Skip to content

Conform to NIST FIPS 204 #30

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 25 commits into from
Nov 24, 2024
Merged

Conform to NIST FIPS 204 #30

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
11b97dd
Update sha3 to latest version
itzmeanjan Nov 22, 2024
1843b60
Change include PATH of sha3 header files
itzmeanjan Nov 22, 2024
cb430e6
Remove `dudect` as git submodule -based dependency
itzmeanjan Nov 22, 2024
cc30dbd
Remove dudect test files
itzmeanjan Nov 22, 2024
1eddb7e
Remove dudect related all targets from Makefile
itzmeanjan Nov 22, 2024
28819b8
Refactor Makefile by splitting it into multiple smaller ones
itzmeanjan Nov 22, 2024
2189cf4
Add missing header include
itzmeanjan Nov 22, 2024
7944f20
Add Makefile target for ease of running example(s)
itzmeanjan Nov 22, 2024
e52e5ab
Update Github Actions CI job runner script to run all possible tests,…
itzmeanjan Nov 22, 2024
ae60eb4
Add "RandomShake" CSPRNG as git submoodule based dependency
itzmeanjan Nov 23, 2024
f29819b
Swap adhoc PRNG with "RandomShake" CSPRNG
itzmeanjan Nov 23, 2024
10621d4
Update Makefile rules to build targets correctly using "RandomShake" …
itzmeanjan Nov 23, 2024
8160810
Conform to NIST FIPS 204 specification
itzmeanjan Nov 24, 2024
2e4ceed
Update KAT files to latest ones
itzmeanjan Nov 24, 2024
bdbdac9
Update prop. tests and KAT tests to conform to new sign/ verify API a…
itzmeanjan Nov 24, 2024
9ee47c0
Update benchmarks to work with new sign/ verify API
itzmeanjan Nov 24, 2024
34fc03b
Add benchmark results for x86_64, running Linux
itzmeanjan Nov 24, 2024
d4fb44d
Add benchmark results on Raspberry Pi 4B
itzmeanjan Nov 24, 2024
27b2899
Simplify how number of 1s in a polynomial is computed
itzmeanjan Nov 24, 2024
10f42f4
Update source file comments
itzmeanjan Nov 24, 2024
79a63f6
Refactor tests by splitting them into smaller ones
itzmeanjan Nov 24, 2024
95f2437
Update example program so that it works with updated sign/ verify pub…
itzmeanjan Nov 24, 2024
2e346be
Add missing assertions on return value of sign function
itzmeanjan Nov 24, 2024
91367f3
Add benchmark result for aarch64 target running Linux kernel
itzmeanjan Nov 24, 2024
3f24e74
Update project documentation
itzmeanjan Nov 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 47 additions & 20 deletions .github/workflows/test_ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,25 +12,52 @@ jobs:
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
compiler: [g++, clang++]
build_type: [debug, release]
test_type: [standard, asan, ubsan]
max-parallel: 4

steps:
- uses: actions/checkout@v4
- name: Setup Google-Test
run: |
pushd ~
git clone https://github.com/google/googletest.git -b v1.14.0
pushd googletest
mkdir build
pushd build
cmake .. -DBUILD_GMOCK=OFF
make -j
sudo make install -j
popd
popd
popd
- name: Execute Tests on ${{matrix.os}}
run: make -j
- name: Execute Tests with AddressSanitizer on ${{matrix.os}}
run: make asan_test -j
- name: Execute Tests with UndefinedBehaviourSanitizer on ${{matrix.os}}
run: make ubsan_test -j
- uses: actions/checkout@v4

- name: Setup Google Test
uses: Bacondish2023/setup-googletest@v1
with:
tag: v1.15.2


- name: Build and Test (${{ matrix.compiler }}, ${{ matrix.build_type }}, ${{ matrix.test_type }})
run: |
CXX=${{ matrix.compiler }}
if [[ ${{ matrix.test_type }} == "standard" ]]; then
make test -j 2>&1 | tee build.log
else
make ${{ matrix.build_type }}_${{ matrix.test_type }}_test -j 2>&1 | tee build.log
fi
if [ $? -ne 0 ]; then
echo "Build or Test Failed! See build.log for details."
exit 1
fi

- name: Upload Build Log
uses: actions/upload-artifact@v3
with:
name: build-log-${{ matrix.compiler }}-${{ matrix.build_type }}-${{ matrix.test_type }}
path: build.log


- name: Run Examples
if: ${{ matrix.test_type == 'standard' && matrix.build_type == 'release' }}
run: |
CXX=${{ matrix.compiler }} make example -j 2>&1 | tee example.log
if [ $? -ne 0 ]; then
echo "Example execution Failed! See example.log for details."
exit 1
fi

- name: Upload Example Log (if failed)
if: ${{ steps.Run_Examples.outcome != 'success' && matrix.test_type == 'standard' && matrix.build_type == 'release' }}
uses: actions/upload-artifact@v3
with:
name: example-log-${{ matrix.compiler }}
path: example.log
6 changes: 3 additions & 3 deletions .gitmodules
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,6 @@
[submodule "gtest-parallel"]
path = gtest-parallel
url = https://github.com/google/gtest-parallel.git
[submodule "dudect"]
path = dudect
url = https://github.com/oreparaz/dudect.git
[submodule "RandomShake"]
path = RandomShake
url = https://github.com/itzmeanjan/RandomShake.git
141 changes: 31 additions & 110 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,124 +1,45 @@
CXX ?= clang++
CXX_FLAGS = -std=c++20
WARN_FLAGS = -Wall -Wextra -pedantic
OPT_FLAGS = -O3 -march=native
LINK_FLAGS = -flto
ASAN_FLAGS = -g -O1 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize=address # From https://clang.llvm.org/docs/AddressSanitizer.html
UBSAN_FLAGS = -g -O1 -fno-omit-frame-pointer -fno-optimize-sibling-calls -fsanitize=undefined # From https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html
DEFAULT_GOAL := help

SHA3_INC_DIR = ./sha3/include
DUDECT_INC_DIR = ./dudect/src
I_FLAGS = -I ./include
DEP_IFLAGS = -I $(SHA3_INC_DIR)
DUDECT_DEP_IFLAGS = $(DEP_IFLAGS) -I $(DUDECT_INC_DIR)
# Collects inspiration from https://github.com/itzmeanjan/ml-kem/blob/61cf680b1c0e2590bd7b650c07cd477e90cab46d/Makefile#L1-L8
.PHONY: help
help:
@for file in $(MAKEFILE_LIST); do \
grep -E '^[a-zA-Z_-]+:.*?## .*$$' $${file} | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}';\
done

SRC_DIR = include
CXX ?= clang++
CXX_FLAGS := -std=c++20
WARN_FLAGS := -Wall -Wextra -Wpedantic
DEBUG_FLAGS := -O1 -g
RELEASE_FLAGS := -O3 -march=native
LINK_OPT_FLAGS := -flto

I_FLAGS := -I ./include
SHA3_INC_DIR := ./sha3/include
RANDOMSHAKE_INC_DIR := ./RandomShake/include
DEP_IFLAGS := -I $(SHA3_INC_DIR) -I $(RANDOMSHAKE_INC_DIR)

SRC_DIR := include
ML_DSA_SOURCES := $(shell find $(SRC_DIR) -name '*.hpp')
BUILD_DIR = build
ASAN_BUILD_DIR = $(BUILD_DIR)/asan
UBSAN_BUILD_DIR = $(BUILD_DIR)/ubsan
DUDECT_BUILD_DIR = $(BUILD_DIR)/dudect

TEST_DIR = tests
DUDECT_TEST_DIR = $(TEST_DIR)/dudect
TEST_SOURCES := $(wildcard $(TEST_DIR)/*.cpp)
TEST_HEADERS := $(wildcard $(TEST_DIR)/*.hpp)
TEST_OBJECTS := $(addprefix $(BUILD_DIR)/, $(notdir $(patsubst %.cpp,%.o,$(TEST_SOURCES))))
ASAN_TEST_OBJECTS := $(addprefix $(ASAN_BUILD_DIR)/, $(notdir $(patsubst %.cpp,%.o,$(TEST_SOURCES))))
UBSAN_TEST_OBJECTS := $(addprefix $(UBSAN_BUILD_DIR)/, $(notdir $(patsubst %.cpp,%.o,$(TEST_SOURCES))))
DUDECT_TEST_SOURCES := $(wildcard $(DUDECT_TEST_DIR)/*.cpp)
DUDECT_TEST_BINARIES := $(addprefix $(DUDECT_BUILD_DIR)/, $(notdir $(patsubst %.cpp,%.out,$(DUDECT_TEST_SOURCES))))
TEST_LINK_FLAGS = -lgtest -lgtest_main
TEST_BINARY = $(BUILD_DIR)/test.out
ASAN_TEST_BINARY = $(ASAN_BUILD_DIR)/test.out
UBSAN_TEST_BINARY = $(UBSAN_BUILD_DIR)/test.out
GTEST_PARALLEL = ./gtest-parallel/gtest-parallel

BENCHMARK_DIR = benchmarks
BENCHMARK_SOURCES := $(wildcard $(BENCHMARK_DIR)/*.cpp)
BENCHMARK_HEADERS := $(wildcard $(BENCHMARK_DIR)/*.hpp)
BENCHMARK_OBJECTS := $(addprefix $(BUILD_DIR)/, $(notdir $(patsubst %.cpp,%.o,$(BENCHMARK_SOURCES))))
BENCHMARK_LINK_FLAGS = -lbenchmark -lbenchmark_main -lpthread
BENCHMARK_BINARY = $(BUILD_DIR)/bench.out
PERF_LINK_FLAGS = -lbenchmark -lbenchmark_main -lpfm -lpthread
PERF_BINARY = $(BUILD_DIR)/perf.out

all: test

$(DUDECT_BUILD_DIR):
mkdir -p $@

$(ASAN_BUILD_DIR):
mkdir -p $@
BUILD_DIR := build

$(UBSAN_BUILD_DIR):
mkdir -p $@
include tests/test.mk
include benchmarks/bench.mk
include examples/example.mk

$(BUILD_DIR):
mkdir -p $@
$(RANDOMSHAKE_INC_DIR):
git submodule update --init --recursive RandomShake

$(SHA3_INC_DIR):
$(SHA3_INC_DIR): $(RANDOMSHAKE_INC_DIR)
git submodule update --init sha3

$(GTEST_PARALLEL): $(SHA3_INC_DIR)
git submodule update --init gtest-parallel

$(DUDECT_INC_DIR): $(GTEST_PARALLEL)
git submodule update --init dudect

$(BUILD_DIR)/%.o: $(TEST_DIR)/%.cpp $(BUILD_DIR) $(SHA3_INC_DIR)
$(CXX) $(CXX_FLAGS) $(WARN_FLAGS) $(OPT_FLAGS) $(I_FLAGS) $(DEP_IFLAGS) -c $< -o $@

$(ASAN_BUILD_DIR)/%.o: $(TEST_DIR)/%.cpp $(ASAN_BUILD_DIR) $(SHA3_INC_DIR) $(SUBTLE_INC_DIR)
$(CXX) $(CXX_FLAGS) $(WARN_FLAGS) $(ASAN_FLAGS) $(I_FLAGS) $(DEP_IFLAGS) -c $< -o $@

$(UBSAN_BUILD_DIR)/%.o: $(TEST_DIR)/%.cpp $(UBSAN_BUILD_DIR) $(SHA3_INC_DIR) $(SUBTLE_INC_DIR)
$(CXX) $(CXX_FLAGS) $(WARN_FLAGS) $(UBSAN_FLAGS) $(I_FLAGS) $(DEP_IFLAGS) -c $< -o $@

$(TEST_BINARY): $(TEST_OBJECTS)
$(CXX) $(OPT_FLAGS) $(LINK_FLAGS) $^ $(TEST_LINK_FLAGS) -o $@

$(ASAN_TEST_BINARY): $(ASAN_TEST_OBJECTS)
$(CXX) $(ASAN_FLAGS) $^ $(TEST_LINK_FLAGS) -o $@

$(UBSAN_TEST_BINARY): $(UBSAN_TEST_OBJECTS)
$(CXX) $(UBSAN_FLAGS) $^ $(TEST_LINK_FLAGS) -o $@

$(DUDECT_BUILD_DIR)/%.out: $(DUDECT_TEST_DIR)/%.cpp $(DUDECT_BUILD_DIR) $(SHA3_INC_DIR) $(SUBTLE_INC_DIR) $(DUDECT_INC_DIR)
$(CXX) $(CXX_FLAGS) $(WARN_FLAGS) $(OPT_FLAGS) $(I_FLAGS) $(DUDECT_DEP_IFLAGS) -lm $(LINK_FLAGS) $< -o $@

test: $(TEST_BINARY) $(GTEST_PARALLEL)
$(GTEST_PARALLEL) $< --print_test_times

asan_test: $(ASAN_TEST_BINARY) $(GTEST_PARALLEL)
$(GTEST_PARALLEL) $< --print_test_times

ubsan_test: $(UBSAN_TEST_BINARY) $(GTEST_PARALLEL)
$(GTEST_PARALLEL) $< --print_test_times

dudect_test_build: $(DUDECT_TEST_BINARIES)

$(BUILD_DIR)/%.o: $(BENCHMARK_DIR)/%.cpp $(BUILD_DIR) $(SHA3_INC_DIR)
$(CXX) $(CXX_FLAGS) $(WARN_FLAGS) $(OPT_FLAGS) $(I_FLAGS) $(DEP_IFLAGS) -c $< -o $@

$(BENCHMARK_BINARY): $(BENCHMARK_OBJECTS)
$(CXX) $(OPT_FLAGS) $(LINK_FLAGS) $^ $(BENCHMARK_LINK_FLAGS) -o $@

benchmark: $(BENCHMARK_BINARY)
# Must *not* build google-benchmark with libPFM
./$< --benchmark_time_unit=us --benchmark_min_warmup_time=.5 --benchmark_enable_random_interleaving=true --benchmark_repetitions=32 --benchmark_min_time=0.1s --benchmark_display_aggregates_only=true --benchmark_counters_tabular=true

$(PERF_BINARY): $(BENCHMARK_OBJECTS)
$(CXX) $(OPT_FLAGS) $(LINK_FLAGS) $^ $(PERF_LINK_FLAGS) -o $@

perf: $(PERF_BINARY)
# Must build google-benchmark with libPFM, follow https://gist.github.com/itzmeanjan/05dc3e946f635d00c5e0b21aae6203a7
./$< --benchmark_time_unit=us --benchmark_min_warmup_time=.5 --benchmark_enable_random_interleaving=true --benchmark_repetitions=32 --benchmark_min_time=0.1s --benchmark_display_aggregates_only=true --benchmark_counters_tabular=true --benchmark_perf_counters=CYCLES

.PHONY: format clean

clean:
.PHONY: clean
clean: ## Remove build directory
rm -rf $(BUILD_DIR)

format: $(ML_DSA_SOURCES) $(TEST_SOURCES) $(TEST_HEADERS) $(DUDECT_TEST_SOURCES) $(BENCHMARK_SOURCES) $(BENCHMARK_HEADERS)
.PHONY: format
format: $(ML_DSA_SOURCES) $(TEST_SOURCES) $(TEST_HEADERS) $(BENCHMARK_SOURCES) $(BENCHMARK_HEADERS) $(EXAMPLE_SOURCES) $(EXAMPLE_HEADERS) ## Format source code
clang-format -i $^
Loading
Loading