Add mlkem, mldsa

Cargo.toml

@@ -4,10 +4,10 @@ members=[
     "pqcrypto",
     "pqcrypto-traits",
     "pqcrypto-internals",
-    "pqcrypto-kyber",
+    "pqcrypto-mlkem",
     "pqcrypto-classicmceliece",
     "pqcrypto-hqc",
-    "pqcrypto-dilithium",
+    "pqcrypto-mldsa",
     "pqcrypto-falcon",
     "pqcrypto-sphincsplus",
 ]

implementations.yaml

@@ -1,19 +1,19 @@
 ---
 
-pqcrypto_version: 0.17.0
+pqcrypto_version: 0.18.0
 traits_version: 0.3.5
 
 kems:
-  kyber:
-    version: 0.8.1
+  mlkem:
+    version: 0.1.0
     x86_avx2_guard: 'target_arch == "x86_64" && avx2_enabled && !is_windows && !is_macos'
     implementations: [clean, avx2, aarch64]
     schemes:
-      - name: kyber512
+      - name: ml-kem-512
         implementations: [clean, avx2, aarch64]
-      - name: kyber768
+      - name: ml-kem-768
         implementations: [clean, avx2, aarch64]
-      - name: kyber1024
+      - name: ml-kem-1024
         implementations: [clean, avx2, aarch64]
   classicmceliece:
     version: 0.2.0
@@ -62,16 +62,17 @@ kems:
 
 
 signs:
-  dilithium:
-    version: 0.5.0
+  mldsa:
+    version: 0.1.0
     x86_avx2_guard: 'target_arch == "x86_64" && avx2_enabled && !is_windows'
     implementations: [clean, avx2, aarch64]
+    supports_context: true
     schemes:
-      - name: dilithium2
+      - name: ml-dsa-44
         implementations: [clean, avx2, aarch64]
-      - name: dilithium3
+      - name: ml-dsa-65
         implementations: [clean, avx2, aarch64]
-      - name: dilithium5
+      - name: ml-dsa-87
         implementations: [clean, avx2, aarch64]
   falcon:
     version: 0.3.0

pqcrypto-mldsa/Cargo.toml

@@ -0,0 +1,39 @@
+[package]
+name = "pqcrypto-mldsa"
+description = "Post-Quantum Signature Scheme mldsa"
+readme = "README.md"
+version = "0.1.0"
+authors = ["Thom Wiggers <[email protected]>"]
+edition = "2021"
+license = "MIT OR Apache-2.0"
+homepage = "https://github.com/rustpq/"
+repository = "https://github.com/rustpq/pqcrypto/"
+keywords = ["cryptography", "post-quantum", "security"]
+categories = ["cryptography", "no-std"]
+
+[dependencies]
+pqcrypto-internals = { path = "../pqcrypto-internals", version = "0.2" }
+pqcrypto-traits = { path = "../pqcrypto-traits", version = "0.3.5", default-features = false }
+libc = "0.2.0"
+serde = { version = "1.0", features = ["derive"], optional = true }
+serde-big-array = { version = "0.5.1", optional = true }
+paste = "*"
+
+[features]
+default = ["avx2", "neon", "std"]
+avx2 = ["std"]
+neon = ["std"]
+std = ["pqcrypto-traits/std"]
+serialization = ["serde", "serde-big-array"]
+
+[dev-dependencies]
+rand = "0.8.5"
+
+[build-dependencies]
+cc = { version = "1.0", features = ["parallel"] }
+glob = "0.3.0"
+
+[badges]
+travis-ci = { repository = "rustpq/pqcrypto", branch = "master" }
+maintenance = { status = "actively-developed" }
+

pqcrypto-mldsa/README.md

@@ -0,0 +1,45 @@
+# mldsa
+
+
+This crate contains bindings to the C implementations of the following schemes,
+from [PQClean][pqclean].
+
+This project packages Post-Quantum cryptographic algorithms that participate in
+the [NIST PQC standardization effort][nistpqc]. It is currently a collection of
+wrappers around C implementations from the [PQClean][pqclean] project.
+
+## Serialization
+
+If you want `serde` support, enable the `serialization` feature.
+
+## Included implementations from PQClean
+
+Below is a list of the included schemes and the corresponding implementations
+sourced from [PQClean][pqclean]. The "default" implementation is used in the
+Rust-friendly interface, alternative implementations are exposed as ``ffi``
+methods only.
+
+* ``ml-dsa-44``
+  * ``clean``
+  * ``avx2`` (if supported)
+  * ``aarch64`` (if supported)
+* ``ml-dsa-65``
+  * ``clean``
+  * ``avx2`` (if supported)
+  * ``aarch64`` (if supported)
+* ``ml-dsa-87``
+  * ``clean``
+  * ``avx2`` (if supported)
+  * ``aarch64`` (if supported)
+
+
+## License
+
+The wrappers and wrapper generation scripts in this project are covered by the
+MIT or Apache 2.0 licenses, at your choice.
+
+The implementations we link to are not, however. Please see the [PQClean][pqclean]
+project for the appropriate licenses.
+
+[pqclean]: https://github.com/PQClean/PQClean/
+[nistpqc]: https://nist.gov/pqc/

pqcrypto-mldsa/build.rs

@@ -0,0 +1,162 @@
+extern crate cc;
+extern crate glob;
+
+use std::env;
+use std::path::{Path, PathBuf};
+
+macro_rules! build_clean {
+    ($variant:expr) => {
+        let internals_include_path = &std::env::var("DEP_PQCRYPTO_INTERNALS_INCLUDEPATH").unwrap();
+        let common_dir = Path::new("pqclean/common");
+
+        let mut builder = cc::Build::new();
+        let target_dir: PathBuf = ["pqclean", "crypto_sign", $variant, "clean"]
+            .iter()
+            .collect();
+
+        let target_os = env::var("CARGO_CFG_TARGET_OS").unwrap();
+        if target_os == "wasi" {
+            let wasi_sdk_path =
+                &std::env::var("WASI_SDK_DIR").expect("missing environment variable: WASI_SDK_DIR");
+            builder.flag(format!("--sysroot={}", wasi_sdk_path).as_str());
+        }
+
+        let scheme_files = glob::glob(target_dir.join("*.c").to_str().unwrap()).unwrap();
+
+        builder
+            .include(internals_include_path)
+            .include(&common_dir)
+            .include(target_dir)
+            .files(
+                scheme_files
+                    .into_iter()
+                    .map(|p| p.unwrap().to_string_lossy().into_owned()),
+            );
+        builder.compile(format!("{}_clean", $variant).as_str());
+    };
+}
+
+macro_rules! build_avx2 {
+    ($variant:expr) => {
+        let internals_include_path = &std::env::var("DEP_PQCRYPTO_INTERNALS_INCLUDEPATH").unwrap();
+        let common_dir = Path::new("pqclean/common");
+
+        let mut builder = cc::Build::new();
+        let target_dir: PathBuf = ["pqclean", "crypto_sign", $variant, "avx2"]
+            .iter()
+            .collect();
+
+        let target_os = env::var("CARGO_CFG_TARGET_OS").unwrap();
+        if target_os == "wasi" {
+            let wasi_sdk_path =
+                &std::env::var("WASI_SDK_DIR").expect("missing environment variable: WASI_SDK_DIR");
+            builder.flag(format!("--sysroot={}", wasi_sdk_path).as_str());
+        }
+
+        let scheme_files = glob::glob(target_dir.join("*.[csS]").to_str().unwrap()).unwrap();
+        let target_env = env::var("CARGO_CFG_TARGET_ENV").unwrap();
+        if target_env == "msvc" {
+            builder.flag("/arch:AVX2");
+        } else {
+            builder
+                .flag("-mavx2")
+                .flag("-mbmi2")
+                .flag("-mbmi")
+                .flag("-maes")
+                .flag("-mpopcnt")
+                .flag("-mpclmul");
+        }
+
+        builder
+            .include(internals_include_path)
+            .include(&common_dir)
+            .include(target_dir)
+            .files(
+                scheme_files
+                    .into_iter()
+                    .map(|p| p.unwrap().to_string_lossy().into_owned()),
+            );
+        builder.compile(format!("{}_avx2", $variant).as_str());
+    };
+}
+
+macro_rules! build_aarch64 {
+    ($variant:expr) => {
+        let internals_include_path = &std::env::var("DEP_PQCRYPTO_INTERNALS_INCLUDEPATH").unwrap();
+        let common_dir = Path::new("pqclean/common");
+
+        let mut builder = cc::Build::new();
+        let target_dir: PathBuf = ["pqclean", "crypto_sign", $variant, "aarch64"]
+            .iter()
+            .collect();
+
+        let target_os = env::var("CARGO_CFG_TARGET_OS").unwrap();
+        if target_os == "wasi" {
+            let wasi_sdk_path =
+                &std::env::var("WASI_SDK_DIR").expect("missing environment variable: WASI_SDK_DIR");
+            builder.flag(format!("--sysroot={}", wasi_sdk_path).as_str());
+        }
+
+        let scheme_files = glob::glob(target_dir.join("*.[csS]").to_str().unwrap()).unwrap();
+        builder.flag("-march=armv8-a");
+
+        builder
+            .include(internals_include_path)
+            .include(&common_dir)
+            .include(target_dir)
+            .files(
+                scheme_files
+                    .into_iter()
+                    .map(|p| p.unwrap().to_string_lossy().into_owned()),
+            );
+        builder.compile(format!("{}_aarch64", $variant).as_str());
+    };
+}
+
+fn main() {
+    #[allow(unused_variables)]
+    let aes_enabled = env::var("CARGO_FEATURE_AES").is_ok();
+    #[allow(unused_variables)]
+    let avx2_enabled = env::var("CARGO_FEATURE_AVX2").is_ok();
+    #[allow(unused_variables)]
+    let neon_enabled = env::var("CARGO_FEATURE_NEON").is_ok();
+    #[allow(unused_variables)]
+    let target_arch = env::var("CARGO_CFG_TARGET_ARCH").unwrap();
+    #[allow(unused_variables)]
+    let target_os = env::var("CARGO_CFG_TARGET_OS").unwrap();
+    #[allow(unused_variables)]
+    let is_windows = target_os == "windows";
+    #[allow(unused_variables)]
+    let is_macos = target_os == "macos";
+
+    build_clean!("ml-dsa-44");
+    if target_arch == "x86_64" && avx2_enabled && !is_windows {
+        build_avx2!("ml-dsa-44");
+    }
+    if target_arch == "aarch64" && neon_enabled {
+        build_aarch64!("ml-dsa-44");
+    }
+    build_clean!("ml-dsa-65");
+    if target_arch == "x86_64" && avx2_enabled && !is_windows {
+        build_avx2!("ml-dsa-65");
+    }
+    if target_arch == "aarch64" && neon_enabled {
+        build_aarch64!("ml-dsa-65");
+    }
+    build_clean!("ml-dsa-87");
+    if target_arch == "x86_64" && avx2_enabled && !is_windows {
+        build_avx2!("ml-dsa-87");
+    }
+    if target_arch == "aarch64" && neon_enabled {
+        build_aarch64!("ml-dsa-87");
+    }
+
+    if target_arch == "x86_64" && avx2_enabled && !is_windows {
+        // Print enableing flag for AVX2 implementation
+        println!("cargo:rustc-cfg=enable_x86_avx2");
+    }
+    if target_arch == "aarch64" && neon_enabled {
+        // Print enableing flag for AARCH64 implementation
+        println!("cargo:rustc-cfg=enable_aarch64_neon");
+    }
+}

pqcrypto-mldsa/pqclean

@@ -0,0 +1 @@
+../pqclean