pq_crypto 0.3.2 → 0.5.0

data/ext/pqcrypto/extconf.rb

@@ -2,20 +2,36 @@
 # frozen_string_literal: true
 
 require "mkmf"
+require "rbconfig"
+require_relative "../../lib/pq_crypto/version"
 
-$CFLAGS << " -std=c11 -Wall -Wextra -O2"
-$CFLAGS << " -fstack-protector-strong -D_FORTIFY_SOURCE=2"
-VENDOR_ONLY_CFLAGS = "-Wno-unused-parameter -Wno-unused-function -Wno-strict-prototypes -Wno-pedantic -Wno-c23-extensions -Wno-undef"
+def generate_version_header!
+  version = PQCrypto::VERSION
+  unless version.match?(/\A[0-9A-Za-z][0-9A-Za-z._+-]*\z/)
+    abort "Invalid PQCrypto::VERSION for C header: #{version.inspect}"
+  end
 
-$LDFLAGS << " -Wl,-no_warn_duplicate_libraries" if RbConfig::CONFIG["host_os"] =~ /darwin/
+  header = File.join(__dir__, "pqcrypto_version.h")
+  File.write(header, <<~C)
+    /* Generated by extconf.rb from lib/pq_crypto/version.rb. Do not edit. */
+    #ifndef PQCRYPTO_VERSION_H
+    #define PQCRYPTO_VERSION_H
 
-USE_SYSTEM = arg_config("--use-system-libraries") || ENV["PQCRYPTO_USE_SYSTEM_LIBRARIES"]
+    #define PQCRYPTO_VERSION #{version.dump}
 
-KECCAK_BACKEND = (ENV["PQCRYPTO_KECCAK_BACKEND"] || "clean").strip.downcase
-SUPPORTED_KECCAK_BACKENDS = %w[clean xkcp].freeze
+    #endif
+  C
+end
 
-SANITIZE = ENV["PQCRYPTO_SANITIZE"]
+generate_version_header!
+
+$CFLAGS << " -std=c11 -Wall -Wextra -O3"
+$CFLAGS << " -fstack-protector-strong -D_FORTIFY_SOURCE=2"
+$LDFLAGS << " -Wl,-no_warn_duplicate_libraries" if RbConfig::CONFIG["host_os"] =~ /darwin/
+
+VENDOR_ONLY_CFLAGS = "-Wno-unused-parameter -Wno-unused-function -Wno-strict-prototypes -Wno-pedantic -Wno-c23-extensions -Wno-undef"
 
+SANITIZE = ENV["PQCRYPTO_SANITIZE"]
 if SANITIZE && !SANITIZE.strip.empty?
   sanitize = SANITIZE.strip
   $CFLAGS.gsub!(/\s-D_FORTIFY_SOURCE=\d+/, "")
@@ -23,6 +39,8 @@ if SANITIZE && !SANITIZE.strip.empty?
   $LDFLAGS << " -fsanitize=#{sanitize}"
 end
 
+NATIVE_ASM = (ENV["PQCRYPTO_NATIVE_ASM"] || "0") == "1"
+
 def configure_compiler_environment
   return unless RUBY_PLATFORM.include?("darwin")
 
@@ -31,6 +49,54 @@ def configure_compiler_environment
   $LDFLAGS << " -L/opt/homebrew/lib"
 end
 
+def native_vendor_sources_for(vendor_dir)
+  [
+    File.join(vendor_dir, "mlkem-native", "mlkem", "mlkem_native.c"),
+    File.join(vendor_dir, "mldsa-native", "mldsa", "mldsa_native.c")
+  ]
+end
+
+def native_vendor_ready?(vendor_dir)
+  File.exist?(File.join(vendor_dir, ".vendored")) &&
+    native_vendor_sources_for(vendor_dir).all? { |path| File.exist?(path) }
+end
+
+def vendor_script_path
+  File.expand_path("../../script/vendor_libs.rb", __dir__)
+end
+
+def run_vendor_script!(vendor_dir)
+  script = vendor_script_path
+  abort <<~MSG unless File.exist?(script)
+    PQ Code Package vendored sources are missing and script/vendor_libs.rb was not packaged.
+
+    Expected:
+      #{native_vendor_sources_for(vendor_dir).join("\n  ")}
+
+    Rebuild the gem from a repository that includes script/vendor_libs.rb, or run
+    script/vendor_libs.rb before building the gem package.
+  MSG
+
+  abort <<~MSG if ENV["PQCRYPTO_AUTO_VENDOR"] == "0"
+    PQ Code Package vendored sources are missing and PQCRYPTO_AUTO_VENDOR=0 was set.
+
+    Expected:
+      #{native_vendor_sources_for(vendor_dir).join("\n  ")}
+
+    Run:
+      ruby script/vendor_libs.rb
+  MSG
+
+  puts "PQ Code Package native sources are missing; vendoring now..."
+  ok = system(RbConfig.ruby, script)
+  abort <<~MSG unless ok
+    Failed to vendor PQ Code Package native sources.
+
+    This build intentionally has no PQClean fallback. Install git/network access or
+    vendor mlkem-native and mldsa-native before installing the gem.
+  MSG
+end
+
 def find_vendor_dir
   candidates = [
     File.join(__dir__, "vendor"),
@@ -44,8 +110,13 @@ def find_vendor_dir
     dir = File.dirname(dir)
   end
 
-  candidates.find { |path| File.exist?(File.join(path, ".vendored")) }
-            &.then { |path| File.expand_path(path) }
+  candidates.map! { |path| File.expand_path(path) }
+  candidates.uniq!
+
+  primary = File.expand_path(File.join(__dir__, "vendor"))
+  run_vendor_script!(primary) unless native_vendor_ready?(primary)
+
+  candidates.find { |path| native_vendor_ready?(path) }
 end
 
 def configure_openssl!
@@ -64,7 +135,6 @@ def configure_openssl!
     #endif
     int main(void) { return 0; }
   SRC
-
   abort "OpenSSL 3.0 or later is required" unless try_compile(version_check)
 
   sha3_check = <<~SRC
@@ -83,101 +153,112 @@ def configure_openssl!
         return md == NULL ? 1 : 0;
     }
   SRC
-  abort "OpenSSL SHAKE256 is required (X-Wing key expansion)" unless try_compile(shake_check)
+  abort "OpenSSL SHAKE256 is required (X-Wing key expansion / ML-DSA streaming mu)" unless try_compile(shake_check)
 
   $CFLAGS << " -DHAVE_OPENSSL_EVP_H -DHAVE_OPENSSL_RAND_H"
 end
 
-def configure_keccak_backend(vendor_dir, common_dir)
-  abort "Unsupported PQCRYPTO_KECCAK_BACKEND=#{KECCAK_BACKEND.inspect}. Supported: #{SUPPORTED_KECCAK_BACKENDS.join(", ")}" unless SUPPORTED_KECCAK_BACKENDS.include?(KECCAK_BACKEND)
-
-  case KECCAK_BACKEND
-  when "clean"
-    {
-      name: "clean",
-      include_dirs: [],
-      source_group: ["pqclean_common", [File.join(common_dir, "fips202.c")]]
-    }
-  when "xkcp"
-    # The optimized backend must provide the same fips202.h-compatible API as
-    # PQClean's common/fips202.c. Do not substitute OpenSSL EVP SHAKE here: the
-    # PQClean SHAKE state layout is part of the ML-KEM/ML-DSA call graph.
-    xkcp_dir = File.join(vendor_dir, "xkcp")
-    adapter_source = File.join(xkcp_dir, "pqclean_fips202_xkcp.c")
-
-    abort <<~MSG unless File.exist?(adapter_source)
-      PQCRYPTO_KECCAK_BACKEND=xkcp was requested, but no reviewed XKCP adapter was found.
-
-      Expected:
-        #{adapter_source}
-
-      Refusing to fall back silently to the clean backend. Vendor a fips202.h-compatible
-      XKCP adapter first, then run the full SHAKE-dependent KAT/regression test matrix.
-    MSG
-
-    {
-      name: "xkcp",
-      include_dirs: [xkcp_dir],
-      source_group: ["xkcp_keccak", [adapter_source]]
-    }
-  end
+def recursive_include_dirs(root)
+  Dir.glob(File.join(root, "**", "*")).select { |p| File.directory?(p) }.map { |p| File.expand_path(p) }
 end
 
-def configure_pqclean(vendor_dir)
-  return nil unless vendor_dir
-
-  pqclean_dir = File.join(vendor_dir, "pqclean")
-  return nil unless Dir.exist?(pqclean_dir)
+def native_vendor_config(vendor_dir)
+  abort <<~MSG unless vendor_dir
+    PQ Code Package vendored sources are required.
 
-  mlkem_dir = File.join(pqclean_dir, "crypto_kem", "ml-kem-768", "clean")
-  mldsa_dir = File.join(pqclean_dir, "crypto_sign", "ml-dsa-65", "clean")
-  common_dir = File.join(pqclean_dir, "common")
+    Expected:
+      ext/pqcrypto/vendor/mlkem-native/mlkem/mlkem_native.c
+      ext/pqcrypto/vendor/mldsa-native/mldsa/mldsa_native.c
 
-  keccak_config = configure_keccak_backend(vendor_dir, common_dir)
+    Run:
+      bundle exec rake vendor
+  MSG
 
-  include_dirs = [mlkem_dir, mldsa_dir, common_dir, *keccak_config[:include_dirs]]
-  return nil unless include_dirs.all? { |dir| Dir.exist?(dir) }
+  mlkem_dir = File.join(vendor_dir, "mlkem-native", "mlkem")
+  mldsa_dir = File.join(vendor_dir, "mldsa-native", "mldsa")
+  mlkem_c = File.join(mlkem_dir, "mlkem_native.c")
+  mldsa_c = File.join(mldsa_dir, "mldsa_native.c")
 
-  mlkem_sources = Dir.glob(File.join(mlkem_dir, "*.c")).sort
-  mldsa_sources = Dir.glob(File.join(mldsa_dir, "*.c")).sort
-  common_sources = %w[sha2.c sp800-185.c].map { |name| File.join(common_dir, name) }
+  missing = [mlkem_c, mldsa_c].reject { |path| File.exist?(path) }
+  abort <<~MSG unless missing.empty?
+    Missing PQ Code Package native source files:
+      #{missing.join("\n  ")}
 
-  source_groups = [
-    ["pqclean_mlkem", mlkem_sources],
-    ["pqclean_mldsa", mldsa_sources],
-    ["pqclean_common", common_sources],
-    keccak_config[:source_group]
-  ]
+    This build intentionally has no PQClean fallback. Auto-vendoring did not
+    produce the required files. Vendor mlkem-native and mldsa-native, then rebuild.
+  MSG
 
-  return nil unless source_groups.all? { |_, sources| sources.all? { |path| File.exist?(path) } }
-
-  $CFLAGS << " -DHAVE_PQCLEAN"
+  include_dirs = [__dir__, mlkem_dir, mldsa_dir, *recursive_include_dirs(mlkem_dir), *recursive_include_dirs(mldsa_dir)].uniq
   include_dirs.each { |dir| $CPPFLAGS << " -I#{dir}" }
 
   {
-    include_dirs: include_dirs,
-    keccak_backend: keccak_config[:name],
-    source_groups: source_groups
+    mlkem_dir: mlkem_dir,
+    mldsa_dir: mldsa_dir,
+    mlkem_c: mlkem_c,
+    mldsa_c: mldsa_c,
+    mlkem_asm: File.join(mlkem_dir, "mlkem_native_asm.S"),
+    mldsa_asm: File.join(mldsa_dir, "mldsa_native_asm.S")
   }
 end
 
-def inject_pqclean_sources!(pqclean_config)
-  return unless pqclean_config
+def native_flags(kind, level, shared:)
+  prefix = kind == :mlkem ? "MLK" : "MLD"
+  ns = kind == :mlkem ? "pqcr_mlkem" : "pqcr_mldsa"
+  flags = []
+  flags << "-D#{prefix}_CONFIG_MULTILEVEL_BUILD"
+  flags << "-D#{prefix}_CONFIG_PARAMETER_SET=#{level}"
+  flags << "-D#{prefix}_CONFIG_NAMESPACE_PREFIX=#{ns}"
+  flags << "-D#{prefix}_CONFIG_NO_SUPERCOP"
+  flags << (shared ? "-D#{prefix}_CONFIG_MULTILEVEL_WITH_SHARED" : "-D#{prefix}_CONFIG_MULTILEVEL_NO_SHARED")
+  if NATIVE_ASM
+    flags << "-D#{prefix}_CONFIG_USE_NATIVE_BACKEND_ARITH"
+    flags << "-D#{prefix}_CONFIG_USE_NATIVE_BACKEND_FIPS202"
+  end
+  flags.join(" ")
+end
 
+def inject_native_sources!(config)
   makefile = File.read("Makefile")
 
   vendor_objects = []
   build_rules = []
 
-  pqclean_config[:source_groups].each do |prefix, sources|
-    sources.each do |source|
-      base = File.basename(source, ".c").tr("-", "_")
-      object = "#{prefix}_#{base}.o"
+  [
+    [:mlkem, "512", config[:mlkem_c], true],
+    [:mlkem, "768", config[:mlkem_c], false],
+    [:mlkem, "1024", config[:mlkem_c], false],
+    [:mldsa, "44", config[:mldsa_c], true],
+    [:mldsa, "65", config[:mldsa_c], false],
+    [:mldsa, "87", config[:mldsa_c], false]
+  ].each do |kind, level, source, shared|
+    object = "pqnative_#{kind}_#{level}.o"
+    flags = native_flags(kind, level, shared: shared)
+    vendor_objects << object
+    build_rules << <<~RULE
+      #{object}: #{source}
+      	$(ECHO) compiling #{source} [#{kind}-#{level}]
+      	$(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) #{VENDOR_ONLY_CFLAGS} #{flags} $(COUTFLAG)$@ -c $(CSRCFLAG)$<
+    RULE
+  end
+
+  if NATIVE_ASM
+    [
+      [:mlkem, "512", config[:mlkem_asm], true],
+      [:mlkem, "768", config[:mlkem_asm], false],
+      [:mlkem, "1024", config[:mlkem_asm], false],
+      [:mldsa, "44", config[:mldsa_asm], true],
+      [:mldsa, "65", config[:mldsa_asm], false],
+      [:mldsa, "87", config[:mldsa_asm], false]
+    ].each do |kind, level, source, shared|
+      next unless File.exist?(source)
+
+      object = "pqnative_#{kind}_#{level}_asm.o"
+      flags = native_flags(kind, level, shared: shared)
       vendor_objects << object
       build_rules << <<~RULE
         #{object}: #{source}
-        	$(ECHO) compiling #{source}
-        	$(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) #{VENDOR_ONLY_CFLAGS} $(COUTFLAG)$@ -c $(CSRCFLAG)$<
+        	$(ECHO) assembling #{source} [#{kind}-#{level}]
+        	$(Q) $(CC) $(INCFLAGS) $(CPPFLAGS) $(CFLAGS) #{VENDOR_ONLY_CFLAGS} #{flags} $(COUTFLAG)$@ -c $(CSRCFLAG)$<
       RULE
     end
   end
@@ -187,8 +268,8 @@ def inject_pqclean_sources!(pqclean_config)
 
   makefile.sub!(objects_line, objects_line.chomp + " #{vendor_objects.join(' ')}\n")
 
-  unless makefile.include?("# vendored pqclean objects")
-    rules_block = "\n# vendored pqclean objects\n" + build_rules.join("\n") + "\n"
+  unless makefile.include?("# vendored pq-code-package objects")
+    rules_block = "\n# vendored pq-code-package objects\n" + build_rules.join("\n") + "\n"
     anchor = "$(OBJS): $(HDRS) $(ruby_headers)\n"
     raise "Could not find OBJS dependency anchor in generated Makefile" unless makefile.include?(anchor)
 
@@ -198,18 +279,19 @@ def inject_pqclean_sources!(pqclean_config)
   File.write("Makefile", makefile)
 end
 
-vendor_dir = USE_SYSTEM ? nil : find_vendor_dir
+vendor_dir = find_vendor_dir
 
 puts
 puts "=== PQCrypto build configuration ==="
 configure_openssl!
-pqclean_config = configure_pqclean(vendor_dir)
+native_config = native_vendor_config(vendor_dir)
 puts "OpenSSL: system"
-abort "PQClean vendored sources are required. Run: bundle exec rake vendor" unless pqclean_config
-puts "PQClean: vendored (randombytes overridden by pq_randombytes.c)"
-puts "Keccak backend: #{pqclean_config[:keccak_backend]}"
+puts "ML-KEM: mlkem-native vendored"
+puts "ML-DSA: mldsa-native vendored"
+puts "Native asm backends: #{NATIVE_ASM ? 'enabled' : 'disabled'}"
+puts "PQClean fallback: removed"
 puts "Output: pqcrypto/pqcrypto_secure"
 puts "===================================="
 
 create_makefile("pqcrypto/pqcrypto_secure")
-inject_pqclean_sources!(pqclean_config)
+inject_native_sources!(native_config)

data/ext/pqcrypto/mldsa_api.h

@@ -1,51 +1,4 @@
 #ifndef MLDSA_API_H
 #define MLDSA_API_H
-
-#ifdef HAVE_PQCLEAN
-#include <stddef.h>
-#include <stdint.h>
-
-#define PQCLEAN_MLDSA65_CLEAN_CRYPTO_ALGNAME "ML-DSA-65"
-
-int PQCLEAN_MLDSA65_CLEAN_crypto_sign_keypair(uint8_t *pk, uint8_t *sk);
-
-int PQCLEAN_MLDSA65_CLEAN_crypto_sign_signature_ctx(uint8_t *sig, size_t *siglen,
-        const uint8_t *m, size_t mlen,
-        const uint8_t *ctx, size_t ctxlen,
-        const uint8_t *sk);
-
-int PQCLEAN_MLDSA65_CLEAN_crypto_sign_ctx(uint8_t *sm, size_t *smlen,
-        const uint8_t *m, size_t mlen,
-        const uint8_t *ctx, size_t ctxlen,
-        const uint8_t *sk);
-
-int PQCLEAN_MLDSA65_CLEAN_crypto_sign_verify_ctx(const uint8_t *sig, size_t siglen,
-        const uint8_t *m, size_t mlen,
-        const uint8_t *ctx, size_t ctxlen,
-        const uint8_t *pk);
-
-int PQCLEAN_MLDSA65_CLEAN_crypto_sign_open_ctx(uint8_t *m, size_t *mlen,
-        const uint8_t *sm, size_t smlen,
-        const uint8_t *ctx, size_t ctxlen,
-        const uint8_t *pk);
-
-int PQCLEAN_MLDSA65_CLEAN_crypto_sign_signature(uint8_t *sig, size_t *siglen,
-        const uint8_t *m, size_t mlen,
-        const uint8_t *sk);
-
-int PQCLEAN_MLDSA65_CLEAN_crypto_sign(uint8_t *sm, size_t *smlen,
-                                      const uint8_t *m, size_t mlen,
-                                      const uint8_t *sk);
-
-int PQCLEAN_MLDSA65_CLEAN_crypto_sign_verify(const uint8_t *sig, size_t siglen,
-        const uint8_t *m, size_t mlen,
-        const uint8_t *pk);
-
-int PQCLEAN_MLDSA65_CLEAN_crypto_sign_open(uint8_t *m, size_t *mlen,
-        const uint8_t *sm, size_t smlen,
-        const uint8_t *pk);
-
-
-#endif
-
+#include "pqcrypto_native_api.h"
 #endif

data/ext/pqcrypto/mlkem_api.h

@@ -1,21 +1,4 @@
 #ifndef MLKEM_API_H
 #define MLKEM_API_H
-
-#ifdef HAVE_PQCLEAN
-#include <stdint.h>
-
-#define PQCLEAN_MLKEM768_CLEAN_CRYPTO_SECRETKEYBYTES  2400
-#define PQCLEAN_MLKEM768_CLEAN_CRYPTO_PUBLICKEYBYTES  1184
-#define PQCLEAN_MLKEM768_CLEAN_CRYPTO_CIPHERTEXTBYTES 1088
-#define PQCLEAN_MLKEM768_CLEAN_CRYPTO_BYTES           32
-#define PQCLEAN_MLKEM768_CLEAN_CRYPTO_ALGNAME "ML-KEM-768"
-
-int PQCLEAN_MLKEM768_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
-int PQCLEAN_MLKEM768_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
-int PQCLEAN_MLKEM768_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
-int PQCLEAN_MLKEM768_CLEAN_crypto_kem_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins);
-int PQCLEAN_MLKEM768_CLEAN_crypto_kem_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk, const uint8_t *coins);
-
-#endif
-
+#include "pqcrypto_native_api.h"
 #endif