Add optimized M55 native implementations.

Add unit tests for FIPS202 APIs
Add unit tests for x4 keccak
Add support for benchmarking on mps3

Signed-off-by: Brendan Moran <[email protected]>

Author: bremoran

Makefile

@@ -2,14 +2,14 @@
 # Copyright (c) The mldsa-native project authors
 # SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
 
-.PHONY: func kat acvp stack \
-	func_44 kat_44 acvp_44 stack_44 \
-	func_65 kat_65 acvp_65 stack_65 \
-	func_87 kat_87 acvp_87 stack_87 \
-	run_func run_kat run_acvp run_stack \
-	run_func_44 run_kat_44 run_stack_44 \
-	run_func_65 run_kat_65 run_stack_65 \
-	run_func_87 run_kat_87 run_stack_87 \
+.PHONY: func kat acvp stack unit \
+	func_44 kat_44 acvp_44 stack_44 unit_44 \
+	func_65 kat_65 acvp_65 stack_65 unit_65 \
+	func_87 kat_87 acvp_87 stack_87 unit_87 \
+	run_func run_kat run_acvp run_stack run_unit \
+	run_func_44 run_kat_44 run_stack_44 run_unit_44 \
+	run_func_65 run_kat_65 run_stack_65 run_unit_65 \
+	run_func_87 run_kat_87 run_stack_87 run_unit_87 \
 	bench_44 bench_65 bench_87 bench \
 	run_bench_44 run_bench_65 run_bench_87 run_bench \
 	bench_components_44 bench_components_65 bench_components_87 bench_components \
@@ -46,7 +46,7 @@ quickcheck: test
 build: func kat acvp
 	$(Q)echo "  Everything builds fine!"
 
-test: run_kat run_func run_acvp
+test: run_kat run_func run_acvp run_unit
 	$(Q)echo "  Everything checks fine!"
 
 run_kat_44: kat_44
@@ -108,6 +108,23 @@ run_stack_87: stack_87
 	$(Q)python3 scripts/stack $(MLDSA87_DIR)/bin/test_stack87 --build-dir $(MLDSA87_DIR) $(STACK_ANALYSIS_FLAGS)
 run_stack: run_stack_44 run_stack_65 run_stack_87
 
+# Unit tests
+unit_44: $(MLDSA44_DIR)/bin/test_unit44
+	$(Q)echo "  UNIT      ML-DSA-44:   $^"
+unit_65: $(MLDSA65_DIR)/bin/test_unit65
+	$(Q)echo "  UNIT      ML-DSA-65:   $^"
+unit_87: $(MLDSA87_DIR)/bin/test_unit87
+	$(Q)echo "  UNIT      ML-DSA-87:  $^"
+unit: unit_44 unit_65 unit_87
+
+run_unit_44: unit_44
+	$(W) $(MLDSA44_DIR)/bin/test_unit44
+run_unit_65: unit_65
+	$(W) $(MLDSA65_DIR)/bin/test_unit65
+run_unit_87: unit_87
+	$(W) $(MLDSA87_DIR)/bin/test_unit87
+run_unit: run_unit_44 run_unit_65 run_unit_87
+
 lib: $(BUILD_DIR)/libmldsa.a $(BUILD_DIR)/libmldsa44.a $(BUILD_DIR)/libmldsa65.a $(BUILD_DIR)/libmldsa87.a
 
 # Enforce setting CYCLES make variable when

mldsa/fips202/fips202.h

@@ -17,14 +17,18 @@
 #define SHA3_256_HASHBYTES 32
 #define SHA3_512_HASHBYTES 64
 
+#ifndef FIPS202_NAMESPACE
 #define FIPS202_NAMESPACE(s) mldsa_fips202_ref_##s
+#endif
 
+#define mld_shake128ctx FIPS202_NAMESPACE(shake128ctx)
 typedef struct
 {
   uint64_t s[MLD_KECCAK_LANES];
   unsigned int pos;
 } mld_shake128ctx;
 
+#define mld_shake256ctx FIPS202_NAMESPACE(shake256ctx)
 typedef struct
 {
   uint64_t s[MLD_KECCAK_LANES];

mldsa/fips202/fips202x4.h

@@ -16,11 +16,13 @@
 #include "keccakf1600.h"
 
 /* Context for non-incremental API */
+#define mld_shake128x4ctx FIPS202_NAMESPACE(shake128x4ctx)
 typedef struct
 {
   uint64_t ctx[MLD_KECCAK_LANES * MLD_KECCAK_WAY];
 } mld_shake128x4ctx;
 
+#define mld_shake256x4ctx FIPS202_NAMESPACE(shake256x4ctx)
 typedef struct
 {
   uint64_t ctx[MLD_KECCAK_LANES * MLD_KECCAK_WAY];

mldsa/fips202/keccakf1600.c

@@ -39,51 +39,61 @@
 void mld_keccakf1600_extract_bytes(uint64_t *state, unsigned char *data,
                                    unsigned offset, unsigned length)
 {
+#if defined(MLD_USE_FIPS202_X1_XOR_NATIVE)
+  mld_keccakf1600_extract_bytes_native(state, data, offset, length);
+#elif defined(MLD_SYS_LITTLE_ENDIAN)
   unsigned i;
-#if defined(MLD_SYS_LITTLE_ENDIAN)
   uint8_t *state_ptr = (uint8_t *)state + offset;
   for (i = 0; i < length; i++)
   __loop__(invariant(i <= length))
   {
     data[i] = state_ptr[i];
   }
-#else  /* MLD_SYS_LITTLE_ENDIAN */
+#else  /* !MLD_USE_FIPS202_X1_XOR_NATIVE && MLD_SYS_LITTLE_ENDIAN */
+  unsigned i;
   /* Portable version */
   for (i = 0; i < length; i++)
   __loop__(invariant(i <= length))
   {
     data[i] = (state[(offset + i) >> 3] >> (8 * ((offset + i) & 0x07))) & 0xFF;
   }
-#endif /* !MLD_SYS_LITTLE_ENDIAN */
+#endif /* !MLD_USE_FIPS202_X1_XOR_NATIVE && !MLD_SYS_LITTLE_ENDIAN */
 }
 
 void mld_keccakf1600_xor_bytes(uint64_t *state, const unsigned char *data,
                                unsigned offset, unsigned length)
 {
+#if defined(MLD_USE_FIPS202_X1_XOR_NATIVE)
+  mld_keccakf1600_xor_bytes_native(state, data, offset, length);
+#elif defined(MLD_SYS_LITTLE_ENDIAN)
   unsigned i;
-#if defined(MLD_SYS_LITTLE_ENDIAN)
   uint8_t *state_ptr = (uint8_t *)state + offset;
   for (i = 0; i < length; i++)
   __loop__(invariant(i <= length))
   {
     state_ptr[i] ^= data[i];
   }
-#else  /* MLD_SYS_LITTLE_ENDIAN */
+#else  /* !MLD_USE_FIPS202_X1_XOR_NATIVE && MLD_SYS_LITTLE_ENDIAN */
+  unsigned i;
   /* Portable version */
   for (i = 0; i < length; i++)
   __loop__(invariant(i <= length))
   {
     state[(offset + i) >> 3] ^= (uint64_t)data[i]
                                 << (8 * ((offset + i) & 0x07));
   }
-#endif /* !MLD_SYS_LITTLE_ENDIAN */
+#endif /* !MLD_USE_FIPS202_X1_XOR_NATIVE && !MLD_SYS_LITTLE_ENDIAN */
 }
 
 void mld_keccakf1600x4_extract_bytes(uint64_t *state, unsigned char *data0,
                                      unsigned char *data1, unsigned char *data2,
                                      unsigned char *data3, unsigned offset,
                                      unsigned length)
 {
+#if defined(MLD_USE_FIPS202_X4_XOR_NATIVE)
+  mld_keccakf1600_extract_bytes_x4_native(state, data0, data1, data2, data3,
+                                          offset, length);
+#else
   mld_keccakf1600_extract_bytes(state + MLD_KECCAK_LANES * 0, data0, offset,
                                 length);
   mld_keccakf1600_extract_bytes(state + MLD_KECCAK_LANES * 1, data1, offset,
@@ -92,6 +102,7 @@ void mld_keccakf1600x4_extract_bytes(uint64_t *state, unsigned char *data0,
                                 length);
   mld_keccakf1600_extract_bytes(state + MLD_KECCAK_LANES * 3, data3, offset,
                                 length);
+#endif /* !MLD_USE_FIPS202_X4_XOR_NATIVE */
 }
 
 void mld_keccakf1600x4_xor_bytes(uint64_t *state, const unsigned char *data0,
@@ -100,6 +111,10 @@ void mld_keccakf1600x4_xor_bytes(uint64_t *state, const unsigned char *data0,
                                  const unsigned char *data3, unsigned offset,
                                  unsigned length)
 {
+#if defined(MLD_USE_FIPS202_X4_XOR_NATIVE)
+  mld_keccakf1600_xor_bytes_x4_native(state, data0, data1, data2, data3, offset,
+                                      length);
+#else
   mld_keccakf1600_xor_bytes(state + MLD_KECCAK_LANES * 0, data0, offset,
                             length);
   mld_keccakf1600_xor_bytes(state + MLD_KECCAK_LANES * 1, data1, offset,
@@ -108,6 +123,7 @@ void mld_keccakf1600x4_xor_bytes(uint64_t *state, const unsigned char *data0,
                             length);
   mld_keccakf1600_xor_bytes(state + MLD_KECCAK_LANES * 3, data3, offset,
                             length);
+#endif /* !MLD_USE_FIPS202_X4_XOR_NATIVE */
 }
 
 void mld_keccakf1600x4_permute(uint64_t *state)

mldsa/fips202/native/armv8.1_m/auto.h

@@ -0,0 +1,13 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * Copyright (c) The mldsa-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+
+#ifndef MLD_FIPS202_NATIVE_ARMV8_1_M_AUTO_H
+#define MLD_FIPS202_NATIVE_ARMV8_1_M_AUTO_H
+/* Default FIPS202 assembly profile for ARMV81M systems */
+
+#include "x4_v8m_mve.h"
+
+#endif /* !MLD_FIPS202_NATIVE_ARMV8_1_M_AUTO_H */