more wip eurydice changes

cryspen · Dec 5, 2024 · 5a0f22f · 5a0f22f
1 parent 38bf469
commit 5a0f22f
Show file tree

Hide file tree

Showing 7 changed files with 108 additions and 85 deletions.
diff --git a/libcrux-ml-dsa/cg.yaml b/libcrux-ml-dsa/cg.yaml
@@ -45,26 +45,6 @@ files:
       monomorphizations_using:
         - [libcrux_sha3, "*"]
 
-  # MLKEM: MISC NON-ARCHITECTURE SPECIFIC HEADERS
-  - name: libcrux_core
-    inline_static: true
-    private:
-      monomorphizations_of:
-        - [core, "*"]
-        - [libcrux_ml_dsa, types, "*"]
-        - [libcrux_ml_dsa, utils, "*" ]
-      monomorphizations_using:
-        - [Eurydice, "*" ]
-        - [libcrux_ml_dsa, types, "*"]
-      patterns:
-        - [core, "*"]
-        - [libcrux_ml_dsa, types ]
-        - [libcrux_ml_dsa, constants ]
-        - [libcrux_ml_dsa, utils, "*" ]
-        # - [libcrux_ml_dsa, simd, traits ]
-    api:
-      - [Eurydice, "*"]
-
   # MLDSA-65
 
   - name: libcrux_mldsa65_avx2
@@ -88,6 +68,8 @@ files:
       monomorphizations_using:
         - [libcrux_ml_dsa, simd, avx2, "*"]
         - [libcrux_ml_dsa, hash_functions, simd256, "*"]
+      # monomorphizations_exact:
+      #   - [core, option, Option_c4]
 
   - name: libcrux_mldsa65_portable
     inline_static: true
@@ -98,21 +80,48 @@ files:
         - [libcrux_ml_dsa, hash_functions, portable, "*"]
         - [libcrux_ml_dsa, ml_dsa_65, portable, "*"]
         - [libcrux_ml_dsa, ml_dsa_generic, instantiations, portable, "*"]
-        - [core, option, Option_84]
+        # - [libcrux_ml_dsa, pre_hash, PreHashResult]
+        # - [core, option, Option_84]
       monomorphizations_of:
         - [libcrux_ml_dsa, polynomial, "*" ]
         - [libcrux_ml_dsa, simd, "*"]
         - [libcrux_ml_dsa, hash_functions, portable, "*"]
         - [libcrux_ml_dsa, ml_dsa_65, portable]
         - [libcrux_ml_dsa, ml_dsa_generic, instantiations, portable, "*"]
-        - [core, option, Option_84]
+        # - [libcrux_ml_dsa, pre_hash, PreHashResult]
+        # - [core, option, Option_84]
       monomorphizations_using:
         - [libcrux_ml_dsa, polynomial, "*" ]
         - [libcrux_ml_dsa, simd, "*"]
         - [libcrux_ml_dsa, hash_functions, portable, "*"]
         - [libcrux_ml_dsa, ml_dsa_generic, instantiations, portable, "*"]
+        # - [libcrux_ml_dsa, pre_hash, PreHashResult]
+      monomorphizations_exact:
+        - [libcrux_ml_dsa, pre_hash, PreHashResult]
+        - [core, result, Result_a8]
         - [core, option, Option_84]
 
+
+  # MLKEM: MISC NON-ARCHITECTURE SPECIFIC HEADERS
+  - name: libcrux_core
+    inline_static: true
+    private:
+      monomorphizations_of:
+        - [core, "*"]
+        - [libcrux_ml_dsa, types, "*"]
+        - [libcrux_ml_dsa, utils, "*" ]
+      monomorphizations_using:
+        - [Eurydice, "*" ]
+        - [libcrux_ml_dsa, types, "*"]
+      patterns:
+        - [core, "*"]
+        - [libcrux_ml_dsa, types ]
+        - [libcrux_ml_dsa, constants ]
+        - [libcrux_ml_dsa, utils, "*" ]
+        # - [libcrux_ml_dsa, simd, traits ]
+    api:
+      - [Eurydice, "*"]
+
 naming:
   skip_prefix:
     - [ core, core_arch, arm_shared, neon ]

diff --git a/libcrux-ml-dsa/cg/code_gen.txt b/libcrux-ml-dsa/cg/code_gen.txt
@@ -3,4 +3,4 @@ Charon: a68994d00017b76a805d0115ca06c1f2c1805e79
 Eurydice: b665364a6d86749566ce2d650d13fa12c8fab2c5
 Karamel: 96572bc631fde691a2aea7bce5a5a3838b3a5968
 F*: b0961063393215ca65927f017720cb365a193833-dirty
-Libcrux: 7bf825af76a34466b18ead540bb08b9631dbfd13
+Libcrux: 38bf4698b35566ed740556f03e998f1b78e38096
diff --git a/libcrux-ml-dsa/cg/header.txt b/libcrux-ml-dsa/cg/header.txt
@@ -8,5 +8,5 @@
  * Eurydice: b665364a6d86749566ce2d650d13fa12c8fab2c5
  * Karamel: 96572bc631fde691a2aea7bce5a5a3838b3a5968
  * F*: b0961063393215ca65927f017720cb365a193833-dirty
- * Libcrux: 7bf825af76a34466b18ead540bb08b9631dbfd13
+ * Libcrux: 38bf4698b35566ed740556f03e998f1b78e38096
  */
diff --git a/libcrux-ml-dsa/src/encoding/signing_key.rs b/libcrux-ml-dsa/src/encoding/signing_key.rs
@@ -5,6 +5,7 @@ use crate::{
     },
     encoding,
     hash_functions::shake256,
+    helper::cloop,
     polynomial::PolynomialRingElement,
     simd::traits::Operations,
 };
@@ -46,24 +47,30 @@ pub(crate) fn generate_serialized<
         .copy_from_slice(&verification_key_hash);
     offset += BYTES_FOR_VERIFICATION_KEY_HASH;
 
-    for ring_element in s1.iter() {
-        signing_key_serialized[offset..offset + ERROR_RING_ELEMENT_SIZE].copy_from_slice(
-            &encoding::error::serialize::<SIMDUnit, ETA, ERROR_RING_ELEMENT_SIZE>(*ring_element),
-        );
-        offset += ERROR_RING_ELEMENT_SIZE;
+    cloop! {
+        for ring_element in s1.iter() {
+            signing_key_serialized[offset..offset + ERROR_RING_ELEMENT_SIZE].copy_from_slice(
+                &encoding::error::serialize::<SIMDUnit, ETA, ERROR_RING_ELEMENT_SIZE>(*ring_element),
+            );
+            offset += ERROR_RING_ELEMENT_SIZE;
+        }
     }
 
-    for ring_element in s2.iter() {
-        signing_key_serialized[offset..offset + ERROR_RING_ELEMENT_SIZE].copy_from_slice(
-            &encoding::error::serialize::<SIMDUnit, ETA, ERROR_RING_ELEMENT_SIZE>(*ring_element),
-        );
-        offset += ERROR_RING_ELEMENT_SIZE;
+    cloop! {
+        for ring_element in s2.iter() {
+            signing_key_serialized[offset..offset + ERROR_RING_ELEMENT_SIZE].copy_from_slice(
+                &encoding::error::serialize::<SIMDUnit, ETA, ERROR_RING_ELEMENT_SIZE>(*ring_element),
+            );
+            offset += ERROR_RING_ELEMENT_SIZE;
+        }
     }
 
-    for ring_element in t0.iter() {
-        signing_key_serialized[offset..offset + RING_ELEMENT_OF_T0S_SIZE]
-            .copy_from_slice(&encoding::t0::serialize::<SIMDUnit>(*ring_element));
-        offset += RING_ELEMENT_OF_T0S_SIZE;
+    cloop! {
+        for ring_element in t0.iter() {
+            signing_key_serialized[offset..offset + RING_ELEMENT_OF_T0S_SIZE]
+                .copy_from_slice(&encoding::t0::serialize::<SIMDUnit>(*ring_element));
+            offset += RING_ELEMENT_OF_T0S_SIZE;
+        }
     }
 
     signing_key_serialized

diff --git a/libcrux-ml-dsa/src/helper.rs b/libcrux-ml-dsa/src/helper.rs
@@ -1,7 +1,7 @@
 /// The following macros are defined so that the extraction from Rust to C code
 /// can go through.
 
-#[cfg(eurydice)]
+// #[cfg(eurydice)]
 macro_rules! cloop {
     (for ($i:ident, $chunk:ident) in $val:ident.$values:ident.chunks_exact($($chunk_size:expr),*).enumerate() $body:block) => {
         for $i in 0..$val.$values.len() / ($($chunk_size)*) {
@@ -21,6 +21,12 @@ macro_rules! cloop {
             $body
         }
     };
+    (for $item:ident in $val:ident.iter() $body:block) => {
+        for _cloop_i in 0..$val.len() {
+            let $item = &$val[_cloop_i];
+            $body
+        }
+    };
     (for ($i:ident, $item:ident) in $self:ident.$val:ident.iter().enumerate() $body:block) => {
         for $i in 0..$self.$val.len() {
             let $item = &$self.$val[$i];
@@ -41,26 +47,29 @@ macro_rules! cloop {
     };
 }
 
-#[cfg(not(eurydice))]
-macro_rules! cloop {
-    (for ($i:ident, $chunk:ident) in $val:ident.$values:ident.chunks_exact($($chunk_size:expr),*).enumerate() $body:block) => {
-        for ($i, $chunk) in $val.$values.chunks_exact($($chunk_size),*).enumerate() $body
-    };
-    (for ($i:ident, $chunk:ident) in $val:ident.chunks_exact($($chunk_size:expr),*).enumerate() $body:block) => {
-        for ($i, $chunk) in $val.chunks_exact($($chunk_size),*).enumerate() $body
-    };
-    (for ($i:ident, $item:ident) in $val:ident.iter().enumerate() $body:block) => {
-        for ($i, $item) in $val.iter().enumerate() $body
-    };
-    (for ($i:ident, $item:ident) in $self:ident.$val:ident.iter().enumerate() $body:block) => {
-        for ($i, $item) in $self.$val.iter().enumerate() $body
-    };
-    (for ($i:ident, $item:ident) in $val:ident.into_iter().enumerate() $body:block) => {
-        for ($i, $item) in $val.into_iter().enumerate() $body
-    };
-    (for $i:ident in ($start:literal..$end:expr).step_by($step:literal) $body:block) => {
-        for $i in ($start..$end).step_by($step) $body
-    };
-}
+// #[cfg(not(eurydice))]
+// macro_rules! cloop {
+//     (for ($i:ident, $chunk:ident) in $val:ident.$values:ident.chunks_exact($($chunk_size:expr),*).enumerate() $body:block) => {
+//         for ($i, $chunk) in $val.$values.chunks_exact($($chunk_size),*).enumerate() $body
+//     };
+//     (for ($i:ident, $chunk:ident) in $val:ident.chunks_exact($($chunk_size:expr),*).enumerate() $body:block) => {
+//         for ($i, $chunk) in $val.chunks_exact($($chunk_size),*).enumerate() $body
+//     };
+//     (for ($i:ident, $item:ident) in $val:ident.iter().enumerate() $body:block) => {
+//         for ($i, $item) in $val.iter().enumerate() $body
+//     };
+//     (for $item:ident in $val:ident.iter() $body:block) => {
+//         for $item in $val.iter() $body
+//     };
+//     (for ($i:ident, $item:ident) in $self:ident.$val:ident.iter().enumerate() $body:block) => {
+//         for ($i, $item) in $self.$val.iter().enumerate() $body
+//     };
+//     (for ($i:ident, $item:ident) in $val:ident.into_iter().enumerate() $body:block) => {
+//         for ($i, $item) in $val.into_iter().enumerate() $body
+//     };
+//     (for $i:ident in ($start:literal..$end:expr).step_by($step:literal) $body:block) => {
+//         for $i in ($start..$end).step_by($step) $body
+//     };
+// }
 
 pub(crate) use cloop;
diff --git a/libcrux-ml-dsa/src/ml_dsa_generic.rs b/libcrux-ml-dsa/src/ml_dsa_generic.rs
@@ -126,6 +126,11 @@ pub(crate) fn sign_pre_hashed<
         return Err(SigningError::ContextTooLongError);
     }
     let pre_hashed_message = PH::hash::<Shake128>(message);
+    let oid = PH::oid();
+    let domain_separation_context = match DomainSeparationContext::new(context, Some(&oid)) {
+        Ok(domain_separation_context) => domain_separation_context,
+        Err(_) => return Err(SigningError::ContextTooLongError),
+    };
     sign_internal::<
         SIMDUnit,
         Shake128X4,
@@ -149,7 +154,7 @@ pub(crate) fn sign_pre_hashed<
     >(
         &signing_key,
         &pre_hashed_message,
-        Some(DomainSeparationContext::new(context, Some(&PH::oid()))?),
+        Some(domain_separation_context),
         randomness,
     )
 }
@@ -183,6 +188,10 @@ pub(crate) fn sign<
     randomness: [u8; SIGNING_RANDOMNESS_SIZE],
 ) -> Result<MLDSASignature<SIGNATURE_SIZE>, SigningError> {
     // TODO: Support implicit into() in ? so that this match becomes unnecessary
+    let domain_separation_context = match DomainSeparationContext::new(context, None) {
+        Ok(domain_separation_context) => domain_separation_context,
+        Err(_) => return Err(SigningError::ContextTooLongError),
+    };
     sign_internal::<
         SIMDUnit,
         Shake128X4,
@@ -206,7 +215,7 @@ pub(crate) fn sign<
     >(
         &signing_key,
         message,
-        Some(DomainSeparationContext::new(context, None)?),
+        Some(domain_separation_context),
         randomness,
     )
 }
@@ -577,6 +586,10 @@ pub(crate) fn verify<
     signature_serialized: &[u8; SIGNATURE_SIZE],
 ) -> Result<(), VerificationError> {
     // TODO: Support implicit into() in ? so that this match becomes unnecessary
+    let domain_separation_context = match DomainSeparationContext::new(context, None) {
+        Ok(domain_separation_context) => domain_separation_context,
+        Err(_) => return Err(VerificationError::ContextTooLongError),
+    };
     verify_internal::<
         SIMDUnit,
         Shake128X4,
@@ -598,7 +611,7 @@ pub(crate) fn verify<
     >(
         &verification_key_serialized,
         message,
-        Some(DomainSeparationContext::new(context, None)?),
+        Some(domain_separation_context),
         &signature_serialized,
     )
 }
@@ -633,6 +646,11 @@ pub(crate) fn verify_pre_hashed<
     signature_serialized: &[u8; SIGNATURE_SIZE],
 ) -> Result<(), VerificationError> {
     let pre_hashed_message = PH::hash::<Shake128>(message);
+    let oid = PH::oid();
+    let domain_separation_context = match DomainSeparationContext::new(context, Some(&oid)) {
+        Ok(domain_separation_context) => domain_separation_context,
+        Err(_) => return Err(VerificationError::ContextTooLongError),
+    };
 
     verify_internal::<
         SIMDUnit,
@@ -655,7 +673,7 @@ pub(crate) fn verify_pre_hashed<
     >(
         &verification_key_serialized,
         &pre_hashed_message,
-        Some(DomainSeparationContext::new(context, Some(&PH::oid()))?),
+        Some(domain_separation_context),
         &signature_serialized,
     )
 }
diff --git a/libcrux-ml-dsa/src/pre_hash.rs b/libcrux-ml-dsa/src/pre_hash.rs
@@ -4,11 +4,7 @@
 //! of FIPS 204, any NIST-approved hash function or XOF can be used to
 //!/perform the pre-hash of the message. This module implements the
 //! pre-hash trait for SHAKE-128, with a digest length of 256 bytes.
-use crate::{
-    constants::CONTEXT_MAX_LEN,
-    hash_functions,
-    types::{SigningError, VerificationError},
-};
+use crate::{constants::CONTEXT_MAX_LEN, hash_functions};
 
 pub(crate) const PRE_HASH_OID_LEN: usize = 11;
 pub(crate) type PreHashOID = [u8; PRE_HASH_OID_LEN];
@@ -81,19 +77,3 @@ impl<'a> DomainSeparationContext<'a> {
         self.pre_hash_oid
     }
 }
-
-impl From<DomainSeparationError> for SigningError {
-    fn from(e: DomainSeparationError) -> SigningError {
-        match e {
-            DomainSeparationError::ContextTooLongError => SigningError::ContextTooLongError,
-        }
-    }
-}
-
-impl From<DomainSeparationError> for VerificationError {
-    fn from(e: DomainSeparationError) -> VerificationError {
-        match e {
-            DomainSeparationError::ContextTooLongError => VerificationError::ContextTooLongError,
-        }
-    }
-}