Skip to content

Commit e061e08

Browse files
flyndandolo-axis
flynd
authored and
andolo-axis
committed
Add example for using verify_internal only
Provide both keys and signatures as example data so the verify function can be tested without having key generation and signature creation in the same build. Signed-off-by: Anders Sonmark <Anders.Sonmark@axis.com>
1 parent c7be8f6 commit e061e08

11 files changed

Lines changed: 2138 additions & 0 deletions

File tree

examples/monolithic_build_verify_native/.gitignore

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
2+
3+
build

examples/monolithic_build_verify_native/Makefile

Lines changed: 135 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,135 @@
1+
# Copyright (c) The mlkem-native project authors
2+
# Copyright (c) The mldsa-native project authors
3+
# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
4+
5+
.PHONY: build run clean
6+
.DEFAULT_GOAL := all
7+
8+
CC ?= gcc
9+
AR ?= ar
10+
11+
# Adjust CFLAGS if needed
12+
CFLAGS := \
13+
-Wall \
14+
-Wextra \
15+
-Werror=unused-result \
16+
-Wpedantic \
17+
-Werror \
18+
-Wmissing-prototypes \
19+
-Wshadow \
20+
-Wpointer-arith \
21+
-Wredundant-decls \
22+
-Wconversion \
23+
-Wsign-conversion \
24+
-Wno-long-long \
25+
-Wno-unknown-pragmas \
26+
-Wno-unused-command-line-argument \
27+
-O3 \
28+
-fomit-frame-pointer \
29+
-std=c99 \
30+
-pedantic \
31+
-MMD \
32+
$(CFLAGS)
33+
34+
# If you want to use the native backends, the compiler needs to know about
35+
# the target architecture. Here, we import the default host detection from
36+
# mldsa-native's tests, but you can write your own or specialize accordingly.
37+
AUTO ?= 1
38+
include auto.mk
39+
40+
# The following only concerns the cross-compilation tests.
41+
# You can likely ignore the following for your application.
42+
#
43+
# Append cross-prefix for cross compilation
44+
# When called from the root Makefile, CROSS_PREFIX has already been added here
45+
ifeq (,$(findstring $(CROSS_PREFIX),$(CC)))
46+
CC := $(CROSS_PREFIX)$(CC)
47+
endif
48+
49+
ifeq (,$(findstring $(CROSS_PREFIX),$(AR)))
50+
AR := $(CROSS_PREFIX)$(AR)
51+
endif
52+
53+
Q ?= @
54+
55+
# Part A:
56+
#
57+
# mldsa-native source and header files
58+
#
59+
# Here, we use just a single C and assembly unit.
60+
61+
MLD_SOURCE=mldsa_native/mldsa_native.c mldsa_native/mldsa_native_asm.S
62+
63+
INC=-Imldsa_native/ -I./
64+
65+
# Part B:
66+
#
67+
# Your application source code
68+
APP_SOURCE=$(RNG_SOURCE) main.c
69+
70+
BUILD_DIR=build
71+
BIN44=test_binary_mldsa44
72+
BIN65=test_binary_mldsa65
73+
BIN87=test_binary_mldsa87
74+
LIB44=libmldsa44.a
75+
LIB65=libmldsa65.a
76+
LIB87=libmldsa87.a
77+
78+
BIN44_FULL=$(BUILD_DIR)/$(BIN44)
79+
BIN65_FULL=$(BUILD_DIR)/$(BIN65)
80+
BIN87_FULL=$(BUILD_DIR)/$(BIN87)
81+
82+
LIB44_FULL=$(BUILD_DIR)/$(LIB44)
83+
LIB65_FULL=$(BUILD_DIR)/$(LIB65)
84+
LIB87_FULL=$(BUILD_DIR)/$(LIB87)
85+
86+
$(LIB44_FULL): $(MLD_SOURCE)
87+
$(Q)echo "$@"
88+
$(Q)[ -d $(@) ] || mkdir -p $(@D)
89+
$(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=44 $(INC) mldsa_native/mldsa_native.c -o $(BUILD_DIR)/mldsa_native44.c.o
90+
$(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=44 $(INC) mldsa_native/mldsa_native_asm.S -o $(BUILD_DIR)/mldsa_native44.S.o
91+
$(Q)$(AR) rcs $@ $(BUILD_DIR)/mldsa_native44.c.o $(BUILD_DIR)/mldsa_native44.S.o
92+
$(Q)strip -S $@
93+
94+
$(LIB65_FULL): $(MLD_SOURCE)
95+
$(Q)echo "$@"
96+
$(Q)[ -d $(@) ] || mkdir -p $(@D)
97+
$(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=65 $(INC) mldsa_native/mldsa_native.c -o $(BUILD_DIR)/mldsa_native65.c.o
98+
$(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=65 $(INC) mldsa_native/mldsa_native_asm.S -o $(BUILD_DIR)/mldsa_native65.S.o
99+
$(Q)$(AR) rcs $@ $(BUILD_DIR)/mldsa_native65.c.o $(BUILD_DIR)/mldsa_native65.S.o
100+
$(Q)strip -S $@
101+
102+
$(LIB87_FULL): $(MLD_SOURCE)
103+
$(Q)echo "$@"
104+
$(Q)[ -d $(@) ] || mkdir -p $(@D)
105+
$(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=87 $(INC) mldsa_native/mldsa_native.c -o $(BUILD_DIR)/mldsa_native87.c.o
106+
$(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=87 $(INC) mldsa_native/mldsa_native_asm.S -o $(BUILD_DIR)/mldsa_native87.S.o
107+
$(Q)$(AR) rcs $@ $(BUILD_DIR)/mldsa_native87.c.o $(BUILD_DIR)/mldsa_native87.S.o
108+
$(Q)strip -S $@
109+
110+
$(BIN44_FULL): $(APP_SOURCE) $(LIB44_FULL)
111+
$(Q)echo "$@"
112+
$(Q)[ -d $(@) ] || mkdir -p $(@D)
113+
$(Q)$(CC) $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=44 $(INC) $^ -o $@
114+
115+
$(BIN65_FULL): $(APP_SOURCE) $(LIB65_FULL)
116+
$(Q)echo "$@"
117+
$(Q)[ -d $(@) ] || mkdir -p $(@D)
118+
$(Q)$(CC) $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=65 $(INC) $^ -o $@
119+
120+
$(BIN87_FULL): $(APP_SOURCE) $(LIB87_FULL)
121+
$(Q)echo "$@"
122+
$(Q)[ -d $(@) ] || mkdir -p $(@D)
123+
$(Q)$(CC) $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=87 $(INC) $^ -o $@
124+
125+
all: build
126+
127+
build: $(BIN44_FULL) $(BIN65_FULL) $(BIN87_FULL)
128+
129+
run: $(BIN44_FULL) $(BIN65_FULL) $(BIN87_FULL)
130+
$(Q)$(EXEC_WRAPPER) ./$(BIN44_FULL)
131+
$(Q)$(EXEC_WRAPPER) ./$(BIN65_FULL)
132+
$(Q)$(EXEC_WRAPPER) ./$(BIN87_FULL)
133+
134+
clean:
135+
rm -rf $(BUILD_DIR)

examples/monolithic_build_verify_native/README.md

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
[//]: # (SPDX-License-Identifier: CC-BY-4.0)
2+
3+
# Monolithic Build Verify Only (Native Backend)
4+
5+
This directory contains a minimal example for building mldsa-native as a single compilation unit
6+
with native assembly backends to only verify signatures, using the auto-generated `mldsa_native.c`
7+
and `mldsa_native_asm.S` files.
8+
9+
## Use Case
10+
11+
Use this approach when:
12+
- You need only one ML-DSA parameter set (44, 65, or 87)
13+
- You want simple build integration with optimal performance
14+
- You only need to verify signatures, not generate keys or create signatures
15+
- You don't need the wrapper functions and can call mldsa_verify_internal() directly
16+
17+
## Components
18+
19+
1. Source tree [mldsa_native/*](mldsa_native), including top-level compilation unit
20+
[mldsa_native.c](mldsa_native/mldsa_native.c) (gathering all C sources),
21+
[mldsa_native_asm.S](mldsa_native/mldsa_native_asm.S) (gathering all assembly sources),
22+
and the mldsa-native API [mldsa_native.h](mldsa_native/mldsa_native.h).
23+
2. Your application source code
24+
25+
## Configuration
26+
27+
The configuration file [mldsa_native_config.h](mldsa_native/mldsa_native_config.h) sets:
28+
- `MLD_CONFIG_PARAMETER_SET`: Security level (default 87)
29+
- `MLD_CONFIG_NAMESPACE_PREFIX`: Symbol prefix (set to `mldsa`)
30+
- `MLD_CONFIG_NO_KEYPAIR_API`: Disables `crypto_sign_signature`, etc.
31+
- `MLD_CONFIG_NO_SIGN_API`: Disables `crypto_sign_keypair`, etc.
32+
- `MLD_CONFIG_INTERNAL_API_ONLY`: Disables all public functions except `crypto_sign_XXXX_internal`
33+
- `MLD_CONFIG_USE_NATIVE_BACKEND_ARITH`: Enables native arithmetic backend
34+
- `MLD_CONFIG_USE_NATIVE_BACKEND_FIPS202`: Enables native FIPS-202 backend
35+
- `MLD_CONFIG_INTERNAL_API_QUALIFIER`: `static` to build as a single unit
36+
37+
## Notes
38+
39+
- Both `mldsa_native.c` and `mldsa_native_asm.S` must be compiled and linked
40+
- Native backends are auto-selected based on target architecture
41+
- On unsupported platforms, the C backend is used automatically
42+
43+
## Usage
44+
45+
```bash
46+
make build # Build the example
47+
make run # Run the example
48+
```

examples/monolithic_build_verify_native/auto.mk

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
../../test/mk/auto.mk

0 commit comments

Comments
 (0)