Add mldsa-native and pqcp driver #652
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Make it large enough for reasonable ML-DSA tests. Keep the old value (which is just barely large enough) when ML-DSA is disabled. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
These options are transitory. Eventually we'll want to deduce the MLDSA build options from `PSA_WANT_xxx` and `MBEDTLS_PSA_ACCEL_xxx`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Just a stub for now, to get the build going. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Point to the head of `development`, which is somewhere past the 1.0.0-alpha upstream release, with one patch from us to adjust user-facing documentation. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Define options for mldsa-native that are visible both when building the code and when using it inside TF-PSA-Crypto. * Declare our namespace. * Set up a multilevel build. * Disable features we won't use: random, supercop. * Use our zeroize function. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
added
size-s
github-project-automation
bot
moved this to In Development
in Roadmap pull requests (new board)
This was referenced Jan 12, 2026
gilles-peskine-arm
added
needs-preceding-pr
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This way we can have build scripts that don't know about the pqcp driver, and they will work as long as the library configuration doesn't enable a PQCP feature (i.e. ML-DSA). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Currently, the libtestdriver1 build in tests/Makefile in Mbed TLS creates empty files `everest/Makefile.inc` and `p256-m/Makefile.inc` in the libtestdriver1 tree, but does not know about `pqcp/Makefile.inc` which came along later. Instead of requiring these files to exist, just don't try to include them. Either way, libtestdriver1.a can't use any code from third-party drivers. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When we build libtestdriver1, the generated files are already present in the original source tree, and we copy them to the libtestdriver1 tree. Thus we don't need to generate them in the libtestdriver1 tree. Skip all the code that tries to generate them, including file enumeration and dependencies. The current version of `generate_config_checks.py` doesn't work in the libtestdriver1 tree. This caused error messages when the makefile ran `generate_config_checks.py --list`, but the build worked anyway because the necessary targets were already present. So the practical consequence of this commit is to suppress a confusing but effectively harmless error trace. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Contributor
Author
|
@ronald-cron-arm I would appreciate a design review (no need to do a code review) on the file structure and CMake build. It's passing the CI (as of e663621, the remaining CI failures are not related to the build system) but I don't know if I've done things right. One thing I wonder is if we should have three places for headers in a driver and not just two:
|
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
added
needs-review
valeriosetti
requested changes
Jan 16, 2026
Contributor
valeriosetti
left a comment
valeriosetti
left a comment
There was a problem hiding this comment.
A part from the very 2 minimal typos the rest look good to me!
I noticed that you updated the framework twice, which is fine of course because you are updating it in a progressive way, but in case of conflicts it might be pain to refresh. I don't mind if you want to just update the framework once as first commit.
include/psa/crypto_config.h
Outdated
| * \warning This option is experimental. It may change or be removed without | ||
| * notice. | ||
| * | ||
| * Module: drivers/pqca/mldsa-native |
Contributor
There was a problem hiding this comment.
Suggested change
| * Module: drivers/pqca/mldsa-native | |
| * Module: drivers/pqcp/mldsa-native |
include/psa/crypto_config.h
Outdated
| * | ||
| * Requires: TF_PSA_CRYPTO_PQCP_MLDSA_ENABLED | ||
| * | ||
| * Module: drivers/pqca/mldsa-native |
Contributor
There was a problem hiding this comment.
Suggested change
| * Module: drivers/pqca/mldsa-native | |
| * Module: drivers/pqcp/mldsa-native |
| TEST_CALLOC(signature, signature_size); | ||
|
|
||
| /* Calculate the expanded key pair from the seed */ | ||
| TEST_EQUAL(tf_psa_crypto_pqcp_mldsa87_keypair_internal( |
Contributor
There was a problem hiding this comment.
Sorry for the dumb question, but I cannot find the definition of tf_psa_crypto_pqcp_mldsa87_keypair_internal. What am I missing?
Contributor
Author
There was a problem hiding this comment.
pqcp-config.h defines #define MLD_CONFIG_NAMESPACE_PREFIX tf_psa_crypto_pqcp_mldsa. Heavy use of the preprocessor turns this into a name in a function declaration in mldsa-native/mldsa/mldsa_native.h and in a function definition in mldsa-native/mldsa/src/*.c. I'll add some comments to explain this.
A missing include directory is fine for our own build, but breaks the build of consuming packages (in the CMake sense), as revealed by `all.sh test_tf_psa_crypto_as_package`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Explain more precisely how mldsa-native functions end up being called `tf_psa_crypto_pqcp_mldsa87_xxx`. In `pqcp-config.h`, fix an obsolete explanation of the macros that the wrapping code needs to define. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
added a commit
to Mbed-TLS/mbedtls-test
that referenced
this pull request
Jan 19, 2026
This reverts commit fb5e160. The compilation failure has been fixed upstream (pq-code-package/mldsa-native#884), and we're picking up the fix in the initial integration (Mbed-TLS/TF-PSA-Crypto#652), so we won't need this temporary workaround for our development branch after all. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
added
needs-work
and removed
needs-review
Create a pqcp include stub The pqcp driver doesn't need a public include yet. But `drivers.cmake` declares an include directory. When a CMake package includes TF-PSA-Crypto as a sub-package, this include directory must exists, otherwise it breaks the build, as revealed by `all.sh test_tf_psa_crypto_as_package`. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Contributor
Author
|
Once the CI passes and the content is approved, I will do a little history rewriting:
|
This was referenced Jan 20, 2026
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
removed
the
needs-preceding-pr
There are still build scripts that can't find headers in the new pqcp driver, notably libtestdriver1. For the time being, take advantage of the fact that pqcp is not in the default config, so we don't need to update these build scripts yet. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves #628. Resolves #655 since the WIndows CI is passing.
Note to reviewers: non-goals:
fullconfig).Needs preceding PR:
CMakeLists.txtin mbedtls isn't split: CMake: Declare pqcp driver to mbedtls mbedtls#10569The Windows build fails.Fix mldsa-native integration on MSVC #655 is solved upstream. This should make the WIndows build pass.PR checklist