-768_x86_64/mlkem/src/sampling.c mlkem-native_ml-kem-768_x86_64/mlkem/src/verify.c mlkem-native_ml-kem-768_x86_64/mlkem/src/kem.c mlkem-native_ml-kem-768_x86_64/mlkem/src/indcpa.c mlkem-native_ml-kem-768_x86_64/mlkem/src/debug.c mlkem-native_ml-kem-768_x86_64/mlkem/src/poly_k.c) +target_compile_options(mlkem-native_ml-kem-768_x86_64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h") +target_compile_options(mlkem-native_ml-kem-768_x86_64 PRIVATE -mavx2 -mbmi2 -mpopcnt) +target_include_directories(mlkem-native_ml-kem-768_x86_64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_1024_aarch64) - add_library(ml_kem_1024_aarch64 OBJECT mlkem-native_ml-kem-1024_aarch64/mlkem/src/compress.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/debug.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/indcpa.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/kem.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/aarch64_zetas.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/intt.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/ntt.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_reduce_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_tobytes_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_tomont_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/rej_uniform_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/rej_uniform_table.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/poly.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/poly_k.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/sampling.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/verify.c) - target_include_directories(ml_kem_1024_aarch64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/mlkem-native_ml-kem-1024_aarch64) - target_include_directories(ml_kem_1024_aarch64 PRIVATE ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) - target_compile_options(ml_kem_1024_aarch64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="../../integration/liboqs/config_aarch64.h") - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_1024_cuda) +set(IMPL_KEY cupqc_ml-kem-1024_cuda) +add_library(cupqc_ml-kem-1024_cuda OBJECT cupqc_ml-kem-1024_cuda/cupqc_ml-kem.cu) +target_compile_options(cupqc_ml-kem-1024_cuda PRIVATE $<$:-rdc=true -dlto -arch=compute_70>) +target_link_libraries(cupqc_ml-kem-1024_cuda PRIVATE cupqc-pk_static) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() -if(OQS_ENABLE_KEM_ml_kem_1024_cuda) - add_library(ml_kem_1024_cuda OBJECT cupqc_ml-kem-1024_cuda/cupqc_ml-kem.cu) - target_link_libraries(ml_kem_1024_cuda cupqc) - set_property(TARGET ml_kem_1024_cuda PROPERTY CUDA_ARCHITECTURES OFF) - target_compile_options(ml_kem_1024_cuda PRIVATE $<$:-rdc=true -dlto -arch=compute_70>) - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +if(OQS_ENABLE_KEM_ml_kem_512_cuda) +set(IMPL_KEY cupqc_ml-kem-512_cuda) +add_library(cupqc_ml-kem-512_cuda OBJECT cupqc_ml-kem-512_cuda/cupqc_ml-kem.cu) +target_compile_options(cupqc_ml-kem-512_cuda PRIVATE $<$:-rdc=true -dlto -arch=compute_70>) +target_link_libraries(cupqc_ml-kem-512_cuda PRIVATE cupqc-pk_static) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +endif() + +if(OQS_ENABLE_KEM_ml_kem_768_cuda) +set(IMPL_KEY cupqc_ml-kem-768_cuda) +add_library(cupqc_ml-kem-768_cuda OBJECT cupqc_ml-kem-768_cuda/cupqc_ml-kem.cu) +target_compile_options(cupqc_ml-kem-768_cuda PRIVATE $<$:-rdc=true -dlto -arch=compute_70>) +target_link_libraries(cupqc_ml-kem-768_cuda PRIVATE cupqc-pk_static) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() if(OQS_ENABLE_KEM_ml_kem_1024_icicle_cuda) - add_library(ml_kem_1024_icicle_cuda OBJECT icicle_ml-kem-1024_icicle_cuda/icicle_ml-kem.cpp) - target_link_libraries(ml_kem_1024_icicle_cuda PRIVATE icicle::icicle_pqc_package) - set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +set(IMPL_KEY icicle_ml-kem-1024_icicle_cuda) +add_library(icicle_ml-kem-1024_icicle_cuda OBJECT icicle_ml-kem-1024_icicle_cuda/icicle_ml-kem.cpp) +target_link_libraries(icicle_ml-kem-1024_icicle_cuda PRIVATE icicle::icicle_pqc_package) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +endif() + +if(OQS_ENABLE_KEM_ml_kem_512_icicle_cuda) +set(IMPL_KEY icicle_ml-kem-512_icicle_cuda) +add_library(icicle_ml-kem-512_icicle_cuda OBJECT icicle_ml-kem-512_icicle_cuda/icicle_ml-kem.cpp) +target_link_libraries(icicle_ml-kem-512_icicle_cuda PRIVATE icicle::icicle_pqc_package) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) +endif() + +if(OQS_ENABLE_KEM_ml_kem_768_icicle_cuda) +set(IMPL_KEY icicle_ml-kem-768_icicle_cuda) +add_library(icicle_ml-kem-768_icicle_cuda OBJECT icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp) +target_link_libraries(icicle_ml-kem-768_icicle_cuda PRIVATE icicle::icicle_pqc_package) +set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() set(ML_KEM_OBJS ${_ML_KEM_OBJS} PARENT_SCOPE) From a5bafa8ee625c04cf98641ba8ad9ada507621118 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Tue, 25 Nov 2025 11:24:30 -0500 Subject: [PATCH 15/26] [skip ci] Add gersemi for autoformatting cmake list files Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/dev-requirements.txt | 2 ++ oqsbuilder/oqsbuilder.py | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 oqsbuilder/dev-requirements.txt diff --git a/oqsbuilder/dev-requirements.txt b/oqsbuilder/dev-requirements.txt new file mode 100644 index 0000000000..a80dd60823 --- /dev/null +++ b/oqsbuilder/dev-requirements.txt @@ -0,0 +1,2 @@ +PyYAML==6.0.2 +gersemi==0.23.1 diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index a31b97ddfc..bbc05c157e 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -420,7 +420,7 @@ def generate_family_cmake_targets( return common_targets + impl_targets -def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool): +def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool, autoformat: bool = True): """Generate the family-level CMakeLists.txt file for the input KEM scheme Each family-level list file (e.g. src/kem/ml_kem/CMakeLists.txt) exports a @@ -430,6 +430,7 @@ def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool): :param cmake_path: the cmake list file will be written to this file :param kem_key: the family key of the KEM scheme :param kem: the content in build file under the family key + :param autoformat: format the generated list file with gersemi """ local_obj = f"_{kem_key}_OBJS".upper() export_obj = f"{kem_key}_OBJS".upper() @@ -452,3 +453,5 @@ def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool): return with open(cmake_path, "w") as f: f.write(data) + if autoformat: + subprocess.run(["gersemi", "-i", cmake_path], check=True) From f0d0b931f446ddbefa3887c94c3516d87956d030 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Tue, 25 Nov 2025 11:33:40 -0500 Subject: [PATCH 16/26] [skip ci] remove unnecessary dryrun, formatted ml_kem's cmake list file Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/__main__.py | 2 +- oqsbuilder/oqsbuilder.py | 10 +- src/kem/ml_kem/CMakeLists.txt | 492 ++++++++++++++++++++++++++++------ 3 files changed, 422 insertions(+), 82 deletions(-) diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index 51a8b6c60e..28102deafb 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -57,7 +57,7 @@ def copy_from_upstream( for impl_key, impl in kem["impls"].items(): impl_dir = os.path.join(kem_dir, impl_key) copy_copies(impl["copies"], upstream_dirs[impl["upstream"]], impl_dir) - generate_kem_cmake(cmake_path, kem_key, kem, dryrun=False) + generate_kem_cmake(cmake_path, kem_key, kem) if __name__ == "__main__": diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index bbc05c157e..7fa06a7f75 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -377,7 +377,7 @@ def generate_family_cmake_targets( impl_enable_by = impl_param_meta["enable_by"] # Find source files srcpaths = [ - os.path.join(impl_key, path) + os.path.join("${IMPL_KEY}", path) for path in impl_meta["copies"] if os.path.splitext(path)[1] in SRC_FILE_EXTS ] @@ -420,7 +420,7 @@ def generate_family_cmake_targets( return common_targets + impl_targets -def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool, autoformat: bool = True): +def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, autoformat: bool = True): """Generate the family-level CMakeLists.txt file for the input KEM scheme Each family-level list file (e.g. src/kem/ml_kem/CMakeLists.txt) exports a @@ -447,11 +447,9 @@ def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, dryrun: bool, a set({export_obj} ${{{local_obj}}} PARENT_SCOPE) """ - if dryrun: - print(f">>>>>>>>> {cmake_path}:") - print(data) - return with open(cmake_path, "w") as f: f.write(data) if autoformat: + # Check out gersemi at https://github.com/BlankSpruce/gersemi/ + # pip install gersemi==0.23.1 subprocess.run(["gersemi", "-i", cmake_path], check=True) diff --git a/src/kem/ml_kem/CMakeLists.txt b/src/kem/ml_kem/CMakeLists.txt index 9810ce3871..4ff46cf8d6 100644 --- a/src/kem/ml_kem/CMakeLists.txt +++ b/src/kem/ml_kem/CMakeLists.txt @@ -20,123 +20,465 @@ if(OQS_ENABLE_KEM_ml_kem_1024) endif() if(OQS_ENABLE_KEM_ml_kem_1024_aarch64) -set(IMPL_KEY mlkem-native_ml-kem-1024_aarch64) -add_library(mlkem-native_ml-kem-1024_aarch64 OBJECT mlkem-native_ml-kem-1024_aarch64/mlkem/src/poly.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_tomont_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/ntt.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/aarch64_zetas.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_reduce_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/rej_uniform_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/rej_uniform_table.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/poly_tobytes_asm.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/native/aarch64/src/intt.S mlkem-native_ml-kem-1024_aarch64/mlkem/src/compress.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/sampling.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/verify.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/kem.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/indcpa.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/debug.c mlkem-native_ml-kem-1024_aarch64/mlkem/src/poly_k.c) -target_compile_options(mlkem-native_ml-kem-1024_aarch64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h") -target_include_directories(mlkem-native_ml-kem-1024_aarch64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY mlkem-native_ml-kem-1024_aarch64) + add_library( + mlkem-native_ml-kem-1024_aarch64 + OBJECT + ${IMPL_KEY}/mlkem/src/poly.c + ${IMPL_KEY}/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_tomont_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/ntt.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/aarch64_zetas.c + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_reduce_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/rej_uniform_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/rej_uniform_table.c + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_tobytes_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/intt.S + ${IMPL_KEY}/mlkem/src/compress.c + ${IMPL_KEY}/mlkem/src/sampling.c + ${IMPL_KEY}/mlkem/src/verify.c + ${IMPL_KEY}/mlkem/src/kem.c + ${IMPL_KEY}/mlkem/src/indcpa.c + ${IMPL_KEY}/mlkem/src/debug.c + ${IMPL_KEY}/mlkem/src/poly_k.c + ) + target_compile_options( + mlkem-native_ml-kem-1024_aarch64 + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=1024 + -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h" + ) + target_include_directories( + mlkem-native_ml-kem-1024_aarch64 + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_1024) -set(IMPL_KEY mlkem-native_ml-kem-1024_ref) -add_library(mlkem-native_ml-kem-1024_ref OBJECT mlkem-native_ml-kem-1024_ref/mlkem/src/poly.c mlkem-native_ml-kem-1024_ref/mlkem/src/compress.c mlkem-native_ml-kem-1024_ref/mlkem/src/sampling.c mlkem-native_ml-kem-1024_ref/mlkem/src/verify.c mlkem-native_ml-kem-1024_ref/mlkem/src/kem.c mlkem-native_ml-kem-1024_ref/mlkem/src/indcpa.c mlkem-native_ml-kem-1024_ref/mlkem/src/debug.c mlkem-native_ml-kem-1024_ref/mlkem/src/poly_k.c) -target_compile_options(mlkem-native_ml-kem-1024_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") -target_include_directories(mlkem-native_ml-kem-1024_ref PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY mlkem-native_ml-kem-1024_ref) + add_library( + mlkem-native_ml-kem-1024_ref + OBJECT + ${IMPL_KEY}/mlkem/src/poly.c + ${IMPL_KEY}/mlkem/src/compress.c + ${IMPL_KEY}/mlkem/src/sampling.c + ${IMPL_KEY}/mlkem/src/verify.c + ${IMPL_KEY}/mlkem/src/kem.c + ${IMPL_KEY}/mlkem/src/indcpa.c + ${IMPL_KEY}/mlkem/src/debug.c + ${IMPL_KEY}/mlkem/src/poly_k.c + ) + target_compile_options( + mlkem-native_ml-kem-1024_ref + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=1024 + -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h" + ) + target_include_directories( + mlkem-native_ml-kem-1024_ref + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_1024_x86_64) -set(IMPL_KEY mlkem-native_ml-kem-1024_x86_64) -add_library(mlkem-native_ml-kem-1024_x86_64 OBJECT mlkem-native_ml-kem-1024_x86_64/mlkem/src/poly.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/rej_uniform_avx2.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/consts.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/basemul.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/ntt.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/compress_avx2.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/rej_uniform_table.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/reduce.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/tomont.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/basemul.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/nttfrombytes.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/ntttobytes.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/intt.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/mulcache_compute.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/native/x86_64/src/nttunpack.S mlkem-native_ml-kem-1024_x86_64/mlkem/src/compress.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/sampling.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/verify.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/kem.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/indcpa.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/debug.c mlkem-native_ml-kem-1024_x86_64/mlkem/src/poly_k.c) -target_compile_options(mlkem-native_ml-kem-1024_x86_64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=1024 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h") -target_compile_options(mlkem-native_ml-kem-1024_x86_64 PRIVATE -mavx2 -mbmi2 -mpopcnt) -target_include_directories(mlkem-native_ml-kem-1024_x86_64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY mlkem-native_ml-kem-1024_x86_64) + add_library( + mlkem-native_ml-kem-1024_x86_64 + OBJECT + ${IMPL_KEY}/mlkem/src/poly.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/rej_uniform_avx2.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/consts.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/basemul.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/ntt.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/compress_avx2.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/rej_uniform_table.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/reduce.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/tomont.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/basemul.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/nttfrombytes.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/ntttobytes.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/intt.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/mulcache_compute.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/nttunpack.S + ${IMPL_KEY}/mlkem/src/compress.c + ${IMPL_KEY}/mlkem/src/sampling.c + ${IMPL_KEY}/mlkem/src/verify.c + ${IMPL_KEY}/mlkem/src/kem.c + ${IMPL_KEY}/mlkem/src/indcpa.c + ${IMPL_KEY}/mlkem/src/debug.c + ${IMPL_KEY}/mlkem/src/poly_k.c + ) + target_compile_options( + mlkem-native_ml-kem-1024_x86_64 + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=1024 + -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h" + ) + target_compile_options( + mlkem-native_ml-kem-1024_x86_64 + PRIVATE -mavx2 -mbmi2 -mpopcnt + ) + target_include_directories( + mlkem-native_ml-kem-1024_x86_64 + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_512_aarch64) -set(IMPL_KEY mlkem-native_ml-kem-512_aarch64) -add_library(mlkem-native_ml-kem-512_aarch64 OBJECT mlkem-native_ml-kem-512_aarch64/mlkem/src/poly.c mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_tomont_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/ntt.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/aarch64_zetas.c mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_reduce_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/rej_uniform_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/rej_uniform_table.c mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/poly_tobytes_asm.S mlkem-native_ml-kem-512_aarch64/mlkem/src/native/aarch64/src/intt.S mlkem-native_ml-kem-512_aarch64/mlkem/src/compress.c mlkem-native_ml-kem-512_aarch64/mlkem/src/sampling.c mlkem-native_ml-kem-512_aarch64/mlkem/src/verify.c mlkem-native_ml-kem-512_aarch64/mlkem/src/kem.c mlkem-native_ml-kem-512_aarch64/mlkem/src/indcpa.c mlkem-native_ml-kem-512_aarch64/mlkem/src/debug.c mlkem-native_ml-kem-512_aarch64/mlkem/src/poly_k.c) -target_compile_options(mlkem-native_ml-kem-512_aarch64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h") -target_include_directories(mlkem-native_ml-kem-512_aarch64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY mlkem-native_ml-kem-512_aarch64) + add_library( + mlkem-native_ml-kem-512_aarch64 + OBJECT + ${IMPL_KEY}/mlkem/src/poly.c + ${IMPL_KEY}/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_tomont_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/ntt.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/aarch64_zetas.c + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_reduce_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/rej_uniform_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/rej_uniform_table.c + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_tobytes_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/intt.S + ${IMPL_KEY}/mlkem/src/compress.c + ${IMPL_KEY}/mlkem/src/sampling.c + ${IMPL_KEY}/mlkem/src/verify.c + ${IMPL_KEY}/mlkem/src/kem.c + ${IMPL_KEY}/mlkem/src/indcpa.c + ${IMPL_KEY}/mlkem/src/debug.c + ${IMPL_KEY}/mlkem/src/poly_k.c + ) + target_compile_options( + mlkem-native_ml-kem-512_aarch64 + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=512 + -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h" + ) + target_include_directories( + mlkem-native_ml-kem-512_aarch64 + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_512) -set(IMPL_KEY mlkem-native_ml-kem-512_ref) -add_library(mlkem-native_ml-kem-512_ref OBJECT mlkem-native_ml-kem-512_ref/mlkem/src/poly.c mlkem-native_ml-kem-512_ref/mlkem/src/compress.c mlkem-native_ml-kem-512_ref/mlkem/src/sampling.c mlkem-native_ml-kem-512_ref/mlkem/src/verify.c mlkem-native_ml-kem-512_ref/mlkem/src/kem.c mlkem-native_ml-kem-512_ref/mlkem/src/indcpa.c mlkem-native_ml-kem-512_ref/mlkem/src/debug.c mlkem-native_ml-kem-512_ref/mlkem/src/poly_k.c) -target_compile_options(mlkem-native_ml-kem-512_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") -target_include_directories(mlkem-native_ml-kem-512_ref PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY mlkem-native_ml-kem-512_ref) + add_library( + mlkem-native_ml-kem-512_ref + OBJECT + ${IMPL_KEY}/mlkem/src/poly.c + ${IMPL_KEY}/mlkem/src/compress.c + ${IMPL_KEY}/mlkem/src/sampling.c + ${IMPL_KEY}/mlkem/src/verify.c + ${IMPL_KEY}/mlkem/src/kem.c + ${IMPL_KEY}/mlkem/src/indcpa.c + ${IMPL_KEY}/mlkem/src/debug.c + ${IMPL_KEY}/mlkem/src/poly_k.c + ) + target_compile_options( + mlkem-native_ml-kem-512_ref + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=512 + -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h" + ) + target_include_directories( + mlkem-native_ml-kem-512_ref + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_512_x86_64) -set(IMPL_KEY mlkem-native_ml-kem-512_x86_64) -add_library(mlkem-native_ml-kem-512_x86_64 OBJECT mlkem-native_ml-kem-512_x86_64/mlkem/src/poly.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/rej_uniform_avx2.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/consts.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/basemul.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/ntt.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/compress_avx2.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/rej_uniform_table.c mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/reduce.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/tomont.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/basemul.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/nttfrombytes.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/ntttobytes.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/intt.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/mulcache_compute.S mlkem-native_ml-kem-512_x86_64/mlkem/src/native/x86_64/src/nttunpack.S mlkem-native_ml-kem-512_x86_64/mlkem/src/compress.c mlkem-native_ml-kem-512_x86_64/mlkem/src/sampling.c mlkem-native_ml-kem-512_x86_64/mlkem/src/verify.c mlkem-native_ml-kem-512_x86_64/mlkem/src/kem.c mlkem-native_ml-kem-512_x86_64/mlkem/src/indcpa.c mlkem-native_ml-kem-512_x86_64/mlkem/src/debug.c mlkem-native_ml-kem-512_x86_64/mlkem/src/poly_k.c) -target_compile_options(mlkem-native_ml-kem-512_x86_64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=512 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h") -target_compile_options(mlkem-native_ml-kem-512_x86_64 PRIVATE -mavx2 -mbmi2 -mpopcnt) -target_include_directories(mlkem-native_ml-kem-512_x86_64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY mlkem-native_ml-kem-512_x86_64) + add_library( + mlkem-native_ml-kem-512_x86_64 + OBJECT + ${IMPL_KEY}/mlkem/src/poly.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/rej_uniform_avx2.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/consts.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/basemul.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/ntt.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/compress_avx2.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/rej_uniform_table.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/reduce.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/tomont.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/basemul.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/nttfrombytes.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/ntttobytes.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/intt.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/mulcache_compute.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/nttunpack.S + ${IMPL_KEY}/mlkem/src/compress.c + ${IMPL_KEY}/mlkem/src/sampling.c + ${IMPL_KEY}/mlkem/src/verify.c + ${IMPL_KEY}/mlkem/src/kem.c + ${IMPL_KEY}/mlkem/src/indcpa.c + ${IMPL_KEY}/mlkem/src/debug.c + ${IMPL_KEY}/mlkem/src/poly_k.c + ) + target_compile_options( + mlkem-native_ml-kem-512_x86_64 + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=512 + -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h" + ) + target_compile_options( + mlkem-native_ml-kem-512_x86_64 + PRIVATE -mavx2 -mbmi2 -mpopcnt + ) + target_include_directories( + mlkem-native_ml-kem-512_x86_64 + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_768_aarch64) -set(IMPL_KEY mlkem-native_ml-kem-768_aarch64) -add_library(mlkem-native_ml-kem-768_aarch64 OBJECT mlkem-native_ml-kem-768_aarch64/mlkem/src/poly.c mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_tomont_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/ntt.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/aarch64_zetas.c mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_reduce_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/rej_uniform_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/rej_uniform_table.c mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/poly_tobytes_asm.S mlkem-native_ml-kem-768_aarch64/mlkem/src/native/aarch64/src/intt.S mlkem-native_ml-kem-768_aarch64/mlkem/src/compress.c mlkem-native_ml-kem-768_aarch64/mlkem/src/sampling.c mlkem-native_ml-kem-768_aarch64/mlkem/src/verify.c mlkem-native_ml-kem-768_aarch64/mlkem/src/kem.c mlkem-native_ml-kem-768_aarch64/mlkem/src/indcpa.c mlkem-native_ml-kem-768_aarch64/mlkem/src/debug.c mlkem-native_ml-kem-768_aarch64/mlkem/src/poly_k.c) -target_compile_options(mlkem-native_ml-kem-768_aarch64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h") -target_include_directories(mlkem-native_ml-kem-768_aarch64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY mlkem-native_ml-kem-768_aarch64) + add_library( + mlkem-native_ml-kem-768_aarch64 + OBJECT + ${IMPL_KEY}/mlkem/src/poly.c + ${IMPL_KEY}/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_tomont_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/ntt.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/aarch64_zetas.c + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_reduce_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/rej_uniform_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/rej_uniform_table.c + ${IMPL_KEY}/mlkem/src/native/aarch64/src/poly_tobytes_asm.S + ${IMPL_KEY}/mlkem/src/native/aarch64/src/intt.S + ${IMPL_KEY}/mlkem/src/compress.c + ${IMPL_KEY}/mlkem/src/sampling.c + ${IMPL_KEY}/mlkem/src/verify.c + ${IMPL_KEY}/mlkem/src/kem.c + ${IMPL_KEY}/mlkem/src/indcpa.c + ${IMPL_KEY}/mlkem/src/debug.c + ${IMPL_KEY}/mlkem/src/poly_k.c + ) + target_compile_options( + mlkem-native_ml-kem-768_aarch64 + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=768 + -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h" + ) + target_include_directories( + mlkem-native_ml-kem-768_aarch64 + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_768) -set(IMPL_KEY mlkem-native_ml-kem-768_ref) -add_library(mlkem-native_ml-kem-768_ref OBJECT mlkem-native_ml-kem-768_ref/mlkem/src/poly.c mlkem-native_ml-kem-768_ref/mlkem/src/compress.c mlkem-native_ml-kem-768_ref/mlkem/src/sampling.c mlkem-native_ml-kem-768_ref/mlkem/src/verify.c mlkem-native_ml-kem-768_ref/mlkem/src/kem.c mlkem-native_ml-kem-768_ref/mlkem/src/indcpa.c mlkem-native_ml-kem-768_ref/mlkem/src/debug.c mlkem-native_ml-kem-768_ref/mlkem/src/poly_k.c) -target_compile_options(mlkem-native_ml-kem-768_ref PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h") -target_include_directories(mlkem-native_ml-kem-768_ref PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY mlkem-native_ml-kem-768_ref) + add_library( + mlkem-native_ml-kem-768_ref + OBJECT + ${IMPL_KEY}/mlkem/src/poly.c + ${IMPL_KEY}/mlkem/src/compress.c + ${IMPL_KEY}/mlkem/src/sampling.c + ${IMPL_KEY}/mlkem/src/verify.c + ${IMPL_KEY}/mlkem/src/kem.c + ${IMPL_KEY}/mlkem/src/indcpa.c + ${IMPL_KEY}/mlkem/src/debug.c + ${IMPL_KEY}/mlkem/src/poly_k.c + ) + target_compile_options( + mlkem-native_ml-kem-768_ref + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=768 + -DMLK_CONFIG_FILE="../../integration/liboqs/config_c.h" + ) + target_include_directories( + mlkem-native_ml-kem-768_ref + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_768_x86_64) -set(IMPL_KEY mlkem-native_ml-kem-768_x86_64) -add_library(mlkem-native_ml-kem-768_x86_64 OBJECT mlkem-native_ml-kem-768_x86_64/mlkem/src/poly.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/rej_uniform_avx2.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/consts.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/basemul.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/ntt.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/compress_avx2.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/rej_uniform_table.c mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/reduce.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/tomont.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/basemul.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/nttfrombytes.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/ntttobytes.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/intt.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/mulcache_compute.S mlkem-native_ml-kem-768_x86_64/mlkem/src/native/x86_64/src/nttunpack.S mlkem-native_ml-kem-768_x86_64/mlkem/src/compress.c mlkem-native_ml-kem-768_x86_64/mlkem/src/sampling.c mlkem-native_ml-kem-768_x86_64/mlkem/src/verify.c mlkem-native_ml-kem-768_x86_64/mlkem/src/kem.c mlkem-native_ml-kem-768_x86_64/mlkem/src/indcpa.c mlkem-native_ml-kem-768_x86_64/mlkem/src/debug.c mlkem-native_ml-kem-768_x86_64/mlkem/src/poly_k.c) -target_compile_options(mlkem-native_ml-kem-768_x86_64 PUBLIC -DMLK_CONFIG_PARAMETER_SET=768 -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h") -target_compile_options(mlkem-native_ml-kem-768_x86_64 PRIVATE -mavx2 -mbmi2 -mpopcnt) -target_include_directories(mlkem-native_ml-kem-768_x86_64 PRIVATE ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY mlkem-native_ml-kem-768_x86_64) + add_library( + mlkem-native_ml-kem-768_x86_64 + OBJECT + ${IMPL_KEY}/mlkem/src/poly.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/rej_uniform_avx2.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/consts.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/basemul.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/ntt.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/compress_avx2.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/rej_uniform_table.c + ${IMPL_KEY}/mlkem/src/native/x86_64/src/reduce.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/tomont.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/basemul.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/nttfrombytes.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/ntttobytes.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/intt.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/mulcache_compute.S + ${IMPL_KEY}/mlkem/src/native/x86_64/src/nttunpack.S + ${IMPL_KEY}/mlkem/src/compress.c + ${IMPL_KEY}/mlkem/src/sampling.c + ${IMPL_KEY}/mlkem/src/verify.c + ${IMPL_KEY}/mlkem/src/kem.c + ${IMPL_KEY}/mlkem/src/indcpa.c + ${IMPL_KEY}/mlkem/src/debug.c + ${IMPL_KEY}/mlkem/src/poly_k.c + ) + target_compile_options( + mlkem-native_ml-kem-768_x86_64 + PUBLIC + -DMLK_CONFIG_PARAMETER_SET=768 + -DMLK_CONFIG_FILE="${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h" + ) + target_compile_options( + mlkem-native_ml-kem-768_x86_64 + PRIVATE -mavx2 -mbmi2 -mpopcnt + ) + target_include_directories( + mlkem-native_ml-kem-768_x86_64 + PRIVATE + ${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY} + ${PROJECT_SOURCE_DIR}/src/common/pqclean_shims + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_1024_cuda) -set(IMPL_KEY cupqc_ml-kem-1024_cuda) -add_library(cupqc_ml-kem-1024_cuda OBJECT cupqc_ml-kem-1024_cuda/cupqc_ml-kem.cu) -target_compile_options(cupqc_ml-kem-1024_cuda PRIVATE $<$:-rdc=true -dlto -arch=compute_70>) -target_link_libraries(cupqc_ml-kem-1024_cuda PRIVATE cupqc-pk_static) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY cupqc_ml-kem-1024_cuda) + add_library(cupqc_ml-kem-1024_cuda OBJECT ${IMPL_KEY}/cupqc_ml-kem.cu) + target_compile_options( + cupqc_ml-kem-1024_cuda + PRIVATE $<$:-rdc=true -dlto -arch=compute_70> + ) + target_link_libraries(cupqc_ml-kem-1024_cuda PRIVATE cupqc-pk_static) + set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() if(OQS_ENABLE_KEM_ml_kem_512_cuda) -set(IMPL_KEY cupqc_ml-kem-512_cuda) -add_library(cupqc_ml-kem-512_cuda OBJECT cupqc_ml-kem-512_cuda/cupqc_ml-kem.cu) -target_compile_options(cupqc_ml-kem-512_cuda PRIVATE $<$:-rdc=true -dlto -arch=compute_70>) -target_link_libraries(cupqc_ml-kem-512_cuda PRIVATE cupqc-pk_static) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY cupqc_ml-kem-512_cuda) + add_library(cupqc_ml-kem-512_cuda OBJECT ${IMPL_KEY}/cupqc_ml-kem.cu) + target_compile_options( + cupqc_ml-kem-512_cuda + PRIVATE $<$:-rdc=true -dlto -arch=compute_70> + ) + target_link_libraries(cupqc_ml-kem-512_cuda PRIVATE cupqc-pk_static) + set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() if(OQS_ENABLE_KEM_ml_kem_768_cuda) -set(IMPL_KEY cupqc_ml-kem-768_cuda) -add_library(cupqc_ml-kem-768_cuda OBJECT cupqc_ml-kem-768_cuda/cupqc_ml-kem.cu) -target_compile_options(cupqc_ml-kem-768_cuda PRIVATE $<$:-rdc=true -dlto -arch=compute_70>) -target_link_libraries(cupqc_ml-kem-768_cuda PRIVATE cupqc-pk_static) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY cupqc_ml-kem-768_cuda) + add_library(cupqc_ml-kem-768_cuda OBJECT ${IMPL_KEY}/cupqc_ml-kem.cu) + target_compile_options( + cupqc_ml-kem-768_cuda + PRIVATE $<$:-rdc=true -dlto -arch=compute_70> + ) + target_link_libraries(cupqc_ml-kem-768_cuda PRIVATE cupqc-pk_static) + set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) endif() if(OQS_ENABLE_KEM_ml_kem_1024_icicle_cuda) -set(IMPL_KEY icicle_ml-kem-1024_icicle_cuda) -add_library(icicle_ml-kem-1024_icicle_cuda OBJECT icicle_ml-kem-1024_icicle_cuda/icicle_ml-kem.cpp) -target_link_libraries(icicle_ml-kem-1024_icicle_cuda PRIVATE icicle::icicle_pqc_package) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY icicle_ml-kem-1024_icicle_cuda) + add_library( + icicle_ml-kem-1024_icicle_cuda + OBJECT + ${IMPL_KEY}/icicle_ml-kem.cpp + ) + target_link_libraries( + icicle_ml-kem-1024_icicle_cuda + PRIVATE icicle::icicle_pqc_package + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_512_icicle_cuda) -set(IMPL_KEY icicle_ml-kem-512_icicle_cuda) -add_library(icicle_ml-kem-512_icicle_cuda OBJECT icicle_ml-kem-512_icicle_cuda/icicle_ml-kem.cpp) -target_link_libraries(icicle_ml-kem-512_icicle_cuda PRIVATE icicle::icicle_pqc_package) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY icicle_ml-kem-512_icicle_cuda) + add_library( + icicle_ml-kem-512_icicle_cuda + OBJECT + ${IMPL_KEY}/icicle_ml-kem.cpp + ) + target_link_libraries( + icicle_ml-kem-512_icicle_cuda + PRIVATE icicle::icicle_pqc_package + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() if(OQS_ENABLE_KEM_ml_kem_768_icicle_cuda) -set(IMPL_KEY icicle_ml-kem-768_icicle_cuda) -add_library(icicle_ml-kem-768_icicle_cuda OBJECT icicle_ml-kem-768_icicle_cuda/icicle_ml-kem.cpp) -target_link_libraries(icicle_ml-kem-768_icicle_cuda PRIVATE icicle::icicle_pqc_package) -set(_ML_KEM_OBJS ${_ML_KEM_OBJS} $) + set(IMPL_KEY icicle_ml-kem-768_icicle_cuda) + add_library( + icicle_ml-kem-768_icicle_cuda + OBJECT + ${IMPL_KEY}/icicle_ml-kem.cpp + ) + target_link_libraries( + icicle_ml-kem-768_icicle_cuda + PRIVATE icicle::icicle_pqc_package + ) + set(_ML_KEM_OBJS + ${_ML_KEM_OBJS} + $ + ) endif() set(ML_KEM_OBJS ${_ML_KEM_OBJS} PARENT_SCOPE) From 4dce3794d710460a64c8c6280f09ba8523098e20 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Tue, 25 Nov 2025 12:34:53 -0500 Subject: [PATCH 17/26] [skip ci] fill in default for family.header and family.param.api_src at oqsbuild loading Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 5 ++++- oqsbuilder/__main__.py | 6 +++++- oqsbuilder/oqsbuilder.py | 30 ++++++++++++++++++++++++++++-- oqsbuilder/oqsbuildfile.yml | 3 --- 4 files changed, 37 insertions(+), 7 deletions(-) diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index 3766d4d332..54a0737dce 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -166,6 +166,9 @@ set_property(TARGET _target PROPERTY CUDA_ARCHITECTURES OFF) - `sources` under each `impl` can contain both source files (`.c`, `.S`) and header/config files (`.h`) - Each KEM family has a family-level `CMakeLists.txt` file. For example, ML-KEM has a `src/kem/ml_kem/CMakeLists.txt` file. There is no implementation-level list file. Under each implementation, the cmake variable `CMAKE_CURRENT_LIST_DIR` refers to the family-level list file. +### `header` +**Optional:** name of the family-level header file. Defaults to `{kem|sig|stfl_sig}_{family_key}.h` + ## Parameter Set Each KEM/SIG/STFL_SIG scheme can have one or more parameter sets listed under the `params` key. For example: @@ -187,7 +190,7 @@ sigs: ``` ### `api_src` -Path to the source file (relative to the family directory) that contains the OQS common API (e.g. `OQS_KEM_ml_kem_512_new`) for this parameter set (e.g. `kem_ml_kem_512.c`) +**Optional:** name of the source file that contains the OQS common API (e.g. `OQS_KEM_ml_kem_512_new`) for this parameter set (e.g. `kem_ml_kem_512.c`). Defaults to `_.c` ### `.enable_by` Specify the C pre-processing macro that enables this parameter set. Note that if the parameter set is disabled, then no individual implementation will be enabled even if the individual implementation is enabled. diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index 28102deafb..4f0e16a6d7 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -10,6 +10,7 @@ generate_kem_cmake, load_oqsbuildfile, fetch_upstreams, + generate_kem_oqs_api, ) @@ -45,7 +46,9 @@ def copy_from_upstream( upstream_dirs = fetch_upstreams(oqsbuild, tempdir, patch_dir) kems = oqsbuild[CryptoPrimitive.KEM.get_oqsbuildfile_key()] - kems_dir = os.path.join(LIBOQS_DIR, "src", CryptoPrimitive.KEM.get_subdirectory_name()) + kems_dir = os.path.join( + LIBOQS_DIR, "src", CryptoPrimitive.KEM.get_subdirectory_name() + ) for kem_key, kem in kems["families"].items(): kem_dir = os.path.join(kems_dir, kem_key) cmake_path = os.path.join( @@ -58,6 +61,7 @@ def copy_from_upstream( impl_dir = os.path.join(kem_dir, impl_key) copy_copies(impl["copies"], upstream_dirs[impl["upstream"]], impl_dir) generate_kem_cmake(cmake_path, kem_key, kem) + generate_kem_oqs_api(kem_dir, kem_key, kem) if __name__ == "__main__": diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 7fa06a7f75..2193bb4579 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -46,13 +46,23 @@ def load_oqsbuildfile(path: str): with open(path, mode="r", encoding="utf-8") as f: oqsbuild = yaml.safe_load(f) + # Expand keys and fill in defaults for primitive in [ CryptoPrimitive.KEM, # FIX: uncomment this once sigs and stfl_sigs are filled in # CryptoPrimitive.SIG, # CryptoPrimitive.STFL_SIG, ]: - for _, family in oqsbuild[primitive.get_oqsbuildfile_key()]["families"].items(): + for family_key, family in oqsbuild[primitive.get_oqsbuildfile_key()][ + "families" + ].items(): + family["header"] = family.get( + "header", f"{primitive.get_subdirectory_name()}_{family_key}.h" + ) + for param_key, param_meta in family["params"].items(): + param_meta["api_src"] = param_meta.get( + "api_src", f"{primitive.get_subdirectory_name()}_{param_key}.c" + ) for _, impl_meta in family["impls"].items(): impl_copies = impl_meta["copies"] if isinstance(impl_copies, str): @@ -420,7 +430,9 @@ def generate_family_cmake_targets( return common_targets + impl_targets -def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, autoformat: bool = True): +def generate_kem_cmake( + cmake_path: str, kem_key: str, kem: dict, autoformat: bool = True +): """Generate the family-level CMakeLists.txt file for the input KEM scheme Each family-level list file (e.g. src/kem/ml_kem/CMakeLists.txt) exports a @@ -453,3 +465,17 @@ def generate_kem_cmake(cmake_path: str, kem_key: str, kem: dict, autoformat: boo # Check out gersemi at https://github.com/BlankSpruce/gersemi/ # pip install gersemi==0.23.1 subprocess.run(["gersemi", "-i", cmake_path], check=True) + + +def generate_kem_oqs_api(kem_dir: str, kem_key: str, kem_meta: dict): + """Generate the OQS API source and header files for the given KEM. This + includes: + - kem//kem_.c for each parameter set + - kem//kem_.h + """ + kem_header_path = os.path.join(kem_dir, kem_meta["header"]) + print(f"Generating {kem_header_path}") + + for param_key, param_meta in kem_meta["params"].items(): + param_src_path = os.path.join(kem_dir, param_meta["api_src"]) + print(f"Generating {param_src_path}") diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index 2abcd6d615..be59751bb9 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -106,7 +106,6 @@ kems: encap_seedlen: 32 enable_by: OQS_ENABLE_KEM_ml_kem_512 default_impl: mlkem-native_ml-kem-512_ref - api_src: kem_ml_kem_512.c ml_kem_768: name: "ML-KEM-768" pklen: 1184 @@ -117,7 +116,6 @@ kems: encap_seedlen: 32 enable_by: OQS_ENABLE_KEM_ml_kem_768 default_impl: mlkem-native_ml-kem-768_ref - api_src: kem_ml_kem_768.c ml_kem_1024: name: "ML-KEM-1024" pklen: 1568 @@ -128,7 +126,6 @@ kems: encap_seedlen: 32 enable_by: OQS_ENABLE_KEM_ml_kem_1024 default_impl: mlkem-native_ml-kem-1024_ref - api_src: kem_ml_kem_1024.c impls: mlkem-native_ml-kem-1024_aarch64: upstream: mlkem-native From d4c695c4d10a004c8ec977503825a24b1cf44761 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Tue, 25 Nov 2025 15:32:43 -0500 Subject: [PATCH 18/26] [skip ci] need to render family-level header and source files to assess efforts Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index 54a0737dce..5d176e5dfa 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -6,7 +6,9 @@ This is the replacement for `copy_from_upstream.py` - ✅ apply patches - 🚧 move source file from upstream into `liboqs/src` - 🚧 ML-KEM -- 🚧 render `CMakeLists.txt` and other build files +- 🚧 render family-level `CMakeLists.txt` +- 🚧 render family-level header file (e.g. `kem_ml_kem.h`) +- 🚧 render family-level source file (e.g. `kem_ml_kem_512.c`) - ⚠️ figure out how to check feature parity with `copy_from_upstream.py` From bc56e0de1105fae89142c529b2655942d1e2480a Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Tue, 25 Nov 2025 16:19:22 -0500 Subject: [PATCH 19/26] [skip ci] refactor function signatures so generating family-level cmake list file, source files, and header files uses almost identical API Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/__main__.py | 13 +++----- oqsbuilder/oqsbuilder.py | 69 +++++++++++++++++++++++++++++++++------- 2 files changed, 62 insertions(+), 20 deletions(-) diff --git a/oqsbuilder/__main__.py b/oqsbuilder/__main__.py index 4f0e16a6d7..c634a0ef9c 100644 --- a/oqsbuilder/__main__.py +++ b/oqsbuilder/__main__.py @@ -10,7 +10,8 @@ generate_kem_cmake, load_oqsbuildfile, fetch_upstreams, - generate_kem_oqs_api, + generate_kem_header, + generate_kem_sources, ) @@ -51,17 +52,13 @@ def copy_from_upstream( ) for kem_key, kem in kems["families"].items(): kem_dir = os.path.join(kems_dir, kem_key) - cmake_path = os.path.join( - kem_dir, - # TODO: magic file name? - "CMakeLists.txt", - ) print(f"Integrating {kem_key} into {kem_dir}") for impl_key, impl in kem["impls"].items(): impl_dir = os.path.join(kem_dir, impl_key) copy_copies(impl["copies"], upstream_dirs[impl["upstream"]], impl_dir) - generate_kem_cmake(cmake_path, kem_key, kem) - generate_kem_oqs_api(kem_dir, kem_key, kem) + kem_cmake_path = generate_kem_cmake(kem_dir, kem_key, kem) + kem_header_path = generate_kem_header(kem_dir, kem_key, kem) + kem_src_paths = generate_kem_sources(kem_dir, kem_key, kem) if __name__ == "__main__": diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 2193bb4579..4e2b32b53a 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -5,6 +5,7 @@ import yaml +from oqsbuilder import LIBOQS_DIR from oqsbuilder.templates import FAMILY_CMAKE_HEADER SRC_FILE_EXTS = (".c", ".s", ".S", ".cpp", ".cu") @@ -431,18 +432,20 @@ def generate_family_cmake_targets( def generate_kem_cmake( - cmake_path: str, kem_key: str, kem: dict, autoformat: bool = True -): + kem_dir: str, kem_key: str, kem: dict, autoformat: bool = True +) -> str: """Generate the family-level CMakeLists.txt file for the input KEM scheme Each family-level list file (e.g. src/kem/ml_kem/CMakeLists.txt) exports a cmake variable (e.g. ML_KEM_OBJS) that contains the compiled objects from that family. - :param cmake_path: the cmake list file will be written to this file + :param kem_dir: path to the family-level subdirectory, such as + LIBOQS_DIR/src/kem/ml_kem :param kem_key: the family key of the KEM scheme :param kem: the content in build file under the family key :param autoformat: format the generated list file with gersemi + :return: path to the family-level cmake list file """ local_obj = f"_{kem_key}_OBJS".upper() export_obj = f"{kem_key}_OBJS".upper() @@ -459,23 +462,65 @@ def generate_kem_cmake( set({export_obj} ${{{local_obj}}} PARENT_SCOPE) """ + cmake_path = os.path.join(kem_dir, "CMakeLists.txt") with open(cmake_path, "w") as f: f.write(data) if autoformat: # Check out gersemi at https://github.com/BlankSpruce/gersemi/ # pip install gersemi==0.23.1 subprocess.run(["gersemi", "-i", cmake_path], check=True) + return cmake_path + + +def format_with_astyle(path: str): + """Call astyle to format file at the input path""" + options_path = os.path.join(LIBOQS_DIR, ".astylerc") + subprocess.run( + ["astyle", f"--options={options_path}", '--suffix=""', path], check=True + ) -def generate_kem_oqs_api(kem_dir: str, kem_key: str, kem_meta: dict): - """Generate the OQS API source and header files for the given KEM. This - includes: - - kem//kem_.c for each parameter set - - kem//kem_.h +def generate_kem_header( + kem_dir: str, kem_key: str, kem_meta: dict, autoformat: bool = True +) -> str: + """Generate the family-level header file, such as + LIBOQS_DIR/src/kem/ml_kem/kem_ml_kem.h. + + Return the path to the generated header file. """ - kem_header_path = os.path.join(kem_dir, kem_meta["header"]) - print(f"Generating {kem_header_path}") + header_path = os.path.join(kem_dir, kem_meta["header"]) + + raise NotImplementedError(f"What to write to {header_path}?") + if autoformat: + format_with_astyle(header_path) + return header_path + +def generate_kem_source( + kem_dir: str, + kem_key: str, + kem_meta: dict, + param_key: str, + param_meta: str, + autoformat: bool = True, +) -> str: + """Generate a single family-level source file for the specified parameter set. + Return the path to the generated file + """ + source_path = os.path.join(kem_dir, f"kem_{param_key}.c") + raise NotImplementedError(f"What to write to {source_path}?") + + +def generate_kem_sources( + kem_dir: str, kem_key: str, kem_meta: dict, autoformat: bool = True +) -> list[str]: + """Generate the family-level source file(s), such as + LIBOQS_DIR/src/kem/ml_kem/kem_ml_kem_<512|768|1024>.c + """ + source_paths = [] for param_key, param_meta in kem_meta["params"].items(): - param_src_path = os.path.join(kem_dir, param_meta["api_src"]) - print(f"Generating {param_src_path}") + source_path = generate_kem_source( + kem_dir, kem_key, kem_meta, param_key, param_meta, autoformat + ) + source_paths.append(source_path) + return source_paths From 292a056da7fbc6951cd526a7d7bf49e1dc762d25 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Tue, 25 Nov 2025 16:39:27 -0500 Subject: [PATCH 20/26] [skip ci] getting started with generating family-level header file Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/oqsbuilder.py | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 4e2b32b53a..d4efa870c6 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -490,6 +490,34 @@ def generate_kem_header( """ header_path = os.path.join(kem_dir, kem_meta["header"]) + param_fragments = [] + for param_key, param_meta in kem_meta["params"].items(): + param_enable_by = param_meta["enable_by"] + fragment = "" # FIX: fill in defines, API's, etc. + fragment = f"""\ +#if defined({param_enable_by}) +{fragment} +#endif /* {param_enable_by} */ +""" + param_fragments.append(fragment) + + body = "\n".join(param_fragments) + header = f"""\ +// SPDX-License-Identifier: MIT + +#ifndef OQS_KEM_{kem_key.upper()}_H +#define OQS_KEM_{kem_key.upper()}_H + +#include + +{body} + +#endif /* !OQS_KEM_{kem_key.upper()}_H */ +""" + print(f">>>>>> {header_path}") + print(header) + print(f"<<<<<<") + raise NotImplementedError(f"What to write to {header_path}?") if autoformat: format_with_astyle(header_path) From fb7d492a4d154be8c637d4718b1a23359cc4577e Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Wed, 26 Nov 2025 15:11:20 -0500 Subject: [PATCH 21/26] [skip ci] can generate KEM family header Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 18 ++++++++++++++++++ oqsbuilder/oqsbuilder.py | 24 ++++++++++++++++++------ oqsbuilder/utils.py | 11 +++++++++++ src/kem/ml_kem/kem_ml_kem.h | 10 ++++++---- 4 files changed, 53 insertions(+), 10 deletions(-) create mode 100644 oqsbuilder/utils.py diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index 5d176e5dfa..c3f1a82231 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -222,3 +222,21 @@ The cmake variable is translated to [C macro](https://github.com/open-quantum-sa ### `default_impl` Specify a key to an implementation that implements this parameter set. The default implementation's [`enable_by`](#imple_keyenable_by) flag will be overwritten by this parameter set's [`enable_by`](#param_keyenable_by) flag so that if this parameter set is enabled, the default implementation is automatically enabled. + +### `pklen` +Length of public key (bytes) + +### `sklen` +Length of secret key (bytes) + +### `ctlen` +Length of ciphertext (bytes). This field should exists only for KEM families. + +### `sslen` +Length of shared secret (bytes). This field should exists only for KEM families. + +### `keypair_seedlen` +**(optional)** Length of seed for generating keypair (bytes). If this field is not specified, it will default to 0 to indicate that this family (KEM, SIG, or STFL_SIG) does not support deterministic key generation. + +### `encap_seedlen` +**(optionsl)** Length of seed for encapsulation (bytes). This field only exists for KEM families. If this field is not specified, it will default to 0 to indicate that this KEM family does not support deterministic encapsulation. diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index d4efa870c6..70f537166c 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -7,6 +7,7 @@ from oqsbuilder import LIBOQS_DIR from oqsbuilder.templates import FAMILY_CMAKE_HEADER +from oqsbuilder.utils import currentframe_funcname SRC_FILE_EXTS = (".c", ".s", ".S", ".cpp", ".cu") SCOPE_OPTIONS = ("public", "private", "interface") @@ -493,7 +494,19 @@ def generate_kem_header( param_fragments = [] for param_key, param_meta in kem_meta["params"].items(): param_enable_by = param_meta["enable_by"] - fragment = "" # FIX: fill in defines, API's, etc. + fragment = f"""\ +#define OQS_KEM_{param_key}_length_public_key {param_meta["pklen"]} +#define OQS_KEM_{param_key}_length_secret_key {param_meta["sklen"]} +#define OQS_KEM_{param_key}_length_ciphertext {param_meta["ctlen"]} +#define OQS_KEM_{param_key}_length_shared_secret {param_meta["sslen"]} +#define OQS_KEM_{param_key}_length_keypair_seed {param_meta["keypair_seedlen"]} +#define OQS_KEM_{param_key}_length_encaps_seed {param_meta["encap_seedlen"]} +OQS_KEM *OQS_KEM_{param_key}_new(void); +OQS_API OQS_STATUS OQS_KEM_{param_key}_keypair(uint8_t *public_key, uint8_t *secret_key); +OQS_API OQS_STATUS OQS_KEM_{param_key}_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed); +OQS_API OQS_STATUS OQS_KEM_{param_key}_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); +OQS_API OQS_STATUS OQS_KEM_{param_key}_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *seed); +OQS_API OQS_STATUS OQS_KEM_{param_key}_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);""" fragment = f"""\ #if defined({param_enable_by}) {fragment} @@ -505,6 +518,8 @@ def generate_kem_header( header = f"""\ // SPDX-License-Identifier: MIT +// This file is generated by OQS Builder ({__name__}.{currentframe_funcname()}) + #ifndef OQS_KEM_{kem_key.upper()}_H #define OQS_KEM_{kem_key.upper()}_H @@ -514,11 +529,8 @@ def generate_kem_header( #endif /* !OQS_KEM_{kem_key.upper()}_H */ """ - print(f">>>>>> {header_path}") - print(header) - print(f"<<<<<<") - - raise NotImplementedError(f"What to write to {header_path}?") + with open(header_path, "w") as f: + f.write(header) if autoformat: format_with_astyle(header_path) return header_path diff --git a/oqsbuilder/utils.py b/oqsbuilder/utils.py new file mode 100644 index 0000000000..1c84200b90 --- /dev/null +++ b/oqsbuilder/utils.py @@ -0,0 +1,11 @@ +"""Utilities unrelated to OQS""" + +import inspect + + +def currentframe_funcname() -> str: + """Print the name of the function""" + stack = inspect.stack() + if len(stack) < 2: + raise RuntimeError("current frame is missing a caller") + return stack[1].frame.f_code.co_name diff --git a/src/kem/ml_kem/kem_ml_kem.h b/src/kem/ml_kem/kem_ml_kem.h index be45e175f0..a987401b0a 100644 --- a/src/kem/ml_kem/kem_ml_kem.h +++ b/src/kem/ml_kem/kem_ml_kem.h @@ -1,5 +1,7 @@ // SPDX-License-Identifier: MIT +// This file is generated by OQS Builder (oqsbuilder.oqsbuilder.generate_kem_header) + #ifndef OQS_KEM_ML_KEM_H #define OQS_KEM_ML_KEM_H @@ -18,7 +20,7 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_512_keypair_derand(uint8_t *public_key, uint8_ OQS_API OQS_STATUS OQS_KEM_ml_kem_512_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_ml_kem_512_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *seed); OQS_API OQS_STATUS OQS_KEM_ml_kem_512_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); -#endif +#endif /* OQS_ENABLE_KEM_ml_kem_512 */ #if defined(OQS_ENABLE_KEM_ml_kem_768) #define OQS_KEM_ml_kem_768_length_public_key 1184 @@ -33,7 +35,7 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_768_keypair_derand(uint8_t *public_key, uint8_ OQS_API OQS_STATUS OQS_KEM_ml_kem_768_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_ml_kem_768_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *seed); OQS_API OQS_STATUS OQS_KEM_ml_kem_768_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); -#endif +#endif /* OQS_ENABLE_KEM_ml_kem_768 */ #if defined(OQS_ENABLE_KEM_ml_kem_1024) #define OQS_KEM_ml_kem_1024_length_public_key 1568 @@ -48,7 +50,7 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_keypair_derand(uint8_t *public_key, uint8 OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key); OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *seed); OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key); -#endif +#endif /* OQS_ENABLE_KEM_ml_kem_1024 */ -#endif +#endif /* !OQS_KEM_ML_KEM_H */ From 072fc5ad96f5bab59ce14816d4cdd751f32e9de9 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Wed, 26 Nov 2025 15:38:04 -0500 Subject: [PATCH 22/26] Add caller info to generated CMakeLists.txt Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/oqsbuilder.py | 6 ++++-- oqsbuilder/templates.py | 9 ++++----- src/kem/ml_kem/CMakeLists.txt | 3 +-- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 70f537166c..67902b1bfa 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -6,7 +6,7 @@ import yaml from oqsbuilder import LIBOQS_DIR -from oqsbuilder.templates import FAMILY_CMAKE_HEADER +from oqsbuilder.templates import SPDX_LICENSE_IDENTIFIER from oqsbuilder.utils import currentframe_funcname SRC_FILE_EXTS = (".c", ".s", ".S", ".cpp", ".cu") @@ -454,7 +454,9 @@ def generate_kem_cmake( targets = generate_family_cmake_targets(kem_key, kem, local_obj) targets = "\n\n".join(targets) - data = f"""{FAMILY_CMAKE_HEADER} + data = f"""\ +# {SPDX_LICENSE_IDENTIFIER} +# This file is generated by OQS Builder ({__name__}.{currentframe_funcname()}) set({local_obj} "") diff --git a/oqsbuilder/templates.py b/oqsbuilder/templates.py index 427bcfe960..856bb3b277 100644 --- a/oqsbuilder/templates.py +++ b/oqsbuilder/templates.py @@ -1,8 +1,7 @@ -"""Reusable templates and components +"""Reusable CMakeLists.txt/.c/.h/documentation templates and components -Each component must not be surroudned by whitespaces +Each component should not have surrounding whitespace. The users are responsible +for connecting them with linebreaks or other appropriate delimiters. """ -FAMILY_CMAKE_HEADER = """# SPDX-License-Identifier: MIT - -# This file was generated by OQS Builder""" +SPDX_LICENSE_IDENTIFIER = "SPDX-License-Identifier: MIT" diff --git a/src/kem/ml_kem/CMakeLists.txt b/src/kem/ml_kem/CMakeLists.txt index 4ff46cf8d6..7506f837a3 100644 --- a/src/kem/ml_kem/CMakeLists.txt +++ b/src/kem/ml_kem/CMakeLists.txt @@ -1,6 +1,5 @@ # SPDX-License-Identifier: MIT - -# This file was generated by OQS Builder +# This file is generated by OQS Builder (oqsbuilder.oqsbuilder.generate_kem_cmake) set(_ML_KEM_OBJS "") From 08f0e7a07b7b397c4cc0092ab72f9ce03388ab80 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Wed, 26 Nov 2025 16:39:06 -0500 Subject: [PATCH 23/26] [skip ci] getting started with generating KEM source files Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/oqsbuilder.py | 53 +++- oqsbuilder/oqsbuildfile.yml | 2 +- oqsbuilder/templates.py | 468 ++++++++++++++++++++++++++++++++++++ 3 files changed, 518 insertions(+), 5 deletions(-) diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 67902b1bfa..8cfd97b92b 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -6,7 +6,16 @@ import yaml from oqsbuilder import LIBOQS_DIR -from oqsbuilder.templates import SPDX_LICENSE_IDENTIFIER +from oqsbuilder.templates import ( + OQS_KEM_DECAPS_IMPL, + OQS_KEM_ENCAPS_DERAND_IMPL, + OQS_KEM_ENCAPS_IMPL, + OQS_KEM_EXTERN_API_DECLARATIONS, + OQS_KEM_KEYPAIR_DERAND_IMPL, + OQS_KEM_KEYPAIR_IMPL, + OQS_KEM_NEW_IMPL, + SPDX_LICENSE_IDENTIFIER, +) from oqsbuilder.utils import currentframe_funcname SRC_FILE_EXTS = (".c", ".s", ".S", ".cpp", ".cu") @@ -51,7 +60,6 @@ def load_oqsbuildfile(path: str): # Expand keys and fill in defaults for primitive in [ CryptoPrimitive.KEM, - # FIX: uncomment this once sigs and stfl_sigs are filled in # CryptoPrimitive.SIG, # CryptoPrimitive.STFL_SIG, ]: @@ -518,8 +526,7 @@ def generate_kem_header( body = "\n".join(param_fragments) header = f"""\ -// SPDX-License-Identifier: MIT - +// {SPDX_LICENSE_IDENTIFIER} // This file is generated by OQS Builder ({__name__}.{currentframe_funcname()}) #ifndef OQS_KEM_{kem_key.upper()}_H @@ -550,7 +557,45 @@ def generate_kem_source( Return the path to the generated file """ source_path = os.path.join(kem_dir, f"kem_{param_key}.c") + # FIX: implement these + oqs_kem_new = OQS_KEM_NEW_IMPL + extern_api_decl = OQS_KEM_EXTERN_API_DECLARATIONS + keypair_derand = OQS_KEM_KEYPAIR_DERAND_IMPL + keypair = OQS_KEM_KEYPAIR_IMPL + encaps_derand = OQS_KEM_ENCAPS_DERAND_IMPL + encaps = OQS_KEM_ENCAPS_IMPL + decaps = OQS_KEM_DECAPS_IMPL + source = f"""\ +// {SPDX_LICENSE_IDENTIFIER} +// This file is generated by OQS Builder ({__name__}.{currentframe_funcname()}) + +#include + +#include + +#if defined(OQS_ENABLE_KEM_{param_key}) +{oqs_kem_new} + +{extern_api_decl} + +{keypair_derand} + +{keypair} + +{encaps_derand} + +{encaps} + +{decaps} +#endif /* OQS_ENABLE_KEM_{param_key} */ +""" + print(f">>>>>>>> {source_path}") + print(source) + print("<<<<<<<<") raise NotImplementedError(f"What to write to {source_path}?") + if autoformat: + format_with_astyle(source_path) + return source_path def generate_kem_sources( diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index be59751bb9..9452a6487b 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -256,7 +256,7 @@ kems: link_libs: # https://docs.nvidia.com/cuda/cupqc/guides/getting_started.html private: [cupqc-pk_static] - # FIX: `-arch=compute_70` and `CUDA_ARCHITECTURES OFF` seem to conflict? + # NOTE: `-arch=compute_70` and `CUDA_ARCHITECTURES OFF` seem to conflict? cuda_arch: OFF compile_opts: private: ["$<$:-rdc=true -dlto -arch=compute_70>"] diff --git a/oqsbuilder/templates.py b/oqsbuilder/templates.py index 856bb3b277..ed1558ab0c 100644 --- a/oqsbuilder/templates.py +++ b/oqsbuilder/templates.py @@ -5,3 +5,471 @@ """ SPDX_LICENSE_IDENTIFIER = "SPDX-License-Identifier: MIT" + +OQS_KEM_NEW_IMPL = """\ +OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_new(void) { + + OQS_KEM *kem = OQS_MEM_malloc(sizeof(OQS_KEM)); + if (kem == NULL) { + return NULL; + } + kem->method_name = OQS_KEM_alg_{{ family }}_{{ scheme['scheme'] }}; + kem->alg_version = "{{ scheme['metadata']['implementations'][0]['version'] }}"; + + kem->claimed_nist_level = {{ scheme['metadata']['claimed-nist-level'] }}; + kem->ind_cca = {{ scheme['metadata']['ind_cca'] }}; + + kem->length_public_key = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_public_key; + kem->length_secret_key = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_secret_key; + kem->length_ciphertext = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_ciphertext; + kem->length_shared_secret = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_shared_secret; + kem->length_keypair_seed = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_seed; + kem->length_encaps_seed = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_encaps_seed; + + kem->keypair = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair; + kem->keypair_derand = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand; + kem->encaps = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps; + kem->encaps_derand = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps_derand; + kem->decaps = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps; + + return kem; +} +""" + +OQS_KEM_EXTERN_API_DECLARATIONS = """\ + {%- for impl in scheme['metadata']['implementations'] if impl['name'] == scheme['default_implementation'] %} + + {%- if impl['signature_keypair'] %} + {%- set cleankeypair = scheme['metadata'].update({'default_keypair_signature': impl['signature_keypair']}) -%} + {%- else %} + {%- set cleankeypair = scheme['metadata'].update({'default_keypair_signature': "PQCLEAN_"+scheme['pqclean_scheme_c']|upper+"_"+scheme['default_implementation']|upper+"_crypto_kem_keypair"}) -%} + {%- endif %} + +extern int {{ scheme['metadata']['default_keypair_signature'] }}(uint8_t *pk, uint8_t *sk); + + {%- if impl['signature_keypair_derand'] %} + {%- set cleankeypairderand = scheme['metadata'].update({'default_keypair_derand_signature': impl['signature_keypair_derand']}) %} +extern int {{ scheme['metadata']['default_keypair_derand_signature'] }}(uint8_t *pk, uint8_t *sk, const uint8_t *seed); + {%- endif %} + + {%- if impl['signature_enc'] %} + {%- set cleanenc = scheme['metadata'].update({'default_enc_signature': impl['signature_enc']}) -%} + {%- else %} + {%- set cleanenc = scheme['metadata'].update({'default_enc_signature': "PQCLEAN_"+scheme['pqclean_scheme_c']|upper+"_"+scheme['default_implementation']|upper+"_crypto_kem_enc"}) -%} + {%- endif %} +extern int {{ scheme['metadata']['default_enc_signature'] }}(uint8_t *ct, uint8_t *ss, const uint8_t *pk); + + {%- if impl['signature_enc_derand'] %} + {%- set cleanencderand = scheme['metadata'].update({'default_enc_derand_signature': impl['signature_enc_derand']}) %} +extern int {{ scheme['metadata']['default_enc_derand_signature'] }}(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *seed); + {%- endif %} + + {%- if impl['signature_dec'] %} + {%- set cleandec = scheme['metadata'].update({'default_dec_signature': impl['signature_dec']}) -%} + {%- else %} + {%- set cleandec = scheme['metadata'].update({'default_dec_signature': "PQCLEAN_"+scheme['pqclean_scheme_c']|upper+"_"+scheme['default_implementation']|upper+"_crypto_kem_dec"}) -%} + {%- endif %} +extern int {{ scheme['metadata']['default_dec_signature'] }}(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); + + {%- endfor %} + + {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] %} +{% if impl['name'] == 'cuda'%} +#if defined(OQS_USE_CUPQC) + {%- endif %} +{%- if impl['name'] == 'icicle_cuda'%} +#if defined(OQS_USE_ICICLE) + {%- endif %} +#if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- if impl['signature_keypair'] %} +extern int {{ impl['signature_keypair'] }}(uint8_t *pk, uint8_t *sk); + {%- else %} +extern int PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair(uint8_t *pk, uint8_t *sk); + {%- endif %} + + {%- if impl['signature_keypair_derand'] %} +extern int {{ impl['signature_keypair_derand'] }}(uint8_t *pk, uint8_t *sk, const uint8_t *seed); + {%- endif %} + + {%- if impl['signature_enc'] %} +extern int {{ impl['signature_enc'] }}(uint8_t *ct, uint8_t *ss, const uint8_t *pk); + {%- else %} +extern int PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); + {%- endif %} + + {%- if impl['signature_enc_derand'] %} +extern int {{ impl['signature_enc_derand'] }}(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *seed); + {%- endif %} + + {%- if impl['signature_dec'] %} +extern int {{ impl['signature_dec'] }}(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); + {%- else %} +extern int PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); + {%- endif %} +#endif + {%- if impl['name'] == 'cuda'%} +#endif /* OQS_USE_CUPQC */ + {%- endif %} + {%- if impl['name'] == 'icicle_cuda'%} +#endif /* OQS_USE_ICICLE */ + {%- endif %} + {%- endfor %} + +{%- if libjade_implementation is defined and scheme['libjade_implementation'] %} +{% for scheme in schemes -%} + +{%- for impl in scheme['metadata']['implementations'] if impl['name'] in scheme['libjade_implementations'] %} +#if defined(OQS_ENABLE_LIBJADE_KEM_{{ family }}_{{ scheme['scheme'] }}{%- if impl['name'] != scheme['default_implementation'] %}_{{ impl['name'] }}{%- endif %}) +extern int libjade_{{ scheme['pqclean_scheme_c'] }}_{{ impl['name'] }}_keypair(uint8_t *pk, uint8_t *sk); +extern int libjade_{{ scheme['pqclean_scheme_c'] }}_{{ impl['name'] }}_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk); +extern int libjade_{{ scheme['pqclean_scheme_c'] }}_{{ impl['name'] }}_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk); +#endif +{% endfor -%} +{% endfor -%} +{% endif %} +""" + +OQS_KEM_KEYPAIR_DERAND_IMPL = """\ +OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) { +{%- if scheme['derandomized_keypair'] %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] %} + {%- if loop.first %} +#if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- else %} +#elif defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['signature_keypair_derand'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_keypair_derand'] }}(public_key, secret_key, seed); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair_derand(public_key, secret_key, seed); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) {{ scheme['metadata']['default_keypair_derand_signature'] }}(public_key, secret_key, seed); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) {{ scheme['metadata']['default_keypair_derand_signature'] }}(public_key, secret_key, seed); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} + {%- else %} + (void)public_key; + (void)secret_key; + (void)seed; + return OQS_ERROR; + {%- endif %} +} +""" + +OQS_KEM_KEYPAIR_IMPL = """\ +OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair(uint8_t *public_key, uint8_t *secret_key) { +{%- if libjade_implementation is defined and scheme['libjade_implementation'] %} +#if defined(OQS_LIBJADE_BUILD) && (defined(OQS_ENABLE_LIBJADE_KEM_{{ family }}_{{ scheme['scheme'] }}) +{%- for scheme in schemes %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] and impl['name'] in scheme['libjade_implementations'] %} + {%- if loop.first %} +#if defined(OQS_ENABLE_{%- if impl['name'] in scheme['libjade_implementations'] %}LIBJADE_{%- endif %}KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- else %} +#elif defined(OQS_ENABLE_{%- if impl['name'] in scheme['libjade_implementations'] %}LIBJADE_{%- endif %}KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['name'] in scheme['libjade_implementations'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) libjade_{{ scheme['pqclean_scheme_c'] }}_{{ impl['name'] }}_keypair(public_key, secret_key); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair(public_key, secret_key); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) libjade_{{ scheme['pqclean_scheme_c'] }}_ref_keypair(public_key, secret_key); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) libjade_{{ scheme['pqclean_scheme_c'] }}_ref_keypair(public_key, secret_key); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} +{% endfor -%} +#else /*OQS_LIBJADE_BUILD && (OQS_ENABLE_LIBJADE_KEM_{{ family }}_{{ scheme['scheme'] }})*/ +{%- endif %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] == 'cuda' %} +#if defined(OQS_USE_CUPQC) && defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + return (OQS_STATUS) {{ impl['signature_keypair'] }}(public_key, secret_key); +#endif /* OQS_USE_CUPQC && OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }} */ + {%- endfor %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] == 'icicle_cuda' %} +#if defined(OQS_USE_ICICLE) && defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + return (OQS_STATUS) {{ impl['signature_keypair'] }}(public_key, secret_key); +#endif /* OQS_USE_ICICLE && OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }} */ + {%- endfor %} + {%- for impl in scheme['metadata']['implementations'] if (impl['name'] != scheme['default_implementation'] and impl['name'] != 'cuda' and impl['name'] != 'icicle_cuda') %} + {%- if loop.first %} +#if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- else %} +#elif defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['signature_keypair'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_keypair'] }}(public_key, secret_key); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair(public_key, secret_key); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) {{ scheme['metadata']['default_keypair_signature'] }}(public_key, secret_key); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) {{ scheme['metadata']['default_keypair_signature'] }}(public_key, secret_key); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} +{%- if libjade_implementation is defined and scheme['libjade_implementation'] %} +#endif /* OQS_LIBJADE_BUILD */ +{%- endif %} +} +""" + +OQS_KEM_ENCAPS_DERAND_IMPL = """\ +OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps_derand(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key, const uint8_t *seed) { +{%- if scheme['derandomized_encaps'] %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] %} + {%- if loop.first %} +#if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- else %} +#elif defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['signature_enc_derand'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_enc_derand'] }}(ciphertext, shared_secret, public_key, seed); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_enc_derand(ciphertext, shared_secret, public_key, seed); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) {{ scheme['metadata']['default_enc_derand_signature'] }}(ciphertext, shared_secret, public_key, seed); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) {{ scheme['metadata']['default_enc_derand_signature'] }}(ciphertext, shared_secret, public_key, seed); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} + {%- else %} + (void)ciphertext; + (void)shared_secret; + (void)public_key; + (void)seed; + return OQS_ERROR; + {%- endif %} +} +""" + +OQS_KEM_ENCAPS_IMPL = """ +OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key) { +{%- if libjade_implementation is defined and scheme['libjade_implementation'] %} +#if defined(OQS_LIBJADE_BUILD) && (defined(OQS_ENABLE_LIBJADE_KEM_{{ family }}_{{ scheme['scheme'] }}) +{%- for scheme in schemes %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] and impl['name'] in scheme['libjade_implementations'] %} + {%- if loop.first %} +#if defined(OQS_ENABLE_{%- if impl['name'] in scheme['libjade_implementations'] %}LIBJADE_{%- endif %}KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- else %} +#elif defined(OQS_ENABLE_{%- if impl['name'] in scheme['libjade_implementations'] %}LIBJADE_{%- endif %}KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['name'] in scheme['libjade_implementations'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) libjade_{{ scheme['pqclean_scheme_c'] }}_{{ impl['name'] }}_enc(ciphertext, shared_secret, public_key); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_enc(ciphertext, shared_secret, public_key); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) libjade_{{ scheme['pqclean_scheme_c'] }}_ref_enc(ciphertext, shared_secret, public_key); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) libjade_{{ scheme['pqclean_scheme_c'] }}_ref_enc(ciphertext, shared_secret, public_key); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} +{% endfor -%} +#else /*OQS_LIBJADE_BUILD && (OQS_ENABLE_LIBJADE_KEM_{{ family }}_{{ scheme['scheme'] }})*/ +{%- endif %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] == 'cuda' %} +#if defined(OQS_USE_CUPQC) && defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + return (OQS_STATUS) {{ impl['signature_enc'] }}(ciphertext, shared_secret, public_key); +#endif /* OQS_USE_CUPQC && OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }} */ + {%- endfor %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] == 'icicle_cuda' %} +#if defined(OQS_USE_ICICLE) && defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + return (OQS_STATUS) {{ impl['signature_enc'] }}(ciphertext, shared_secret, public_key); +#endif /* OQS_USE_ICICLE && OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }} */ + {%- endfor %} + {%- for impl in scheme['metadata']['implementations'] if (impl['name'] != scheme['default_implementation'] and impl['name'] != 'cuda' and impl['name'] != 'icicle_cuda') %} + {%- if loop.first %} +#if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- else %} +#elif defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['signature_enc'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_enc'] }}(ciphertext, shared_secret, public_key); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_enc(ciphertext, shared_secret, public_key); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) {{ scheme['metadata']['default_enc_signature'] }}(ciphertext, shared_secret, public_key); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) {{ scheme['metadata']['default_enc_signature'] }}(ciphertext, shared_secret, public_key); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} +{%- if libjade_implementation is defined and scheme['libjade_implementation'] %} +#endif /* OQS_LIBJADE_BUILD */ +{%- endif %} +} +""" + +OQS_KEM_DECAPS_IMPL = """ +OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key) { +{%- if libjade_implementation is defined and scheme['libjade_implementation'] %} +#if defined(OQS_LIBJADE_BUILD) && (defined(OQS_ENABLE_LIBJADE_KEM_{{ family }}_{{ scheme['scheme'] }}) +{%- for scheme in schemes %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] and impl['name'] in scheme['libjade_implementations'] %} + {%- if loop.first %} +#if defined(OQS_ENABLE_{%- if impl['name'] in scheme['libjade_implementations'] %}LIBJADE_{%- endif %}KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- else %} +#elif defined(OQS_ENABLE_{%- if impl['name'] in scheme['libjade_implementations'] %}LIBJADE_{%- endif %}KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['name'] in scheme['libjade_implementations'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) libjade_{{ scheme['pqclean_scheme_c'] }}_{{ impl['name'] }}_dec(shared_secret, ciphertext, secret_key); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_dec(shared_secret, ciphertext, secret_key); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) libjade_{{ scheme['pqclean_scheme_c'] }}_ref_dec(shared_secret, ciphertext, secret_key); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) libjade_{{ scheme['pqclean_scheme_c'] }}_ref_dec(shared_secret, ciphertext, secret_key); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} +{% endfor -%} +#else /*OQS_LIBJADE_BUILD && (OQS_ENABLE_LIBJADE_KEM_{{ family }}_{{ scheme['scheme'] }})*/ +{%- endif %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] == 'cuda' %} +#if defined(OQS_USE_CUPQC) && defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + return (OQS_STATUS) {{ impl['signature_dec'] }}(shared_secret, ciphertext, secret_key); +#endif /* OQS_USE_CUPQC && OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }} */ + {%- endfor %} + {%- for impl in scheme['metadata']['implementations'] if impl['name'] == 'icicle_cuda' %} +#if defined(OQS_USE_ICICLE) && defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + return (OQS_STATUS) {{ impl['signature_dec'] }}(shared_secret, ciphertext, secret_key); +#endif /* OQS_USE_ICICLE && OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }} */ + {%- endfor %} + {%- for impl in scheme['metadata']['implementations'] if (impl['name'] != scheme['default_implementation'] and impl['name'] != 'cuda' and impl['name'] != 'icicle_cuda') %} + {%- if loop.first %} +#if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- else %} +#elif defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) { +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- if impl['signature_dec'] %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) {{ impl['signature_dec'] }}(shared_secret, ciphertext, secret_key); + {%- else %} + {% if 'required_flags' in impl and impl['required_flags'] %} {% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_dec(shared_secret, ciphertext, secret_key); + {%- endif %} + {%- if 'required_flags' in impl and impl['required_flags'] %} +#if defined(OQS_DIST_BUILD) + } else { + return (OQS_STATUS) {{ scheme['metadata']['default_dec_signature'] }}(shared_secret, ciphertext, secret_key); + } +#endif /* OQS_DIST_BUILD */ + {%- endif -%} + {%- endfor %} + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#else + {%- endif %} + return (OQS_STATUS) {{ scheme['metadata']['default_dec_signature'] }}(shared_secret, ciphertext, secret_key); + {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %} +#endif + {%- endif %} +{%- if libjade_implementation is defined and scheme['libjade_implementation'] %} +#endif /* OQS_LIBJADE_BUILD */ +{%- endif %} +} +""" From e20787143ff756b44b6076f0316ce76fcc460537 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Thu, 27 Nov 2025 11:47:37 -0500 Subject: [PATCH 24/26] [skip ci] implement OQS_KEM_{param_key}_new Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 23 +++++++++++- oqsbuilder/oqsbuilder.py | 20 ++++++----- oqsbuilder/oqsbuildfile.yml | 7 ++++ oqsbuilder/templates.py | 72 +++++++++++++++++++++++-------------- src/kem/ml_kem/kem_ml_kem.h | 1 - 5 files changed, 86 insertions(+), 37 deletions(-) diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index c3f1a82231..7fae28ca2d 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -162,7 +162,9 @@ Will translate to the following settings for [`CUDA_ARCHITECTURES`](https://cmak set_property(TARGET _target PROPERTY CUDA_ARCHITECTURES OFF) ``` -## KEMs +## Families +Each cryptographic primitive (KEM, signature, or stateful signature) has one or more families. For example, ML-KEM, ML-DSA, and SLH-DSA are three distinct families of primitives. Each family can have many [parameter sets](#parameter-set) and many implementations. Each implementation implements exactly one parameter set. + - KEM schemes are listed under the top-level key `kems`. Their files are listed under `src/kem`. - The key of each KEM family is the name of the subdirectory. For example, ML-KEM files are located under `src/kem/ml_kem`. The key of each implementation under the same family is the name of the subdirectory. For example, the implementation `mlkem-native_ml-kem-512_ref` is located under `src/kem/ml_kem/mlkem-native_ml-kem-512_ref`. - `sources` under each `impl` can contain both source files (`.c`, `.S`) and header/config files (`.h`) @@ -171,6 +173,19 @@ set_property(TARGET _target PROPERTY CUDA_ARCHITECTURES OFF) ### `header` **Optional:** name of the family-level header file. Defaults to `{kem|sig|stfl_sig}_{family_key}.h` +### `version` +> **This definition diverges from `copy_from_upstream`**. + +Some family of algorithms went through multiple verions, such as Kyber having distinct NIST Round 2, Round 3, and Round 4 version. **`liboqs` will integrate one version per family**. If there is a case to support multiple versions of the same family, it will be listed as a separate family: + +```yaml +kems: + kyber-r2: + version: "NIST Round 2" + kyber-r3: + version: "NIST Round 3" +``` + ## Parameter Set Each KEM/SIG/STFL_SIG scheme can have one or more parameter sets listed under the `params` key. For example: @@ -191,6 +206,12 @@ sigs: ml_dsa_87: # ... ``` +### `nist_level` +The security level of this parameter set, measured in [NIST level](https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization/evaluation-criteria/security-(evaluation-criteria)). Must be one of 1, 2, 3, 4, 5. + +### `ind_cca` +A boolean indicating whether this scheme achieves IND-CCA security. This field only exists under KEM families. + ### `api_src` **Optional:** name of the source file that contains the OQS common API (e.g. `OQS_KEM_ml_kem_512_new`) for this parameter set (e.g. `kem_ml_kem_512.c`). Defaults to `_.c` diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 8cfd97b92b..bbbae7a869 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -13,8 +13,8 @@ OQS_KEM_EXTERN_API_DECLARATIONS, OQS_KEM_KEYPAIR_DERAND_IMPL, OQS_KEM_KEYPAIR_IMPL, - OQS_KEM_NEW_IMPL, SPDX_LICENSE_IDENTIFIER, + render_oqs_kem_new_impl, ) from oqsbuilder.utils import currentframe_funcname @@ -550,7 +550,7 @@ def generate_kem_source( kem_key: str, kem_meta: dict, param_key: str, - param_meta: str, + param_meta: dict, autoformat: bool = True, ) -> str: """Generate a single family-level source file for the specified parameter set. @@ -558,13 +558,15 @@ def generate_kem_source( """ source_path = os.path.join(kem_dir, f"kem_{param_key}.c") # FIX: implement these - oqs_kem_new = OQS_KEM_NEW_IMPL - extern_api_decl = OQS_KEM_EXTERN_API_DECLARATIONS - keypair_derand = OQS_KEM_KEYPAIR_DERAND_IMPL - keypair = OQS_KEM_KEYPAIR_IMPL - encaps_derand = OQS_KEM_ENCAPS_DERAND_IMPL - encaps = OQS_KEM_ENCAPS_IMPL - decaps = OQS_KEM_DECAPS_IMPL + oqs_kem_new = render_oqs_kem_new_impl( + param_key, kem_meta["version"], param_meta["nist_level"], param_meta["ind_cca"] + ) + extern_api_decl = "" + keypair_derand = "" + keypair = "" + encaps_derand = "" + encaps = "" + decaps = "" source = f"""\ // {SPDX_LICENSE_IDENTIFIER} // This file is generated by OQS Builder ({__name__}.{currentframe_funcname()}) diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index 9452a6487b..99bdb710ee 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -95,6 +95,7 @@ kems: # The id of a KEM will be the directory name under src/kem ml_kem: name: "ML-KEM" + version: "FIPS203" params: ml_kem_512: name: "ML-KEM-512" @@ -106,6 +107,8 @@ kems: encap_seedlen: 32 enable_by: OQS_ENABLE_KEM_ml_kem_512 default_impl: mlkem-native_ml-kem-512_ref + nist_level: 1 + ind_cca: true ml_kem_768: name: "ML-KEM-768" pklen: 1184 @@ -116,6 +119,8 @@ kems: encap_seedlen: 32 enable_by: OQS_ENABLE_KEM_ml_kem_768 default_impl: mlkem-native_ml-kem-768_ref + nist_level: 3 + ind_cca: true ml_kem_1024: name: "ML-KEM-1024" pklen: 1568 @@ -126,6 +131,8 @@ kems: encap_seedlen: 32 enable_by: OQS_ENABLE_KEM_ml_kem_1024 default_impl: mlkem-native_ml-kem-1024_ref + nist_level: 5 + ind_cca: true impls: mlkem-native_ml-kem-1024_aarch64: upstream: mlkem-native diff --git a/oqsbuilder/templates.py b/oqsbuilder/templates.py index ed1558ab0c..3b495a84b5 100644 --- a/oqsbuilder/templates.py +++ b/oqsbuilder/templates.py @@ -4,38 +4,58 @@ for connecting them with linebreaks or other appropriate delimiters. """ +NIST_LEVELS = (1, 2, 3, 4, 5) + SPDX_LICENSE_IDENTIFIER = "SPDX-License-Identifier: MIT" OQS_KEM_NEW_IMPL = """\ -OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_new(void) { +OQS_KEM *OQS_KEM_{param_key}_new(void) {{ - OQS_KEM *kem = OQS_MEM_malloc(sizeof(OQS_KEM)); - if (kem == NULL) { - return NULL; - } - kem->method_name = OQS_KEM_alg_{{ family }}_{{ scheme['scheme'] }}; - kem->alg_version = "{{ scheme['metadata']['implementations'][0]['version'] }}"; - - kem->claimed_nist_level = {{ scheme['metadata']['claimed-nist-level'] }}; - kem->ind_cca = {{ scheme['metadata']['ind_cca'] }}; - - kem->length_public_key = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_public_key; - kem->length_secret_key = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_secret_key; - kem->length_ciphertext = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_ciphertext; - kem->length_shared_secret = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_shared_secret; - kem->length_keypair_seed = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_seed; - kem->length_encaps_seed = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_encaps_seed; - - kem->keypair = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair; - kem->keypair_derand = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand; - kem->encaps = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps; - kem->encaps_derand = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps_derand; - kem->decaps = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps; - - return kem; -} + OQS_KEM *kem = OQS_MEM_malloc(sizeof(OQS_KEM)); + if (kem == NULL) {{ + return NULL; + }} + kem->method_name = OQS_KEM_alg_{param_key}; + kem->alg_version = "{alg_version}"; + + kem->claimed_nist_level = {nist_level}; + kem->ind_cca = {ind_cca}; + + kem->length_public_key = OQS_KEM_{param_key}_length_public_key; + kem->length_secret_key = OQS_KEM_{param_key}_length_secret_key; + kem->length_ciphertext = OQS_KEM_{param_key}_length_ciphertext; + kem->length_shared_secret = OQS_KEM_{param_key}_length_shared_secret; + kem->length_keypair_seed = OQS_KEM_{param_key}_length_keypair_seed; + kem->length_encaps_seed = OQS_KEM_{param_key}_length_encaps_seed; + + kem->keypair = OQS_KEM_{param_key}_keypair; + kem->keypair_derand = OQS_KEM_{param_key}_keypair_derand; + kem->encaps = OQS_KEM_{param_key}_encaps; + kem->encaps_derand = OQS_KEM_{param_key}_encaps_derand; + kem->decaps = OQS_KEM_{param_key}_decaps; + + return kem; +}} """ + +def render_oqs_kem_new_impl( + param_key: str, alg_version: str, nist_level: int, ind_cca: bool +) -> str: + """Render the implementation of the function + + OQS_KEM *OQS_KEM_{param_key}_new(void) { /* ... */ } + """ + assert nist_level in NIST_LEVELS, f"Invalid NIST level {nist_level}" + code = OQS_KEM_NEW_IMPL.format( + param_key=param_key, + alg_version=alg_version, + nist_level=nist_level, + ind_cca="true" if ind_cca else "false", + ) + return code + + OQS_KEM_EXTERN_API_DECLARATIONS = """\ {%- for impl in scheme['metadata']['implementations'] if impl['name'] == scheme['default_implementation'] %} diff --git a/src/kem/ml_kem/kem_ml_kem.h b/src/kem/ml_kem/kem_ml_kem.h index a987401b0a..0354a23b4f 100644 --- a/src/kem/ml_kem/kem_ml_kem.h +++ b/src/kem/ml_kem/kem_ml_kem.h @@ -1,5 +1,4 @@ // SPDX-License-Identifier: MIT - // This file is generated by OQS Builder (oqsbuilder.oqsbuilder.generate_kem_header) #ifndef OQS_KEM_ML_KEM_H From f8bbb15c625bd86e568434b55ad36843bfef78d3 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Fri, 28 Nov 2025 12:07:33 -0500 Subject: [PATCH 25/26] [skip ci] can generate external API declarations in family-level source file, but cannot generate architecture flags Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 8 +++ oqsbuilder/oqsbuilder.py | 138 +++++++++++++++++++++++++++++++++--- oqsbuilder/oqsbuildfile.yml | 66 +++++++++++++++++ oqsbuilder/templates.py | 17 ----- 4 files changed, 204 insertions(+), 25 deletions(-) diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index 7fae28ca2d..5f4f752a27 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -29,6 +29,14 @@ Upstreams are external repositories from which `liboqs` curates source code. ## Implementations Each KEM, signature, and/or stateful signature can have one or more implementations.The `impls` field under each family maps one implementation key (e.g. `mlkem-native_ml_kem_768_aarch64`) to one set of implementation metadata. +### External APIdeclarations +For KEM implementations, there are five functions to declares: +- `keypair`: name of the function that generates the key pair +- `keypair_derand` (optional): name of the function that generates the key pair, using randomness expanded from a user-supplied seed +- `enc`: name of the function that encapsulates a secret using a public key +- `enc_derand`: (optiona) name of the function that encapsulates a secret, using randomness expanded from a user-supplied seed +- `dec`: name of the function that decapsulates a ciphertext + ### `upstream` An upstream key. It must match one of the upstreams described under the `upstreams` section. diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index bbbae7a869..50726f6ab6 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -7,14 +7,9 @@ from oqsbuilder import LIBOQS_DIR from oqsbuilder.templates import ( - OQS_KEM_DECAPS_IMPL, - OQS_KEM_ENCAPS_DERAND_IMPL, - OQS_KEM_ENCAPS_IMPL, - OQS_KEM_EXTERN_API_DECLARATIONS, - OQS_KEM_KEYPAIR_DERAND_IMPL, - OQS_KEM_KEYPAIR_IMPL, SPDX_LICENSE_IDENTIFIER, - render_oqs_kem_new_impl, + NIST_LEVELS, + OQS_KEM_NEW_IMPL, ) from oqsbuilder.utils import currentframe_funcname @@ -545,6 +540,133 @@ def generate_kem_header( return header_path +def render_oqs_kem_new_impl( + param_key: str, alg_version: str, nist_level: int, ind_cca: bool +) -> str: + """Render the implementation of the function + + OQS_KEM *OQS_KEM_{param_key}_new(void) { /* ... */ } + """ + assert nist_level in NIST_LEVELS, f"Invalid NIST level {nist_level}" + code = OQS_KEM_NEW_IMPL.format( + param_key=param_key, + alg_version=alg_version, + nist_level=nist_level, + ind_cca="true" if ind_cca else "false", + ) + return code + + +def render_kem_impl_extern_decl( + keypair: str, + keypair_derand: str | None, + enc: str, + enc_derand: str | None, + dec: str, + impl_enable_by: str | None, + arch_enable_by: str | None, +) -> str: + """Render a single set of external API declarations for the input impl""" + decl_lines = [ + f"""\ +extern int {keypair}(uint8_t *pk, uint8_t *sk);""" + ] + if keypair_derand: + decl_lines.append( + f"""\ +extern int {keypair_derand}(uint8_t *pk, uint8_t *sk, const uint8_t *seed);""" + ) + decl_lines.append( + f"""\ +extern int {enc}(uint8_t *ct, uint8_t *ss, const uint8_t *pk);""" + ) + if enc_derand: + decl_lines.append( + f"""\ +extern int {enc_derand}(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *seed);""" + ) + decl_lines.append( + f"""\ +extern int {dec}(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);""" + ) + + decl = "\n".join(decl_lines) + if impl_enable_by: + decl = f"""\ +#if defined({impl_enable_by}) +{decl} +#endif /* {impl_enable_by} */""" + if arch_enable_by: + decl = f"""\ +#if defined({arch_enable_by}) +{decl} +#endif /* {arch_enable_by} */""" + return decl + + +def render_kem_extern_decl(family_meta: dict, param_key: str) -> str: + """Render and return fragment of source code that includes all external API + declarations for the specified parameter set. + + The "enable_by" flag of each parameter set's default implementation duplicates + the "enable_by" flag of the parameter set, so it will be ignored. The "enable_by" + flag of each non-default implementation will surround this implementation's + declarations. Additionally, if the implementatino has a non-standard architecture + such as CUDA or ICICLE, this implementation's declarations will also be surrounded + by architecture flags. + + ```c + #if defined(OQS_ENABLE_KEM_ml_kem_768) + + /* default impl: no additional guards */ + extern int extern int PQCP_MLKEM_NATIVE_MLKEM768_C_XXX(...); + + /* non-default impl, "standard" architecture (one of ref, x86, or aarch64) */ + #if defined(OQS_ENABLE_KEM_ml_kem_768_x86_64) + extern int PQCP_MLKEM_NATIVE_MLKEM768_X86_64_XXX(...); + #endif /* OQS_ENABLE_KEM_ml_kem_768_x86_64 */ + + /* non-default impl, "special" architecture */ + #if defined(OQS_USE_CUPQC) + #if defined(OQS_ENABLE_KEM_ml_kem_768_cuda) + extern int cupqc_ml_kem_768_XXX(...); + #endif /* OQS_ENABLE_KEM_ml_kem_768_cuda */ + #endif /* OQS_USE_CUPQC */ + + #endif /* OQS_ENABLE_KEM_ml_kem_768 */ + ``` + """ + _, default_impl_meta = get_default_impl(family_meta, param_key) + default_decl = render_kem_impl_extern_decl( + default_impl_meta["keypair"], + default_impl_meta.get("keypair_derand", None), + default_impl_meta["enc"], + default_impl_meta.get("enc_derand", None), + default_impl_meta["dec"], + None, + None, + ) + addtl_decl_frags = [] + for _, impl_meta in get_impls(family_meta, param_key, exclude_default=True): + arch_enable_by = None # FIX: fix this + frag = render_kem_impl_extern_decl( + impl_meta["keypair"], + impl_meta.get("keypair", None), + impl_meta["enc"], + impl_meta.get("enc_derand", None), + impl_meta["dec"], + impl_meta["enable_by"], + arch_enable_by, + ) + addtl_decl_frags.append(frag) + addtl_decl = "\n\n".join(addtl_decl_frags) + decl = f"""\ +{default_decl} + +{addtl_decl}""" + return decl + + def generate_kem_source( kem_dir: str, kem_key: str, @@ -561,7 +683,7 @@ def generate_kem_source( oqs_kem_new = render_oqs_kem_new_impl( param_key, kem_meta["version"], param_meta["nist_level"], param_meta["ind_cca"] ) - extern_api_decl = "" + extern_api_decl = render_kem_extern_decl(kem_meta, param_key) keypair_derand = "" keypair = "" encaps_derand = "" diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index 99bdb710ee..fa9cada677 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -147,6 +147,11 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=1024" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h\"" + keypair: "PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_keypair" + keypair_derand: "PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_keypair_derand" + enc: "PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_enc" + enc_derand: "PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_enc_derand" + dec: "PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_dec" mlkem-native_ml-kem-1024_ref: upstream: mlkem-native param: ml_kem_1024 @@ -160,6 +165,11 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=1024" - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" + keypair: "PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair" + keypair_derand: "PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair_derand" + enc: "PQCP_MLKEM_NATIVE_MLKEM1024_C_enc" + enc_derand: "PQCP_MLKEM_NATIVE_MLKEM1024_C_enc_derand" + dec: "PQCP_MLKEM_NATIVE_MLKEM1024_C_dec" mlkem-native_ml-kem-1024_x86_64: upstream: mlkem-native param: ml_kem_1024 @@ -174,6 +184,11 @@ kems: - "-DMLK_CONFIG_PARAMETER_SET=1024" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" private: ["-mavx2", "-mbmi2", "-mpopcnt"] + keypair: "PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_keypair" + keypair_derand: "PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_keypair_derand" + enc: "PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_enc" + enc_derand: "PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_enc_derand" + dec: "PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_dec" mlkem-native_ml-kem-512_aarch64: upstream: mlkem-native param: ml_kem_512 @@ -187,6 +202,11 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=512" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h\"" + keypair: "PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_keypair" + keypair_derand: "PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_keypair_derand" + enc: "PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_enc" + enc_derand: "PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_enc_derand" + dec: "PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_dec" mlkem-native_ml-kem-512_ref: upstream: mlkem-native param: ml_kem_512 @@ -200,6 +220,11 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=512" - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" + keypair: "PQCP_MLKEM_NATIVE_MLKEM512_C_keypair" + keypair_derand: "PQCP_MLKEM_NATIVE_MLKEM512_C_keypair_derand" + enc: "PQCP_MLKEM_NATIVE_MLKEM512_C_enc" + enc_derand: "PQCP_MLKEM_NATIVE_MLKEM512_C_enc_derand" + dec: "PQCP_MLKEM_NATIVE_MLKEM512_C_dec" mlkem-native_ml-kem-512_x86_64: upstream: mlkem-native param: ml_kem_512 @@ -214,6 +239,11 @@ kems: - "-DMLK_CONFIG_PARAMETER_SET=512" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" private: ["-mavx2", "-mbmi2", "-mpopcnt"] + keypair: "PQCP_MLKEM_NATIVE_MLKEM512_X86_64_keypair" + keypair_derand: "PQCP_MLKEM_NATIVE_MLKEM512_X86_64_keypair_derand" + enc: "PQCP_MLKEM_NATIVE_MLKEM512_X86_64_enc" + enc_derand: "PQCP_MLKEM_NATIVE_MLKEM512_X86_64_enc_derand" + dec: "PQCP_MLKEM_NATIVE_MLKEM512_X86_64_dec" mlkem-native_ml-kem-768_aarch64: upstream: mlkem-native param: ml_kem_768 @@ -227,6 +257,11 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=768" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_aarch64.h\"" + keypair: "PQCP_MLKEM_NATIVE_MLKEM768_AARCH_keypair" + keypair_derand: "PQCP_MLKEM_NATIVE_MLKEM768_AARCH_keypair_derand" + enc: "PQCP_MLKEM_NATIVE_MLKEM768_AARCH_enc" + enc_derand: "PQCP_MLKEM_NATIVE_MLKEM768_AARCH_enc_derand" + dec: "PQCP_MLKEM_NATIVE_MLKEM768_AARCH_dec" mlkem-native_ml-kem-768_ref: upstream: mlkem-native param: ml_kem_768 @@ -240,6 +275,11 @@ kems: public: - "-DMLK_CONFIG_PARAMETER_SET=768" - "-DMLK_CONFIG_FILE=\"../../integration/liboqs/config_c.h\"" + keypair: "PQCP_MLKEM_NATIVE_MLKEM768_C_keypair" + keypair_derand: "PQCP_MLKEM_NATIVE_MLKEM768_C_keypair_derand" + enc: "PQCP_MLKEM_NATIVE_MLKEM768_C_enc" + enc_derand: "PQCP_MLKEM_NATIVE_MLKEM768_C_enc_derand" + dec: "PQCP_MLKEM_NATIVE_MLKEM768_C_dec" mlkem-native_ml-kem-768_x86_64: upstream: mlkem-native param: ml_kem_768 @@ -254,6 +294,11 @@ kems: - "-DMLK_CONFIG_PARAMETER_SET=768" - "-DMLK_CONFIG_FILE=\"${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}/integration/liboqs/config_x86_64.h\"" private: ["-mavx2", "-mbmi2", "-mpopcnt"] + keypair: "PQCP_MLKEM_NATIVE_MLKEM768_X86_64_keypair" + keypair_derand: "PQCP_MLKEM_NATIVE_MLKEM768_X86_64_keypair_derand" + enc: "PQCP_MLKEM_NATIVE_MLKEM768_X86_64_enc" + enc_derand: "PQCP_MLKEM_NATIVE_MLKEM768_X86_64_enc_derand" + dec: "PQCP_MLKEM_NATIVE_MLKEM768_X86_64_dec" cupqc_ml-kem-1024_cuda: upstream: cupqc param: ml_kem_1024 @@ -267,6 +312,9 @@ kems: cuda_arch: OFF compile_opts: private: ["$<$:-rdc=true -dlto -arch=compute_70>"] + keypair: "cupqc_ml_kem_1024_keypair" + enc: "cupqc_ml_kem_1024_enc" + dec: "cupqc_ml_kem_1024_dec" cupqc_ml-kem-512_cuda: upstream: cupqc param: ml_kem_512 @@ -278,6 +326,9 @@ kems: cuda_arch: OFF compile_opts: private: ["$<$:-rdc=true -dlto -arch=compute_70>"] + keypair: "cupqc_ml_kem_512_keypair" + enc: "cupqc_ml_kem_512_enc" + dec: "cupqc_ml_kem_512_dec" cupqc_ml-kem-768_cuda: upstream: cupqc param: ml_kem_768 @@ -289,6 +340,9 @@ kems: cuda_arch: OFF compile_opts: private: ["$<$:-rdc=true -dlto -arch=compute_70>"] + keypair: "cupqc_ml_kem_768_keypair" + enc: "cupqc_ml_kem_768_enc" + dec: "cupqc_ml_kem_768_dec" icicle_ml-kem-1024_icicle_cuda: upstream: icicle param: ml_kem_1024 @@ -297,6 +351,10 @@ kems: enable_by: OQS_ENABLE_KEM_ml_kem_1024_icicle_cuda link_libs: private: [icicle::icicle_pqc_package] + keypair: "icicle_ml_kem_1024_keypair" + enc: "icicle_ml_kem_1024_enc" + enc_derand: "icicle_ml_kem_1024_enc_derand" + dec: "icicle_ml_kem_1024_dec" icicle_ml-kem-512_icicle_cuda: upstream: icicle param: ml_kem_512 @@ -305,6 +363,10 @@ kems: enable_by: OQS_ENABLE_KEM_ml_kem_512_icicle_cuda link_libs: private: [icicle::icicle_pqc_package] + keypair: "icicle_ml_kem_512_keypair" + enc: "icicle_ml_kem_512_enc" + enc_derand: "icicle_ml_kem_512_enc_derand" + dec: "icicle_ml_kem_512_dec" icicle_ml-kem-768_icicle_cuda: upstream: icicle param: ml_kem_768 @@ -313,6 +375,10 @@ kems: enable_by: OQS_ENABLE_KEM_ml_kem_768_icicle_cuda link_libs: private: [icicle::icicle_pqc_package] + keypair: "icicle_ml_kem_768_keypair" + enc: "icicle_ml_kem_768_enc" + enc_derand: "icicle_ml_kem_768_enc_derand" + dec: "icicle_ml_kem_768_dec" copies: mlkem-native_aarch64: diff --git a/oqsbuilder/templates.py b/oqsbuilder/templates.py index 3b495a84b5..d399a7a767 100644 --- a/oqsbuilder/templates.py +++ b/oqsbuilder/templates.py @@ -39,23 +39,6 @@ """ -def render_oqs_kem_new_impl( - param_key: str, alg_version: str, nist_level: int, ind_cca: bool -) -> str: - """Render the implementation of the function - - OQS_KEM *OQS_KEM_{param_key}_new(void) { /* ... */ } - """ - assert nist_level in NIST_LEVELS, f"Invalid NIST level {nist_level}" - code = OQS_KEM_NEW_IMPL.format( - param_key=param_key, - alg_version=alg_version, - nist_level=nist_level, - ind_cca="true" if ind_cca else "false", - ) - return code - - OQS_KEM_EXTERN_API_DECLARATIONS = """\ {%- for impl in scheme['metadata']['implementations'] if impl['name'] == scheme['default_implementation'] %} From d565f72911a3da2123f53b2f1480d717d2002532 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Fri, 28 Nov 2025 14:19:00 -0500 Subject: [PATCH 26/26] [skip ci] can generate external API declarations, including architecture-level flags Signed-off-by: Ganyu (Bruce) Xu --- oqsbuilder/README.md | 38 +++++++++++++++++++++++++++++++++++++ oqsbuilder/oqsbuilder.py | 4 +++- oqsbuilder/oqsbuildfile.yml | 27 ++++++++++++++++++++++++++ 3 files changed, 68 insertions(+), 1 deletion(-) diff --git a/oqsbuilder/README.md b/oqsbuilder/README.md index 5f4f752a27..cfeedee52e 100644 --- a/oqsbuilder/README.md +++ b/oqsbuilder/README.md @@ -29,6 +29,9 @@ Upstreams are external repositories from which `liboqs` curates source code. ## Implementations Each KEM, signature, and/or stateful signature can have one or more implementations.The `impls` field under each family maps one implementation key (e.g. `mlkem-native_ml_kem_768_aarch64`) to one set of implementation metadata. +### `arch` +Key of the [architecture](#architectures) of this implementation. + ### External APIdeclarations For KEM implementations, there are five functions to declares: - `keypair`: name of the function that generates the key pair @@ -194,6 +197,41 @@ kems: version: "NIST Round 3" ``` +## Architecture +The `architectures` section describes various compilation architectures. + +### `.enable_by` +**(optional)** The C pre-processing macro that enables this architecture. If this field is empty, then this architecture is always enabled (for example, portable implementations with `arch: "portable"` should never be disabled). + +Architecture-level flag should surround implementation-level flags. If an architecture flag is disabled, then no implementation under this architecture is enabled. + +Example: + +```yaml +# oqsbuildfile.yml +kems: + families: + ml_kem: + impls: + icicle_ml-kem-768_icicle_cuda: + arch: icicle_cuda + enable_by: OQS_ENABLE_KEM_ml_kem_768_icicle_cuda + +architectures: + icicle_cuda: + enable_by: "OQS_USE_ICICLE" +``` + +This configuration corresponds with: + +```c +#if defined(OQS_USE_ICICLE) +#if defined(OQS_ENABLE_KEM_ml_kem_768_icicle_cuda) + /* ICICLE ML-KEM-768 API calls */ +#endif /* OQS_ENABLE_KEM_ml_kem_768_icicle_cuda */ +#endif /* OQS_USE_ICICLE */ +``` + ## Parameter Set Each KEM/SIG/STFL_SIG scheme can have one or more parameter sets listed under the `params` key. For example: diff --git a/oqsbuilder/oqsbuilder.py b/oqsbuilder/oqsbuilder.py index 50726f6ab6..4a143ac5bf 100644 --- a/oqsbuilder/oqsbuilder.py +++ b/oqsbuilder/oqsbuilder.py @@ -72,6 +72,8 @@ def load_oqsbuildfile(path: str): impl_copies = impl_meta["copies"] if isinstance(impl_copies, str): impl_meta["copies"] = oqsbuild["copies"][impl_copies] + impl_arch_key = impl_meta["arch"] + impl_meta["arch"] = oqsbuild["architectures"][impl_arch_key] return oqsbuild @@ -648,7 +650,7 @@ def render_kem_extern_decl(family_meta: dict, param_key: str) -> str: ) addtl_decl_frags = [] for _, impl_meta in get_impls(family_meta, param_key, exclude_default=True): - arch_enable_by = None # FIX: fix this + arch_enable_by = impl_meta["arch"].get("enable_by", None) frag = render_kem_impl_extern_decl( impl_meta["keypair"], impl_meta.get("keypair", None), diff --git a/oqsbuilder/oqsbuildfile.yml b/oqsbuilder/oqsbuildfile.yml index fa9cada677..05dde60a1a 100644 --- a/oqsbuilder/oqsbuildfile.yml +++ b/oqsbuilder/oqsbuildfile.yml @@ -139,6 +139,7 @@ kems: param: ml_kem_1024 copies: mlkem-native_aarch64 enable_by: OQS_ENABLE_KEM_ml_kem_1024_aarch64 + arch: aarch64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -157,6 +158,7 @@ kems: param: ml_kem_1024 copies: mlkem-native_ref enable_by: OQS_ENABLE_KEM_ml_kem_1024_ref + arch: portable includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -175,6 +177,7 @@ kems: param: ml_kem_1024 copies: mlkem-native_x86_64 enable_by: OQS_ENABLE_KEM_ml_kem_1024_x86_64 + arch: x86_64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -194,6 +197,7 @@ kems: param: ml_kem_512 copies: mlkem-native_aarch64 enable_by: OQS_ENABLE_KEM_ml_kem_512_aarch64 + arch: aarch64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -212,6 +216,7 @@ kems: param: ml_kem_512 copies: mlkem-native_ref enable_by: OQS_ENABLE_KEM_ml_kem_512_ref + arch: portable includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -230,6 +235,7 @@ kems: param: ml_kem_512 copies: mlkem-native_x86_64 enable_by: OQS_ENABLE_KEM_ml_kem_512_x86_64 + arch: x86_64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -249,6 +255,7 @@ kems: param: ml_kem_768 copies: mlkem-native_aarch64 enable_by: OQS_ENABLE_KEM_ml_kem_768_aarch64 + arch: aarch64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -267,6 +274,7 @@ kems: param: ml_kem_768 copies: mlkem-native_ref enable_by: OQS_ENABLE_KEM_ml_kem_768_ref + arch: portable includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -285,6 +293,7 @@ kems: param: ml_kem_768 copies: mlkem-native_x86_64 enable_by: OQS_ENABLE_KEM_ml_kem_768_x86_64 + arch: x86_64 includes: private: - "${CMAKE_CURRENT_LIST_DIR}/${IMPL_KEY}" @@ -302,6 +311,7 @@ kems: cupqc_ml-kem-1024_cuda: upstream: cupqc param: ml_kem_1024 + arch: cuda copies: cupqc_ml-kem.cu: cuda/ml-kem-1024/cupqc_ml-kem.cu enable_by: OQS_ENABLE_KEM_ml_kem_1024_cuda @@ -318,6 +328,7 @@ kems: cupqc_ml-kem-512_cuda: upstream: cupqc param: ml_kem_512 + arch: cuda copies: cupqc_ml-kem.cu: cuda/ml-kem-512/cupqc_ml-kem.cu enable_by: OQS_ENABLE_KEM_ml_kem_512_cuda @@ -332,6 +343,7 @@ kems: cupqc_ml-kem-768_cuda: upstream: cupqc param: ml_kem_768 + arch: cuda copies: cupqc_ml-kem.cu: cuda/ml-kem-768/cupqc_ml-kem.cu enable_by: OQS_ENABLE_KEM_ml_kem_768_cuda @@ -346,6 +358,7 @@ kems: icicle_ml-kem-1024_icicle_cuda: upstream: icicle param: ml_kem_1024 + arch: icicle_cuda copies: icicle_ml-kem.cpp: icicle_cuda/ml-kem-1024/icicle_ml-kem.cpp enable_by: OQS_ENABLE_KEM_ml_kem_1024_icicle_cuda @@ -358,6 +371,7 @@ kems: icicle_ml-kem-512_icicle_cuda: upstream: icicle param: ml_kem_512 + arch: icicle_cuda copies: icicle_ml-kem.cpp: icicle_cuda/ml-kem-512/icicle_ml-kem.cpp enable_by: OQS_ENABLE_KEM_ml_kem_512_icicle_cuda @@ -370,6 +384,7 @@ kems: icicle_ml-kem-768_icicle_cuda: upstream: icicle param: ml_kem_768 + arch: icicle_cuda copies: icicle_ml-kem.cpp: icicle_cuda/ml-kem-768/icicle_ml-kem.cpp enable_by: OQS_ENABLE_KEM_ml_kem_768_icicle_cuda @@ -380,6 +395,18 @@ kems: enc_derand: "icicle_ml_kem_768_enc_derand" dec: "icicle_ml_kem_768_dec" +architectures: + portable: + enable_by: + x86_64: + enable_by: + aarch64: + enable_by: + cuda: + enable_by: OQS_USE_CUPQC + icicle_cuda: + enable_by: OQS_USE_ICICLE + copies: mlkem-native_aarch64: integration/liboqs/config_aarch64.h: integration/liboqs/config_aarch64.h