SHA-2 PreHash ML-DSA

Signed-off-by: Matthias J. Kannwischer <[email protected]>

Author: mkannwischer

Makefile.Microsoft_nmake

@@ -5,19 +5,23 @@
 CFLAGS = /nologo /O2 /Imldsa /Imlmdsa/fips202 /Imldsa/fips202/native /Imldsa/native
 
 OBJ_FILES = .\mldsa\*.obj \
-            .\mldsa\fips202\*.obj
+            .\mldsa\fips202\*.obj \
+            .\mldsa\sha2\*.obj
 
 BUILD_DIR = test\build
 MLDSA44_BUILD_DIR = $(BUILD_DIR)\mldsa44
 MLDSA65_BUILD_DIR = $(BUILD_DIR)\mldsa65
 MLDSA87_BUILD_DIR = $(BUILD_DIR)\mldsa87
 
 OBJ_FILES_44 = $(MLDSA44_BUILD_DIR)\mldsa\*.obj \
-                $(MLDSA44_BUILD_DIR)\mldsa\fips202\*.obj
+                $(MLDSA44_BUILD_DIR)\mldsa\fips202\*.obj \
+                $(MLDSA44_BUILD_DIR)\mldsa\sha2\*.obj
 OBJ_FILES_65 = $(MLDSA65_BUILD_DIR)\mldsa\*.obj \
-                $(MLDSA65_BUILD_DIR)\mldsa\fips202\*.obj
+                $(MLDSA65_BUILD_DIR)\mldsa\fips202\*.obj \
+                $(MLDSA65_BUILD_DIR)\mldsa\sha2\*.obj
 OBJ_FILES_87 = $(MLDSA87_BUILD_DIR)\mldsa\*.obj \
-                 $(MLDSA87_BUILD_DIR)\mldsa\fips202\*.obj
+                 $(MLDSA87_BUILD_DIR)\mldsa\fips202\*.obj \
+                 $(MLDSA87_BUILD_DIR)\mldsa\sha2\*.obj
 
 # NOTE: We currently only build code for non-opt code, as we haven't yet made the assembly compatible on Windows
 !IFNDEF OPT
@@ -37,6 +41,10 @@ OPT = 0
     @if NOT EXIST $(MLDSA44_BUILD_DIR)\mldsa\fips202 mkdir $(MLDSA44_BUILD_DIR)\mldsa\fips202
     $(CC) $(CFLAGS) /D MLD_CONFIG_PARAMETER_SET=44 /c /Fo$(MLDSA44_BUILD_DIR)\mldsa\fips202\ $<
 
+{mldsa\sha2}.c{$(MLDSA44_BUILD_DIR)\mldsa\sha2}.obj::
+    @if NOT EXIST $(MLDSA44_BUILD_DIR)\mldsa\sha2 mkdir $(MLDSA44_BUILD_DIR)\mldsa\sha2
+    $(CC) $(CFLAGS) /D MLD_CONFIG_PARAMETER_SET=44 /c /Fo$(MLDSA44_BUILD_DIR)\mldsa\sha2\ $<
+
 {test}.c{$(MLDSA44_BUILD_DIR)\test}.obj::
     @if NOT EXIST $(MLDSA44_BUILD_DIR)\test mkdir $(MLDSA44_BUILD_DIR)\test
     $(CC) $(CFLAGS) /D MLD_CONFIG_PARAMETER_SET=44 /c /Fo$(MLDSA44_BUILD_DIR)\test\ $<
@@ -50,6 +58,10 @@ OPT = 0
     @if NOT EXIST $(MLDSA65_BUILD_DIR)\mldsa\fips202 mkdir $(MLDSA65_BUILD_DIR)\mldsa\fips202
     $(CC) $(CFLAGS) /D MLD_CONFIG_PARAMETER_SET=65 /c /Fo$(MLDSA65_BUILD_DIR)\mldsa\fips202\ $<
 
+{mldsa\sha2}.c{$(MLDSA65_BUILD_DIR)\mldsa\sha2}.obj::
+    @if NOT EXIST $(MLDSA65_BUILD_DIR)\mldsa\sha2 mkdir $(MLDSA65_BUILD_DIR)\mldsa\sha2
+    $(CC) $(CFLAGS) /D MLD_CONFIG_PARAMETER_SET=65 /c /Fo$(MLDSA65_BUILD_DIR)\mldsa\sha2\ $<
+
 {test}.c{$(MLDSA65_BUILD_DIR)\test}.obj::
     @if NOT EXIST $(MLDSA65_BUILD_DIR)\test mkdir $(MLDSA65_BUILD_DIR)\test
     $(CC) $(CFLAGS) /D MLD_CONFIG_PARAMETER_SET=65 /c /Fo$(MLDSA65_BUILD_DIR)\test\ $<
@@ -63,6 +75,10 @@ OPT = 0
     @if NOT EXIST $(MLDSA87_BUILD_DIR)\mldsa\fips202 mkdir $(MLDSA87_BUILD_DIR)\mldsa\fips202
     $(CC) $(CFLAGS) /D MLD_CONFIG_PARAMETER_SET=87 /c /Fo$(MLDSA87_BUILD_DIR)\mldsa\fips202\ $<
 
+{mldsa\sha2}.c{$(MLDSA87_BUILD_DIR)\mldsa\sha2}.obj::
+    @if NOT EXIST $(MLDSA87_BUILD_DIR)\mldsa\sha2 mkdir $(MLDSA87_BUILD_DIR)\mldsa\sha2
+    $(CC) $(CFLAGS) /D MLD_CONFIG_PARAMETER_SET=87 /c /Fo$(MLDSA87_BUILD_DIR)\mldsa\sha2\ $<
+
 {test}.c{$(MLDSA87_BUILD_DIR)\test}.obj::
     @if NOT EXIST $(MLDSA87_BUILD_DIR)\test mkdir $(MLDSA87_BUILD_DIR)\test
     $(CC) $(CFLAGS) /D MLD_CONFIG_PARAMETER_SET=87 /c /Fo$(MLDSA87_BUILD_DIR)\test\ $<

mldsa/sha2/sha2.h

@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) The mldsa-native project authors
+ * Copyright (c) The slhdsa-c project authors
+ * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT
+ */
+
+#ifndef MLD_SHA2_SHA2_H
+#define MLD_SHA2_SHA2_H
+
+
+/* FIPS 180-4 (SHA-2) */
+
+#include <stddef.h>
+#include <stdint.h>
+#include "../cbmc.h"
+
+#define SHA2_224_HASHBYTES 28
+#define SHA2_256_HASHBYTES 32
+#define SHA2_384_HASHBYTES 48
+#define SHA2_512_HASHBYTES 64
+#define SHA2_512_224_HASHBYTES 28
+#define SHA2_512_256_HASHBYTES 32
+
+#define FIPS180_NAMESPACE(s) mldsa_fips180_ref_##s
+
+#define mld_sha2_224 FIPS180_NAMESPACE(sha2_224)
+/*************************************************
+ * Name:        mld_sha2_224
+ *
+ * Description: SHA2-224 hash function
+ *
+ * Arguments:   - uint8_t *out: pointer to output (28 bytes)
+ *              - const uint8_t *in: pointer to input
+ *              - size_t inlen: length of input in bytes
+ **************************************************/
+void mld_sha2_224(uint8_t *out, const uint8_t *in, size_t inlen);
+
+#define mld_sha2_256 FIPS180_NAMESPACE(sha2_256)
+/*************************************************
+ * Name:        mld_sha2_256
+ *
+ * Description: SHA2-256 hash function
+ *
+ * Arguments:   - uint8_t *out: pointer to output (32 bytes)
+ *              - const uint8_t *in: pointer to input
+ *              - size_t inlen: length of input in bytes
+ **************************************************/
+void mld_sha2_256(uint8_t *out, const uint8_t *in, size_t inlen);
+
+#define mld_sha2_384 FIPS180_NAMESPACE(sha2_384)
+/*************************************************
+ * Name:        mld_sha2_384
+ *
+ * Description: SHA2-384 hash function
+ *
+ * Arguments:   - uint8_t *out: pointer to output (48 bytes)
+ *              - const uint8_t *in: pointer to input
+ *              - size_t inlen: length of input in bytes
+ **************************************************/
+void mld_sha2_384(uint8_t *out, const uint8_t *in, size_t inlen);
+
+#define mld_sha2_512 FIPS180_NAMESPACE(sha2_512)
+/*************************************************
+ * Name:        mld_sha2_512
+ *
+ * Description: SHA2-512 hash function
+ *
+ * Arguments:   - uint8_t *out: pointer to output (64 bytes)
+ *              - const uint8_t *in: pointer to input
+ *              - size_t inlen: length of input in bytes
+ **************************************************/
+void mld_sha2_512(uint8_t *out, const uint8_t *in, size_t inlen);
+
+#define mld_sha2_512_224 FIPS180_NAMESPACE(sha2_512_224)
+/*************************************************
+ * Name:        mld_sha2_512_224
+ *
+ * Description: SHA2-512/224 hash function
+ *
+ * Arguments:   - uint8_t *out: pointer to output (28 bytes)
+ *              - const uint8_t *in: pointer to input
+ *              - size_t inlen: length of input in bytes
+ **************************************************/
+void mld_sha2_512_224(uint8_t *out, const uint8_t *in, size_t inlen);
+
+#define mld_sha2_512_256 FIPS180_NAMESPACE(sha2_512_256)
+/*************************************************
+ * Name:        mld_sha2_512_256
+ *
+ * Description: SHA2-512/256 hash function
+ *
+ * Arguments:   - uint8_t *out: pointer to output (32 bytes)
+ *              - const uint8_t *in: pointer to input
+ *              - size_t inlen: length of input in bytes
+ **************************************************/
+void mld_sha2_512_256(uint8_t *out, const uint8_t *in, size_t inlen);
+
+#endif /* !MLD_SHA2_SHA2_H */