RubyGems - pq_crypto - Versions diffs - 0.4.2 → 0.5.0 - Mend

pq_crypto 0.4.2 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (408) hide show

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/src/keccakf1600_round_constants.c ADDED Viewed

@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+/*
+ * WARNING: This file is auto-generated from scripts/autogen
+ *          in the mlkem-native repository.
+ *          Do not modify it directly.
+ */
+#include "../../../../common.h"
+#if (defined(MLK_FIPS202_AARCH64_NEED_X1_SCALAR) ||                  \
+     defined(MLK_FIPS202_AARCH64_NEED_X1_V84A) ||                    \
+     defined(MLK_FIPS202_AARCH64_NEED_X2_V84A) ||                    \
+     defined(MLK_FIPS202_AARCH64_NEED_X4_V8A_SCALAR_HYBRID) ||       \
+     defined(MLK_FIPS202_AARCH64_NEED_X4_V8A_V84A_SCALAR_HYBRID)) && \
+    !defined(MLK_CONFIG_MULTILEVEL_NO_SHARED)
+#include "fips202_native_aarch64.h"
+MLK_ALIGN const uint64_t mlk_keccakf1600_round_constants[] = {
+    0x0000000000000001, 0x0000000000008082, 0x800000000000808a,
+    0x8000000080008000, 0x000000000000808b, 0x0000000080000001,
+    0x8000000080008081, 0x8000000000008009, 0x000000000000008a,
+    0x0000000000000088, 0x0000000080008009, 0x000000008000000a,
+    0x000000008000808b, 0x800000000000008b, 0x8000000000008089,
+    0x8000000000008003, 0x8000000000008002, 0x8000000000000080,
+    0x000000000000800a, 0x800000008000000a, 0x8000000080008081,
+    0x8000000000008080, 0x0000000080000001, 0x8000000080008008,
+};
+#else /* (MLK_FIPS202_AARCH64_NEED_X1_SCALAR ||                               \
+         MLK_FIPS202_AARCH64_NEED_X1_V84A || MLK_FIPS202_AARCH64_NEED_X2_V84A \
+         || MLK_FIPS202_AARCH64_NEED_X4_V8A_SCALAR_HYBRID ||                  \
+         MLK_FIPS202_AARCH64_NEED_X4_V8A_V84A_SCALAR_HYBRID) &&               \
+         !MLK_CONFIG_MULTILEVEL_NO_SHARED */
+MLK_EMPTY_CU(fips202_aarch64_round_constants)
+#endif /* !((MLK_FIPS202_AARCH64_NEED_X1_SCALAR ||                             \
+          MLK_FIPS202_AARCH64_NEED_X1_V84A || MLK_FIPS202_AARCH64_NEED_X2_V84A \
+          || MLK_FIPS202_AARCH64_NEED_X4_V8A_SCALAR_HYBRID ||                  \
+          MLK_FIPS202_AARCH64_NEED_X4_V8A_V84A_SCALAR_HYBRID) &&               \
+          !MLK_CONFIG_MULTILEVEL_NO_SHARED) */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x1_scalar.h ADDED Viewed

@@ -0,0 +1,25 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_FIPS202_NATIVE_AARCH64_X1_SCALAR_H
+#define MLK_FIPS202_NATIVE_AARCH64_X1_SCALAR_H
+/* Part of backend API */
+#define MLK_USE_FIPS202_X1_NATIVE
+/* Guard for assembly file */
+#define MLK_FIPS202_AARCH64_NEED_X1_SCALAR
+#if !defined(__ASSEMBLER__)
+#include "../api.h"
+#include "src/fips202_native_aarch64.h"
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccak_f1600_x1_native(uint64_t *state)
+{
+  mlk_keccak_f1600_x1_scalar_asm(state, mlk_keccakf1600_round_constants);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#endif /* !__ASSEMBLER__ */
+#endif /* !MLK_FIPS202_NATIVE_AARCH64_X1_SCALAR_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x1_v84a.h ADDED Viewed

@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_FIPS202_NATIVE_AARCH64_X1_V84A_H
+#define MLK_FIPS202_NATIVE_AARCH64_X1_V84A_H
+#if !defined(__ARM_FEATURE_SHA3)
+#error This backend can only be used if SHA3 extensions are available.
+#endif
+/* Part of backend API */
+#define MLK_USE_FIPS202_X1_NATIVE
+/* Guard for assembly file */
+#define MLK_FIPS202_AARCH64_NEED_X1_V84A
+#if !defined(__ASSEMBLER__)
+#include "../api.h"
+#include "src/fips202_native_aarch64.h"
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccak_f1600_x1_native(uint64_t *state)
+{
+  if (!mlk_sys_check_capability(MLK_SYS_CAP_SHA3))
+  {
+    return MLK_NATIVE_FUNC_FALLBACK;
+  }
+  mlk_keccak_f1600_x1_v84a_asm(state, mlk_keccakf1600_round_constants);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#endif /* !__ASSEMBLER__ */
+#endif /* !MLK_FIPS202_NATIVE_AARCH64_X1_V84A_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x2_v84a.h ADDED Viewed

@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_FIPS202_NATIVE_AARCH64_X2_V84A_H
+#define MLK_FIPS202_NATIVE_AARCH64_X2_V84A_H
+#if !defined(__ARM_FEATURE_SHA3)
+#error This backend can only be used if SHA3 extensions are available.
+#endif
+/* Part of backend API */
+#define MLK_USE_FIPS202_X4_NATIVE
+/* Guard for assembly file */
+#define MLK_FIPS202_AARCH64_NEED_X2_V84A
+#if !defined(__ASSEMBLER__)
+#include "../api.h"
+#include "src/fips202_native_aarch64.h"
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccak_f1600_x4_native(uint64_t *state)
+{
+  if (!mlk_sys_check_capability(MLK_SYS_CAP_SHA3))
+  {
+    return MLK_NATIVE_FUNC_FALLBACK;
+  }
+  mlk_keccak_f1600_x2_v84a_asm(state + 0 * 25, mlk_keccakf1600_round_constants);
+  mlk_keccak_f1600_x2_v84a_asm(state + 2 * 25, mlk_keccakf1600_round_constants);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#endif /* !__ASSEMBLER__ */
+#endif /* !MLK_FIPS202_NATIVE_AARCH64_X2_V84A_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x4_v8a_scalar.h ADDED Viewed

@@ -0,0 +1,26 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_FIPS202_NATIVE_AARCH64_X4_V8A_SCALAR_H
+#define MLK_FIPS202_NATIVE_AARCH64_X4_V8A_SCALAR_H
+/* Part of backend API */
+#define MLK_USE_FIPS202_X4_NATIVE
+/* Guard for assembly file */
+#define MLK_FIPS202_AARCH64_NEED_X4_V8A_SCALAR_HYBRID
+#if !defined(__ASSEMBLER__)
+#include "../api.h"
+#include "src/fips202_native_aarch64.h"
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccak_f1600_x4_native(uint64_t *state)
+{
+  mlk_keccak_f1600_x4_v8a_scalar_hybrid_asm(state,
+                                            mlk_keccakf1600_round_constants);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#endif /* !__ASSEMBLER__ */
+#endif /* !MLK_FIPS202_NATIVE_AARCH64_X4_V8A_SCALAR_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/aarch64/x4_v8a_v84a_scalar.h ADDED Viewed

@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_FIPS202_NATIVE_AARCH64_X4_V8A_V84A_SCALAR_H
+#define MLK_FIPS202_NATIVE_AARCH64_X4_V8A_V84A_SCALAR_H
+#if !defined(__ARM_FEATURE_SHA3)
+#error This backend can only be used if SHA3 extensions are available.
+#endif
+/* Part of backend API */
+#define MLK_USE_FIPS202_X4_NATIVE
+/* Guard for assembly file */
+#define MLK_FIPS202_AARCH64_NEED_X4_V8A_V84A_SCALAR_HYBRID
+#if !defined(__ASSEMBLER__)
+#include "../api.h"
+#include "src/fips202_native_aarch64.h"
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccak_f1600_x4_native(uint64_t *state)
+{
+  if (!mlk_sys_check_capability(MLK_SYS_CAP_SHA3))
+  {
+    return MLK_NATIVE_FUNC_FALLBACK;
+  }
+  mlk_keccak_f1600_x4_v8a_v84a_scalar_hybrid_asm(
+      state, mlk_keccakf1600_round_constants);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#endif /* !__ASSEMBLER__ */
+#endif /* !MLK_FIPS202_NATIVE_AARCH64_X4_V8A_V84A_SCALAR_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/api.h ADDED Viewed

@@ -0,0 +1,117 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_FIPS202_NATIVE_API_H
+#define MLK_FIPS202_NATIVE_API_H
+/*
+ * FIPS-202 native interface
+ *
+ * This header is primarily for documentation purposes.
+ * It should not be included by backend implementations.
+ */
+#include "../../cbmc.h"
+/* Backends must return MLK_NATIVE_FUNC_SUCCESS upon success. */
+#define MLK_NATIVE_FUNC_SUCCESS (0)
+/* Backends may return MLK_NATIVE_FUNC_FALLBACK to signal to the frontend that
+ * the target/parameters are unsupported; typically, this would be because of
+ * dependencies on CPU features not detected on the host CPU. In this case,
+ * the frontend falls back to the default C implementation. */
+#define MLK_NATIVE_FUNC_FALLBACK (-1)
+/*
+ * This is the C<->native interface allowing for the drop-in
+ * of custom Keccak-F1600 implementations.
+ *
+ * A _backend_ is a specific implementation of parts of this interface.
+ *
+ * You can replace 1-fold or 4-fold batched Keccak-F1600.
+ * To enable, set MLK_USE_FIPS202_X1_NATIVE or MLK_USE_FIPS202_X4_NATIVE
+ * in your backend, and define the inline wrappers mlk_keccak_f1600_x1_native()
+ * and/or mlk_keccak_f1600_x4_native(), respectively, to forward to your
+ * implementation.
+ */
+#if defined(MLK_USE_FIPS202_X1_NATIVE)
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccak_f1600_x1_native(uint64_t *state)
+__contract__(
+  requires(memory_no_alias(state, sizeof(uint64_t) * 25 * 1))
+  assigns(memory_slice(state, sizeof(uint64_t) * 25 * 1))
+  ensures(return_value == MLK_NATIVE_FUNC_FALLBACK || return_value == MLK_NATIVE_FUNC_SUCCESS)
+  ensures((return_value == MLK_NATIVE_FUNC_FALLBACK) ==> array_unchanged_u64(state, 25 * 1)));
+#endif /* MLK_USE_FIPS202_X1_NATIVE */
+#if defined(MLK_USE_FIPS202_X4_NATIVE)
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccak_f1600_x4_native(uint64_t *state)
+__contract__(
+  requires(memory_no_alias(state, sizeof(uint64_t) * 25 * 4))
+  assigns(memory_slice(state, sizeof(uint64_t) * 25 * 4))
+  ensures(return_value == MLK_NATIVE_FUNC_FALLBACK || return_value == MLK_NATIVE_FUNC_SUCCESS)
+  ensures((return_value == MLK_NATIVE_FUNC_FALLBACK) ==> array_unchanged_u64(state, 25 * 4)));
+#endif /* MLK_USE_FIPS202_X4_NATIVE */
+/*
+ * Native x4 XOR bytes and extract bytes interface.
+ *
+ * These functions allow backends to provide optimized implementations for
+ * XORing input data into the state and extracting output data from the state.
+ * This is particularly useful for backends that use a different internal state
+ * representation (e.g., bit-interleaved), as conversion can happen during
+ * XOR/extract rather than before/after each permutation.
+ *
+ * NOTE: We assume that the custom representation of the zero state is the
+ * all-zero state.
+ *
+ * MLK_USE_FIPS202_X4_XOR_BYTES_NATIVE: Backend provides native XOR bytes
+ * MLK_USE_FIPS202_X4_EXTRACT_BYTES_NATIVE: Backend provides native extract
+ * bytes
+ */
+#if defined(MLK_USE_FIPS202_X4_XOR_BYTES_NATIVE)
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccakf1600_xor_bytes_x4_native(
+    uint64_t *state, const unsigned char *data0, const unsigned char *data1,
+    const unsigned char *data2, const unsigned char *data3, unsigned offset,
+    unsigned length)
+__contract__(
+  requires(0 <= offset && offset <= 25 * sizeof(uint64_t) &&
+           0 <= length && length <= 25 * sizeof(uint64_t) - offset)
+  requires(memory_no_alias(state, sizeof(uint64_t) * 25 * 4))
+  requires(memory_no_alias(data0, length))
+  requires((data0 == data1 &&
+            data0 == data2 &&
+            data0 == data3) ||
+           (memory_no_alias(data1, length) &&
+            memory_no_alias(data2, length) &&
+            memory_no_alias(data3, length)))
+  assigns(memory_slice(state, sizeof(uint64_t) * 25 * 4))
+  ensures(return_value == MLK_NATIVE_FUNC_FALLBACK || return_value == MLK_NATIVE_FUNC_SUCCESS)
+  ensures((return_value == MLK_NATIVE_FUNC_FALLBACK) ==> array_unchanged_u64(state, 25 * 4)));
+#endif /* MLK_USE_FIPS202_X4_XOR_BYTES_NATIVE */
+#if defined(MLK_USE_FIPS202_X4_EXTRACT_BYTES_NATIVE)
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccakf1600_extract_bytes_x4_native(
+    uint64_t *state, unsigned char *data0, unsigned char *data1,
+    unsigned char *data2, unsigned char *data3, unsigned offset,
+    unsigned length)
+__contract__(
+  requires(0 <= offset && offset <= 25 * sizeof(uint64_t) &&
+           0 <= length && length <= 25 * sizeof(uint64_t) - offset)
+  requires(memory_no_alias(state, sizeof(uint64_t) * 25 * 4))
+  requires(memory_no_alias(data0, length))
+  requires(memory_no_alias(data1, length))
+  requires(memory_no_alias(data2, length))
+  requires(memory_no_alias(data3, length))
+  assigns(memory_slice(data0, length))
+  assigns(memory_slice(data1, length))
+  assigns(memory_slice(data2, length))
+  assigns(memory_slice(data3, length))
+  ensures(return_value == MLK_NATIVE_FUNC_FALLBACK || return_value == MLK_NATIVE_FUNC_SUCCESS));
+#endif /* MLK_USE_FIPS202_X4_EXTRACT_BYTES_NATIVE */
+#endif /* !MLK_FIPS202_NATIVE_API_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/README.md ADDED Viewed

@@ -0,0 +1,10 @@
+[//]: # (SPDX-License-Identifier: CC-BY-4.0)
+# FIPS202 backend for Armv8.1-M + MVE
+This directory contains the source code for a FIPS202 backend targeting
+the Armv8.1-M + MVE/Helium architecture. It is automatically derived from
+the respective development source in [dev/fips202/armv81m](../../../../../dev/fips202/armv81m).
+**Warning:** This backend is still in active development and has not yet undergone
+the same level of review as the rest of the code. Use at your own risk!

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/mve.h ADDED Viewed

@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_FIPS202_NATIVE_ARMV81M_MVE_H
+#define MLK_FIPS202_NATIVE_ARMV81M_MVE_H
+#define MLK_FIPS202_NATIVE_ARMV81M
+/* Part of backend API */
+#define MLK_USE_FIPS202_X4_NATIVE
+#define MLK_USE_FIPS202_X4_XOR_BYTES_NATIVE
+#define MLK_USE_FIPS202_X4_EXTRACT_BYTES_NATIVE
+/* Guard for assembly file */
+#define MLK_FIPS202_ARMV81M_NEED_X4
+#if !defined(__ASSEMBLER__)
+#include "../api.h"
+/*
+ * Native x4 permutation
+ * State is kept in bit-interleaved format.
+ */
+#define mlk_keccak_f1600_x4_native_impl \
+  MLK_NAMESPACE(keccak_f1600_x4_native_impl)
+int mlk_keccak_f1600_x4_native_impl(uint64_t *state);
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccak_f1600_x4_native(uint64_t *state)
+{
+  return mlk_keccak_f1600_x4_native_impl(state);
+}
+/*
+ * Native x4 XOR bytes (with on-the-fly bit interleaving)
+ */
+#define mlk_keccak_f1600_x4_state_xor_bytes \
+  MLK_NAMESPACE(keccak_f1600_x4_state_xor_bytes_asm)
+void mlk_keccak_f1600_x4_state_xor_bytes(void *state, const uint8_t *data0,
+                                         const uint8_t *data1,
+                                         const uint8_t *data2,
+                                         const uint8_t *data3, unsigned offset,
+                                         unsigned length);
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccakf1600_xor_bytes_x4_native(
+    uint64_t *state, const uint8_t *data0, const uint8_t *data1,
+    const uint8_t *data2, const uint8_t *data3, unsigned offset,
+    unsigned length)
+{
+  mlk_keccak_f1600_x4_state_xor_bytes(state, data0, data1, data2, data3, offset,
+                                      length);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+/*
+ * Native x4 extract bytes (with on-the-fly bit de-interleaving)
+ */
+#define mlk_keccak_f1600_x4_state_extract_bytes \
+  MLK_NAMESPACE(keccak_f1600_x4_state_extract_bytes_asm)
+void mlk_keccak_f1600_x4_state_extract_bytes(void *state, uint8_t *data0,
+                                             uint8_t *data1, uint8_t *data2,
+                                             uint8_t *data3, unsigned offset,
+                                             unsigned length);
+MLK_MUST_CHECK_RETURN_VALUE
+static MLK_INLINE int mlk_keccakf1600_extract_bytes_x4_native(
+    uint64_t *state, uint8_t *data0, uint8_t *data1, uint8_t *data2,
+    uint8_t *data3, unsigned offset, unsigned length)
+{
+  mlk_keccak_f1600_x4_state_extract_bytes(state, data0, data1, data2, data3,
+                                          offset, length);
+  return MLK_NATIVE_FUNC_SUCCESS;
+}
+#endif /* !__ASSEMBLER__ */
+#endif /* !MLK_FIPS202_NATIVE_ARMV81M_MVE_H */

data/ext/pqcrypto/vendor/mlkem-native/mlkem/src/fips202/native/armv81m/src/fips202_native_armv81m.h ADDED Viewed

@@ -0,0 +1,35 @@
+/*
+ * Copyright (c) The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+#ifndef MLK_FIPS202_NATIVE_ARMV81M_SRC_FIPS202_NATIVE_ARMV81M_H
+#define MLK_FIPS202_NATIVE_ARMV81M_SRC_FIPS202_NATIVE_ARMV81M_H
+#include "../../../../common.h"
+/* Keccak round constants in bit-interleaved form */
+#define mlk_keccakf1600_round_constants \
+  MLK_NAMESPACE(keccakf1600_round_constants)
+extern const uint32_t mlk_keccakf1600_round_constants[48];
+#define mlk_keccak_f1600_x4_mve_asm MLK_NAMESPACE(keccak_f1600_x4_mve_asm)
+void mlk_keccak_f1600_x4_mve_asm(uint64_t state[100], uint64_t tmpstate[100],
+                                 const uint32_t rc[48]);
+#define mlk_keccak_f1600_x4_state_xor_bytes_asm \
+  MLK_NAMESPACE(keccak_f1600_x4_state_xor_bytes_asm)
+void mlk_keccak_f1600_x4_state_xor_bytes_asm(void *state, const uint8_t *d0,
+                                             const uint8_t *d1,
+                                             const uint8_t *d2,
+                                             const uint8_t *d3, unsigned offset,
+                                             unsigned length);
+#define mlk_keccak_f1600_x4_state_extract_bytes_asm \
+  MLK_NAMESPACE(keccak_f1600_x4_state_extract_bytes_asm)
+void mlk_keccak_f1600_x4_state_extract_bytes_asm(void *state, uint8_t *data0,
+                                                 uint8_t *data1, uint8_t *data2,
+                                                 uint8_t *data3,
+                                                 unsigned offset,
+                                                 unsigned length);
+#endif /* !MLK_FIPS202_NATIVE_ARMV81M_SRC_FIPS202_NATIVE_ARMV81M_H */