Skip to content

Commit 040279b

Browse files
tfaoliveiratfaoliveira
authored
Merge pull request #114 from formosa-crypto/feature/hakyber_mlkem
formosa-mlkem + sct
2 parents bc15608 + edffd1c commit 040279b

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

51 files changed

+136274
-25
lines changed

.github/workflows/amd64-linux-main-build-instructions.yml.0

+2-2
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ jobs:
1212
runs-on: [self-hosted, linux, X64, amd64-instructions]
1313
steps:
1414
- name: checkout
15-
uses: actions/checkout@v3
15+
uses: actions/checkout@v4
1616

1717
- name: build
1818
run: sh scripts/ci/misc/jasmin-build-instructions0
@@ -21,7 +21,7 @@ jobs:
2121
runs-on: [self-hosted, linux, X64, amd64-instructions]
2222
steps:
2323
- name: checkout
24-
uses: actions/checkout@v3
24+
uses: actions/checkout@v4
2525

2626
- name: build
2727
run: sh scripts/ci/misc/jasmin-build-instructions1

.github/workflows/amd64-linux-main-proof.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ jobs:
1515
runs-on: [self-hosted, linux, X64, amd64-main]
1616
steps:
1717
- name: checkout
18-
uses: actions/checkout@v3
18+
uses: actions/checkout@v4
1919

2020
- name: extract and check
2121
run: JASMIN=$(which_jasminc) EASYCRYPT=$(which_easycrypt) ECARGS=$(which_eclib) make -j$JOBS -C proof/ CI=1 default
@@ -31,14 +31,14 @@ jobs:
3131

3232
- name: libjade-logs-proof.tar.gz - contains non-empty logs and errors
3333
if: always()
34-
uses: actions/upload-artifact@v3
34+
uses: actions/upload-artifact@v4
3535
with:
3636
name: libjade-logs-proof.tar.gz
3737
path: proof/libjade-logs-proof.tar.gz
3838

3939
- name: libjade-dist-proof.tar.gz - contains all EasyCrypt files and test.config
4040
if: always()
41-
uses: actions/upload-artifact@v3
41+
uses: actions/upload-artifact@v4
4242
with:
4343
name: libjade-dist-proof.tar.gz
4444
path: libjade-dist-proof.tar.gz

.github/workflows/amd64-linux-main-safety.yml.0

+2-2
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ jobs:
1212
timeout-minutes: 4320
1313
steps:
1414
- name: checkout
15-
uses: actions/checkout@v3
15+
uses: actions/checkout@v4
1616

1717
- name: compile
1818
run: (timeout 4300m make -j$JOBS -C src/ CI=1 SAFETY_TIMEOUT=2880m safety) || true
@@ -22,7 +22,7 @@ jobs:
2222

2323
- name: libjade-logs-safety.tar.gz - contains non-empty logs and errors
2424
if: always()
25-
uses: actions/upload-artifact@v3
25+
uses: actions/upload-artifact@v4
2626
with:
2727
name: libjade-logs-safety.tar.gz
2828
path: src/libjade-logs-src.tar.gz

.github/workflows/amd64-linux-main.yml

+13-13
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ jobs:
1515
runs-on: [self-hosted, linux, X64, amd64-main]
1616
steps:
1717
- name: checkout
18-
uses: actions/checkout@v3
18+
uses: actions/checkout@v4
1919

2020
- name: compile
2121
run: JASMIN=$(which_jasminc) make -j$JOBS -C src/ CI=1 default
@@ -26,7 +26,7 @@ jobs:
2626

2727
- name: libjade-logs-src.tar.gz - contains non-empty logs and errors
2828
if: always()
29-
uses: actions/upload-artifact@v3
29+
uses: actions/upload-artifact@v4
3030
with:
3131
name: libjade-logs-src.tar.gz
3232
path: src/libjade-logs-src.tar.gz
@@ -38,7 +38,7 @@ jobs:
3838
runs-on: [self-hosted, linux, X64, amd64-main]
3939
steps:
4040
- name: checkout
41-
uses: actions/checkout@v3
41+
uses: actions/checkout@v4
4242

4343
- name: compile and run
4444
run: JASMIN=$(which_jasminc) make -j$JOBS -C test/ CI=1 default
@@ -49,7 +49,7 @@ jobs:
4949

5050
- name: libjade-logs-test.tar.gz - contains non-empty logs and errors
5151
if: always()
52-
uses: actions/upload-artifact@v3
52+
uses: actions/upload-artifact@v4
5353
with:
5454
name: libjade-logs-test.tar.gz
5555
path: test/libjade-logs-test.tar.gz
@@ -61,7 +61,7 @@ jobs:
6161
runs-on: [self-hosted, linux, X64, amd64-main]
6262
steps:
6363
- name: checkout
64-
uses: actions/checkout@v3
64+
uses: actions/checkout@v4
6565

6666
- name: compile
6767
run: JASMIN=$(which_jasminc) make -j$JOBS -C src/ CI=1 default
@@ -77,7 +77,7 @@ jobs:
7777

7878
- name: libjade-logs-bench.tar.gz - contains non-empty logs and errors
7979
if: always()
80-
uses: actions/upload-artifact@v3
80+
uses: actions/upload-artifact@v4
8181
with:
8282
name: libjade-logs-bench1.tar.gz
8383
path: bench/libjade-logs-bench.tar.gz
@@ -89,7 +89,7 @@ jobs:
8989
runs-on: [self-hosted, linux, X64, amd64-main]
9090
steps:
9191
- name: checkout
92-
uses: actions/checkout@v3
92+
uses: actions/checkout@v4
9393

9494
- name: compile
9595
run: JASMIN=$(which_jasminc) make -j$JOBS -C src/ CI=1 default
@@ -105,7 +105,7 @@ jobs:
105105

106106
- name: libjade-logs-bench.tar.gz - contains non-empty logs and errors
107107
if: always()
108-
uses: actions/upload-artifact@v3
108+
uses: actions/upload-artifact@v4
109109
with:
110110
name: libjade-logs-bench2.tar.gz
111111
path: bench/libjade-logs-bench.tar.gz
@@ -117,7 +117,7 @@ jobs:
117117
runs-on: [self-hosted, linux, X64, amd64-main]
118118
steps:
119119
- name: checkout
120-
uses: actions/checkout@v3
120+
uses: actions/checkout@v4
121121

122122
- name: extract and check
123123
run: JASMIN=$(which_jasminc) EASYCRYPT=$(which_easycrypt) ECARGS=$(which_eclib) make -j$JOBS -C proof/ CI=1 check-extracted
@@ -130,14 +130,14 @@ jobs:
130130

131131
- name: libjade-logs-proof.tar.gz - contains non-empty logs and errors
132132
if: always()
133-
uses: actions/upload-artifact@v3
133+
uses: actions/upload-artifact@v4
134134
with:
135135
name: libjade-logs-proof.tar.gz
136136
path: proof/libjade-logs-proof.tar.gz
137137

138138
- name: libjade-dist-proof.tar.gz - contains all EasyCrypt files and test.config
139139
if: always()
140-
uses: actions/upload-artifact@v3
140+
uses: actions/upload-artifact@v4
141141
with:
142142
name: libjade-dist-proof.tar.gz
143143
path: libjade-dist-proof.tar.gz
@@ -149,7 +149,7 @@ jobs:
149149
runs-on: [self-hosted, linux, X64, amd64-main]
150150
steps:
151151
- name: checkout
152-
uses: actions/checkout@v3
152+
uses: actions/checkout@v4
153153

154154
- name: compile amd64
155155
run: JASMIN=$(which_jasminc) make -j$JOBS -C src/ CI=1 default
@@ -162,7 +162,7 @@ jobs:
162162

163163
- name: libjade-dist-src-amd64.tar.gz - contains assembly, Jasmin, and how-to-use code
164164
if: always()
165-
uses: actions/upload-artifact@v3
165+
uses: actions/upload-artifact@v4
166166
with:
167167
name: libjade-dist-src-amd64.tar.gz
168168
path: libjade-dist-src-amd64.tar.gz

bench/Makefile

+1-1
Original file line numberDiff line numberDiff line change
@@ -71,7 +71,7 @@ RDIR = $(subst $(BIN)/,,$(@D))
7171

7272
OPERATION = $(subst crypto_,,$(word 1, $(subst /, ,$(RDIR))))
7373
OPERATION1 = $(shell echo $(OPERATION) | tr a-z A-Z)
74-
NAMESPACE0 = $(subst $(OPERATION)_,,$(subst crypto_,,$(subst -,_,$(subst /,_,$(RDIR)))))
74+
NAMESPACE0 = $(subst crypto_$(OPERATION)_,,$(subst -,_,$(subst /,_,$(RDIR))))
7575
NAMESPACE = jade_$(OPERATION)_$(NAMESPACE0)
7676
NAMESPACE1 = JADE_$(OPERATION1)_$(NAMESPACE0)
7777

scripts/ci/config/easycrypt

+1-1
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
eaba09c215c28b292259bd61aaf575bf7d21dbfe
1+
2b3bbadffa084466fd3450f367b2102e032c1301

scripts/ci/config/jasmin

+1-1
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
252e602bd76606942d6e1b2aa7d44eb4d09f1712
1+
7be631a8da1dc3f7c966681028138ae56d8e4610

src/.gitignore

+2
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
*.s
22
*.safety
33
*.safety_*
4+
*.sct
5+
*.sct_*
46
*.o
57
*.a
68
_build/

src/Makefile

+12
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ SRC := .
2222
FILTER ?= $(SRC)/crypto_%
2323
JAZZ ?= $(filter $(FILTER), $(filter-out $(addprefix ./,$(EXCLUDE)), $(sort $(dir $(shell find $(SRC) -name '*.jazz')))))
2424
SAFETY ?= $(addsuffix safety, $(JAZZ))
25+
SCT ?= $(addsuffix sct, $(JAZZ))
2526

2627
SOURCES ?= $(filter-out ./, $(sort $(dir $(shell find $(SRC) -name 'Makefile'))))
2728
ASM := $(shell find $(SRC) -name '*.s')
@@ -68,6 +69,14 @@ safety: $(SAFETY)
6869
$(SAFETY):
6970
$(MAKE) -C $(@D) $(@F) || true
7071

72+
# --------------------------------------------------------------------
73+
74+
.PHONY: sct
75+
sct: $(SCT)
76+
77+
$(SCT):
78+
$(MAKE) -C $(@D) $(@F) || true
79+
7180
# --------------------------------------------------------------------
7281
ifeq ($(CI),1)
7382

@@ -83,6 +92,9 @@ reporter_safety:
8392
./../scripts/ci/reporter/jlog "Safety status" src/ *.safety $(CICL)
8493
$(MAKE) $(LOGS)
8594

95+
reporter_sct:
96+
./../scripts/ci/reporter/jlog "Speculative constant-time status" src/ *.sct $(CICL)
97+
8698
ERR := $(shell find $(BIN) -name '*.error')
8799
CIR := $(shell find $(BIN) -name '*.log') $(ERR)
88100

src/Makefile.checksct

+32
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
# Notes:
2+
# - this file defines fine-grained targets that allow checking the speculative constant-time of individual exported
3+
# functions
4+
# - it is meant to be included by Makefile.common
5+
6+
ifneq ($(OP),)
7+
8+
SCT_FLAGS ?=
9+
10+
CHECK_SCT_S = ($(JASMINC) -slice $* -checkSCT $(SCT_FLAGS) $< > $@ 2>&1) $(CIT)
11+
CHECK_SCT = ($(JASMINC) -checkSCT $(SCT_FLAGS) $< > $@ 2>&1) $(CIT)
12+
13+
SCT_TARGETS = $(addsuffix .sct, $(FUNCTIONS))
14+
15+
sct: $(SCT_TARGETS)
16+
17+
$(OP).sct : $(OP).jazz $(DEPS_DIR)/$(OP).sct.d | $(DEPS_DIR) $(CI_DIR)
18+
$(DEPS)
19+
$(CHECK_SCT)
20+
21+
$(SCT_TARGETS):
22+
%.sct : $(OP).jazz $(DEPS_DIR)/%.sct.d | $(DEPS_DIR) $(CI_DIR)
23+
$(DEPS)
24+
$(CHECK_SCT_S)
25+
26+
DEPFILES := \
27+
$(DEPFILES) \
28+
$(addprefix $(DEPS_DIR)/, $(addsuffix .sct.d, $(FUNCTIONS) $(OP)))
29+
30+
$(SCT_DIR): ; @mkdir -p $@
31+
32+
endif

src/Makefile.common

+5-1
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,10 @@ $(EC_DIR)/%_ct.ec : %.$(JEXT) $(DEPS_DIR)/%_ct.ec.d | $(DEPS_DIR) $(EC_DIR) $(CI
100100

101101
include $(SRC)/Makefile.checksafety
102102

103+
# --------------------------------------------------------------------
104+
105+
include $(SRC)/Makefile.checksct
106+
103107
# --------------------------------------------------------------------
104108
$(CHECKSDIR): ; @mkdir -p $@
105109
$(DEPS_DIR): ; @mkdir -p $@
@@ -129,7 +133,7 @@ include $(wildcard $(DEPFILES))
129133
.PHONY: clean
130134

131135
clean:
132-
@rm -fr $(DEPS_DIR) $(CHECKS_DIR) $(SAFETY_DIR) *.s *.safety* *.o *.a .jflags *.out
136+
@rm -fr $(DEPS_DIR) $(CHECKS_DIR) $(SAFETY_DIR) *.s *.safety* *.sct* *.o *.a .jflags *.out
133137
ifeq ($(CI),1)
134138
@rm -fr $(CI_DIR)
135139
endif

src/crypto_kem/mlkem/mlkem768/META.yml

+4
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
name: MLKEM768
2+
type: kem
3+
checksumsmall: 37a3f3e30152b677a3605fbbba9760326a741344edc64df2e9ba23135d745beb
4+
checksumbig: 5f8345a7632ed05c25db5c3400127242dd187cb2c4ada5cc9dcd581f8b3d81de

src/crypto_kem/mlkem/mlkem768/amd64/avx2/Makefile

+3
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
SRCS := kem.jazz
2+
include ../../../../../Makefile.common
3+

0 commit comments

Comments
 (0)