RubyGems - pq_crypto - Versions diffs - 0.3.2 → 0.5.0 - Mend

pq_crypto 0.3.2 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (328) hide show

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/meta.h ADDED Viewed

@@ -0,0 +1,128 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_NATIVE_RISCV64_META_H
+#define MLK_NATIVE_RISCV64_META_H
+/* Identifier for this backend so that source and assembly files
+ * in the build can be appropriately guarded. */
+#define MLK_ARITH_BACKEND_RISCV64
+/* Set of primitives that this backend replaces */
+#define MLK_USE_NATIVE_NTT
+#define MLK_USE_NATIVE_INTT
+#define MLK_USE_NATIVE_POLY_TOMONT
+#define MLK_USE_NATIVE_REJ_UNIFORM
+#define MLK_USE_NATIVE_POLY_REDUCE
+#define MLK_USE_NATIVE_POLY_MULCACHE_COMPUTE
+#define MLK_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED
+#include "../../common.h"
+#if !defined(__ASSEMBLER__)
+#include <riscv_vector.h>
+#include "../api.h"
+#include "src/arith_native_riscv64.h"
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_ntt_native(int16_t data[MLKEM_N])
+{
+  /* VLEN = 256 only for now */
+  if (__riscv_vsetvlmax_e16m1() != 16)
+  {
+    return MLK_NATIVE_FUNC_FALLBACK;
+  }
+  mlk_rv64v_poly_ntt(data);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_intt_native(int16_t data[MLKEM_N])
+{
+  /* VLEN = 256 only for now */
+  if (__riscv_vsetvlmax_e16m1() != 16)
+  {
+    return MLK_NATIVE_FUNC_FALLBACK;
+  }
+  mlk_rv64v_poly_invntt_tomont(data);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_poly_tomont_native(int16_t data[MLKEM_N])
+{
+  mlk_rv64v_poly_tomont(data);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_rej_uniform_native(int16_t *r, unsigned len,
+                                             const uint8_t *buf,
+                                             unsigned buflen)
+{
+  /* The cast from unsigned to signed integer is safe
+   * because the return value is <= len, which we asssume
+   * to be bound by 4096 and hence <= INT_MAX. */
+  return (int)mlk_rv64v_rej_uniform(r, len, buf, buflen);
+}
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_poly_reduce_native(int16_t data[MLKEM_N])
+{
+  mlk_rv64v_poly_reduce(data);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_poly_mulcache_compute_native(int16_t x[MLKEM_N / 2],
+                                                       const int16_t y[MLKEM_N])
+{
+  (void)x; /* not using the cache at the moment */
+  (void)y;
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#if defined(MLK_CONFIG_MULTILEVEL_WITH_SHARED) || MLKEM_K == 2
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_polyvec_basemul_acc_montgomery_cached_k2_native(
+    int16_t r[MLKEM_N], const int16_t a[2 * MLKEM_N],
+    const int16_t b[2 * MLKEM_N], const int16_t b_cache[2 * (MLKEM_N / 2)])
+{
+  (void)b_cache;
+  mlk_rv64v_poly_basemul_mont_add_k2(r, a, b);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#endif /* MLK_CONFIG_MULTILEVEL_WITH_SHARED || MLKEM_K == 2 */
+#if defined(MLK_CONFIG_MULTILEVEL_WITH_SHARED) || MLKEM_K == 3
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_polyvec_basemul_acc_montgomery_cached_k3_native(
+    int16_t r[MLKEM_N], const int16_t a[3 * MLKEM_N],
+    const int16_t b[3 * MLKEM_N], const int16_t b_cache[3 * (MLKEM_N / 2)])
+{
+  (void)b_cache;
+  mlk_rv64v_poly_basemul_mont_add_k3(r, a, b);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#endif /* MLK_CONFIG_MULTILEVEL_WITH_SHARED || MLKEM_K == 3 */
+#if defined(MLK_CONFIG_MULTILEVEL_WITH_SHARED) || MLKEM_K == 4
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_polyvec_basemul_acc_montgomery_cached_k4_native(
+    int16_t r[MLKEM_N], const int16_t a[4 * MLKEM_N],
+    const int16_t b[4 * MLKEM_N], const int16_t b_cache[4 * (MLKEM_N / 2)])
+{
+  (void)b_cache;
+  mlk_rv64v_poly_basemul_mont_add_k4(r, a, b);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#endif /* MLK_CONFIG_MULTILEVEL_WITH_SHARED || MLKEM_K == 4 */
+#endif /* !__ASSEMBLER__ */
+#endif /* !MLK_NATIVE_RISCV64_META_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/arith_native_riscv64.h ADDED Viewed

@@ -0,0 +1,45 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_NATIVE_RISCV64_SRC_ARITH_NATIVE_RISCV64_H
+#define MLK_NATIVE_RISCV64_SRC_ARITH_NATIVE_RISCV64_H
+#include "../../../common.h"
+#define mlk_rv64v_poly_ntt MLK_NAMESPACE(ntt_riscv64)
+void mlk_rv64v_poly_ntt(int16_t *);
+#define mlk_rv64v_poly_invntt_tomont MLK_NAMESPACE(intt_riscv64)
+void mlk_rv64v_poly_invntt_tomont(int16_t *r);
+#define mlk_rv64v_poly_basemul_mont_add_k2 MLK_NAMESPACE(basemul_add_k2_riscv64)
+void mlk_rv64v_poly_basemul_mont_add_k2(int16_t *r, const int16_t *a,
+                                        const int16_t *b);
+#define mlk_rv64v_poly_basemul_mont_add_k3 MLK_NAMESPACE(basemul_add_k3_riscv64)
+void mlk_rv64v_poly_basemul_mont_add_k3(int16_t *r, const int16_t *a,
+                                        const int16_t *b);
+#define mlk_rv64v_poly_basemul_mont_add_k4 MLK_NAMESPACE(basemul_add_k4_riscv64)
+void mlk_rv64v_poly_basemul_mont_add_k4(int16_t *r, const int16_t *a,
+                                        const int16_t *b);
+#define mlk_rv64v_poly_tomont MLK_NAMESPACE(tomont_riscv64)
+void mlk_rv64v_poly_tomont(int16_t *r);
+#define mlk_rv64v_poly_reduce MLK_NAMESPACE(reduce_riscv64)
+void mlk_rv64v_poly_reduce(int16_t *r);
+#define mlk_rv64v_poly_add MLK_NAMESPACE(poly_add_riscv64)
+void mlk_rv64v_poly_add(int16_t *r, const int16_t *a, const int16_t *b);
+#define mlk_rv64v_poly_sub MLK_NAMESPACE(poly_sub_riscv64)
+void mlk_rv64v_poly_sub(int16_t *r, const int16_t *a, const int16_t *b);
+#define mlk_rv64v_rej_uniform MLK_NAMESPACE(rj_uniform_riscv64)
+MLK_MUST_CHECK_RETURN_VALUE
+unsigned int mlk_rv64v_rej_uniform(int16_t *r, unsigned int len,
+                                   const uint8_t *buf, unsigned int buflen);
+#endif /* !MLK_NATIVE_RISCV64_SRC_ARITH_NATIVE_RISCV64_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/rv64v_debug.c ADDED Viewed

@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+/* NOTE: You can remove this file unless you compile with MLKEM_DEBUG. */
+#include "../../../common.h"
+#if defined(MLK_ARITH_BACKEND_RISCV64) && \
+    !defined(MLK_CONFIG_MULTILEVEL_NO_SHARED) && defined(MLKEM_DEBUG)
+#include <stdio.h>
+#include <stdlib.h>
+#include "../../../debug.h"
+#include "rv64v_debug.h"
+#define MLK_DEBUG_ERROR_HEADER "[ERROR:%s:%04d] "
+/*************************************************
+ * Name:        mlk_debug_check_bounds_int16m1
+ *
+ * Description: Check whether values in a vint16m1_t vector
+ *              are within specified bounds.
+ *
+ * Implementation: Extract vector elements to a temporary array
+ *                and reuse existing array bounds checking.
+ **************************************************/
+void mlk_debug_check_bounds_int16m1(const char *file, int line, vint16m1_t vec,
+                                    size_t vl, int lower_bound_exclusive,
+                                    int upper_bound_exclusive)
+{
+  /* Allocate temporary array to store vector elements
+   * We use the maximum possible vector length to be safe */
+  int16_t temp_array[64];
+  /* Store vector elements to temporary array for inspection */
+  __riscv_vse16_v_i16m1(temp_array, vec, vl);
+  /* Reuse existing array bounds checking function */
+  mlk_debug_check_bounds(file, line, temp_array, (unsigned)vl,
+                         lower_bound_exclusive, upper_bound_exclusive);
+}
+/*************************************************
+ * Name:        mlk_debug_check_bounds_int16m2
+ *
+ * Description: Check whether values in a vint16m2_t vector
+ *              are within specified bounds.
+ *
+ * Implementation: Extract vector elements to a temporary array
+ *                and reuse existing array bounds checking.
+ **************************************************/
+void mlk_debug_check_bounds_int16m2(const char *file, int line, vint16m2_t vec,
+                                    size_t vl, int lower_bound_exclusive,
+                                    int upper_bound_exclusive)
+{
+  /* Allocate temporary array to store vector elements
+   * m2 vectors hold 2x the elements of m1 vectors */
+  int16_t temp_array[2 * 64];
+  /* Store vector elements to temporary array for inspection */
+  __riscv_vse16_v_i16m2(temp_array, vec, 2 * vl);
+  /* Reuse existing array bounds checking function for all elements */
+  mlk_debug_check_bounds(file, line, temp_array, (unsigned)(2 * vl),
+                         lower_bound_exclusive, upper_bound_exclusive);
+}
+#else /* MLK_ARITH_BACKEND_RISCV64 && !MLK_CONFIG_MULTILEVEL_NO_SHARED && \
+         MLKEM_DEBUG */
+MLK_EMPTY_CU(rv64v_debug)
+#endif /* !(MLK_ARITH_BACKEND_RISCV64 && !MLK_CONFIG_MULTILEVEL_NO_SHARED && \
+          MLKEM_DEBUG) */
+/* To facilitate single-compilation-unit (SCU) builds, undefine all macros.
+ * Don't modify by hand -- this is auto-generated by scripts/autogen. */
+#undef MLK_DEBUG_ERROR_HEADER

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/rv64v_debug.h ADDED Viewed

@@ -0,0 +1,145 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_NATIVE_RISCV64_SRC_RV64V_DEBUG_H
+#define MLK_NATIVE_RISCV64_SRC_RV64V_DEBUG_H
+#include "../../../debug.h"
+#include <riscv_vector.h>
+/*************************************************
+ * RISC-V Vector Bounds Assertion Macros
+ *
+ * These macros provide runtime bounds checking for RISC-V vector types
+ * vint16m1_t and vint16m2_t, following the same pattern as the scalar
+ * bounds assertions in debug.h
+ *
+ * The macros are only active when MLKEM_DEBUG is defined, otherwise they
+ * compile to no-ops for zero runtime overhead in release builds.
+ **************************************************/
+#if defined(MLKEM_DEBUG)
+/*************************************************
+ * Name:        mlk_debug_check_bounds_int16m1
+ *
+ * Description: Check whether values in a vint16m1_t vector
+ *              are within specified bounds.
+ *
+ * Arguments:   - file: filename
+ *              - line: line number
+ *              - vec: RISC-V vector to be checked
+ *              - vl: vector length (number of active elements)
+ *              - lower_bound_exclusive: Exclusive lower bound
+ *              - upper_bound_exclusive: Exclusive upper bound
+ **************************************************/
+#define mlk_debug_check_bounds_int16m1 \
+  MLK_NAMESPACE(mlkem_debug_check_bounds_int16m1)
+void mlk_debug_check_bounds_int16m1(const char *file, int line, vint16m1_t vec,
+                                    size_t vl, int lower_bound_exclusive,
+                                    int upper_bound_exclusive);
+/*************************************************
+ * Name:        mlk_debug_check_bounds_int16m2
+ *
+ * Description: Check whether values in a vint16m2_t vector
+ *              are within specified bounds by splitting into m1 vectors.
+ *
+ * Arguments:   - file: filename
+ *              - line: line number
+ *              - vec: RISC-V vector to be checked
+ *              - vl: vector length (number of active elements per m1 half)
+ *              - lower_bound_exclusive: Exclusive lower bound
+ *              - upper_bound_exclusive: Exclusive upper bound
+ **************************************************/
+#define mlk_debug_check_bounds_int16m2 \
+  MLK_NAMESPACE(mlkem_debug_check_bounds_int16m2)
+void mlk_debug_check_bounds_int16m2(const char *file, int line, vint16m2_t vec,
+                                    size_t vl, int lower_bound_exclusive,
+                                    int upper_bound_exclusive);
+/* Check bounds in vint16m1_t vector
+ * vec: RISC-V vector of type vint16m1_t
+ * vl: Vector length (number of active elements)
+ * value_lb: Inclusive lower value bound
+ * value_ub: Exclusive upper value bound */
+#define mlk_assert_bound_int16m1(vec, vl, value_lb, value_ub)     \
+  mlk_debug_check_bounds_int16m1(__FILE__, __LINE__, (vec), (vl), \
+                                 (value_lb) - 1, (value_ub))
+/* Check absolute bounds in vint16m1_t vector
+ * vec: RISC-V vector of type vint16m1_t
+ * vl: Vector length (number of active elements)
+ * value_abs_bd: Exclusive absolute upper bound */
+#define mlk_assert_abs_bound_int16m1(vec, vl, value_abs_bd) \
+  mlk_assert_bound_int16m1((vec), (vl), (-(value_abs_bd) + 1), (value_abs_bd))
+/* Check bounds in vint16m2_t vector
+ * vec: RISC-V vector of type vint16m2_t
+ * vl: Vector length (number of active elements per m1 half)
+ * value_lb: Inclusive lower value bound
+ * value_ub: Exclusive upper value bound */
+#define mlk_assert_bound_int16m2(vec, vl, value_lb, value_ub)     \
+  mlk_debug_check_bounds_int16m2(__FILE__, __LINE__, (vec), (vl), \
+                                 (value_lb) - 1, (value_ub))
+/* Check absolute bounds in vint16m2_t vector
+ * vec: RISC-V vector of type vint16m2_t
+ * vl: Vector length (number of active elements per m1 half)
+ * value_abs_bd: Exclusive absolute upper bound */
+#define mlk_assert_abs_bound_int16m2(vec, vl, value_abs_bd) \
+  mlk_assert_bound_int16m2((vec), (vl), (-(value_abs_bd) + 1), (value_abs_bd))
+#elif defined(CBMC)
+/* For CBMC, we would need to implement vector bounds checking using CBMC
+ * primitives This is complex and would require extracting vector elements, so
+ * for now we provide empty implementations that could be extended later */
+#define mlk_assert_bound_int16m1(vec, vl, value_lb, value_ub) \
+  do                                                          \
+  {                                                           \
+  } while (0)
+#define mlk_assert_abs_bound_int16m1(vec, vl, value_abs_bd) \
+  do                                                        \
+  {                                                         \
+  } while (0)
+#define mlk_assert_bound_int16m2(vec, vl, value_lb, value_ub) \
+  do                                                          \
+  {                                                           \
+  } while (0)
+#define mlk_assert_abs_bound_int16m2(vec, vl, value_abs_bd) \
+  do                                                        \
+  {                                                         \
+  } while (0)
+#else /* !MLKEM_DEBUG && CBMC */
+/* When debugging is disabled, all assertions become no-ops */
+#define mlk_assert_bound_int16m1(vec, vl, value_lb, value_ub) \
+  do                                                          \
+  {                                                           \
+  } while (0)
+#define mlk_assert_abs_bound_int16m1(vec, vl, value_abs_bd) \
+  do                                                        \
+  {                                                         \
+  } while (0)
+#define mlk_assert_bound_int16m2(vec, vl, value_lb, value_ub) \
+  do                                                          \
+  {                                                           \
+  } while (0)
+#define mlk_assert_abs_bound_int16m2(vec, vl, value_abs_bd) \
+  do                                                        \
+  {                                                         \
+  } while (0)
+#endif /* !MLKEM_DEBUG && !CBMC */
+#endif /* !MLK_NATIVE_RISCV64_SRC_RV64V_DEBUG_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/native/riscv64/src/rv64v_izetas.inc ADDED Viewed

@@ -0,0 +1,27 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+/*
+ * WARNING: This file is auto-generated from scripts/autogen
+ *          in the mlkem-native repository.
+ *          Do not modify it directly.
+ */
+#include "arith_native_riscv64.h"
+const int16_t izeta[] = {
+    -1044, 758,   1571,  205,   1275,  -677,  1065,  -448,  -1628, -1522, 1460,
+    -958,  -991,  -996,  308,   108,   1517,  359,   -411,  1542,  725,   1508,
+    -961,  398,   -478,  870,   854,   1510,  -794,  1278,  1530,  1185,  -202,
+    -287,  -608,  -732,  951,   247,   1421,  -107,  1659,  1187,  -220,  874,
+    1335,  -1218, 136,   1215,  -1422, -1493, -1017, 681,   -830,  271,   90,
+    853,   -384,  1465,  1285,  -1322, -610,  -603,  -1097, -817,  -1468, 1474,
+    130,   1602,  -1469, -126,  1162,  1618,  75,    156,   -329,  -418,  -349,
+    872,   -644,  1590,  1202,  -962,  -1458, 829,   666,   320,   8,     -516,
+    -1119, 602,   -1483, 777,   147,   -1159, -778,  246,   -182,  -1577, -383,
+    -264,  1544,  282,   -1491, 1293,  -1653, -1574, 460,   291,   235,   -177,
+    -587,  -422,  -622,  171,   1325,  -573,  -1015, 552,   -652,  -1223, -105,
+    -1550, -871,  1251,  -843,  -555,  -430,  1103,
+};