Examples: Add monolithic build (single level) example

This commit adds a new example to mldsa-native ported from mlkem-native.
It demonstrated how to build a single instance of mldsa-native in a single
compilation unit.

Signed-off-by: Matthias J. Kannwischer <[email protected]>

Author: mkannwischer

BIBLIOGRAPHY.md

@@ -14,6 +14,9 @@ source code and documentation.
   - National Institute of Standards and Technology
 * URL: https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
 * Referenced from:
+  - [examples/monolithic_build/config_44.h](examples/monolithic_build/config_44.h)
+  - [examples/monolithic_build/config_65.h](examples/monolithic_build/config_65.h)
+  - [examples/monolithic_build/config_87.h](examples/monolithic_build/config_87.h)
   - [integration/liboqs/config_aarch64.h](integration/liboqs/config_aarch64.h)
   - [integration/liboqs/config_c.h](integration/liboqs/config_c.h)
   - [integration/liboqs/config_x86_64.h](integration/liboqs/config_x86_64.h)
@@ -45,6 +48,9 @@ source code and documentation.
 * URL: https://csrc.nist.gov/pubs/fips/204/final
 * Referenced from:
   - [README.md](README.md)
+  - [examples/monolithic_build/config_44.h](examples/monolithic_build/config_44.h)
+  - [examples/monolithic_build/config_65.h](examples/monolithic_build/config_65.h)
+  - [examples/monolithic_build/config_87.h](examples/monolithic_build/config_87.h)
   - [mldsa/mldsa_native.h](mldsa/mldsa_native.h)
   - [mldsa/src/config.h](mldsa/src/config.h)
   - [mldsa/src/ct.h](mldsa/src/ct.h)

examples/basic/expected_signatures.h

@@ -15,7 +15,7 @@
  * The PCT modifies the PRNG state, so the KAT tests don't work.
  * We run KAT tests only for disabled PCT. */
 #if !defined(MLD_CONFIG_KEYGEN_PCT)
-#if MLD_CONFIG_PARAMETER_SET == 44
+#if MLD_CONFIG_API_PARAMETER_SET == 44
 const uint8_t expected_signature[] = {
     0x27, 0x5e, 0xbe, 0x2d, 0x23, 0x1a, 0x76, 0xc5, 0xd9, 0x77, 0xcb, 0x62,
     0x25, 0x04, 0xdb, 0x23, 0x31, 0xa9, 0xa8, 0xcd, 0xbc, 0xde, 0xf2, 0x20,
@@ -219,7 +219,7 @@ const uint8_t expected_signature[] = {
     0x1f, 0x24, 0x38, 0x41, 0x45, 0x54, 0x5f, 0x69, 0x85, 0x8d, 0x93, 0x9e,
     0xc5, 0xe6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x16, 0x25, 0x32, 0x42};
-#elif MLD_CONFIG_PARAMETER_SET == 65
+#elif MLD_CONFIG_API_PARAMETER_SET == 65
 const uint8_t expected_signature[] = {
     0x8b, 0x6f, 0x79, 0x00, 0xcc, 0x79, 0x57, 0xee, 0x16, 0x86, 0x87, 0xd5,
     0xcf, 0xb6, 0x90, 0x2c, 0xc6, 0x30, 0xeb, 0x8d, 0x39, 0xae, 0x9b, 0xf1,
@@ -497,7 +497,7 @@ const uint8_t expected_signature[] = {
     0xdf, 0x0e, 0x1a, 0x20, 0x50, 0xf5, 0x02, 0x21, 0x30, 0x35, 0x3c, 0x60,
     0x71, 0xad, 0xd0, 0xe3, 0xed, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x0c, 0x10, 0x17, 0x1d, 0x22, 0x2d};
-#elif MLD_CONFIG_PARAMETER_SET == 87
+#elif MLD_CONFIG_API_PARAMETER_SET == 87
 const uint8_t expected_signature[] = {
     0xdf, 0xe6, 0xe1, 0xa5, 0x20, 0xc1, 0xac, 0x98, 0x55, 0x2c, 0xf2, 0x13,
     0x65, 0x42, 0xe2, 0xb0, 0x77, 0x5f, 0x15, 0x00, 0x8f, 0x14, 0x48, 0xa1,

examples/monolithic_build/.gitignore

@@ -0,0 +1,3 @@
+# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+
+build

examples/monolithic_build/Makefile

@@ -0,0 +1,139 @@
+# Copyright (c) The mlkem-native project authors
+# Copyright (c) The mldsa-native project authors
+# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+
+.PHONY: build run clean
+.DEFAULT_GOAL := all
+
+CC  ?= gcc
+AR  ?= ar
+
+# Adjust CFLAGS if needed
+CFLAGS := \
+	-Wall \
+	-Wextra \
+	-Werror=unused-result \
+	-Wpedantic \
+	-Werror \
+	-Wmissing-prototypes \
+	-Wshadow \
+	-Wpointer-arith \
+	-Wredundant-decls \
+	-Wconversion \
+	-Wsign-conversion \
+	-Wno-long-long \
+	-Wno-unknown-pragmas \
+	-Wno-unused-command-line-argument \
+	-O3 \
+	-fomit-frame-pointer \
+	-std=c99 \
+	-pedantic \
+	-MMD \
+        $(CFLAGS)
+
+# The following only concerns the cross-compilation tests.
+# You can likely ignore the following for your application.
+#
+# Append cross-prefix for cross compilation
+# When called from the root Makefile, CROSS_PREFIX has already been added here
+ifeq (,$(findstring $(CROSS_PREFIX),$(CC)))
+CC  := $(CROSS_PREFIX)$(CC)
+endif
+
+ifeq (,$(findstring $(CROSS_PREFIX),$(AR)))
+AR  := $(CROSS_PREFIX)$(AR)
+endif
+
+Q ?= @
+
+# Part A:
+#
+# mldsa-native source and header files
+#
+# Here, we use just a single monolithic compilation unit to include
+# multiple instances of mldsa-native.
+
+MLD_SOURCE=mldsa/mldsa_native.c
+
+INC=-Imldsa/ -I./
+
+# Part B:
+#
+# Random number generator
+#
+# !!! WARNING !!!
+#
+# The randombytes() implementation used here is for TESTING ONLY.
+# You MUST NOT use this implementation outside of testing.
+#
+# !!! WARNING !!!
+RNG_SOURCE=$(wildcard test_only_rng/*.c)
+
+# Part C:
+#
+# Your application source code
+APP_SOURCE=$(RNG_SOURCE) main.c
+
+BUILD_DIR=build
+BIN44=test_binary_mldsa44
+BIN65=test_binary_mldsa65
+BIN87=test_binary_mldsa87
+LIB44=libmldsa44.a
+LIB65=libmldsa65.a
+LIB87=libmldsa87.a
+
+BIN44_FULL=$(BUILD_DIR)/$(BIN44)
+BIN65_FULL=$(BUILD_DIR)/$(BIN65)
+BIN87_FULL=$(BUILD_DIR)/$(BIN87)
+
+LIB44_FULL=$(BUILD_DIR)/$(LIB44)
+LIB65_FULL=$(BUILD_DIR)/$(LIB65)
+LIB87_FULL=$(BUILD_DIR)/$(LIB87)
+
+$(LIB44_FULL): $(MLD_SOURCE)
+	$(Q)echo "$@"
+	$(Q)[ -d $(@) ] || mkdir -p $(@D)
+	$(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_FILE="\"config_44.h\"" $(INC) $^ -o $(BUILD_DIR)/mldsa_native44.o
+	$(Q)$(AR) rcs $@ $(BUILD_DIR)/mldsa_native44.o
+	$(Q)strip -S $@
+
+$(LIB65_FULL): $(MLD_SOURCE)
+	$(Q)echo "$@"
+	$(Q)[ -d $(@) ] || mkdir -p $(@D)
+	$(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_FILE="\"config_65.h\"" $(INC) $^ -o $(BUILD_DIR)/mldsa_native65.o
+	$(Q)$(AR) rcs $@ $(BUILD_DIR)/mldsa_native65.o
+	$(Q)strip -S $@
+
+$(LIB87_FULL): $(MLD_SOURCE)
+	$(Q)echo "$@"
+	$(Q)[ -d $(@) ] || mkdir -p $(@D)
+	$(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_FILE="\"config_87.h\"" $(INC) $^ -o $(BUILD_DIR)/mldsa_native87.o
+	$(Q)$(AR) rcs $@ $(BUILD_DIR)/mldsa_native87.o
+	$(Q)strip -S $@
+
+$(BIN44_FULL): $(APP_SOURCE) $(LIB44_FULL)
+	$(Q)echo "$@"
+	$(Q)[ -d $(@) ] || mkdir -p $(@D)
+	$(Q)$(CC) $(CFLAGS) -DMLD_CONFIG_API_PARAMETER_SET=44 $(INC) $^ -o $@
+
+$(BIN65_FULL): $(APP_SOURCE) $(LIB65_FULL)
+	$(Q)echo "$@"
+	$(Q)[ -d $(@) ] || mkdir -p $(@D)
+	$(Q)$(CC) $(CFLAGS) -DMLD_CONFIG_API_PARAMETER_SET=65 $(INC) $^ -o $@
+
+$(BIN87_FULL): $(APP_SOURCE) $(LIB87_FULL)
+	$(Q)echo "$@"
+	$(Q)[ -d $(@) ] || mkdir -p $(@D)
+	$(Q)$(CC) $(CFLAGS) -DMLD_CONFIG_API_PARAMETER_SET=87 $(INC) $^ -o $@
+
+all: build
+
+build: $(BIN44_FULL) $(BIN65_FULL) $(BIN87_FULL)
+
+run: $(BIN44_FULL) $(BIN65_FULL) $(BIN87_FULL)
+	$(Q)$(EXEC_WRAPPER) ./$(BIN44_FULL)
+	$(Q)$(EXEC_WRAPPER) ./$(BIN65_FULL)
+	$(Q)$(EXEC_WRAPPER) ./$(BIN87_FULL)
+
+clean:
+	rm -rf $(BUILD_DIR)

examples/monolithic_build/README.md

@@ -0,0 +1,17 @@
+[//]: # (SPDX-License-Identifier: CC-BY-4.0)
+
+# Single-level mldsa-native in a single compilation unit
+
+This directory contains a minimal example for how to build a single instance of mldsa-native in a single compilation
+unit. Only the C-backend is exercised.
+
+The auto-generated source file [mldsa_native.c](mldsa/mldsa_native.c) includes all mldsa-native C source
+files. Moreover, it clears all `#define`s clauses set by mldsa-native at the end, and is hence amenable to multiple
+inclusion in another compilation unit. It exposes the API [../../mldsa/mldsa_native.h](mldsa/mldsa_native.h).
+
+## Usage
+
+Build this example with `make build`, run with `make run`.
+
+**WARNING:** The `randombytes()` implementation used here is for TESTING ONLY. You MUST NOT use this implementation
+outside of testing.