pq_crypto 0.3.2 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +56 -0
- data/CHANGELOG.md +62 -0
- data/GET_STARTED.md +366 -40
- data/README.md +76 -233
- data/SECURITY.md +107 -82
- data/ext/pqcrypto/extconf.rb +169 -87
- data/ext/pqcrypto/mldsa_api.h +1 -48
- data/ext/pqcrypto/mlkem_api.h +1 -18
- data/ext/pqcrypto/pq_externalmu.c +89 -204
- data/ext/pqcrypto/pqcrypto_native_api.h +129 -0
- data/ext/pqcrypto/pqcrypto_ruby_secure.c +484 -84
- data/ext/pqcrypto/pqcrypto_secure.c +203 -78
- data/ext/pqcrypto/pqcrypto_secure.h +53 -14
- data/ext/pqcrypto/pqcrypto_version.h +7 -0
- data/ext/pqcrypto/randombytes.h +9 -0
- data/ext/pqcrypto/vendor/.vendored +10 -5
- data/ext/pqcrypto/vendor/mldsa-native/BUILDING.md +105 -0
- data/ext/pqcrypto/vendor/mldsa-native/LICENSE +286 -0
- data/ext/pqcrypto/vendor/mldsa-native/META.yml +24 -0
- data/ext/pqcrypto/vendor/mldsa-native/README.md +221 -0
- data/ext/pqcrypto/vendor/mldsa-native/SECURITY.md +8 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/mldsa_native.c +721 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/mldsa_native.h +975 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/mldsa_native_asm.S +724 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/mldsa_native_config.h +723 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/cbmc.h +166 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/common.h +321 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/ct.c +21 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/ct.h +385 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/debug.c +73 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/debug.h +130 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/fips202.c +277 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/fips202.h +244 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/fips202x4.c +182 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/fips202x4.h +117 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/keccakf1600.c +438 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/keccakf1600.h +105 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/auto.h +71 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/src/fips202_native_aarch64.h +62 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm.S +376 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm.S +204 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm.S +259 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm.S +1077 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm.S +987 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/src/keccakf1600_round_constants.c +41 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/x1_scalar.h +26 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/x1_v84a.h +35 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/x2_v84a.h +37 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/x4_v8a_scalar.h +27 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/aarch64/x4_v8a_v84a_scalar.h +36 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/api.h +69 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/armv81m/README.md +10 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/armv81m/mve.h +32 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/armv81m/src/fips202_native_armv81m.h +20 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/armv81m/src/keccak_f1600_x4_mve.S +638 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/armv81m/src/keccak_f1600_x4_mve.c +136 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/armv81m/src/keccakf1600_round_constants.c +52 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/auto.h +29 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/x86_64/src/KeccakP_1600_times4_SIMD256.c +488 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/x86_64/src/KeccakP_1600_times4_SIMD256.h +16 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/fips202/native/x86_64/xkcp.h +31 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/meta.h +247 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/aarch64_zetas.c +231 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/arith_native_aarch64.h +150 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/intt.S +753 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/mld_polyvecl_pointwise_acc_montgomery_l4.S +129 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/mld_polyvecl_pointwise_acc_montgomery_l5.S +145 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/mld_polyvecl_pointwise_acc_montgomery_l7.S +177 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/ntt.S +653 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/pointwise_montgomery.S +79 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/poly_caddq_asm.S +53 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/poly_chknorm_asm.S +55 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/poly_decompose_32_asm.S +85 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/poly_decompose_88_asm.S +85 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/poly_use_hint_32_asm.S +102 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/poly_use_hint_88_asm.S +110 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/polyz_unpack_17_asm.S +72 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/polyz_unpack_19_asm.S +69 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/polyz_unpack_table.c +40 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/rej_uniform_asm.S +189 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/rej_uniform_eta2_asm.S +135 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/rej_uniform_eta4_asm.S +128 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/rej_uniform_eta_table.c +543 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/aarch64/src/rej_uniform_table.c +62 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/api.h +649 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/meta.h +23 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/meta.h +315 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/arith_native_x86_64.h +124 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/consts.c +157 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/consts.h +27 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/intt.S +2311 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/ntt.S +2383 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/nttunpack.S +239 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/pointwise.S +131 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/pointwise_acc_l4.S +139 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/pointwise_acc_l5.S +155 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/pointwise_acc_l7.S +187 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/poly_caddq_avx2.c +61 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/poly_chknorm_avx2.c +52 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/poly_decompose_32_avx2.c +155 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/poly_decompose_88_avx2.c +155 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/poly_use_hint_32_avx2.c +102 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/poly_use_hint_88_avx2.c +104 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/polyz_unpack_17_avx2.c +91 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/polyz_unpack_19_avx2.c +93 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/rej_uniform_avx2.c +126 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c +155 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c +139 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/native/x86_64/src/rej_uniform_table.c +160 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/packing.c +293 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/packing.h +224 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/params.h +77 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/poly.c +991 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/poly.h +393 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/poly_kl.c +946 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/poly_kl.h +360 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/polyvec.c +877 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/polyvec.h +725 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/randombytes.h +26 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/reduce.h +139 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/rounding.h +249 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/sign.c +1511 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/sign.h +806 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/symmetric.h +68 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/sys.h +268 -0
- data/ext/pqcrypto/vendor/mldsa-native/mldsa/src/zetas.inc +55 -0
- data/ext/pqcrypto/vendor/mlkem-native/BUILDING.md +104 -0
- data/ext/pqcrypto/vendor/mlkem-native/LICENSE +294 -0
- data/ext/pqcrypto/vendor/mlkem-native/META.yml +30 -0
- data/ext/pqcrypto/vendor/mlkem-native/README.md +223 -0
- data/ext/pqcrypto/vendor/mlkem-native/RELEASE.md +86 -0
- data/ext/pqcrypto/vendor/mlkem-native/SECURITY.md +8 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/README.md +23 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/mlkem_native.c +660 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/mlkem_native.h +538 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/mlkem_native_asm.S +681 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/mlkem_native_config.h +709 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/cbmc.h +174 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/common.h +274 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/compress.c +717 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/compress.h +688 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/debug.c +64 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/debug.h +128 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/fips202.c +251 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/fips202.h +158 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/fips202x4.c +208 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/fips202x4.h +80 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/keccakf1600.c +463 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/keccakf1600.h +98 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/auto.h +70 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/fips202_native_aarch64.h +69 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/keccak_f1600_x1_scalar_asm.S +375 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/keccak_f1600_x1_v84a_asm.S +203 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/keccak_f1600_x2_v84a_asm.S +258 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/keccak_f1600_x4_v8a_scalar_hybrid_asm.S +1076 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm.S +986 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/keccakf1600_round_constants.c +46 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x1_scalar.h +25 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x1_v84a.h +34 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x2_v84a.h +35 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x4_v8a_scalar.h +26 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x4_v8a_v84a_scalar.h +35 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/api.h +117 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/README.md +10 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/mve.h +79 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/fips202_native_armv81m.h +35 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/keccak_f1600_x4_mve.S +667 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/keccak_f1600_x4_mve.c +40 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/keccakf1600_round_constants.c +51 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/state_extract_bytes_x4_mve.S +290 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/state_xor_bytes_x4_mve.S +314 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/auto.h +28 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/x86_64/keccak_f1600_x4_avx2.h +33 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/x86_64/src/fips202_native_x86_64.h +41 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/x86_64/src/keccak_f1600_x4_avx2.S +451 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/x86_64/src/keccakf1600_constants.c +51 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/indcpa.c +622 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/indcpa.h +156 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/kem.c +446 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/kem.h +326 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/README.md +16 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/meta.h +122 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/aarch64_zetas.c +174 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/arith_native_aarch64.h +177 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/intt.S +628 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/ntt.S +562 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/poly_mulcache_compute_asm.S +127 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/poly_reduce_asm.S +150 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/poly_tobytes_asm.S +117 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/poly_tomont_asm.S +98 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S +261 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S +314 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S +368 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/rej_uniform_asm.S +226 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/aarch64/src/rej_uniform_table.c +542 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/api.h +637 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/meta.h +25 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/README.md +11 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/meta.h +128 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/arith_native_riscv64.h +45 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/rv64v_debug.c +81 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/rv64v_debug.h +145 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/rv64v_izetas.inc +27 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/rv64v_poly.c +805 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/rv64v_zetas.inc +27 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/rv64v_zetas_basemul.inc +39 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/README.md +4 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/meta.h +304 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/arith_native_x86_64.h +309 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/compress_consts.c +94 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/compress_consts.h +45 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/consts.c +102 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/consts.h +25 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/intt.S +719 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/mulcache_compute.S +90 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/ntt.S +639 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/nttfrombytes.S +193 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/ntttobytes.S +181 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/nttunpack.S +174 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/poly_compress_d10.S +382 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/poly_compress_d11.S +448 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/poly_compress_d4.S +163 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/poly_compress_d5.S +220 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/poly_decompress_d10.S +228 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/poly_decompress_d11.S +277 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/poly_decompress_d4.S +180 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/poly_decompress_d5.S +192 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/polyvec_basemul_acc_montgomery_cached_asm_k2.S +502 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/polyvec_basemul_acc_montgomery_cached_asm_k3.S +750 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/polyvec_basemul_acc_montgomery_cached_asm_k4.S +998 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/reduce.S +218 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/rej_uniform_asm.S +103 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/rej_uniform_table.c +544 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/x86_64/src/tomont.S +155 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/params.h +76 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/poly.c +572 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/poly.h +317 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/poly_k.c +502 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/poly_k.h +668 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/randombytes.h +60 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/sampling.c +362 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/sampling.h +118 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/symmetric.h +70 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/sys.h +260 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/verify.c +20 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/verify.h +464 -0
- data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/zetas.inc +30 -0
- data/lib/pq_crypto/algorithm_registry.rb +200 -0
- data/lib/pq_crypto/hybrid_kem.rb +1 -12
- data/lib/pq_crypto/kem.rb +104 -13
- data/lib/pq_crypto/pkcs8.rb +387 -0
- data/lib/pq_crypto/serialization.rb +1 -14
- data/lib/pq_crypto/signature.rb +123 -17
- data/lib/pq_crypto/spki.rb +131 -0
- data/lib/pq_crypto/version.rb +1 -1
- data/lib/pq_crypto.rb +79 -20
- data/script/vendor_libs.rb +88 -155
- metadata +241 -73
- data/ext/pqcrypto/vendor/pqclean/common/aes.c +0 -639
- data/ext/pqcrypto/vendor/pqclean/common/aes.h +0 -64
- data/ext/pqcrypto/vendor/pqclean/common/compat.h +0 -73
- data/ext/pqcrypto/vendor/pqclean/common/crypto_declassify.h +0 -7
- data/ext/pqcrypto/vendor/pqclean/common/fips202.c +0 -928
- data/ext/pqcrypto/vendor/pqclean/common/fips202.h +0 -166
- data/ext/pqcrypto/vendor/pqclean/common/keccak2x/feat.S +0 -168
- data/ext/pqcrypto/vendor/pqclean/common/keccak2x/fips202x2.c +0 -684
- data/ext/pqcrypto/vendor/pqclean/common/keccak2x/fips202x2.h +0 -60
- data/ext/pqcrypto/vendor/pqclean/common/keccak4x/KeccakP-1600-times4-SIMD256.c +0 -1028
- data/ext/pqcrypto/vendor/pqclean/common/keccak4x/KeccakP-1600-times4-SnP.h +0 -50
- data/ext/pqcrypto/vendor/pqclean/common/keccak4x/KeccakP-1600-unrolling.macros +0 -198
- data/ext/pqcrypto/vendor/pqclean/common/keccak4x/Makefile +0 -8
- data/ext/pqcrypto/vendor/pqclean/common/keccak4x/Makefile.Microsoft_nmake +0 -8
- data/ext/pqcrypto/vendor/pqclean/common/keccak4x/SIMD256-config.h +0 -3
- data/ext/pqcrypto/vendor/pqclean/common/keccak4x/align.h +0 -34
- data/ext/pqcrypto/vendor/pqclean/common/keccak4x/brg_endian.h +0 -142
- data/ext/pqcrypto/vendor/pqclean/common/nistseedexpander.c +0 -101
- data/ext/pqcrypto/vendor/pqclean/common/nistseedexpander.h +0 -39
- data/ext/pqcrypto/vendor/pqclean/common/randombytes.c +0 -355
- data/ext/pqcrypto/vendor/pqclean/common/randombytes.h +0 -27
- data/ext/pqcrypto/vendor/pqclean/common/sha2.c +0 -769
- data/ext/pqcrypto/vendor/pqclean/common/sha2.h +0 -173
- data/ext/pqcrypto/vendor/pqclean/common/sp800-185.c +0 -156
- data/ext/pqcrypto/vendor/pqclean/common/sp800-185.h +0 -27
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/LICENSE +0 -5
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/Makefile +0 -19
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/Makefile.Microsoft_nmake +0 -23
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/api.h +0 -18
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/cbd.c +0 -83
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/cbd.h +0 -11
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/indcpa.c +0 -327
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/indcpa.h +0 -22
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/kem.c +0 -164
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/kem.h +0 -23
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/ntt.c +0 -146
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/ntt.h +0 -14
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/params.h +0 -36
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/poly.c +0 -299
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/poly.h +0 -37
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/polyvec.c +0 -188
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/polyvec.h +0 -26
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/reduce.c +0 -41
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/reduce.h +0 -13
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/symmetric-shake.c +0 -71
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/symmetric.h +0 -30
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/verify.c +0 -67
- data/ext/pqcrypto/vendor/pqclean/crypto_kem/ml-kem-768/clean/verify.h +0 -13
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/LICENSE +0 -5
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/Makefile +0 -19
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/Makefile.Microsoft_nmake +0 -23
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/api.h +0 -50
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/ntt.c +0 -98
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/ntt.h +0 -10
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/packing.c +0 -261
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/packing.h +0 -31
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/params.h +0 -44
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/poly.c +0 -799
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/poly.h +0 -52
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/polyvec.c +0 -415
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/polyvec.h +0 -65
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/reduce.c +0 -69
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/reduce.h +0 -17
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/rounding.c +0 -92
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/rounding.h +0 -14
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/sign.c +0 -407
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/sign.h +0 -47
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/symmetric-shake.c +0 -26
- data/ext/pqcrypto/vendor/pqclean/crypto_sign/ml-dsa-65/clean/symmetric.h +0 -34
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
/* Copyright (c) The mldsa-native project authors
|
|
2
|
+
* SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
|
|
3
|
+
*/
|
|
4
|
+
|
|
5
|
+
#include "../../../common.h"
|
|
6
|
+
#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED)
|
|
7
|
+
|
|
8
|
+
/*
|
|
9
|
+
* WARNING: This file is auto-derived from the mldsa-native source file
|
|
10
|
+
* dev/aarch64_opt/src/pointwise_montgomery.S using scripts/simpasm. Do not modify it directly.
|
|
11
|
+
*/
|
|
12
|
+
|
|
13
|
+
#if defined(__ELF__)
|
|
14
|
+
.section .note.GNU-stack,"",@progbits
|
|
15
|
+
#endif
|
|
16
|
+
|
|
17
|
+
.text
|
|
18
|
+
.balign 4
|
|
19
|
+
.global MLD_ASM_NAMESPACE(poly_pointwise_montgomery_asm)
|
|
20
|
+
MLD_ASM_FN_SYMBOL(poly_pointwise_montgomery_asm)
|
|
21
|
+
|
|
22
|
+
.cfi_startproc
|
|
23
|
+
mov w3, #0xe001 // =57345
|
|
24
|
+
movk w3, #0x7f, lsl #16
|
|
25
|
+
dup v0.4s, w3
|
|
26
|
+
mov w3, #0x2001 // =8193
|
|
27
|
+
movk w3, #0x380, lsl #16
|
|
28
|
+
dup v1.4s, w3
|
|
29
|
+
mov x3, #0x40 // =64
|
|
30
|
+
|
|
31
|
+
Lpoly_pointwise_montgomery_loop_start:
|
|
32
|
+
ldr q17, [x1, #0x10]
|
|
33
|
+
ldr q18, [x1, #0x20]
|
|
34
|
+
ldr q19, [x1, #0x30]
|
|
35
|
+
ldr q16, [x1], #0x40
|
|
36
|
+
ldr q21, [x2, #0x10]
|
|
37
|
+
ldr q22, [x2, #0x20]
|
|
38
|
+
ldr q23, [x2, #0x30]
|
|
39
|
+
ldr q20, [x2], #0x40
|
|
40
|
+
smull v24.2d, v16.2s, v20.2s
|
|
41
|
+
smull2 v25.2d, v16.4s, v20.4s
|
|
42
|
+
smull v26.2d, v17.2s, v21.2s
|
|
43
|
+
smull2 v27.2d, v17.4s, v21.4s
|
|
44
|
+
smull v28.2d, v18.2s, v22.2s
|
|
45
|
+
smull2 v29.2d, v18.4s, v22.4s
|
|
46
|
+
smull v30.2d, v19.2s, v23.2s
|
|
47
|
+
smull2 v31.2d, v19.4s, v23.4s
|
|
48
|
+
uzp1 v16.4s, v24.4s, v25.4s
|
|
49
|
+
mul v16.4s, v16.4s, v1.4s
|
|
50
|
+
smlsl v24.2d, v16.2s, v0.2s
|
|
51
|
+
smlsl2 v25.2d, v16.4s, v0.4s
|
|
52
|
+
uzp2 v16.4s, v24.4s, v25.4s
|
|
53
|
+
uzp1 v17.4s, v26.4s, v27.4s
|
|
54
|
+
mul v17.4s, v17.4s, v1.4s
|
|
55
|
+
smlsl v26.2d, v17.2s, v0.2s
|
|
56
|
+
smlsl2 v27.2d, v17.4s, v0.4s
|
|
57
|
+
uzp2 v17.4s, v26.4s, v27.4s
|
|
58
|
+
uzp1 v18.4s, v28.4s, v29.4s
|
|
59
|
+
mul v18.4s, v18.4s, v1.4s
|
|
60
|
+
smlsl v28.2d, v18.2s, v0.2s
|
|
61
|
+
smlsl2 v29.2d, v18.4s, v0.4s
|
|
62
|
+
uzp2 v18.4s, v28.4s, v29.4s
|
|
63
|
+
uzp1 v19.4s, v30.4s, v31.4s
|
|
64
|
+
mul v19.4s, v19.4s, v1.4s
|
|
65
|
+
smlsl v30.2d, v19.2s, v0.2s
|
|
66
|
+
smlsl2 v31.2d, v19.4s, v0.4s
|
|
67
|
+
uzp2 v19.4s, v30.4s, v31.4s
|
|
68
|
+
str q17, [x0, #0x10]
|
|
69
|
+
str q18, [x0, #0x20]
|
|
70
|
+
str q19, [x0, #0x30]
|
|
71
|
+
str q16, [x0], #0x40
|
|
72
|
+
subs x3, x3, #0x4
|
|
73
|
+
cbnz x3, Lpoly_pointwise_montgomery_loop_start
|
|
74
|
+
ret
|
|
75
|
+
.cfi_endproc
|
|
76
|
+
|
|
77
|
+
MLD_ASM_FN_SIZE(poly_pointwise_montgomery_asm)
|
|
78
|
+
|
|
79
|
+
#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) The mldsa-native project authors
|
|
3
|
+
* SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
|
|
4
|
+
*/
|
|
5
|
+
#include "../../../common.h"
|
|
6
|
+
|
|
7
|
+
#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED)
|
|
8
|
+
|
|
9
|
+
/*
|
|
10
|
+
* WARNING: This file is auto-derived from the mldsa-native source file
|
|
11
|
+
* dev/aarch64_opt/src/poly_caddq_asm.S using scripts/simpasm. Do not modify it directly.
|
|
12
|
+
*/
|
|
13
|
+
|
|
14
|
+
#if defined(__ELF__)
|
|
15
|
+
.section .note.GNU-stack,"",@progbits
|
|
16
|
+
#endif
|
|
17
|
+
|
|
18
|
+
.text
|
|
19
|
+
.balign 4
|
|
20
|
+
.global MLD_ASM_NAMESPACE(poly_caddq_asm)
|
|
21
|
+
MLD_ASM_FN_SYMBOL(poly_caddq_asm)
|
|
22
|
+
|
|
23
|
+
.cfi_startproc
|
|
24
|
+
mov w9, #0xe001 // =57345
|
|
25
|
+
movk w9, #0x7f, lsl #16
|
|
26
|
+
dup v4.4s, w9
|
|
27
|
+
mov x1, #0x10 // =16
|
|
28
|
+
|
|
29
|
+
Lpoly_caddq_loop:
|
|
30
|
+
ldr q0, [x0]
|
|
31
|
+
ldr q1, [x0, #0x10]
|
|
32
|
+
ldr q2, [x0, #0x20]
|
|
33
|
+
ldr q3, [x0, #0x30]
|
|
34
|
+
ushr v5.4s, v0.4s, #0x1f
|
|
35
|
+
mla v0.4s, v5.4s, v4.4s
|
|
36
|
+
ushr v5.4s, v1.4s, #0x1f
|
|
37
|
+
mla v1.4s, v5.4s, v4.4s
|
|
38
|
+
ushr v5.4s, v2.4s, #0x1f
|
|
39
|
+
mla v2.4s, v5.4s, v4.4s
|
|
40
|
+
ushr v5.4s, v3.4s, #0x1f
|
|
41
|
+
mla v3.4s, v5.4s, v4.4s
|
|
42
|
+
str q1, [x0, #0x10]
|
|
43
|
+
str q2, [x0, #0x20]
|
|
44
|
+
str q3, [x0, #0x30]
|
|
45
|
+
str q0, [x0], #0x40
|
|
46
|
+
subs x1, x1, #0x1
|
|
47
|
+
b.ne Lpoly_caddq_loop
|
|
48
|
+
ret
|
|
49
|
+
.cfi_endproc
|
|
50
|
+
|
|
51
|
+
MLD_ASM_FN_SIZE(poly_caddq_asm)
|
|
52
|
+
|
|
53
|
+
#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) The mldsa-native project authors
|
|
3
|
+
* SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
|
|
4
|
+
*/
|
|
5
|
+
#include "../../../common.h"
|
|
6
|
+
|
|
7
|
+
#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED)
|
|
8
|
+
|
|
9
|
+
/*
|
|
10
|
+
* WARNING: This file is auto-derived from the mldsa-native source file
|
|
11
|
+
* dev/aarch64_opt/src/poly_chknorm_asm.S using scripts/simpasm. Do not modify it directly.
|
|
12
|
+
*/
|
|
13
|
+
|
|
14
|
+
#if defined(__ELF__)
|
|
15
|
+
.section .note.GNU-stack,"",@progbits
|
|
16
|
+
#endif
|
|
17
|
+
|
|
18
|
+
.text
|
|
19
|
+
.balign 4
|
|
20
|
+
.global MLD_ASM_NAMESPACE(poly_chknorm_asm)
|
|
21
|
+
MLD_ASM_FN_SYMBOL(poly_chknorm_asm)
|
|
22
|
+
|
|
23
|
+
.cfi_startproc
|
|
24
|
+
dup v20.4s, w1
|
|
25
|
+
eor v21.16b, v21.16b, v21.16b
|
|
26
|
+
mov x2, #0x10 // =16
|
|
27
|
+
|
|
28
|
+
Lpoly_chknorm_loop:
|
|
29
|
+
ldr q1, [x0, #0x10]
|
|
30
|
+
ldr q2, [x0, #0x20]
|
|
31
|
+
ldr q3, [x0, #0x30]
|
|
32
|
+
ldr q0, [x0], #0x40
|
|
33
|
+
abs v1.4s, v1.4s
|
|
34
|
+
cmge v1.4s, v1.4s, v20.4s
|
|
35
|
+
orr v21.16b, v21.16b, v1.16b
|
|
36
|
+
abs v2.4s, v2.4s
|
|
37
|
+
cmge v2.4s, v2.4s, v20.4s
|
|
38
|
+
orr v21.16b, v21.16b, v2.16b
|
|
39
|
+
abs v3.4s, v3.4s
|
|
40
|
+
cmge v3.4s, v3.4s, v20.4s
|
|
41
|
+
orr v21.16b, v21.16b, v3.16b
|
|
42
|
+
abs v0.4s, v0.4s
|
|
43
|
+
cmge v0.4s, v0.4s, v20.4s
|
|
44
|
+
orr v21.16b, v21.16b, v0.16b
|
|
45
|
+
subs x2, x2, #0x1
|
|
46
|
+
b.ne Lpoly_chknorm_loop
|
|
47
|
+
umaxv s21, v21.4s
|
|
48
|
+
fmov w0, s21
|
|
49
|
+
and w0, w0, #0x1
|
|
50
|
+
ret
|
|
51
|
+
.cfi_endproc
|
|
52
|
+
|
|
53
|
+
MLD_ASM_FN_SIZE(poly_chknorm_asm)
|
|
54
|
+
|
|
55
|
+
#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) The mldsa-native project authors
|
|
3
|
+
* SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
|
|
4
|
+
*/
|
|
5
|
+
#include "../../../common.h"
|
|
6
|
+
|
|
7
|
+
#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \
|
|
8
|
+
(defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87))
|
|
9
|
+
|
|
10
|
+
/*
|
|
11
|
+
* WARNING: This file is auto-derived from the mldsa-native source file
|
|
12
|
+
* dev/aarch64_opt/src/poly_decompose_32_asm.S using scripts/simpasm. Do not modify it directly.
|
|
13
|
+
*/
|
|
14
|
+
|
|
15
|
+
#if defined(__ELF__)
|
|
16
|
+
.section .note.GNU-stack,"",@progbits
|
|
17
|
+
#endif
|
|
18
|
+
|
|
19
|
+
.text
|
|
20
|
+
.balign 4
|
|
21
|
+
.global MLD_ASM_NAMESPACE(poly_decompose_32_asm)
|
|
22
|
+
MLD_ASM_FN_SYMBOL(poly_decompose_32_asm)
|
|
23
|
+
|
|
24
|
+
.cfi_startproc
|
|
25
|
+
mov w4, #0xe001 // =57345
|
|
26
|
+
movk w4, #0x7f, lsl #16
|
|
27
|
+
dup v20.4s, w4
|
|
28
|
+
mov w5, #0xe100 // =57600
|
|
29
|
+
movk w5, #0x7b, lsl #16
|
|
30
|
+
dup v21.4s, w5
|
|
31
|
+
mov w7, #0xfe00 // =65024
|
|
32
|
+
movk w7, #0x7, lsl #16
|
|
33
|
+
dup v22.4s, w7
|
|
34
|
+
mov w11, #0x401 // =1025
|
|
35
|
+
movk w11, #0x4010, lsl #16
|
|
36
|
+
dup v23.4s, w11
|
|
37
|
+
mov x3, #0x10 // =16
|
|
38
|
+
|
|
39
|
+
Lpoly_decompose_32_loop:
|
|
40
|
+
ldr q0, [x1]
|
|
41
|
+
ldr q1, [x1, #0x10]
|
|
42
|
+
ldr q2, [x1, #0x20]
|
|
43
|
+
ldr q3, [x1, #0x30]
|
|
44
|
+
sqdmulh v5.4s, v1.4s, v23.4s
|
|
45
|
+
srshr v5.4s, v5.4s, #0x12
|
|
46
|
+
cmgt v24.4s, v1.4s, v21.4s
|
|
47
|
+
mls v1.4s, v5.4s, v22.4s
|
|
48
|
+
bic v5.16b, v5.16b, v24.16b
|
|
49
|
+
add v1.4s, v1.4s, v24.4s
|
|
50
|
+
sqdmulh v6.4s, v2.4s, v23.4s
|
|
51
|
+
srshr v6.4s, v6.4s, #0x12
|
|
52
|
+
cmgt v24.4s, v2.4s, v21.4s
|
|
53
|
+
mls v2.4s, v6.4s, v22.4s
|
|
54
|
+
bic v6.16b, v6.16b, v24.16b
|
|
55
|
+
add v2.4s, v2.4s, v24.4s
|
|
56
|
+
sqdmulh v7.4s, v3.4s, v23.4s
|
|
57
|
+
srshr v7.4s, v7.4s, #0x12
|
|
58
|
+
cmgt v24.4s, v3.4s, v21.4s
|
|
59
|
+
mls v3.4s, v7.4s, v22.4s
|
|
60
|
+
bic v7.16b, v7.16b, v24.16b
|
|
61
|
+
add v3.4s, v3.4s, v24.4s
|
|
62
|
+
sqdmulh v4.4s, v0.4s, v23.4s
|
|
63
|
+
srshr v4.4s, v4.4s, #0x12
|
|
64
|
+
cmgt v24.4s, v0.4s, v21.4s
|
|
65
|
+
mls v0.4s, v4.4s, v22.4s
|
|
66
|
+
bic v4.16b, v4.16b, v24.16b
|
|
67
|
+
add v0.4s, v0.4s, v24.4s
|
|
68
|
+
str q5, [x0, #0x10]
|
|
69
|
+
str q6, [x0, #0x20]
|
|
70
|
+
str q7, [x0, #0x30]
|
|
71
|
+
str q4, [x0], #0x40
|
|
72
|
+
str q1, [x1, #0x10]
|
|
73
|
+
str q2, [x1, #0x20]
|
|
74
|
+
str q3, [x1, #0x30]
|
|
75
|
+
str q0, [x1], #0x40
|
|
76
|
+
subs x3, x3, #0x1
|
|
77
|
+
b.ne Lpoly_decompose_32_loop
|
|
78
|
+
ret
|
|
79
|
+
.cfi_endproc
|
|
80
|
+
|
|
81
|
+
MLD_ASM_FN_SIZE(poly_decompose_32_asm)
|
|
82
|
+
|
|
83
|
+
#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \
|
|
84
|
+
(MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \
|
|
85
|
+
|| MLD_CONFIG_PARAMETER_SET == 87) */
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) The mldsa-native project authors
|
|
3
|
+
* SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
|
|
4
|
+
*/
|
|
5
|
+
#include "../../../common.h"
|
|
6
|
+
|
|
7
|
+
#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \
|
|
8
|
+
(defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44)
|
|
9
|
+
|
|
10
|
+
/*
|
|
11
|
+
* WARNING: This file is auto-derived from the mldsa-native source file
|
|
12
|
+
* dev/aarch64_opt/src/poly_decompose_88_asm.S using scripts/simpasm. Do not modify it directly.
|
|
13
|
+
*/
|
|
14
|
+
|
|
15
|
+
#if defined(__ELF__)
|
|
16
|
+
.section .note.GNU-stack,"",@progbits
|
|
17
|
+
#endif
|
|
18
|
+
|
|
19
|
+
.text
|
|
20
|
+
.balign 4
|
|
21
|
+
.global MLD_ASM_NAMESPACE(poly_decompose_88_asm)
|
|
22
|
+
MLD_ASM_FN_SYMBOL(poly_decompose_88_asm)
|
|
23
|
+
|
|
24
|
+
.cfi_startproc
|
|
25
|
+
mov w4, #0xe001 // =57345
|
|
26
|
+
movk w4, #0x7f, lsl #16
|
|
27
|
+
dup v20.4s, w4
|
|
28
|
+
mov w5, #0x6c00 // =27648
|
|
29
|
+
movk w5, #0x7e, lsl #16
|
|
30
|
+
dup v21.4s, w5
|
|
31
|
+
mov w7, #0xe800 // =59392
|
|
32
|
+
movk w7, #0x2, lsl #16
|
|
33
|
+
dup v22.4s, w7
|
|
34
|
+
mov w11, #0x581 // =1409
|
|
35
|
+
movk w11, #0x5816, lsl #16
|
|
36
|
+
dup v23.4s, w11
|
|
37
|
+
mov x3, #0x10 // =16
|
|
38
|
+
|
|
39
|
+
Lpoly_decompose_88_loop:
|
|
40
|
+
ldr q0, [x1]
|
|
41
|
+
ldr q1, [x1, #0x10]
|
|
42
|
+
ldr q2, [x1, #0x20]
|
|
43
|
+
ldr q3, [x1, #0x30]
|
|
44
|
+
sqdmulh v5.4s, v1.4s, v23.4s
|
|
45
|
+
srshr v5.4s, v5.4s, #0x11
|
|
46
|
+
cmgt v24.4s, v1.4s, v21.4s
|
|
47
|
+
mls v1.4s, v5.4s, v22.4s
|
|
48
|
+
bic v5.16b, v5.16b, v24.16b
|
|
49
|
+
add v1.4s, v1.4s, v24.4s
|
|
50
|
+
sqdmulh v6.4s, v2.4s, v23.4s
|
|
51
|
+
srshr v6.4s, v6.4s, #0x11
|
|
52
|
+
cmgt v24.4s, v2.4s, v21.4s
|
|
53
|
+
mls v2.4s, v6.4s, v22.4s
|
|
54
|
+
bic v6.16b, v6.16b, v24.16b
|
|
55
|
+
add v2.4s, v2.4s, v24.4s
|
|
56
|
+
sqdmulh v7.4s, v3.4s, v23.4s
|
|
57
|
+
srshr v7.4s, v7.4s, #0x11
|
|
58
|
+
cmgt v24.4s, v3.4s, v21.4s
|
|
59
|
+
mls v3.4s, v7.4s, v22.4s
|
|
60
|
+
bic v7.16b, v7.16b, v24.16b
|
|
61
|
+
add v3.4s, v3.4s, v24.4s
|
|
62
|
+
sqdmulh v4.4s, v0.4s, v23.4s
|
|
63
|
+
srshr v4.4s, v4.4s, #0x11
|
|
64
|
+
cmgt v24.4s, v0.4s, v21.4s
|
|
65
|
+
mls v0.4s, v4.4s, v22.4s
|
|
66
|
+
bic v4.16b, v4.16b, v24.16b
|
|
67
|
+
add v0.4s, v0.4s, v24.4s
|
|
68
|
+
str q5, [x0, #0x10]
|
|
69
|
+
str q6, [x0, #0x20]
|
|
70
|
+
str q7, [x0, #0x30]
|
|
71
|
+
str q4, [x0], #0x40
|
|
72
|
+
str q1, [x1, #0x10]
|
|
73
|
+
str q2, [x1, #0x20]
|
|
74
|
+
str q3, [x1, #0x30]
|
|
75
|
+
str q0, [x1], #0x40
|
|
76
|
+
subs x3, x3, #0x1
|
|
77
|
+
b.ne Lpoly_decompose_88_loop
|
|
78
|
+
ret
|
|
79
|
+
.cfi_endproc
|
|
80
|
+
|
|
81
|
+
MLD_ASM_FN_SIZE(poly_decompose_88_asm)
|
|
82
|
+
|
|
83
|
+
#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \
|
|
84
|
+
(MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \
|
|
85
|
+
*/
|
|
@@ -0,0 +1,102 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) The mldsa-native project authors
|
|
3
|
+
* SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
|
|
4
|
+
*/
|
|
5
|
+
#include "../../../common.h"
|
|
6
|
+
|
|
7
|
+
#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \
|
|
8
|
+
(defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87))
|
|
9
|
+
|
|
10
|
+
/*
|
|
11
|
+
* WARNING: This file is auto-derived from the mldsa-native source file
|
|
12
|
+
* dev/aarch64_opt/src/poly_use_hint_32_asm.S using scripts/simpasm. Do not modify it directly.
|
|
13
|
+
*/
|
|
14
|
+
|
|
15
|
+
#if defined(__ELF__)
|
|
16
|
+
.section .note.GNU-stack,"",@progbits
|
|
17
|
+
#endif
|
|
18
|
+
|
|
19
|
+
.text
|
|
20
|
+
.balign 4
|
|
21
|
+
.global MLD_ASM_NAMESPACE(poly_use_hint_32_asm)
|
|
22
|
+
MLD_ASM_FN_SYMBOL(poly_use_hint_32_asm)
|
|
23
|
+
|
|
24
|
+
.cfi_startproc
|
|
25
|
+
mov w4, #0xe001 // =57345
|
|
26
|
+
movk w4, #0x7f, lsl #16
|
|
27
|
+
dup v20.4s, w4
|
|
28
|
+
mov w5, #0xe100 // =57600
|
|
29
|
+
movk w5, #0x7b, lsl #16
|
|
30
|
+
dup v21.4s, w5
|
|
31
|
+
mov w7, #0xfe00 // =65024
|
|
32
|
+
movk w7, #0x7, lsl #16
|
|
33
|
+
dup v22.4s, w7
|
|
34
|
+
mov w11, #0x401 // =1025
|
|
35
|
+
movk w11, #0x4010, lsl #16
|
|
36
|
+
dup v23.4s, w11
|
|
37
|
+
movi v24.4s, #0xf
|
|
38
|
+
mov x3, #0x10 // =16
|
|
39
|
+
|
|
40
|
+
Lpoly_use_hint_32_loop:
|
|
41
|
+
ldr q1, [x1, #0x10]
|
|
42
|
+
ldr q2, [x1, #0x20]
|
|
43
|
+
ldr q3, [x1, #0x30]
|
|
44
|
+
ldr q0, [x1], #0x40
|
|
45
|
+
ldr q5, [x2, #0x10]
|
|
46
|
+
ldr q6, [x2, #0x20]
|
|
47
|
+
ldr q7, [x2, #0x30]
|
|
48
|
+
ldr q4, [x2], #0x40
|
|
49
|
+
sqdmulh v17.4s, v1.4s, v23.4s
|
|
50
|
+
srshr v17.4s, v17.4s, #0x12
|
|
51
|
+
cmgt v25.4s, v1.4s, v21.4s
|
|
52
|
+
mls v1.4s, v17.4s, v22.4s
|
|
53
|
+
bic v17.16b, v17.16b, v25.16b
|
|
54
|
+
add v1.4s, v1.4s, v25.4s
|
|
55
|
+
cmle v1.4s, v1.4s, #0
|
|
56
|
+
orr v1.4s, #0x1
|
|
57
|
+
mla v17.4s, v1.4s, v5.4s
|
|
58
|
+
and v17.16b, v17.16b, v24.16b
|
|
59
|
+
sqdmulh v18.4s, v2.4s, v23.4s
|
|
60
|
+
srshr v18.4s, v18.4s, #0x12
|
|
61
|
+
cmgt v25.4s, v2.4s, v21.4s
|
|
62
|
+
mls v2.4s, v18.4s, v22.4s
|
|
63
|
+
bic v18.16b, v18.16b, v25.16b
|
|
64
|
+
add v2.4s, v2.4s, v25.4s
|
|
65
|
+
cmle v2.4s, v2.4s, #0
|
|
66
|
+
orr v2.4s, #0x1
|
|
67
|
+
mla v18.4s, v2.4s, v6.4s
|
|
68
|
+
and v18.16b, v18.16b, v24.16b
|
|
69
|
+
sqdmulh v19.4s, v3.4s, v23.4s
|
|
70
|
+
srshr v19.4s, v19.4s, #0x12
|
|
71
|
+
cmgt v25.4s, v3.4s, v21.4s
|
|
72
|
+
mls v3.4s, v19.4s, v22.4s
|
|
73
|
+
bic v19.16b, v19.16b, v25.16b
|
|
74
|
+
add v3.4s, v3.4s, v25.4s
|
|
75
|
+
cmle v3.4s, v3.4s, #0
|
|
76
|
+
orr v3.4s, #0x1
|
|
77
|
+
mla v19.4s, v3.4s, v7.4s
|
|
78
|
+
and v19.16b, v19.16b, v24.16b
|
|
79
|
+
sqdmulh v16.4s, v0.4s, v23.4s
|
|
80
|
+
srshr v16.4s, v16.4s, #0x12
|
|
81
|
+
cmgt v25.4s, v0.4s, v21.4s
|
|
82
|
+
mls v0.4s, v16.4s, v22.4s
|
|
83
|
+
bic v16.16b, v16.16b, v25.16b
|
|
84
|
+
add v0.4s, v0.4s, v25.4s
|
|
85
|
+
cmle v0.4s, v0.4s, #0
|
|
86
|
+
orr v0.4s, #0x1
|
|
87
|
+
mla v16.4s, v0.4s, v4.4s
|
|
88
|
+
and v16.16b, v16.16b, v24.16b
|
|
89
|
+
str q17, [x0, #0x10]
|
|
90
|
+
str q18, [x0, #0x20]
|
|
91
|
+
str q19, [x0, #0x30]
|
|
92
|
+
str q16, [x0], #0x40
|
|
93
|
+
subs x3, x3, #0x1
|
|
94
|
+
b.ne Lpoly_use_hint_32_loop
|
|
95
|
+
ret
|
|
96
|
+
.cfi_endproc
|
|
97
|
+
|
|
98
|
+
MLD_ASM_FN_SIZE(poly_use_hint_32_asm)
|
|
99
|
+
|
|
100
|
+
#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \
|
|
101
|
+
(MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \
|
|
102
|
+
|| MLD_CONFIG_PARAMETER_SET == 87) */
|
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) The mldsa-native project authors
|
|
3
|
+
* SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
|
|
4
|
+
*/
|
|
5
|
+
#include "../../../common.h"
|
|
6
|
+
|
|
7
|
+
#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \
|
|
8
|
+
(defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44)
|
|
9
|
+
|
|
10
|
+
/*
|
|
11
|
+
* WARNING: This file is auto-derived from the mldsa-native source file
|
|
12
|
+
* dev/aarch64_opt/src/poly_use_hint_88_asm.S using scripts/simpasm. Do not modify it directly.
|
|
13
|
+
*/
|
|
14
|
+
|
|
15
|
+
#if defined(__ELF__)
|
|
16
|
+
.section .note.GNU-stack,"",@progbits
|
|
17
|
+
#endif
|
|
18
|
+
|
|
19
|
+
.text
|
|
20
|
+
.balign 4
|
|
21
|
+
.global MLD_ASM_NAMESPACE(poly_use_hint_88_asm)
|
|
22
|
+
MLD_ASM_FN_SYMBOL(poly_use_hint_88_asm)
|
|
23
|
+
|
|
24
|
+
.cfi_startproc
|
|
25
|
+
mov w4, #0xe001 // =57345
|
|
26
|
+
movk w4, #0x7f, lsl #16
|
|
27
|
+
dup v20.4s, w4
|
|
28
|
+
mov w5, #0x6c00 // =27648
|
|
29
|
+
movk w5, #0x7e, lsl #16
|
|
30
|
+
dup v21.4s, w5
|
|
31
|
+
mov w7, #0xe800 // =59392
|
|
32
|
+
movk w7, #0x2, lsl #16
|
|
33
|
+
dup v22.4s, w7
|
|
34
|
+
mov w11, #0x581 // =1409
|
|
35
|
+
movk w11, #0x5816, lsl #16
|
|
36
|
+
dup v23.4s, w11
|
|
37
|
+
movi v24.4s, #0x2b
|
|
38
|
+
mov x3, #0x10 // =16
|
|
39
|
+
|
|
40
|
+
Lpoly_use_hint_88_loop:
|
|
41
|
+
ldr q1, [x1, #0x10]
|
|
42
|
+
ldr q2, [x1, #0x20]
|
|
43
|
+
ldr q3, [x1, #0x30]
|
|
44
|
+
ldr q0, [x1], #0x40
|
|
45
|
+
ldr q5, [x2, #0x10]
|
|
46
|
+
ldr q6, [x2, #0x20]
|
|
47
|
+
ldr q7, [x2, #0x30]
|
|
48
|
+
ldr q4, [x2], #0x40
|
|
49
|
+
sqdmulh v17.4s, v1.4s, v23.4s
|
|
50
|
+
srshr v17.4s, v17.4s, #0x11
|
|
51
|
+
cmgt v25.4s, v1.4s, v21.4s
|
|
52
|
+
mls v1.4s, v17.4s, v22.4s
|
|
53
|
+
bic v17.16b, v17.16b, v25.16b
|
|
54
|
+
add v1.4s, v1.4s, v25.4s
|
|
55
|
+
cmle v1.4s, v1.4s, #0
|
|
56
|
+
orr v1.4s, #0x1
|
|
57
|
+
mla v17.4s, v1.4s, v5.4s
|
|
58
|
+
cmgt v25.4s, v17.4s, v24.4s
|
|
59
|
+
bic v17.16b, v17.16b, v25.16b
|
|
60
|
+
umin v17.4s, v17.4s, v24.4s
|
|
61
|
+
sqdmulh v18.4s, v2.4s, v23.4s
|
|
62
|
+
srshr v18.4s, v18.4s, #0x11
|
|
63
|
+
cmgt v25.4s, v2.4s, v21.4s
|
|
64
|
+
mls v2.4s, v18.4s, v22.4s
|
|
65
|
+
bic v18.16b, v18.16b, v25.16b
|
|
66
|
+
add v2.4s, v2.4s, v25.4s
|
|
67
|
+
cmle v2.4s, v2.4s, #0
|
|
68
|
+
orr v2.4s, #0x1
|
|
69
|
+
mla v18.4s, v2.4s, v6.4s
|
|
70
|
+
cmgt v25.4s, v18.4s, v24.4s
|
|
71
|
+
bic v18.16b, v18.16b, v25.16b
|
|
72
|
+
umin v18.4s, v18.4s, v24.4s
|
|
73
|
+
sqdmulh v19.4s, v3.4s, v23.4s
|
|
74
|
+
srshr v19.4s, v19.4s, #0x11
|
|
75
|
+
cmgt v25.4s, v3.4s, v21.4s
|
|
76
|
+
mls v3.4s, v19.4s, v22.4s
|
|
77
|
+
bic v19.16b, v19.16b, v25.16b
|
|
78
|
+
add v3.4s, v3.4s, v25.4s
|
|
79
|
+
cmle v3.4s, v3.4s, #0
|
|
80
|
+
orr v3.4s, #0x1
|
|
81
|
+
mla v19.4s, v3.4s, v7.4s
|
|
82
|
+
cmgt v25.4s, v19.4s, v24.4s
|
|
83
|
+
bic v19.16b, v19.16b, v25.16b
|
|
84
|
+
umin v19.4s, v19.4s, v24.4s
|
|
85
|
+
sqdmulh v16.4s, v0.4s, v23.4s
|
|
86
|
+
srshr v16.4s, v16.4s, #0x11
|
|
87
|
+
cmgt v25.4s, v0.4s, v21.4s
|
|
88
|
+
mls v0.4s, v16.4s, v22.4s
|
|
89
|
+
bic v16.16b, v16.16b, v25.16b
|
|
90
|
+
add v0.4s, v0.4s, v25.4s
|
|
91
|
+
cmle v0.4s, v0.4s, #0
|
|
92
|
+
orr v0.4s, #0x1
|
|
93
|
+
mla v16.4s, v0.4s, v4.4s
|
|
94
|
+
cmgt v25.4s, v16.4s, v24.4s
|
|
95
|
+
bic v16.16b, v16.16b, v25.16b
|
|
96
|
+
umin v16.4s, v16.4s, v24.4s
|
|
97
|
+
str q17, [x0, #0x10]
|
|
98
|
+
str q18, [x0, #0x20]
|
|
99
|
+
str q19, [x0, #0x30]
|
|
100
|
+
str q16, [x0], #0x40
|
|
101
|
+
subs x3, x3, #0x1
|
|
102
|
+
b.ne Lpoly_use_hint_88_loop
|
|
103
|
+
ret
|
|
104
|
+
.cfi_endproc
|
|
105
|
+
|
|
106
|
+
MLD_ASM_FN_SIZE(poly_use_hint_88_asm)
|
|
107
|
+
|
|
108
|
+
#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \
|
|
109
|
+
(MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \
|
|
110
|
+
*/
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) The mldsa-native project authors
|
|
3
|
+
* Copyright (c) The mlkem-native project authors
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
#include "../../../common.h"
|
|
8
|
+
#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \
|
|
9
|
+
(defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44)
|
|
10
|
+
|
|
11
|
+
/*
|
|
12
|
+
* WARNING: This file is auto-derived from the mldsa-native source file
|
|
13
|
+
* dev/aarch64_opt/src/polyz_unpack_17_asm.S using scripts/simpasm. Do not modify it directly.
|
|
14
|
+
*/
|
|
15
|
+
|
|
16
|
+
#if defined(__ELF__)
|
|
17
|
+
.section .note.GNU-stack,"",@progbits
|
|
18
|
+
#endif
|
|
19
|
+
|
|
20
|
+
.text
|
|
21
|
+
.balign 4
|
|
22
|
+
.global MLD_ASM_NAMESPACE(polyz_unpack_17_asm)
|
|
23
|
+
MLD_ASM_FN_SYMBOL(polyz_unpack_17_asm)
|
|
24
|
+
|
|
25
|
+
.cfi_startproc
|
|
26
|
+
ldr q24, [x2]
|
|
27
|
+
ldr q25, [x2, #0x10]
|
|
28
|
+
ldr q26, [x2, #0x20]
|
|
29
|
+
ldr q27, [x2, #0x30]
|
|
30
|
+
mov x3, #0xfe00000000 // =1090921693184
|
|
31
|
+
mov v28.d[0], x3
|
|
32
|
+
mov x3, #0xfc // =252
|
|
33
|
+
movk x3, #0xfa, lsl #32
|
|
34
|
+
mov v28.d[1], x3
|
|
35
|
+
movi v29.4s, #0x3, msl #16
|
|
36
|
+
movi v30.4s, #0x2, lsl #16
|
|
37
|
+
mov x9, #0x10 // =16
|
|
38
|
+
|
|
39
|
+
Lpolyz_unpack_17_loop:
|
|
40
|
+
ld1 { v0.16b, v1.16b }, [x1]
|
|
41
|
+
add x1, x1, #0x14
|
|
42
|
+
ld1 { v2.16b }, [x1], #16
|
|
43
|
+
tbl v4.16b, { v0.16b }, v24.16b
|
|
44
|
+
tbl v5.16b, { v0.16b, v1.16b }, v25.16b
|
|
45
|
+
tbl v6.16b, { v1.16b }, v26.16b
|
|
46
|
+
tbl v7.16b, { v1.16b, v2.16b }, v27.16b
|
|
47
|
+
ushl v4.4s, v4.4s, v28.4s
|
|
48
|
+
and v4.16b, v4.16b, v29.16b
|
|
49
|
+
sub v4.4s, v30.4s, v4.4s
|
|
50
|
+
ushl v5.4s, v5.4s, v28.4s
|
|
51
|
+
and v5.16b, v5.16b, v29.16b
|
|
52
|
+
sub v5.4s, v30.4s, v5.4s
|
|
53
|
+
ushl v6.4s, v6.4s, v28.4s
|
|
54
|
+
and v6.16b, v6.16b, v29.16b
|
|
55
|
+
sub v6.4s, v30.4s, v6.4s
|
|
56
|
+
ushl v7.4s, v7.4s, v28.4s
|
|
57
|
+
and v7.16b, v7.16b, v29.16b
|
|
58
|
+
sub v7.4s, v30.4s, v7.4s
|
|
59
|
+
str q5, [x0, #0x10]
|
|
60
|
+
str q6, [x0, #0x20]
|
|
61
|
+
str q7, [x0, #0x30]
|
|
62
|
+
str q4, [x0], #0x40
|
|
63
|
+
subs x9, x9, #0x1
|
|
64
|
+
b.ne Lpolyz_unpack_17_loop
|
|
65
|
+
ret
|
|
66
|
+
.cfi_endproc
|
|
67
|
+
|
|
68
|
+
MLD_ASM_FN_SIZE(polyz_unpack_17_asm)
|
|
69
|
+
|
|
70
|
+
#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \
|
|
71
|
+
(MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \
|
|
72
|
+
*/
|