NIST Round 2 (#8)

NIST Round 2

---------

Co-authored-by: Basil Hess <[email protected]>
Co-authored-by: Ward Beullens <[email protected]>
Co-authored-by: Fabio Campos <[email protected]>
Co-authored-by: Matthias J. Kannwischer <[email protected]>
Co-authored-by: ilway25 <[email protected]>
Co-authored-by: Sofía Celi <[email protected]>

Author: 6 people

.cmake/sanitizers.cmake

@@ -28,3 +28,54 @@ set(CMAKE_C_FLAGS_COVERAGE
     "-fprofile-arcs -ftest-coverage"
     CACHE STRING "Flags used by the C compiler during Coverage builds."
     FORCE)
+
+# CT-testing configs
+set(CMAKE_C_FLAGS_CTOS
+    "-Os -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)
+
+set(CMAKE_C_FLAGS_CTO0
+    "-O0 -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)
+
+set(CMAKE_C_FLAGS_CTO1
+    "-O1 -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)
+
+set(CMAKE_C_FLAGS_CTO2
+    "-O2 -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)
+
+set(CMAKE_C_FLAGS_CTO3
+    "-O3 -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)
+
+set(CMAKE_C_FLAGS_CTOSNOVEC
+    "-Os -fno-vectorize -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)
+
+set(CMAKE_C_FLAGS_CTO0NOVEC
+    "-O0 -fno-vectorize -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)
+
+set(CMAKE_C_FLAGS_CTO1NOVEC
+    "-O1 -fno-vectorize -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)
+
+set(CMAKE_C_FLAGS_CTO2NOVEC
+    "-O2 -fno-vectorize -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)
+
+set(CMAKE_C_FLAGS_CTO3NOVEC
+    "-O3 -fno-vectorize -gdwarf-4"
+    CACHE STRING "Flags used by the C compiler during CT builds."
+    FORCE)

.cmake/target.cmake

@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: Apache-2.0
 
-if(${CMAKE_SYSTEM_PROCESSOR} MATCHES "aarch64")
+if(${CMAKE_SYSTEM_PROCESSOR} MATCHES "arm64" OR ${CMAKE_SYSTEM_PROCESSOR} MATCHES "aarch64")
     add_definitions(-DTARGET_ARM64)
 elseif(${CMAKE_SYSTEM_PROCESSOR} MATCHES "arm")
     add_definitions(-DTARGET_ARM)
@@ -15,7 +15,9 @@ else()
     add_definitions(-DTARGET_OTHER)
 endif()
 
-if (UNIX)
+if (APPLE)
+    add_definitions(-DTARGET_OS_MAC)
+elseif (UNIX)
     add_definitions(-DTARGET_OS_UNIX)
 else()
     add_definitions(-DTARGET_OS_OTHER)
@@ -47,19 +49,23 @@ elseif(CMAKE_CXX_COMPILER_ID STREQUAL "AppleClang")
       -mcpu=apple-m1)
   endif()
   option(ENABLE_AESNI "Use AESni" OFF)
+  option(ENABLE_AESNEON "Use AES-NEON" ON)
 endif()
 
 
 if (${MAYO_BUILD_TYPE} MATCHES "ref")
   option(ENABLE_AESNI "Use AESni" OFF)
   option(ENABLE_PARAMS_DYNAMIC "Use dynamic parameters" ON)
   add_definitions(-DMAYO_BUILD_TYPE_REF)
-elseif(${MAYO_BUILD_TYPE} MATCHES "ref")
+elseif(${MAYO_BUILD_TYPE} MATCHES "opt")
   add_definitions(-DMAYO_BUILD_TYPE_OPT)
   option(ENABLE_PARAMS_DYNAMIC "Use dynamic parameters" OFF)
 elseif(${MAYO_BUILD_TYPE} MATCHES "avx2")
   add_definitions(-DMAYO_BUILD_TYPE_AVX2)
   option(ENABLE_PARAMS_DYNAMIC "Use dynamic parameters" OFF)
+  elseif(${MAYO_BUILD_TYPE} MATCHES "neon")
+  add_definitions(-DMAYO_BUILD_TYPE_NEON)
+  option(ENABLE_PARAMS_DYNAMIC "Use dynamic parameters" OFF)
 endif()
 
 separate_arguments(C_OPT_FLAGS UNIX_COMMAND "${G_C_OPT_FLAGS}")

.github/workflows/ci_clang.yml

@@ -0,0 +1,61 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CT-tests (clang, clang-14 and clang-18)
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the "github" branch
+  push:
+    branches: [ '*' ]
+  pull_request:
+    branches: [ "main" ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  ct:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    strategy:
+        matrix:
+          clang_config: [CTOS, CTO0, CTO2, CTO3, CTOSNOVEC, CTO0NOVEC, CTO2NOVEC, CTO3NOVEC]
+          # Note: valgrind seems buggy with CT01 and CT01NOVEC, we skip them
+          clang_version: [clang, clang-15, clang-18]
+          mayo_build_type: [ref, opt, avx2]
+  
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
+
+      - name: Install dependencies
+        run: wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - && wget https://apt.llvm.org/llvm.sh && sudo bash ./llvm.sh 18 && sudo apt update && sudo apt -y install build-essential valgrind cmake libboost-tools-dev libpthread-stubs0-dev libssl-dev clang-15 clang-18 clang gcc gcc-12
+
+      - name: CT-Test (clang)
+        run: |
+            ldd --version
+            rm -rf build && mkdir build && cd build && cmake -DENABLE_CT_TESTING=ON -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DCMAKE_C_COMPILER=${{ matrix.clang_version }} -DCMAKE_BUILD_TYPE=${{ matrix.clang_config }} -DMAYO_MARCH="-march=haswell -maes" .. && make -j
+            valgrind --max-stackframe=3190968 --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme_MAYO_1
+            valgrind --max-stackframe=3190968 --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme_MAYO_2
+            valgrind --max-stackframe=3190968 --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme_MAYO_3
+            valgrind --max-stackframe=3190968 --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme_MAYO_5
+            cd ..
+        if: (matrix.mayo_build_type == 'opt' || matrix.mayo_build_type == 'avx2') && !(matrix.clang_config == 'CTO3' && matrix.mayo_build_type == 'opt')
+
+      - name: CT-Test (clang)
+        run: |
+            ldd --version
+            rm -rf build && mkdir build && cd build && cmake -DENABLE_CT_TESTING=ON -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DCMAKE_C_COMPILER=${{ matrix.clang_version }} -DCMAKE_BUILD_TYPE=${{ matrix.clang_config }} -DMAYO_MARCH="-march=haswell -maes" .. && make -j
+            valgrind --max-stackframe=3190968 --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme MAYO-1
+            valgrind --max-stackframe=3190968 --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme MAYO-2
+            valgrind --max-stackframe=3190968 --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme MAYO-3
+            valgrind --max-stackframe=3190968 --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme MAYO-5
+            cd ..
+        if: matrix.mayo_build_type == 'ref'

.github/workflows/ci_gcc.yml

@@ -0,0 +1,60 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CT-tests (gcc and gcc-12)
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the "github" branch
+  push:
+    branches: [ '*' ]
+  pull_request:
+    branches: [ "main" ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  ct:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    strategy:
+        matrix:
+          gcc_config: [CTOS, CTO0, CTO1, CTO2, CTO3]
+          gcc_version: [gcc, gcc-12]
+          mayo_build_type: [ref, opt, avx2]
+  
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
+
+      - name: Install dependencies
+        run: sudo apt update && sudo apt -y install build-essential valgrind cmake libboost-tools-dev libpthread-stubs0-dev libssl-dev clang-15 clang gcc gcc-12
+
+      - name: CT-Test (gcc)
+        run: |
+            ldd --version
+            rm -rf build && mkdir build && cd build && cmake -DENABLE_CT_TESTING=ON -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DCMAKE_C_COMPILER=${{ matrix.gcc_version }} -DCMAKE_BUILD_TYPE=${{ matrix.gcc_config }} -DMAYO_MARCH="-march=haswell -maes" .. && make -j
+            valgrind --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme_MAYO_1
+            valgrind --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme_MAYO_2
+            valgrind --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme_MAYO_3
+            valgrind --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme_MAYO_5
+            cd ..
+        if: matrix.mayo_build_type == 'opt' || matrix.mayo_build_type == 'avx2'
+
+      - name: CT-Test (clang)
+        run: |
+            ldd --version
+            rm -rf build && mkdir build && cd build && cmake -DENABLE_CT_TESTING=ON -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DCMAKE_C_COMPILER=${{ matrix.gcc_version }} -DCMAKE_BUILD_TYPE=${{ matrix.gcc_config }} -DMAYO_MARCH="-march=haswell -maes" .. && make -j
+            valgrind --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme MAYO-1
+            valgrind --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme MAYO-2
+            valgrind --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme MAYO-3
+            valgrind --tool=memcheck --error-exitcode=1 --track-origins=yes test/mayo_test_scheme MAYO-5
+            cd ..
+        if: matrix.mayo_build_type == 'ref'

.github/workflows/cmake.yml

@@ -12,15 +12,15 @@ env:
 
 jobs:
   build_test:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     strategy:
       matrix:
         mayo_build_type: [ref, opt, avx2]
 
     steps:
     - uses: actions/checkout@v3
     - name: Set up Python 3.10
-      uses: actions/setup-python@v3
+      uses: actions/setup-python@v5
       with:
         python-version: "3.10"
 
@@ -29,7 +29,7 @@ jobs:
 
     - name: Install Valgrind
       run: |
-          sudo apt install valgrind
+          sudo apt-get update && sudo apt install valgrind
           echo "Valgrind installed"
 
     - name: Install Valgrind dependencies
@@ -103,21 +103,21 @@ jobs:
           rm -rf build
           cmake -Bbuild -DENABLE_CT_TESTING=ON -DCMAKE_BUILD_TYPE=Debug -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DMAYO_MARCH="-march=haswell -maes"
           cmake --build build
-          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO_1
-          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO_2
-          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO_3
-          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO_5
+          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO-1
+          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO-2
+          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO-3
+          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO-5
       if: matrix.mayo_build_type == 'ref'
 
     - name: Memcheck
       run: |
           rm -rf build
           cmake -Bbuild -DCMAKE_BUILD_TYPE=Debug -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DMAYO_MARCH="-march=haswell -maes"
           cmake --build build
-          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO_1
-          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO_2
-          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO_3
-          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO_5
+          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO-1
+          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO-2
+          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO-3
+          valgrind --error-exitcode=1 --track-origins=yes build/test/mayo_test_scheme MAYO-5
       if: matrix.mayo_build_type == 'ref'
 
     - name: Memcheck
@@ -136,25 +136,25 @@ jobs:
           rm -rf build
           cmake -Bbuild -DCMAKE_BUILD_TYPE=ASAN -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DCMAKE_C_COMPILER=clang
           cmake --build build
-          ctest -VV --test-dir build
+          ctest -V --test-dir build
 
     - name: Memory Sanitizer MSAN
       run: |
           rm -rf build
           cmake -Bbuild -DCMAKE_BUILD_TYPE=MSAN -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DCMAKE_C_COMPILER=clang
           cmake --build build
-          ctest -VV --test-dir build
+          ctest -V --test-dir build
 
     - name: Leak Sanitizer LSAN
       run: |
           rm -rf build
           cmake -Bbuild -DCMAKE_BUILD_TYPE=LSAN -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DCMAKE_C_COMPILER=clang
           cmake --build build
-          ctest -VV --test-dir build
+          ctest -V --test-dir build
 
     - name: Undefined Behavior Sanitizer UBSAN
       run: |
           rm -rf build
           cmake -Bbuild -DCMAKE_BUILD_TYPE=UBSAN -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DCMAKE_C_COMPILER=clang
           cmake --build build
-          ctest -VV --test-dir build
+          ctest -V --test-dir build

.github/workflows/macos_m1.yml

@@ -0,0 +1,68 @@
+name: CMake (macos-neon)
+
+on:
+  push:
+    branches: [ '*' ]
+  pull_request:
+    branches: [ "main" ]
+
+env:
+  # Customize the CMake build type here (Release, Debug, RelWithDebInfo, etc.)
+  BUILD_TYPE: Debug
+
+jobs:
+  build_test:
+    runs-on: macos-latest
+    strategy:
+      matrix:
+        mayo_build_type: [neon]
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Set up Python 3.10
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.10"
+
+    # The CMake configure and build commands are platform agnostic and should work equally well on Windows or Mac.
+    # You can convert this to a matrix build if you need cross-platform coverage.
+    # See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
+
+    - name: Configure CMake
+      # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make.
+      # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type
+      run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }}
+
+    - name: Build
+      # Build your program with the given configuration
+      run: cmake --build ${{github.workspace}}/build --config ${{env.BUILD_TYPE}}
+
+    - name: Test
+      working-directory: ${{github.workspace}}/build
+      # Execute tests defined by the CMake configuration.
+      # See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail
+      run: ctest -C ${{env.BUILD_TYPE}}
+
+    - name: Examples (neon)
+      working-directory: ${{github.workspace}}/build/apps
+      run: |
+          ./PQCgenKAT_sign_mayo_1
+          ./PQCgenKAT_sign_mayo_2
+          ./PQCgenKAT_sign_mayo_3
+          ./PQCgenKAT_sign_mayo_5
+          ./example_mayo_1
+          ./example_mayo_2
+          ./example_mayo_3
+          ./example_mayo_5
+          ./example_nistapi_mayo_1
+          ./example_nistapi_mayo_2
+          ./example_nistapi_mayo_3
+          ./example_nistapi_mayo_5
+      if: matrix.mayo_build_type == 'neon'
+
+    - name: Address Sanitizer ASAN
+      run: |
+          rm -rf build
+          cmake -Bbuild -DCMAKE_BUILD_TYPE=ASAN -DMAYO_BUILD_TYPE=${{ matrix.mayo_build_type }} -DCMAKE_C_COMPILER=clang
+          cmake --build build
+          ctest -V --test-dir build

CMakeLists.txt

@@ -1,11 +1,12 @@
 # SPDX-License-Identifier: Apache-2.0
 
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.10)
 project(MAYO VERSION 1.0 LANGUAGES C CXX ASM)
 
 set(MAYO_SO_VERSION "0")
 set(CMAKE_C_STANDARD 99)
 
+set(MEMORYCHECK_COMMAND_OPTIONS "--error-exitcode=1")
 include(CTest)
 
 option(ENABLE_STRICT "Build with strict compile options." ON)