Config: Add MLD_CONFIG_NO_RANDOMIZED_API
#619
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mkannwischer
force-pushed
the
no-rand
branch
2 times, most recently
from
65c79a0 to
0404d6f
Compare
hanno-becker
reviewed
Nov 7, 2025
hanno-becker
reviewed
Nov 7, 2025
hanno-becker
approved these changes
Nov 7, 2025
Contributor
hanno-becker
left a comment
hanno-becker
left a comment
There was a problem hiding this comment.
Two nits, but otherwise lgtm.
This adds the MLD_CONFIG_NO_RANDOMIZED_API configuration option to the config file aligning with mlkem-native. MLD_CONFIG_NO_RANDOMIZED_API allows to exclude all top-level APIs requiring randombytes() from a mldsa-native build. This way consumers only requiring the deterministic internal APIs do not have to provide a randomytes implementation. The excluded APIs are currently crypto_sign_keypair, crypto_sign, crypto_sign_signature, and crypto_sign_signature_extmu. Currently, this option is incompatible with the MLD_CONFIG_KEYGEN_PCT configuration option at that relies on crypto_sign_signature. A corresponding error is added in case both configuration options are set. Resolves #597 An example exercising this configuration option is added in the following commit. Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>
This commit adds an example exercising the MLD_CONFIG_NO_RANDOMIZED_API option, i.e., how to build and use mldsa-native without providing a randombytes() implementation but instead supplying all randomness externally. We use a small trick to be able to produce the same testvectors as in the basic example: We extract the randomness that is generated by our deterministic RNG (notrandombytes.c) during the randomized tests and hardcode the randomness in the example (main.c). Resolves #598 Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>
Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>
…ith PCT MLD_CONFIG_NO_RANDOMIZED_API and MLD_CONFIG_KEYGEN_PCT are incompatible and hence the config variation test that enables PCT currently errors in the basic_deterministic example (with the appopriate error message that the options are incompatible). This commit ports the --exclude-example option for the test script and uses it in CI for the PCT test. We also consolidate various small differences to the mlkem-native test script (whitespace changes, etc.). Signed-off-by: Matthias J. Kannwischer <matthias@kannwischer.eu>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds the MLD_CONFIG_NO_RANDOMIZED_API configuration option to the config
file aligning with mlkem-native.
MLD_CONFIG_NO_RANDOMIZED_API allows to exclude all top-level APIs requiring
randombytes() from a mldsa-native build. This way consumers only requiring
the deterministic internal APIs do not have to provide a randomytes
implementation.
The excluded APIs are currently crypto_sign_keypair, crypto_sign,
crypto_sign_signature, and crypto_sign_signature_extmu.
Currently, this option is incompatible with the MLD_CONFIG_KEYGEN_PCT
configuration option at that relies on crypto_sign_signature.
A corresponding error is added in case both configuration options are set.
The
basic_deterministicexample is added to excercise the configuration option.MLD_CONFIG_NO_RANDOMIZED_APIoption #597basic_deterministic#598