diff --git a/dev/aarch64_clean/meta.h b/dev/aarch64_clean/meta.h index 2923b8c55..688ba4c14 100644 --- a/dev/aarch64_clean/meta.h +++ b/dev/aarch64_clean/meta.h @@ -66,6 +66,7 @@ static MLD_INLINE int mld_rej_uniform_native(int32_t *r, unsigned len, return (int)mld_rej_uniform_asm(r, buf, buflen, mld_rej_uniform_table); } +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_rej_uniform_eta2_native(int32_t *r, unsigned len, @@ -119,7 +120,9 @@ static MLD_INLINE int mld_rej_uniform_eta4_native(int32_t *r, unsigned len, return (int)outlen; } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4 */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -140,6 +143,7 @@ static MLD_INLINE int mld_poly_decompose_88_native(int32_t *a1, int32_t *a0) } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ +#endif /* !MLD_CONFIG_NO_SIGN_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) @@ -148,6 +152,7 @@ static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) return MLD_NATIVE_FUNC_SUCCESS; } +#if !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -170,6 +175,7 @@ static MLD_INLINE int mld_poly_use_hint_88_native(int32_t *b, const int32_t *a, } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ +#endif /* !MLD_CONFIG_NO_VERIFY_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) @@ -177,6 +183,7 @@ static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) return mld_poly_chknorm_asm(a, B); } +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_polyz_unpack_17_native(int32_t *r, const uint8_t *buf) @@ -206,6 +213,7 @@ static MLD_INLINE int mld_poly_pointwise_montgomery_native( mld_poly_pointwise_montgomery_asm(out, in0, in1); return MLD_NATIVE_FUNC_SUCCESS; } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_L == 4 MLD_MUST_CHECK_RETURN_VALUE diff --git a/dev/aarch64_clean/src/arith_native_aarch64.h b/dev/aarch64_clean/src/arith_native_aarch64.h index 50ad20c90..666bd10a9 100644 --- a/dev/aarch64_clean/src/arith_native_aarch64.h +++ b/dev/aarch64_clean/src/arith_native_aarch64.h @@ -27,13 +27,17 @@ extern const int32_t mld_aarch64_intt_zetas_layer123456[]; #define mld_rej_uniform_table MLD_NAMESPACE(rej_uniform_table) extern const uint8_t mld_rej_uniform_table[]; +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_rej_uniform_eta_table MLD_NAMESPACE(rej_uniform_eta_table) extern const uint8_t mld_rej_uniform_eta_table[]; +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyz_unpack_17_indices MLD_NAMESPACE(polyz_unpack_17_indices) extern const uint8_t mld_polyz_unpack_17_indices[]; #define mld_polyz_unpack_19_indices MLD_NAMESPACE(polyz_unpack_19_indices) extern const uint8_t mld_polyz_unpack_19_indices[]; +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ /* @@ -61,6 +65,7 @@ MLD_MUST_CHECK_RETURN_VALUE uint64_t mld_rej_uniform_asm(int32_t *r, const uint8_t *buf, unsigned buflen, const uint8_t *table); +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_rej_uniform_eta2_asm MLD_NAMESPACE(rej_uniform_eta2_asm) MLD_MUST_CHECK_RETURN_VALUE uint64_t mld_rej_uniform_eta2_asm(int32_t *r, const uint8_t *buf, @@ -70,12 +75,15 @@ uint64_t mld_rej_uniform_eta2_asm(int32_t *r, const uint8_t *buf, MLD_MUST_CHECK_RETURN_VALUE uint64_t mld_rej_uniform_eta4_asm(int32_t *r, const uint8_t *buf, unsigned buflen, const uint8_t *table); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_poly_decompose_32_asm MLD_NAMESPACE(poly_decompose_32_asm) void mld_poly_decompose_32_asm(int32_t *a1, int32_t *a0); #define mld_poly_decompose_88_asm MLD_NAMESPACE(poly_decompose_88_asm) void mld_poly_decompose_88_asm(int32_t *a1, int32_t *a0); +#endif /* !MLD_CONFIG_NO_SIGN_API */ #define mld_poly_caddq_asm MLD_NAMESPACE(poly_caddq_asm) void mld_poly_caddq_asm(int32_t *a) @@ -88,16 +96,19 @@ __contract__( ensures(array_bound(a, 0, MLDSA_N, 0, MLDSA_Q)) ); +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_use_hint_32_asm MLD_NAMESPACE(poly_use_hint_32_asm) void mld_poly_use_hint_32_asm(int32_t *b, const int32_t *a, const int32_t *h); #define mld_poly_use_hint_88_asm MLD_NAMESPACE(poly_use_hint_88_asm) void mld_poly_use_hint_88_asm(int32_t *b, const int32_t *a, const int32_t *h); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ #define mld_poly_chknorm_asm MLD_NAMESPACE(poly_chknorm_asm) MLD_MUST_CHECK_RETURN_VALUE int mld_poly_chknorm_asm(const int32_t *a, int32_t B); +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyz_unpack_17_asm MLD_NAMESPACE(polyz_unpack_17_asm) void mld_polyz_unpack_17_asm(int32_t *r, const uint8_t *buf, const uint8_t *indices); @@ -110,6 +121,7 @@ void mld_polyz_unpack_19_asm(int32_t *r, const uint8_t *buf, MLD_NAMESPACE(poly_pointwise_montgomery_asm) void mld_poly_pointwise_montgomery_asm(int32_t *, const int32_t *, const int32_t *); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #define mld_polyvecl_pointwise_acc_montgomery_l4_asm \ MLD_NAMESPACE(polyvecl_pointwise_acc_montgomery_l4_asm) diff --git a/dev/aarch64_clean/src/pointwise_montgomery.S b/dev/aarch64_clean/src/pointwise_montgomery.S index e6dc6b317..62cb8fcae 100644 --- a/dev/aarch64_clean/src/pointwise_montgomery.S +++ b/dev/aarch64_clean/src/pointwise_montgomery.S @@ -3,7 +3,9 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) +#if defined(MLD_ARITH_BACKEND_AARCH64) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ + !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) /* simpasm: header-end */ .macro montgomery_reduce_long res, inl, inh @@ -164,4 +166,6 @@ poly_pointwise_montgomery_loop_start: .unreq q_c_3 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ +#endif /* MLD_ARITH_BACKEND_AARCH64 && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED */ diff --git a/dev/aarch64_clean/src/poly_decompose_32_asm.S b/dev/aarch64_clean/src/poly_decompose_32_asm.S index 15b50a751..1f1025f73 100644 --- a/dev/aarch64_clean/src/poly_decompose_32_asm.S +++ b/dev/aarch64_clean/src/poly_decompose_32_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_SIGN_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) /* simpasm: header-end */ @@ -137,6 +137,6 @@ poly_decompose_32_loop: .unreq gamma2_2x .unreq barrett_const /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87) */ diff --git a/dev/aarch64_clean/src/poly_decompose_88_asm.S b/dev/aarch64_clean/src/poly_decompose_88_asm.S index a1167705b..2aa837138 100644 --- a/dev/aarch64_clean/src/poly_decompose_88_asm.S +++ b/dev/aarch64_clean/src/poly_decompose_88_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_SIGN_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44) /* simpasm: header-end */ @@ -135,6 +135,6 @@ poly_decompose_88_loop: .unreq gamma2_2x .unreq barrett_const /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \ */ diff --git a/dev/aarch64_clean/src/poly_use_hint_32_asm.S b/dev/aarch64_clean/src/poly_use_hint_32_asm.S index a218335b4..2d8d37492 100644 --- a/dev/aarch64_clean/src/poly_use_hint_32_asm.S +++ b/dev/aarch64_clean/src/poly_use_hint_32_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_VERIFY_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) /* simpasm: header-end */ @@ -120,6 +120,6 @@ poly_use_hint_32_loop: .unreq barrett_const .unreq mask_15 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87) */ diff --git a/dev/aarch64_clean/src/poly_use_hint_88_asm.S b/dev/aarch64_clean/src/poly_use_hint_88_asm.S index 9d530832f..cc6eee736 100644 --- a/dev/aarch64_clean/src/poly_use_hint_88_asm.S +++ b/dev/aarch64_clean/src/poly_use_hint_88_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_VERIFY_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44) /* simpasm: header-end */ @@ -122,6 +122,6 @@ poly_use_hint_88_loop: .unreq barrett_const .unreq const_43 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \ */ diff --git a/dev/aarch64_clean/src/polyz_unpack_17_asm.S b/dev/aarch64_clean/src/polyz_unpack_17_asm.S index 49ef7680e..17166be54 100644 --- a/dev/aarch64_clean/src/polyz_unpack_17_asm.S +++ b/dev/aarch64_clean/src/polyz_unpack_17_asm.S @@ -5,7 +5,9 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ + !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44) /* simpasm: header-end */ @@ -101,6 +103,8 @@ polyz_unpack_17_loop: .unreq mask .unreq gamma1 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \ */ diff --git a/dev/aarch64_clean/src/polyz_unpack_19_asm.S b/dev/aarch64_clean/src/polyz_unpack_19_asm.S index ffe140b6a..36ae013aa 100644 --- a/dev/aarch64_clean/src/polyz_unpack_19_asm.S +++ b/dev/aarch64_clean/src/polyz_unpack_19_asm.S @@ -5,7 +5,9 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ + !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) /* simpasm: header-end */ @@ -98,6 +100,8 @@ polyz_unpack_19_loop: .unreq mask .unreq gamma1 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87) */ diff --git a/dev/aarch64_clean/src/polyz_unpack_table.c b/dev/aarch64_clean/src/polyz_unpack_table.c index 7eb766bc0..a60d1f003 100644 --- a/dev/aarch64_clean/src/polyz_unpack_table.c +++ b/dev/aarch64_clean/src/polyz_unpack_table.c @@ -17,6 +17,7 @@ #include #include "arith_native_aarch64.h" +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) /* Table of indices used for tbl instructions in polyz_unpack_{17,19}. * See autogen for details. */ @@ -33,6 +34,7 @@ MLD_ALIGN const uint8_t mld_polyz_unpack_19_indices[] = { 4, 5, 6, 255, 6, 7, 8, 255, 9, 10, 11, 255, 11, 12, 13, 255, 14, 15, 16, 255, 16, 17, 18, 255, 19, 20, 21, 255, 21, 22, 23, 255, }; +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #else /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ diff --git a/dev/aarch64_clean/src/rej_uniform_eta2_asm.S b/dev/aarch64_clean/src/rej_uniform_eta2_asm.S index c7c84b1ca..5fe4b3a39 100644 --- a/dev/aarch64_clean/src/rej_uniform_eta2_asm.S +++ b/dev/aarch64_clean/src/rej_uniform_eta2_asm.S @@ -6,6 +6,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_AARCH64) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2) /* simpasm: header-end */ @@ -335,5 +336,5 @@ rej_uniform_eta2_final_copy: #undef MLD_STACK_SIZE /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 2) */ diff --git a/dev/aarch64_clean/src/rej_uniform_eta4_asm.S b/dev/aarch64_clean/src/rej_uniform_eta4_asm.S index 9ade1938f..52581eb01 100644 --- a/dev/aarch64_clean/src/rej_uniform_eta4_asm.S +++ b/dev/aarch64_clean/src/rej_uniform_eta4_asm.S @@ -6,6 +6,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_AARCH64) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 4) /* simpasm: header-end */ @@ -312,5 +313,5 @@ rej_uniform_eta4_final_copy: #undef MLD_STACK_SIZE /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4) */ diff --git a/dev/aarch64_clean/src/rej_uniform_eta_table.c b/dev/aarch64_clean/src/rej_uniform_eta_table.c index cf21509cb..240644cdb 100644 --- a/dev/aarch64_clean/src/rej_uniform_eta_table.c +++ b/dev/aarch64_clean/src/rej_uniform_eta_table.c @@ -12,6 +12,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_AARCH64) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) #include @@ -537,8 +538,8 @@ MLD_ALIGN const uint8_t mld_rej_uniform_eta_table[] = { 8, 9, 10, 11, 12, 13, 14, 15 /* 255 */, }; -#else /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ +#else /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ MLD_EMPTY_CU(aarch64_rej_uniform_eta_table) -#endif /* !(MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED) */ +#endif /* !(MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED) */ diff --git a/dev/aarch64_opt/meta.h b/dev/aarch64_opt/meta.h index 2923b8c55..688ba4c14 100644 --- a/dev/aarch64_opt/meta.h +++ b/dev/aarch64_opt/meta.h @@ -66,6 +66,7 @@ static MLD_INLINE int mld_rej_uniform_native(int32_t *r, unsigned len, return (int)mld_rej_uniform_asm(r, buf, buflen, mld_rej_uniform_table); } +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_rej_uniform_eta2_native(int32_t *r, unsigned len, @@ -119,7 +120,9 @@ static MLD_INLINE int mld_rej_uniform_eta4_native(int32_t *r, unsigned len, return (int)outlen; } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4 */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -140,6 +143,7 @@ static MLD_INLINE int mld_poly_decompose_88_native(int32_t *a1, int32_t *a0) } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ +#endif /* !MLD_CONFIG_NO_SIGN_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) @@ -148,6 +152,7 @@ static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) return MLD_NATIVE_FUNC_SUCCESS; } +#if !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -170,6 +175,7 @@ static MLD_INLINE int mld_poly_use_hint_88_native(int32_t *b, const int32_t *a, } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ +#endif /* !MLD_CONFIG_NO_VERIFY_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) @@ -177,6 +183,7 @@ static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) return mld_poly_chknorm_asm(a, B); } +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_polyz_unpack_17_native(int32_t *r, const uint8_t *buf) @@ -206,6 +213,7 @@ static MLD_INLINE int mld_poly_pointwise_montgomery_native( mld_poly_pointwise_montgomery_asm(out, in0, in1); return MLD_NATIVE_FUNC_SUCCESS; } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_L == 4 MLD_MUST_CHECK_RETURN_VALUE diff --git a/dev/aarch64_opt/src/arith_native_aarch64.h b/dev/aarch64_opt/src/arith_native_aarch64.h index 50ad20c90..666bd10a9 100644 --- a/dev/aarch64_opt/src/arith_native_aarch64.h +++ b/dev/aarch64_opt/src/arith_native_aarch64.h @@ -27,13 +27,17 @@ extern const int32_t mld_aarch64_intt_zetas_layer123456[]; #define mld_rej_uniform_table MLD_NAMESPACE(rej_uniform_table) extern const uint8_t mld_rej_uniform_table[]; +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_rej_uniform_eta_table MLD_NAMESPACE(rej_uniform_eta_table) extern const uint8_t mld_rej_uniform_eta_table[]; +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyz_unpack_17_indices MLD_NAMESPACE(polyz_unpack_17_indices) extern const uint8_t mld_polyz_unpack_17_indices[]; #define mld_polyz_unpack_19_indices MLD_NAMESPACE(polyz_unpack_19_indices) extern const uint8_t mld_polyz_unpack_19_indices[]; +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ /* @@ -61,6 +65,7 @@ MLD_MUST_CHECK_RETURN_VALUE uint64_t mld_rej_uniform_asm(int32_t *r, const uint8_t *buf, unsigned buflen, const uint8_t *table); +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_rej_uniform_eta2_asm MLD_NAMESPACE(rej_uniform_eta2_asm) MLD_MUST_CHECK_RETURN_VALUE uint64_t mld_rej_uniform_eta2_asm(int32_t *r, const uint8_t *buf, @@ -70,12 +75,15 @@ uint64_t mld_rej_uniform_eta2_asm(int32_t *r, const uint8_t *buf, MLD_MUST_CHECK_RETURN_VALUE uint64_t mld_rej_uniform_eta4_asm(int32_t *r, const uint8_t *buf, unsigned buflen, const uint8_t *table); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_poly_decompose_32_asm MLD_NAMESPACE(poly_decompose_32_asm) void mld_poly_decompose_32_asm(int32_t *a1, int32_t *a0); #define mld_poly_decompose_88_asm MLD_NAMESPACE(poly_decompose_88_asm) void mld_poly_decompose_88_asm(int32_t *a1, int32_t *a0); +#endif /* !MLD_CONFIG_NO_SIGN_API */ #define mld_poly_caddq_asm MLD_NAMESPACE(poly_caddq_asm) void mld_poly_caddq_asm(int32_t *a) @@ -88,16 +96,19 @@ __contract__( ensures(array_bound(a, 0, MLDSA_N, 0, MLDSA_Q)) ); +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_use_hint_32_asm MLD_NAMESPACE(poly_use_hint_32_asm) void mld_poly_use_hint_32_asm(int32_t *b, const int32_t *a, const int32_t *h); #define mld_poly_use_hint_88_asm MLD_NAMESPACE(poly_use_hint_88_asm) void mld_poly_use_hint_88_asm(int32_t *b, const int32_t *a, const int32_t *h); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ #define mld_poly_chknorm_asm MLD_NAMESPACE(poly_chknorm_asm) MLD_MUST_CHECK_RETURN_VALUE int mld_poly_chknorm_asm(const int32_t *a, int32_t B); +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyz_unpack_17_asm MLD_NAMESPACE(polyz_unpack_17_asm) void mld_polyz_unpack_17_asm(int32_t *r, const uint8_t *buf, const uint8_t *indices); @@ -110,6 +121,7 @@ void mld_polyz_unpack_19_asm(int32_t *r, const uint8_t *buf, MLD_NAMESPACE(poly_pointwise_montgomery_asm) void mld_poly_pointwise_montgomery_asm(int32_t *, const int32_t *, const int32_t *); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #define mld_polyvecl_pointwise_acc_montgomery_l4_asm \ MLD_NAMESPACE(polyvecl_pointwise_acc_montgomery_l4_asm) diff --git a/dev/aarch64_opt/src/pointwise_montgomery.S b/dev/aarch64_opt/src/pointwise_montgomery.S index e6dc6b317..62cb8fcae 100644 --- a/dev/aarch64_opt/src/pointwise_montgomery.S +++ b/dev/aarch64_opt/src/pointwise_montgomery.S @@ -3,7 +3,9 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) +#if defined(MLD_ARITH_BACKEND_AARCH64) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ + !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) /* simpasm: header-end */ .macro montgomery_reduce_long res, inl, inh @@ -164,4 +166,6 @@ poly_pointwise_montgomery_loop_start: .unreq q_c_3 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ +#endif /* MLD_ARITH_BACKEND_AARCH64 && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED */ diff --git a/dev/aarch64_opt/src/poly_decompose_32_asm.S b/dev/aarch64_opt/src/poly_decompose_32_asm.S index 1f5b16ebd..633cfcfa3 100644 --- a/dev/aarch64_opt/src/poly_decompose_32_asm.S +++ b/dev/aarch64_opt/src/poly_decompose_32_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_SIGN_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) /* simpasm: header-end */ @@ -108,6 +108,6 @@ poly_decompose_32_loop: .unreq gamma2_2x .unreq barrett_const /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87) */ diff --git a/dev/aarch64_opt/src/poly_decompose_88_asm.S b/dev/aarch64_opt/src/poly_decompose_88_asm.S index ef569d445..34391020e 100644 --- a/dev/aarch64_opt/src/poly_decompose_88_asm.S +++ b/dev/aarch64_opt/src/poly_decompose_88_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_SIGN_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44) /* simpasm: header-end */ @@ -106,6 +106,6 @@ poly_decompose_88_loop: .unreq gamma2_2x .unreq barrett_const /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \ */ diff --git a/dev/aarch64_opt/src/poly_use_hint_32_asm.S b/dev/aarch64_opt/src/poly_use_hint_32_asm.S index a218335b4..2d8d37492 100644 --- a/dev/aarch64_opt/src/poly_use_hint_32_asm.S +++ b/dev/aarch64_opt/src/poly_use_hint_32_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_VERIFY_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) /* simpasm: header-end */ @@ -120,6 +120,6 @@ poly_use_hint_32_loop: .unreq barrett_const .unreq mask_15 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87) */ diff --git a/dev/aarch64_opt/src/poly_use_hint_88_asm.S b/dev/aarch64_opt/src/poly_use_hint_88_asm.S index 9d530832f..cc6eee736 100644 --- a/dev/aarch64_opt/src/poly_use_hint_88_asm.S +++ b/dev/aarch64_opt/src/poly_use_hint_88_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_VERIFY_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44) /* simpasm: header-end */ @@ -122,6 +122,6 @@ poly_use_hint_88_loop: .unreq barrett_const .unreq const_43 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \ */ diff --git a/dev/aarch64_opt/src/polyz_unpack_17_asm.S b/dev/aarch64_opt/src/polyz_unpack_17_asm.S index 49ef7680e..17166be54 100644 --- a/dev/aarch64_opt/src/polyz_unpack_17_asm.S +++ b/dev/aarch64_opt/src/polyz_unpack_17_asm.S @@ -5,7 +5,9 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ + !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44) /* simpasm: header-end */ @@ -101,6 +103,8 @@ polyz_unpack_17_loop: .unreq mask .unreq gamma1 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \ */ diff --git a/dev/aarch64_opt/src/polyz_unpack_19_asm.S b/dev/aarch64_opt/src/polyz_unpack_19_asm.S index ffe140b6a..36ae013aa 100644 --- a/dev/aarch64_opt/src/polyz_unpack_19_asm.S +++ b/dev/aarch64_opt/src/polyz_unpack_19_asm.S @@ -5,7 +5,9 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ + !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) /* simpasm: header-end */ @@ -98,6 +100,8 @@ polyz_unpack_19_loop: .unreq mask .unreq gamma1 /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87) */ diff --git a/dev/aarch64_opt/src/polyz_unpack_table.c b/dev/aarch64_opt/src/polyz_unpack_table.c index 7eb766bc0..a60d1f003 100644 --- a/dev/aarch64_opt/src/polyz_unpack_table.c +++ b/dev/aarch64_opt/src/polyz_unpack_table.c @@ -17,6 +17,7 @@ #include #include "arith_native_aarch64.h" +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) /* Table of indices used for tbl instructions in polyz_unpack_{17,19}. * See autogen for details. */ @@ -33,6 +34,7 @@ MLD_ALIGN const uint8_t mld_polyz_unpack_19_indices[] = { 4, 5, 6, 255, 6, 7, 8, 255, 9, 10, 11, 255, 11, 12, 13, 255, 14, 15, 16, 255, 16, 17, 18, 255, 19, 20, 21, 255, 21, 22, 23, 255, }; +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #else /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ diff --git a/dev/aarch64_opt/src/rej_uniform_eta2_asm.S b/dev/aarch64_opt/src/rej_uniform_eta2_asm.S index c7c84b1ca..5fe4b3a39 100644 --- a/dev/aarch64_opt/src/rej_uniform_eta2_asm.S +++ b/dev/aarch64_opt/src/rej_uniform_eta2_asm.S @@ -6,6 +6,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_AARCH64) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2) /* simpasm: header-end */ @@ -335,5 +336,5 @@ rej_uniform_eta2_final_copy: #undef MLD_STACK_SIZE /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 2) */ diff --git a/dev/aarch64_opt/src/rej_uniform_eta4_asm.S b/dev/aarch64_opt/src/rej_uniform_eta4_asm.S index 9ade1938f..52581eb01 100644 --- a/dev/aarch64_opt/src/rej_uniform_eta4_asm.S +++ b/dev/aarch64_opt/src/rej_uniform_eta4_asm.S @@ -6,6 +6,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_AARCH64) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 4) /* simpasm: header-end */ @@ -312,5 +313,5 @@ rej_uniform_eta4_final_copy: #undef MLD_STACK_SIZE /* simpasm: footer-start */ -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4) */ diff --git a/dev/aarch64_opt/src/rej_uniform_eta_table.c b/dev/aarch64_opt/src/rej_uniform_eta_table.c index cf21509cb..240644cdb 100644 --- a/dev/aarch64_opt/src/rej_uniform_eta_table.c +++ b/dev/aarch64_opt/src/rej_uniform_eta_table.c @@ -12,6 +12,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_AARCH64) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) #include @@ -537,8 +538,8 @@ MLD_ALIGN const uint8_t mld_rej_uniform_eta_table[] = { 8, 9, 10, 11, 12, 13, 14, 15 /* 255 */, }; -#else /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ +#else /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ MLD_EMPTY_CU(aarch64_rej_uniform_eta_table) -#endif /* !(MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED) */ +#endif /* !(MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED) */ diff --git a/dev/fips202/aarch64/auto.h b/dev/fips202/aarch64/auto.h index 7432fa566..77ca273a6 100644 --- a/dev/fips202/aarch64/auto.h +++ b/dev/fips202/aarch64/auto.h @@ -37,6 +37,7 @@ #include "x1_scalar.h" #endif +#if !defined(MLD_CONFIG_SERIAL_FIPS202_ONLY) && !defined(MLD_CONFIG_REDUCE_RAM) /* * Keccak-f1600x2/x4 * @@ -68,4 +69,6 @@ #endif /* !__ARM_FEATURE_SHA3 */ +#endif /* !MLD_CONFIG_SERIAL_FIPS202_ONLY && !MLD_CONFIG_REDUCE_RAM */ + #endif /* !MLD_DEV_FIPS202_AARCH64_AUTO_H */ diff --git a/dev/x86_64/meta.h b/dev/x86_64/meta.h index 9e45b661e..c9a533a5e 100644 --- a/dev/x86_64/meta.h +++ b/dev/x86_64/meta.h @@ -83,6 +83,7 @@ static MLD_INLINE int mld_rej_uniform_native(int32_t *r, unsigned len, return (int)mld_rej_uniform_avx2(r, buf); } +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_rej_uniform_eta2_native(int32_t *r, unsigned len, @@ -140,7 +141,9 @@ static MLD_INLINE int mld_rej_uniform_eta4_native(int32_t *r, unsigned len, return (int)outlen; } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4 */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -169,7 +172,7 @@ static MLD_INLINE int mld_poly_decompose_88_native(int32_t *a1, int32_t *a0) } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ - +#endif /* !MLD_CONFIG_NO_SIGN_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) @@ -182,6 +185,7 @@ static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) return MLD_NATIVE_FUNC_SUCCESS; } +#if !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -212,7 +216,7 @@ static MLD_INLINE int mld_poly_use_hint_88_native(int32_t *b, const int32_t *a, } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ - +#endif /* !MLD_CONFIG_NO_VERIFY_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) @@ -224,6 +228,7 @@ static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) return mld_poly_chknorm_avx2(a, B); } +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_polyz_unpack_17_native(int32_t *r, const uint8_t *a) @@ -264,6 +269,7 @@ static MLD_INLINE int mld_poly_pointwise_montgomery_native( mld_pointwise_avx2(c, a, b, mld_qdata); return MLD_NATIVE_FUNC_SUCCESS; } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_L == 4 MLD_MUST_CHECK_RETURN_VALUE diff --git a/dev/x86_64/src/arith_native_x86_64.h b/dev/x86_64/src/arith_native_x86_64.h index 15c004374..ca254d1f8 100644 --- a/dev/x86_64/src/arith_native_x86_64.h +++ b/dev/x86_64/src/arith_native_x86_64.h @@ -68,6 +68,7 @@ MLD_MUST_CHECK_RETURN_VALUE unsigned mld_rej_uniform_avx2(int32_t *r, const uint8_t buf[MLD_AVX2_REJ_UNIFORM_BUFLEN]); +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_rej_uniform_eta2_avx2 MLD_NAMESPACE(mld_rej_uniform_eta2_avx2) MLD_MUST_CHECK_RETURN_VALUE unsigned mld_rej_uniform_eta2_avx2( @@ -77,31 +78,38 @@ unsigned mld_rej_uniform_eta2_avx2( MLD_MUST_CHECK_RETURN_VALUE unsigned mld_rej_uniform_eta4_avx2( int32_t *r, const uint8_t buf[MLD_AVX2_REJ_UNIFORM_ETA4_BUFLEN]); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_poly_decompose_32_avx2 MLD_NAMESPACE(mld_poly_decompose_32_avx2) void mld_poly_decompose_32_avx2(int32_t *a1, int32_t *a0); #define mld_poly_decompose_88_avx2 MLD_NAMESPACE(mld_poly_decompose_88_avx2) void mld_poly_decompose_88_avx2(int32_t *a1, int32_t *a0); +#endif /* !MLD_CONFIG_NO_SIGN_API */ #define mld_poly_caddq_avx2 MLD_NAMESPACE(poly_caddq_avx2) void mld_poly_caddq_avx2(int32_t *r); +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_use_hint_32_avx2 MLD_NAMESPACE(mld_poly_use_hint_32_avx2) void mld_poly_use_hint_32_avx2(int32_t *b, const int32_t *a, const int32_t *h); #define mld_poly_use_hint_88_avx2 MLD_NAMESPACE(mld_poly_use_hint_88_avx2) void mld_poly_use_hint_88_avx2(int32_t *b, const int32_t *a, const int32_t *h); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ #define mld_poly_chknorm_avx2 MLD_NAMESPACE(mld_poly_chknorm_avx2) MLD_MUST_CHECK_RETURN_VALUE int mld_poly_chknorm_avx2(const int32_t *a, int32_t B); +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyz_unpack_17_avx2 MLD_NAMESPACE(mld_polyz_unpack_17_avx2) void mld_polyz_unpack_17_avx2(int32_t *r, const uint8_t *a); #define mld_polyz_unpack_19_avx2 MLD_NAMESPACE(mld_polyz_unpack_19_avx2) void mld_polyz_unpack_19_avx2(int32_t *r, const uint8_t *a); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #define mld_pointwise_avx2 MLD_NAMESPACE(pointwise_avx2) void mld_pointwise_avx2(int32_t *c, const int32_t *a, const int32_t *b, diff --git a/dev/x86_64/src/poly_decompose_32_avx2.c b/dev/x86_64/src/poly_decompose_32_avx2.c index a51c3ac95..6d238599a 100644 --- a/dev/x86_64/src/poly_decompose_32_avx2.c +++ b/dev/x86_64/src/poly_decompose_32_avx2.c @@ -24,6 +24,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_SIGN_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) @@ -145,13 +146,14 @@ void mld_poly_decompose_32_avx2(int32_t *a1, int32_t *a0) } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 65 || MLD_CONFIG_PARAMETER_SET == 87) */ MLD_EMPTY_CU(avx2_poly_decompose_32) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + !MLD_CONFIG_NO_SIGN_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87)) */ diff --git a/dev/x86_64/src/poly_decompose_88_avx2.c b/dev/x86_64/src/poly_decompose_88_avx2.c index e63a310eb..fba6245d4 100644 --- a/dev/x86_64/src/poly_decompose_88_avx2.c +++ b/dev/x86_64/src/poly_decompose_88_avx2.c @@ -24,6 +24,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_SIGN_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ MLD_CONFIG_PARAMETER_SET == 44) @@ -145,13 +146,14 @@ void mld_poly_decompose_88_avx2(int32_t *a1, int32_t *a0) _mm256_store_si256((__m256i *)&a0[8 * i], f0); } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44) */ MLD_EMPTY_CU(avx2_poly_decompose_88) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + !MLD_CONFIG_NO_SIGN_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44)) */ diff --git a/dev/x86_64/src/poly_use_hint_32_avx2.c b/dev/x86_64/src/poly_use_hint_32_avx2.c index b069ca859..7608dc8a3 100644 --- a/dev/x86_64/src/poly_use_hint_32_avx2.c +++ b/dev/x86_64/src/poly_use_hint_32_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_VERIFY_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) @@ -88,13 +89,14 @@ void mld_poly_use_hint_32_avx2(int32_t *b, const int32_t *a, } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 65 || MLD_CONFIG_PARAMETER_SET == 87) */ MLD_EMPTY_CU(avx2_poly_use_hint_32) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + !MLD_CONFIG_NO_VERIFY_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87)) */ diff --git a/dev/x86_64/src/poly_use_hint_88_avx2.c b/dev/x86_64/src/poly_use_hint_88_avx2.c index 257394819..34c9c9344 100644 --- a/dev/x86_64/src/poly_use_hint_88_avx2.c +++ b/dev/x86_64/src/poly_use_hint_88_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_VERIFY_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ MLD_CONFIG_PARAMETER_SET == 44) @@ -90,13 +91,14 @@ void mld_poly_use_hint_88_avx2(int32_t *b, const int32_t *a, } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44) */ MLD_EMPTY_CU(avx2_poly_use_hint_88) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + !MLD_CONFIG_NO_VERIFY_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44)) */ diff --git a/dev/x86_64/src/polyz_unpack_17_avx2.c b/dev/x86_64/src/polyz_unpack_17_avx2.c index c45140cea..44aa6cc88 100644 --- a/dev/x86_64/src/polyz_unpack_17_avx2.c +++ b/dev/x86_64/src/polyz_unpack_17_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ MLD_CONFIG_PARAMETER_SET == 44) @@ -80,13 +81,16 @@ void mld_polyz_unpack_17_avx2(int32_t *r, const uint8_t *a) _mm256_store_si256((__m256i *)&r[8 * i], f); } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44) */ MLD_EMPTY_CU(avx2_polyz_unpack_17) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44)) */ diff --git a/dev/x86_64/src/polyz_unpack_19_avx2.c b/dev/x86_64/src/polyz_unpack_19_avx2.c index f98990503..6b629d298 100644 --- a/dev/x86_64/src/polyz_unpack_19_avx2.c +++ b/dev/x86_64/src/polyz_unpack_19_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) @@ -82,13 +83,16 @@ void mld_polyz_unpack_19_avx2(int32_t *r, const uint8_t *a) } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 65 || MLD_CONFIG_PARAMETER_SET == 87) */ MLD_EMPTY_CU(avx2_polyz_unpack_19) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87)) */ diff --git a/dev/x86_64/src/rej_uniform_eta2_avx2.c b/dev/x86_64/src/rej_uniform_eta2_avx2.c index a34694325..f0d32139d 100644 --- a/dev/x86_64/src/rej_uniform_eta2_avx2.c +++ b/dev/x86_64/src/rej_uniform_eta2_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2) @@ -143,12 +144,12 @@ unsigned int mld_rej_uniform_eta2_avx2( return ctr; } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 2) */ MLD_EMPTY_CU(avx2_rej_uniform_eta2) -#endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ +#endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_KEYPAIR_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 2)) */ diff --git a/dev/x86_64/src/rej_uniform_eta4_avx2.c b/dev/x86_64/src/rej_uniform_eta4_avx2.c index 2cffd9b44..d2d04c484 100644 --- a/dev/x86_64/src/rej_uniform_eta4_avx2.c +++ b/dev/x86_64/src/rej_uniform_eta4_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 4) @@ -127,12 +128,12 @@ unsigned int mld_rej_uniform_eta4_avx2( return ctr; } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4) */ MLD_EMPTY_CU(avx2_rej_uniform_eta4) -#endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ +#endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_KEYPAIR_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4)) */ diff --git a/examples/monolithic_build_verify_native/.gitignore b/examples/monolithic_build_verify_native/.gitignore new file mode 100644 index 000000000..eb98a94f1 --- /dev/null +++ b/examples/monolithic_build_verify_native/.gitignore @@ -0,0 +1,3 @@ +# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT + +build diff --git a/examples/monolithic_build_verify_native/Makefile b/examples/monolithic_build_verify_native/Makefile new file mode 100644 index 000000000..5047ddda1 --- /dev/null +++ b/examples/monolithic_build_verify_native/Makefile @@ -0,0 +1,135 @@ +# Copyright (c) The mlkem-native project authors +# Copyright (c) The mldsa-native project authors +# SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT + +.PHONY: build run clean +.DEFAULT_GOAL := all + +CC ?= gcc +AR ?= ar + +# Adjust CFLAGS if needed +CFLAGS := \ + -Wall \ + -Wextra \ + -Werror=unused-result \ + -Wpedantic \ + -Werror \ + -Wmissing-prototypes \ + -Wshadow \ + -Wpointer-arith \ + -Wredundant-decls \ + -Wconversion \ + -Wsign-conversion \ + -Wno-long-long \ + -Wno-unknown-pragmas \ + -Wno-unused-command-line-argument \ + -O3 \ + -fomit-frame-pointer \ + -std=c99 \ + -pedantic \ + -MMD \ + $(CFLAGS) + +# If you want to use the native backends, the compiler needs to know about +# the target architecture. Here, we import the default host detection from +# mldsa-native's tests, but you can write your own or specialize accordingly. +AUTO ?= 1 +include auto.mk + +# The following only concerns the cross-compilation tests. +# You can likely ignore the following for your application. +# +# Append cross-prefix for cross compilation +# When called from the root Makefile, CROSS_PREFIX has already been added here +ifeq (,$(findstring $(CROSS_PREFIX),$(CC))) +CC := $(CROSS_PREFIX)$(CC) +endif + +ifeq (,$(findstring $(CROSS_PREFIX),$(AR))) +AR := $(CROSS_PREFIX)$(AR) +endif + +Q ?= @ + +# Part A: +# +# mldsa-native source and header files +# +# Here, we use just a single C and assembly unit. + +MLD_SOURCE=mldsa_native/mldsa_native.c mldsa_native/mldsa_native_asm.S + +INC=-Imldsa_native/ -I./ + +# Part B: +# +# Your application source code +APP_SOURCE=$(RNG_SOURCE) main.c + +BUILD_DIR=build +BIN44=test_binary_mldsa44 +BIN65=test_binary_mldsa65 +BIN87=test_binary_mldsa87 +LIB44=libmldsa44.a +LIB65=libmldsa65.a +LIB87=libmldsa87.a + +BIN44_FULL=$(BUILD_DIR)/$(BIN44) +BIN65_FULL=$(BUILD_DIR)/$(BIN65) +BIN87_FULL=$(BUILD_DIR)/$(BIN87) + +LIB44_FULL=$(BUILD_DIR)/$(LIB44) +LIB65_FULL=$(BUILD_DIR)/$(LIB65) +LIB87_FULL=$(BUILD_DIR)/$(LIB87) + +$(LIB44_FULL): $(MLD_SOURCE) + $(Q)echo "$@" + $(Q)[ -d $(@) ] || mkdir -p $(@D) + $(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=44 $(INC) mldsa_native/mldsa_native.c -o $(BUILD_DIR)/mldsa_native44.c.o + $(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=44 $(INC) mldsa_native/mldsa_native_asm.S -o $(BUILD_DIR)/mldsa_native44.S.o + $(Q)$(AR) rcs $@ $(BUILD_DIR)/mldsa_native44.c.o $(BUILD_DIR)/mldsa_native44.S.o + $(Q)strip -S $@ + +$(LIB65_FULL): $(MLD_SOURCE) + $(Q)echo "$@" + $(Q)[ -d $(@) ] || mkdir -p $(@D) + $(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=65 $(INC) mldsa_native/mldsa_native.c -o $(BUILD_DIR)/mldsa_native65.c.o + $(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=65 $(INC) mldsa_native/mldsa_native_asm.S -o $(BUILD_DIR)/mldsa_native65.S.o + $(Q)$(AR) rcs $@ $(BUILD_DIR)/mldsa_native65.c.o $(BUILD_DIR)/mldsa_native65.S.o + $(Q)strip -S $@ + +$(LIB87_FULL): $(MLD_SOURCE) + $(Q)echo "$@" + $(Q)[ -d $(@) ] || mkdir -p $(@D) + $(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=87 $(INC) mldsa_native/mldsa_native.c -o $(BUILD_DIR)/mldsa_native87.c.o + $(Q)$(CC) -c $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=87 $(INC) mldsa_native/mldsa_native_asm.S -o $(BUILD_DIR)/mldsa_native87.S.o + $(Q)$(AR) rcs $@ $(BUILD_DIR)/mldsa_native87.c.o $(BUILD_DIR)/mldsa_native87.S.o + $(Q)strip -S $@ + +$(BIN44_FULL): $(APP_SOURCE) $(LIB44_FULL) + $(Q)echo "$@" + $(Q)[ -d $(@) ] || mkdir -p $(@D) + $(Q)$(CC) $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=44 $(INC) $^ -o $@ + +$(BIN65_FULL): $(APP_SOURCE) $(LIB65_FULL) + $(Q)echo "$@" + $(Q)[ -d $(@) ] || mkdir -p $(@D) + $(Q)$(CC) $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=65 $(INC) $^ -o $@ + +$(BIN87_FULL): $(APP_SOURCE) $(LIB87_FULL) + $(Q)echo "$@" + $(Q)[ -d $(@) ] || mkdir -p $(@D) + $(Q)$(CC) $(CFLAGS) -DMLD_CONFIG_PARAMETER_SET=87 $(INC) $^ -o $@ + +all: build + +build: $(BIN44_FULL) $(BIN65_FULL) $(BIN87_FULL) + +run: $(BIN44_FULL) $(BIN65_FULL) $(BIN87_FULL) + $(Q)$(EXEC_WRAPPER) ./$(BIN44_FULL) + $(Q)$(EXEC_WRAPPER) ./$(BIN65_FULL) + $(Q)$(EXEC_WRAPPER) ./$(BIN87_FULL) + +clean: + rm -rf $(BUILD_DIR) diff --git a/examples/monolithic_build_verify_native/README.md b/examples/monolithic_build_verify_native/README.md new file mode 100644 index 000000000..bf0686c84 --- /dev/null +++ b/examples/monolithic_build_verify_native/README.md @@ -0,0 +1,50 @@ +[//]: # (SPDX-License-Identifier: CC-BY-4.0) + +# Monolithic Build Verify Only (Native Backend) + +This directory contains a minimal example for building mldsa-native for a minimal footprint with +native assembly backends to only verify signatures, using the auto-generated `mldsa_native.c` +and `mldsa_native_asm.S` files. + +## Use Case + +Use this approach when: +- You need only one ML-DSA parameter set (44, 65, or 87) +- You want simple build integration with optimal performance +- You want to minimze code size and memory usage +- You only need to verify signatures, not generate keys or create signatures +- You don't need the wrapper functions and can call mldsa_verify_internal() directly + +## Components + +1. Source tree [mldsa_native/*](mldsa_native), including top-level compilation unit + [mldsa_native.c](mldsa_native/mldsa_native.c) (gathering all C sources), + [mldsa_native_asm.S](mldsa_native/mldsa_native_asm.S) (gathering all assembly sources), + and the mldsa-native API [mldsa_native.h](mldsa_native/mldsa_native.h). +2. Your application source code + +## Configuration + +The configuration file [mldsa_native_config.h](mldsa_native/mldsa_native_config.h) sets: +- `MLD_CONFIG_PARAMETER_SET`: Security level (default 87) +- `MLD_CONFIG_NAMESPACE_PREFIX`: Symbol prefix (set to `mldsa`) +- `MLD_CONFIG_NO_KEYPAIR_API`: Disables `crypto_sign_signature`, etc. +- `MLD_CONFIG_NO_SIGN_API`: Disables `crypto_sign_keypair`, etc. +- `MLD_CONFIG_INTERNAL_API_ONLY`: Disables all public functions except `crypto_sign_XXXX_internal` +- `MLD_CONFIG_USE_NATIVE_BACKEND_ARITH`: Enables native arithmetic backend +- `MLD_CONFIG_USE_NATIVE_BACKEND_FIPS202`: Enables native FIPS-202 backend +- `MLD_CONFIG_INTERNAL_API_QUALIFIER`: `static` to build as a single unit +- `MLD_CONFIG_REDUCE_RAM`: Reduces the amount of working memory needed + +## Notes + +- Both `mldsa_native.c` and `mldsa_native_asm.S` must be compiled and linked +- Native backends are auto-selected based on target architecture +- On unsupported platforms, the C backend is used automatically + +## Usage + +```bash +make build # Build the example +make run # Run the example +``` diff --git a/examples/monolithic_build_verify_native/auto.mk b/examples/monolithic_build_verify_native/auto.mk new file mode 120000 index 000000000..ce5c161cb --- /dev/null +++ b/examples/monolithic_build_verify_native/auto.mk @@ -0,0 +1 @@ +../../test/mk/auto.mk \ No newline at end of file diff --git a/examples/monolithic_build_verify_native/expected_signatures.h b/examples/monolithic_build_verify_native/expected_signatures.h new file mode 100644 index 000000000..ce37e2a67 --- /dev/null +++ b/examples/monolithic_build_verify_native/expected_signatures.h @@ -0,0 +1,1102 @@ +/* + * Copyright (c) The mldsa-native project authors + * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT + */ + +#ifndef EXPECTED_SIGNATURES_H +#define EXPECTED_SIGNATURES_H + +#include + +const uint8_t message[] = { + 0xd7, 0x48, 0x9b, 0x17, 0x58, 0x0d, 0xda, 0x47, 0xc1, 0xec, 0x92, 0x59, 0x66, 0xe6, 0xc3, 0xd8, + 0x95, 0x7c, 0xf6, 0x94, 0xc8, 0x7c, 0x12, 0xc4, 0xfe, 0x7a, 0x28, 0x37, 0x49, 0xc8, 0x1d, 0x0d, + 0x35, 0x98, 0x24, 0x7c, 0x81, 0x71, 0x8b, 0x22, 0x0e, 0xb7, 0x0b, 0x19, 0x6e, 0x95, 0xe5, 0x7e, + 0xe4, 0xe6, 0x28, 0x04, 0x4f, 0x83, 0x77, 0xf1, 0x86, 0xde, 0x31, 0x28, 0xac, 0x48, 0x25, 0xc6, + 0x7f, 0xbc, 0xf7, 0x2d, 0xa0, 0x19, 0xed, 0xe4, 0x58, 0x0a, 0x45, 0x47, 0xad, 0x88, 0xea, 0x94, + 0x61, 0x69, 0x54, 0xbd, 0x4e, 0x0b, 0x61, 0x7e, 0xfc, 0xdc, 0x4a, 0x1f, 0x81, 0x0c, 0xe1, 0xc9, + 0x85, 0xa5, 0xb9, 0xae, 0x0d, 0x28, 0x6e, 0x96, 0xcb, 0xab, 0x52, 0x38, 0xb4, 0x59, 0x2a, 0x09, + 0xc9, 0x3a, 0x22, 0x45, 0xec, 0xa7, 0xdf, 0x99, 0xe7, 0xba, 0xf0, 0x26, 0xa2, 0xdd, 0xba, 0x4a, + 0x77, 0xe6, 0x21, 0xe3, 0x3c, 0x23, 0x38, 0xaa, 0xca, 0xa2, 0xa1, 0x4e, 0x15, 0x3c, 0x93, 0x2a, + 0xb2, 0x39, 0x95, 0xc2, 0xd9, 0xa3, 0x22, 0x2f, 0xeb, 0xb4, 0xea, 0x37, 0xd1, 0x16, 0xfc, 0x08, + 0xc2, 0xb2, 0x49, 0x8f, 0x62, 0xa5, 0x87, 0x48, 0x1f, 0xdf, 0x00, 0x2f, 0x7e, 0x82, 0xe5, 0x5f, + 0x5c, 0xcb, 0xc6, 0x91, 0xcb, 0x0d, 0xba, 0x86, 0x24, 0xb8, 0x71, 0x51, 0x55, 0x35, 0x0a, 0x64, + 0x31, 0x30, 0x08, 0x63, 0xd7, 0x20, 0x3d, 0xcb, 0x5f, 0xad, 0x6a, 0xc2, 0x92, 0xae, 0x96, 0xca, + 0x58, 0xea, 0xc3, 0x90, 0xb8, 0xbd, 0x34, 0x00, 0x97, 0x56, 0xd0, 0xe1, 0x89, 0x28, 0x02, 0x86, + 0x0f, 0x5d, 0x52, 0x74, 0x99, 0xb0, 0x7a, 0x83, 0xac, 0x5d, 0x3c, 0x67, 0xa9, 0x72, 0x3f, 0xeb, + 0x27, 0xf0, 0x76, 0x7d, 0xcb, 0x38, 0x4c, 0xf6, 0xbc, 0x48, 0x88, 0xc9, 0x30, 0x3d, 0xaa, 0x36, + 0xd7, 0x96, 0xa9, 0x02, 0x50, 0x1c, 0x4f, 0x76, 0xec, 0x8f, 0x10, 0x9f, 0xdf, 0xb9, 0x23, 0x7f, + 0x88, 0xd5, 0xf4, 0xf7, 0x3b, 0x40, 0xb6, 0x2e, 0x82, 0x75, 0x8b, 0x61, 0x9f, 0x63, 0x72, 0x20, + 0x1b, 0xf6, 0xed, 0x28, 0xa4, 0x83, 0x60, 0x81, 0xad, 0x78, 0x01, 0x98, 0xc3, 0xa6, 0xf2, 0xfc, + 0x6a, 0xe8, 0x19, 0xa5, 0x4f, 0xe6, 0x84, 0x40, 0x0b, 0x3d, 0x9e, 0x73, 0x1d, 0x08, 0x7d, 0x7e, + 0x68, 0xa6, 0xa0, 0x4c, 0xa9, 0xbe, 0x87, 0x67, 0x18, 0x1d, 0xc2, 0xe2, 0x02, 0xc8, 0x42, 0xb5, + 0xc4, 0xba, 0x65, 0x4f, 0x6b, 0xbc, 0x8f, 0x12, 0x4c, 0xf2, 0x1d, 0x2f, 0x53, 0xbe, 0xa2, 0xee, + 0x27, 0x17, 0x05, 0xbd, 0xe3, 0xb7, 0x37, 0x0f, 0x67, 0x8f, 0xdc, 0xc3, 0x15, 0xd1, 0xe9, 0x4d, + 0xff, 0xf3, 0x66, 0x24, 0xab, 0xd4, 0xe1, 0xff, 0x95, 0xb9, 0xae, 0x8e, 0x3d, 0xdc, 0xc5, 0x14, + 0xf0, 0x2a, 0xee, 0x35, 0xdc, 0x8a, 0x59, 0x59, 0x1b, 0x02, 0xe8, 0x78, 0x89, 0xac, 0xcd, 0x3d, + 0xd5, 0x02, 0x49, 0xde, 0xa0, 0xc4, 0xff, 0x68, 0x03, 0x63, 0xbb, 0x4e, 0x6f, 0x37, 0x53, 0x8b, + 0x4c, 0x63, 0xe1, 0x06, 0x1a, 0x2e, 0xb8, 0x1e, 0xe4, 0xb3, 0xe7, 0xf6, 0x3e, 0x24, 0x19, 0xbb, + 0xdf, 0x48, 0x27, 0x96, 0xad, 0x2a, 0xa8, 0x95, 0xae, 0x2b, 0xd1, 0x98, 0xb6, 0x48, 0xba, 0x1a, + 0x21, 0x48, 0x46, 0x2f, 0xed, 0xc9, 0x9b, 0x66, 0xc4, 0x86, 0xb2, 0x5f, 0x84, 0x9d, 0xde, 0xdb, + 0x5f, 0xca, 0xf9, 0x0c, 0x06, 0xec, 0xf4, 0xb8, 0xf3, 0xe0, 0x48, 0x3b, 0x44, 0x22, 0x90, 0xc2, + 0x1a, 0x40, 0xde, 0x69, 0xdb, 0xeb, 0xc0, 0x52, 0x12, 0x23, 0x17, 0xf8, 0xca, 0x5f, 0x40, 0x87, + 0xd6, 0xda, 0x9f, 0xed, 0xb1, 0xf9, 0xb3, 0xb6, 0x5d, 0x67, 0x02, 0xde, 0x55, 0x2c, 0x48, 0x3f, + 0x1a, 0xd1, 0x24, 0x6e, 0xf0, 0x78, 0x3b, 0x36, 0x66, 0x9f, 0x0f, 0x12, 0x4d, 0xbd, 0x7f, 0x1f, + 0x04, 0xb7, 0xe4, 0x18, 0x29, 0xee, 0x1b, 0x21, 0x4f, 0xf4, 0x5e, 0xd5, 0xae, 0xf5, 0x36, 0x9b, + 0x72, 0x59, 0xae, 0x86, 0x7b, 0x41, 0x5c, 0x4c, 0x9b, 0x8e, 0xac, 0xe1, 0x61, 0xd8, 0x86, 0xce, + 0x5a, 0xc7, 0x50, 0x30, 0xab, 0xcd, 0xa6, 0x55, 0x63, 0xa4, 0xac, 0x9d, 0xc4, 0xd9, 0xcb, 0x43, + 0xcf, 0x39, 0x0f, 0x62, 0xe3, 0xf0, 0x94, 0x72, 0xc3, 0xaa, 0x6b, 0xea, 0xa2, 0xd5, 0xd6, 0x4d, + 0xaa, 0xb2, 0x04, 0x56, 0x54, 0x02, 0xbf, 0xba, 0x80, 0xb3, 0xe6, 0x08, 0xca, 0x2a, 0x5a, 0x19, + 0x90, 0x39, 0xcb, 0xae, 0xce, 0x1b, 0x91, 0x5e, 0x96, 0x6a, 0x40, 0x26, 0x72, 0xe4, 0xe2, 0x0b, + 0x6d, 0xc2, 0xa3, 0x7f, 0x4c, 0x6c, 0x57, 0xca, 0x7d, 0x08, 0x9f, 0xe5, 0x0d, 0x1b, 0x62, 0x0d, + 0xb1, 0x66, 0x95, 0x49, 0x71, 0x9f, 0x98, 0x55, 0xf2, 0x32, 0x7e, 0x5c, 0xf5, 0x16, 0x58, 0x1e, + 0xa5, 0xb8, 0x8b, 0x96, 0x06, 0xfe, 0xd0, 0x92, 0xd5, 0x2e, 0x1b, 0xd5, 0x06, 0xd1, 0x43, 0xb0, + 0x18, 0x6b, 0xc1, 0x29, 0xac, 0x8f, 0x6d, 0x7d, 0x57, 0x5c, 0x69, 0x45, 0x40, 0x01, 0xb9, 0x98, + 0x3c, 0x49, 0x23, 0x73, 0xe8, 0x49, 0xeb, 0xfa, 0x59, 0x4e, 0xf3, 0xce, 0x4c, 0x06, 0xd8, 0x0a, + 0xea, 0x3d, 0x98, 0xbf, 0x73, 0x70, 0x9f, 0xbc, 0xda, 0xea, 0xc7, 0xe3, 0xcc, 0x30, 0x12, 0x1a, + 0x91, 0xd0, 0x05, 0x42, 0x37, 0xd0, 0x57, 0x1f, 0xb4, 0x8f, 0xe0, 0x9f, 0x13, 0x47, 0xb2, 0xc9, + 0xa2, 0xdf, 0x8c, 0x15, 0x7f, 0x83, 0xeb, 0xe3, 0xd2, 0xc8, 0x11, 0xad, 0xed, 0x11, 0x62, 0xfb, + 0x7e, 0xb9, 0xcb, 0x8e, 0x60, 0x84, 0x34, 0xa8, 0xdf, 0x63, 0x9f, 0xe8, 0x65, 0xfb, 0xfd, 0xa8, + 0x9c, 0x9e, 0x66, 0xbc, 0x72, 0xdf, 0xc9, 0x75, 0xd8, 0xab, 0x27, 0x6e, 0x41, 0x42, 0x8b, 0x59, + 0x9d, 0xc2, 0xa4, 0x56, 0x80, 0x67, 0x70, 0xeb, 0xb7, 0x83, 0xb5, 0xd4, 0x0e, 0x15, 0x02, 0x57, + 0xd5, 0xaa, 0xca, 0xf6, 0xfc, 0x8b, 0xa4, 0xf2, 0x51, 0x45, 0x75, 0x01, 0xe0, 0x84, 0x0c, 0x05, + 0x04, 0xbe, 0x1c, 0x5e, 0x0c, 0xfd, 0xc3, 0x34, 0x97, 0xdb, 0xcc, 0xb4, 0x22, 0x9d, 0x3c, 0x09, + 0xd9, 0xc9, 0x15, 0x2b, 0x3e, 0x90, 0x24, 0x1f, 0x3b, 0xe4, 0x11, 0xd4, 0x2e, 0x70, 0xad, 0x8d, + 0xb6, 0xf5, 0x6b, 0x6d, 0x35, 0x3a, 0x44, 0xb6, 0x82, 0x7f, 0x73, 0x14, 0x3c, 0xa1, 0xf1, 0x1d, + 0xe7, 0xc9, 0x12, 0x00, 0x80, 0x3f, 0x47, 0xaa, 0x44, 0xb4, 0x2a, 0xf9, 0xf4, 0xa5, 0xa0, 0x47, + 0xd1, 0x13, 0x74, 0x6d, 0xbe, 0xc2, 0x78, 0xbb, 0xca, 0xe4, 0x32, 0x9b, 0x75, 0xc1, 0xf2, 0xfd, + 0x4b, 0xa5, 0x92, 0x5b, 0xf3, 0x1c, 0x5a, 0xfe, 0x4f, 0xa9, 0xc1, 0xe3, 0x1c, 0x7b, 0xb6, 0x9a, + 0xe4, 0x69, 0x18, 0xa7, 0x98, 0x1a, 0x76, 0x65, 0x36, 0x7b, 0xd7, 0x3a, 0xaa, 0x12, 0xf8, 0xd3, + 0x8d, 0x98, 0x22, 0xc9, 0x6e, 0x75, 0x01, 0x86, 0x59, 0x0d, 0x01, 0x99, 0x2c, 0xfa, 0x87, 0x99, + 0x83, 0x3e, 0x7d, 0x13, 0xd4, 0xeb, 0xe2, 0x83, 0x00, 0x07, 0x10, 0xd2, 0x9c, 0xbf, 0x13, 0x85, + 0xb0, 0x16, 0x86, 0x03, 0x01, 0xd2, 0xa2, 0x91, 0x14, 0x3d, 0x9b, 0x97, 0xfb, 0x63, 0x02, 0x1e, + 0x4e, 0xf0, 0x04, 0xe8, 0xc1, 0x34, 0x16, 0xeb, 0xb7, 0xc2, 0x16, 0xc3, 0x5d, 0xdd, 0x1a, 0xc9, + 0x13, 0x75, 0x13, 0xff, 0x6d, 0xb7, 0x93 }; + +/* Keys and expected deterministic signatures for each parameter set */ +#if MLD_CONFIG_PARAMETER_SET == 44 +const uint8_t public_key[] = { + 0x8d, 0x01, 0x17, 0xf2, 0x59, 0x49, 0xb7, 0x31, 0x9b, 0xfc, 0x7c, 0x37, 0xe5, 0x50, 0xf7, 0xed, + 0xa9, 0x17, 0x1f, 0x78, 0x6f, 0xf8, 0x36, 0x2c, 0x86, 0x12, 0x46, 0xde, 0x38, 0x6a, 0x7e, 0x8c, + 0x91, 0x5b, 0x23, 0x3b, 0x5e, 0x93, 0xb8, 0x74, 0x6e, 0xc1, 0xb3, 0x63, 0xa0, 0x37, 0x92, 0x3f, + 0x9a, 0x79, 0xf6, 0x20, 0x01, 0xeb, 0xa5, 0x00, 0x6a, 0x3b, 0x02, 0x82, 0x87, 0x64, 0x47, 0x5a, + 0x5d, 0xad, 0x1b, 0x14, 0x78, 0xb0, 0x47, 0xbd, 0xee, 0xf7, 0x87, 0x1c, 0xae, 0x25, 0x28, 0x76, + 0xf6, 0x17, 0xe8, 0xc3, 0xe4, 0xbb, 0x3c, 0xbb, 0x51, 0x3a, 0xa7, 0x0a, 0x54, 0xea, 0x6d, 0xd4, + 0x80, 0xea, 0xa3, 0x21, 0x16, 0xc1, 0x46, 0x83, 0x5d, 0x58, 0x80, 0xe0, 0x8c, 0x7e, 0x4c, 0x48, + 0xce, 0x66, 0x2e, 0x0d, 0xee, 0xd2, 0x14, 0xc1, 0x0f, 0xa7, 0xd9, 0x7b, 0x5f, 0x25, 0x23, 0x53, + 0x13, 0xb5, 0xde, 0xbb, 0x8f, 0xf3, 0x38, 0xc4, 0xef, 0x10, 0xb5, 0xf7, 0x42, 0xa9, 0xf0, 0x1c, + 0x67, 0xef, 0x43, 0x21, 0x8e, 0xe3, 0x1c, 0xb2, 0x87, 0x20, 0xd3, 0xff, 0x75, 0x04, 0x05, 0xfd, + 0x5b, 0xe9, 0x33, 0x08, 0x72, 0x2c, 0x3a, 0x4b, 0xc4, 0x66, 0xe6, 0xd9, 0xfa, 0x88, 0x09, 0xc2, + 0x6d, 0x84, 0xaa, 0x0d, 0x13, 0xb8, 0x53, 0xd5, 0x77, 0x90, 0x10, 0x56, 0x99, 0x5b, 0x9a, 0x72, + 0xee, 0xde, 0x42, 0xc1, 0x2f, 0x6e, 0x1d, 0x42, 0xba, 0xf7, 0x09, 0xbd, 0x3b, 0xf0, 0xf4, 0xa2, + 0x68, 0xf3, 0xf5, 0x7e, 0xcb, 0x2a, 0xc3, 0x39, 0xc9, 0x99, 0xba, 0x70, 0x49, 0x2e, 0xe9, 0x47, + 0x8a, 0xa3, 0xfd, 0xad, 0x0d, 0x0a, 0xac, 0xf7, 0x88, 0xf0, 0x13, 0x26, 0x95, 0x2d, 0x85, 0xaa, + 0x2e, 0x9f, 0x47, 0xe7, 0x7b, 0xd6, 0x95, 0x29, 0xd9, 0xc3, 0x05, 0x2e, 0x3d, 0xc1, 0x8e, 0x49, + 0x1f, 0x40, 0x0f, 0xfa, 0x9f, 0xad, 0x15, 0x84, 0x01, 0x3e, 0x8e, 0xbc, 0xe2, 0xf4, 0x94, 0x43, + 0x21, 0x1f, 0xb9, 0x67, 0x32, 0x8a, 0xf4, 0xc5, 0xcd, 0xf5, 0x84, 0x74, 0x82, 0x65, 0x0c, 0x83, + 0xb3, 0xde, 0xca, 0x7c, 0x74, 0x3d, 0x5c, 0x80, 0x02, 0x3d, 0xe8, 0x5c, 0xe7, 0xd6, 0xbc, 0x3c, + 0x7b, 0xc8, 0x67, 0x67, 0x9d, 0xaf, 0xca, 0xe3, 0x0a, 0x21, 0xf2, 0xc2, 0xcc, 0xae, 0xa8, 0x28, + 0xd8, 0x1c, 0x84, 0x43, 0x10, 0x4c, 0xfd, 0xc0, 0xc0, 0x74, 0x69, 0x03, 0x66, 0xfe, 0x87, 0x8f, + 0x3e, 0xce, 0x51, 0x90, 0x1f, 0xb8, 0x86, 0x3a, 0xea, 0xd1, 0xe2, 0xa0, 0xb1, 0xbb, 0xbe, 0x8c, + 0x9f, 0xae, 0xc2, 0x53, 0xc9, 0xff, 0x3d, 0xce, 0xa1, 0xff, 0x60, 0xa4, 0x33, 0x2f, 0xcc, 0x6d, + 0x54, 0xc2, 0x0a, 0x1f, 0xad, 0x4a, 0x8f, 0xa8, 0xef, 0xa5, 0xf9, 0xfc, 0x9b, 0xdf, 0xe2, 0x5a, + 0x15, 0xde, 0x9c, 0x3b, 0x5b, 0xa7, 0x88, 0xe7, 0x19, 0x8d, 0x90, 0xb7, 0x31, 0xcc, 0x5d, 0x59, + 0xc4, 0x6b, 0xa3, 0x52, 0xae, 0x03, 0x07, 0xd0, 0x21, 0x7b, 0x87, 0x2e, 0x19, 0x8d, 0xd7, 0x96, + 0x45, 0xd2, 0x0d, 0xfa, 0xe1, 0x9e, 0x0e, 0x29, 0x41, 0x29, 0xec, 0xbc, 0x4d, 0x60, 0x90, 0x54, + 0x66, 0x28, 0x91, 0x48, 0x59, 0x9a, 0xd2, 0x1a, 0x9a, 0x89, 0xed, 0xd5, 0x10, 0xf5, 0x96, 0x34, + 0x26, 0x20, 0xfa, 0xc9, 0x99, 0xb4, 0x7d, 0x92, 0x15, 0x69, 0x10, 0x0e, 0xb4, 0xe6, 0x85, 0xf1, + 0xcf, 0xc8, 0x95, 0x5f, 0xbf, 0xee, 0x89, 0x0b, 0xa9, 0xcc, 0x0e, 0xac, 0x60, 0x8a, 0xd7, 0x13, + 0xc1, 0xdc, 0xfc, 0x67, 0x05, 0xc3, 0x8f, 0x3c, 0x93, 0xe2, 0x74, 0x3d, 0x4b, 0x93, 0x23, 0x4a, + 0x3e, 0x30, 0xc6, 0x59, 0xeb, 0xaf, 0x64, 0x32, 0xf4, 0x6c, 0xe2, 0x6a, 0xff, 0x40, 0x1f, 0xa0, + 0x8e, 0xc3, 0xb3, 0xce, 0x46, 0x16, 0xc8, 0x8d, 0x54, 0x0e, 0x49, 0x3b, 0x19, 0x3e, 0xa7, 0x99, + 0xc3, 0xce, 0x0f, 0xe1, 0xb9, 0xe8, 0x1f, 0x52, 0x40, 0x11, 0xd5, 0x69, 0x1e, 0xa8, 0x86, 0xa3, + 0x2d, 0x67, 0x2c, 0x4d, 0xcf, 0x12, 0xd9, 0xa0, 0xc4, 0xc2, 0x00, 0x3c, 0xeb, 0x2a, 0x9d, 0x15, + 0x03, 0xda, 0x28, 0xa4, 0xa1, 0xd2, 0x90, 0x57, 0x70, 0xc2, 0x99, 0xac, 0x32, 0xff, 0x28, 0xd5, + 0xac, 0xcf, 0x14, 0xd6, 0x07, 0x4d, 0x31, 0x1c, 0x6f, 0xa4, 0xc6, 0x56, 0xdb, 0xab, 0x87, 0x14, + 0x75, 0x7f, 0xa4, 0x15, 0xc8, 0x11, 0xad, 0x39, 0xe8, 0x2b, 0x39, 0x20, 0x33, 0x9b, 0x68, 0x4d, + 0x07, 0xac, 0x44, 0x88, 0xe4, 0x67, 0xc3, 0x90, 0xc6, 0x77, 0xe9, 0xc1, 0x1d, 0x67, 0xa1, 0x27, + 0x9c, 0x07, 0x33, 0xbf, 0x2a, 0x88, 0xdb, 0xb5, 0xb1, 0x3e, 0xf0, 0x5a, 0xd7, 0x4d, 0x3e, 0x2d, + 0xea, 0x39, 0xd5, 0xd5, 0x36, 0x98, 0xcc, 0x38, 0x1d, 0x88, 0x29, 0xb1, 0xde, 0xbc, 0x0e, 0x8a, + 0x27, 0x6a, 0x32, 0x43, 0xb8, 0xad, 0x25, 0xbb, 0x70, 0x76, 0xcd, 0x2c, 0x3f, 0x1e, 0xcc, 0x96, + 0x01, 0xe7, 0x9a, 0x9b, 0xec, 0xdb, 0x37, 0x9d, 0x34, 0xd8, 0x03, 0xe6, 0x60, 0x35, 0xbd, 0x75, + 0x3e, 0x39, 0x23, 0xd5, 0x0d, 0x27, 0x3c, 0xf4, 0x8f, 0x49, 0x24, 0xbd, 0x66, 0x7a, 0x53, 0x0d, + 0x3a, 0x7b, 0x80, 0x4a, 0x29, 0xe7, 0xcd, 0x9c, 0xb2, 0xd5, 0x01, 0x92, 0x39, 0x03, 0x68, 0x84, + 0x4d, 0x44, 0xc5, 0x5e, 0xe0, 0x91, 0x55, 0x1e, 0x1e, 0x59, 0xd4, 0x1d, 0x25, 0xc3, 0x9a, 0xfd, + 0xd2, 0x0e, 0x3b, 0x49, 0x08, 0x87, 0x6b, 0x0f, 0xfd, 0x64, 0x7b, 0x37, 0x3a, 0x51, 0x94, 0x73, + 0x30, 0xaa, 0x4b, 0x17, 0x31, 0x73, 0x19, 0x95, 0xf9, 0x96, 0xe0, 0x81, 0x28, 0x20, 0x8a, 0xe9, + 0x16, 0x28, 0x64, 0x69, 0xc2, 0x28, 0xcc, 0x6f, 0xc2, 0xc1, 0xfc, 0xee, 0x71, 0xa3, 0xd6, 0xe4, + 0x21, 0x23, 0xd6, 0x16, 0xc9, 0x67, 0x6c, 0xb6, 0x78, 0x00, 0x91, 0x74, 0xc2, 0x09, 0xcd, 0x98, + 0x25, 0xb5, 0x48, 0xc2, 0x80, 0xd1, 0x22, 0x86, 0x29, 0x68, 0x8b, 0x16, 0x8e, 0x82, 0x0d, 0xd6, + 0xf6, 0x67, 0x37, 0xfa, 0x32, 0xf3, 0x8b, 0x09, 0xc7, 0x4b, 0x66, 0x57, 0xed, 0xe0, 0x79, 0x3e, + 0xfd, 0x45, 0xe2, 0x6d, 0xe8, 0x56, 0x0f, 0xdd, 0xf3, 0x53, 0x86, 0x32, 0x7b, 0xe6, 0xbc, 0xf1, + 0x5c, 0x4b, 0x86, 0x24, 0xef, 0x49, 0x77, 0xe2, 0x0e, 0xd5, 0xd8, 0x61, 0x5d, 0x0a, 0xb9, 0x3e, + 0xb2, 0x4a, 0x9d, 0x59, 0xe8, 0xa0, 0x4b, 0x98, 0x5e, 0x78, 0x67, 0x8b, 0xe9, 0x5f, 0xeb, 0xbd, + 0x63, 0xa4, 0xa4, 0xc8, 0x4c, 0x90, 0xd2, 0x81, 0x49, 0x20, 0x31, 0xe2, 0x55, 0xd4, 0x0d, 0x3d, + 0xc2, 0x21, 0x54, 0x92, 0xcd, 0xee, 0x8f, 0xbb, 0xe7, 0xb4, 0x30, 0xa1, 0xd4, 0xa6, 0x0c, 0xe3, + 0xe6, 0x65, 0xd5, 0x23, 0x09, 0x52, 0x83, 0xa7, 0x42, 0x5f, 0x7f, 0x14, 0x12, 0x49, 0xe3, 0x4c, + 0x0c, 0xab, 0xa7, 0x7b, 0x62, 0xf0, 0x50, 0xed, 0xb4, 0x18, 0xdb, 0x0a, 0x0f, 0x6d, 0xdb, 0xa5, + 0xe4, 0xcb, 0x6e, 0xda, 0x20, 0xca, 0x38, 0x42, 0xb5, 0xb7, 0x00, 0x5d, 0x0c, 0xc1, 0x31, 0x08, + 0xd4, 0x1e, 0x9d, 0x8a, 0xe6, 0x49, 0x3d, 0xeb, 0xcd, 0x01, 0x08, 0x45, 0xb1, 0xb2, 0xe3, 0xb8, + 0x81, 0x23, 0xe7, 0x30, 0x1c, 0xab, 0x0b, 0x02, 0xd2, 0xe6, 0x8c, 0x0e, 0xd6, 0x6b, 0xcb, 0x1a, + 0x5f, 0xb1, 0xfd, 0xea, 0x25, 0xa8, 0x2a, 0x3b, 0x65, 0x7c, 0x0b, 0x77, 0x07, 0x4c, 0xaa, 0xec, + 0x15, 0xf7, 0x62, 0xe7, 0xa5, 0x47, 0xd8, 0x6a, 0x87, 0xca, 0x71, 0x7a, 0x2c, 0xe5, 0x92, 0x25, + 0x7b, 0xb8, 0x9a, 0xec, 0x97, 0x27, 0x6e, 0xf6, 0xea, 0x37, 0x47, 0xb4, 0x35, 0xad, 0x66, 0x28, + 0x96, 0x63, 0x75, 0xc4, 0x86, 0x24, 0x7b, 0x5f, 0xea, 0x11, 0xcf, 0x5f, 0x59, 0x68, 0x02, 0x12, + 0xdf, 0x8e, 0xb0, 0x56, 0xe1, 0xa7, 0xde, 0xdb, 0x18, 0x13, 0x1e, 0x2c, 0x6b, 0x68, 0xca, 0xf9, + 0x9c, 0x1a, 0x01, 0xae, 0x59, 0xa8, 0xcb, 0xd4, 0x1a, 0x63, 0xa2, 0xdd, 0x7a, 0xf8, 0xa8, 0x3b, + 0x53, 0xf0, 0x71, 0xf7, 0x6b, 0x22, 0x1a, 0x34, 0x48, 0xec, 0xc6, 0x29, 0xcb, 0xeb, 0xdd, 0xeb, + 0xd1, 0xea, 0xb3, 0x9f, 0x1d, 0x06, 0x9b, 0x1d, 0x4f, 0x12, 0x92, 0xcd, 0xa6, 0x08, 0xd8, 0x61, + 0x6d, 0x3a, 0x85, 0x5f, 0x8f, 0x46, 0xd1, 0x95, 0x19, 0xb4, 0x49, 0x95, 0x20, 0xdf, 0x90, 0xa0, + 0xe5, 0x53, 0x85, 0x70, 0x3c, 0x16, 0xc1, 0x55, 0x3b, 0xc7, 0x7b, 0xbd, 0x25, 0x25, 0x7c, 0xf7, + 0x16, 0x5e, 0xaf, 0x15, 0x1d, 0x5b, 0x7b, 0x11, 0x55, 0x2d, 0x78, 0xa9, 0xf4, 0x51, 0x14, 0x92, + 0x76, 0x92, 0x14, 0xe9, 0x5e, 0xc5, 0xc7, 0x25, 0xa9, 0x0e, 0x47, 0x33, 0xcf, 0xdf, 0x40, 0x36, + 0x72, 0x67, 0xe2, 0xb4, 0x4c, 0x95, 0xce, 0xd1, 0xa1, 0xd8, 0x04, 0xbd, 0xee, 0x2f, 0xca, 0x4f, + 0x3e, 0x2b, 0xcf, 0x30, 0xa2, 0xd4, 0x4e, 0x59, 0xc2, 0xe2, 0x9a, 0xe7, 0x41, 0x6b, 0xe9, 0x41, + 0x97, 0x82, 0xe6, 0x02, 0xca, 0xa6, 0x5b, 0x85, 0xc3, 0xd8, 0xd5, 0xcf, 0xb4, 0x19, 0x56, 0x04, + 0xe8, 0x48, 0xfd, 0x28, 0x68, 0x29, 0x60, 0x23, 0x49, 0x26, 0xea, 0x03, 0xc9, 0xdd, 0xfd, 0x0f, + 0xf1, 0x80, 0xcc, 0x0a, 0xec, 0x68, 0xda, 0xc3, 0xf8, 0xb5, 0x20, 0x0c, 0x33, 0xae, 0xc6, 0x72, + 0x8f, 0xea, 0x89, 0x57, 0xed, 0xe2, 0x1c, 0xc9, 0x7b, 0xb2, 0x7b, 0xe8, 0xa4, 0x1c, 0x44, 0x5d, + 0x63, 0x58, 0x3a, 0x00, 0xc8, 0x34, 0xd2, 0x69, 0xf5, 0x70, 0xdf, 0x5b, 0xe4, 0x4e, 0x28, 0xfc, + 0x28, 0x57, 0xdc, 0xe1, 0x56, 0xfc, 0x7f, 0xb7, 0x89, 0x6c, 0x60, 0x60, 0xa8, 0x6c, 0x8f, 0x4f}; +const uint8_t expected_signature[] = { + 0x7c, 0x28, 0xe9, 0xac, 0x13, 0x73, 0x97, 0xb9, 0x85, 0x62, 0x63, 0x50, 0x29, 0xf3, 0xd1, 0x3b, + 0x96, 0x29, 0x48, 0x6f, 0x19, 0xb9, 0x4b, 0xbc, 0x2e, 0xbf, 0x91, 0x76, 0x74, 0xaf, 0xdd, 0x62, + 0x37, 0x98, 0x7d, 0xbc, 0x05, 0x4c, 0x56, 0x94, 0xc3, 0xbc, 0xa6, 0xbb, 0xbd, 0x3d, 0xbe, 0xbd, + 0xa5, 0x3c, 0x79, 0x4c, 0x7a, 0x5a, 0x66, 0x5c, 0x0a, 0x84, 0xed, 0xc6, 0x4a, 0x8d, 0x0f, 0x4e, + 0xaf, 0x77, 0x6b, 0x65, 0x47, 0xbf, 0x29, 0xbe, 0x60, 0x32, 0xe2, 0x93, 0xc5, 0x38, 0x06, 0x14, + 0x9e, 0x1a, 0xcf, 0x45, 0x9e, 0xcb, 0xca, 0xf0, 0x03, 0x59, 0x7a, 0x6b, 0x44, 0xa2, 0x58, 0x05, + 0xe1, 0x12, 0x51, 0xeb, 0x8b, 0x22, 0xa6, 0x10, 0xec, 0x65, 0x14, 0x9f, 0x9f, 0x89, 0xab, 0x62, + 0xa0, 0xab, 0x54, 0x7e, 0x98, 0xd5, 0x10, 0x32, 0x13, 0x4b, 0xc2, 0x22, 0x70, 0x59, 0x60, 0xba, + 0x64, 0x35, 0x99, 0x72, 0x05, 0x96, 0x98, 0x01, 0xe5, 0xda, 0x76, 0x8a, 0x8e, 0x86, 0x7f, 0x4a, + 0xbb, 0xb3, 0x7f, 0xbd, 0x58, 0x59, 0x29, 0xec, 0x30, 0x16, 0xfc, 0x9d, 0x47, 0xf0, 0xf7, 0x50, + 0xda, 0x14, 0x0a, 0xa4, 0x1a, 0x72, 0xd9, 0xb8, 0x4b, 0x2a, 0x36, 0x11, 0x6b, 0xaf, 0x40, 0x17, + 0x9f, 0xf0, 0x3a, 0x99, 0x95, 0xcc, 0xdc, 0x36, 0xc8, 0x92, 0xcb, 0x98, 0x0b, 0x40, 0xed, 0xee, + 0x83, 0x6b, 0xd6, 0x7e, 0x9d, 0x0c, 0x8f, 0x6b, 0x85, 0x33, 0xc7, 0xc8, 0x89, 0x89, 0x5e, 0xf4, + 0xd9, 0xaf, 0x47, 0x19, 0xf2, 0xf0, 0xa7, 0x48, 0x18, 0xfd, 0x70, 0x66, 0xd7, 0x40, 0x0b, 0x69, + 0x2a, 0x01, 0xa8, 0x9a, 0xa6, 0xeb, 0x85, 0xb6, 0x88, 0x13, 0xdc, 0xc4, 0x15, 0x38, 0x4e, 0x71, + 0xb3, 0x1e, 0x4f, 0xef, 0x3d, 0x3e, 0x92, 0xe6, 0xcf, 0xb0, 0xa2, 0xf5, 0x07, 0xd7, 0x25, 0xb7, + 0xd8, 0xcb, 0x20, 0x50, 0x0a, 0x67, 0x74, 0x69, 0xb4, 0x5f, 0x4c, 0xe3, 0x27, 0x4e, 0x9f, 0xaa, + 0x8f, 0x05, 0xd1, 0x24, 0xf1, 0x3a, 0x11, 0x83, 0x6f, 0xec, 0xb3, 0x14, 0xf1, 0xd8, 0x1d, 0x59, + 0x69, 0xd3, 0x96, 0x30, 0x83, 0x33, 0xfa, 0x48, 0x02, 0x4b, 0x2d, 0xef, 0x80, 0x12, 0x22, 0x58, + 0x73, 0x99, 0x3f, 0xc7, 0x45, 0xfc, 0xe7, 0xbe, 0x6b, 0x25, 0x37, 0x31, 0x97, 0x5d, 0x3f, 0x06, + 0x06, 0x4a, 0xf6, 0x71, 0xaf, 0xd0, 0xab, 0x1b, 0xcb, 0x1a, 0x1c, 0xe3, 0xd0, 0x38, 0x2c, 0x9c, + 0x7a, 0x98, 0x13, 0x2f, 0xd7, 0x88, 0xca, 0xa0, 0xb3, 0x66, 0xc8, 0x79, 0x4b, 0x60, 0xb0, 0x3b, + 0xb3, 0x65, 0xa5, 0x6b, 0x99, 0x23, 0x34, 0xb8, 0xff, 0x14, 0x9f, 0x3a, 0xac, 0x90, 0x02, 0x87, + 0xdf, 0xe8, 0xf2, 0xe8, 0x37, 0x35, 0xe9, 0x7a, 0xb5, 0xb1, 0x14, 0x92, 0x0e, 0x58, 0x88, 0xdb, + 0x44, 0xa9, 0xa5, 0xf9, 0x38, 0x6d, 0x6d, 0x26, 0x9f, 0xe3, 0xbd, 0x41, 0xdf, 0x48, 0x96, 0x4d, + 0x11, 0xab, 0x6e, 0xca, 0x99, 0xbd, 0xa7, 0xa3, 0x9a, 0x4a, 0xde, 0xb7, 0xb8, 0x50, 0x5d, 0xcf, + 0xf7, 0xa3, 0xba, 0x42, 0xe3, 0x22, 0x5d, 0x2f, 0x36, 0xe2, 0x96, 0xca, 0xdd, 0x9f, 0x3a, 0x42, + 0xcf, 0xac, 0xd2, 0xa3, 0x33, 0x59, 0xe2, 0x19, 0x54, 0xe7, 0x87, 0x36, 0x68, 0xd5, 0x18, 0x08, + 0xf6, 0x00, 0x59, 0xf2, 0xe9, 0x99, 0xd3, 0x22, 0x2c, 0xb6, 0xfa, 0x8a, 0x66, 0xf7, 0xf5, 0xaa, + 0x88, 0x13, 0x48, 0x0e, 0xb6, 0xf1, 0x15, 0xc9, 0xdf, 0xcd, 0x5b, 0x48, 0xf3, 0x84, 0x7c, 0x78, + 0xf0, 0x5b, 0xa2, 0x2b, 0xfc, 0x2d, 0x88, 0x03, 0x54, 0x66, 0xca, 0x4f, 0x0f, 0xdd, 0xe7, 0xd0, + 0x32, 0x99, 0xa1, 0x3d, 0xc5, 0xad, 0x9a, 0xe2, 0x74, 0xe0, 0x39, 0xb2, 0xc0, 0xbb, 0xae, 0x16, + 0x76, 0x40, 0xc1, 0x72, 0xb3, 0xd4, 0xae, 0x26, 0xd3, 0xd9, 0x7f, 0xd6, 0xa3, 0x75, 0x6c, 0xbe, + 0x1c, 0x8f, 0xa8, 0x83, 0x35, 0x39, 0x36, 0x76, 0x3e, 0x80, 0x50, 0x77, 0x62, 0x19, 0x3e, 0x5e, + 0xd0, 0xf6, 0xaa, 0xf0, 0xa3, 0x50, 0x37, 0x27, 0x76, 0xf0, 0x54, 0x7c, 0x0d, 0xa6, 0x40, 0x9b, + 0xab, 0x29, 0xe4, 0xa9, 0x24, 0x69, 0x26, 0x30, 0x07, 0x8a, 0x01, 0xcf, 0x05, 0x58, 0x82, 0x5b, + 0xa6, 0x39, 0x64, 0xad, 0x11, 0x8d, 0x6e, 0x34, 0xcb, 0xc2, 0x64, 0x03, 0x30, 0xde, 0x45, 0x6c, + 0x6d, 0x4a, 0x35, 0x6f, 0x9b, 0x69, 0x95, 0x35, 0x30, 0x62, 0x41, 0xc0, 0x8d, 0x56, 0x72, 0x15, + 0x19, 0x8b, 0x80, 0x88, 0xdc, 0x3f, 0xd0, 0x3d, 0xa0, 0x3e, 0x10, 0xae, 0x1d, 0x5e, 0xc3, 0x06, + 0xcd, 0xa1, 0x11, 0xf5, 0x45, 0x1e, 0x55, 0x1d, 0xba, 0xe5, 0x22, 0xd2, 0xe5, 0xe1, 0x7f, 0xcf, + 0xbc, 0x36, 0xf8, 0xaf, 0xca, 0xf8, 0xf1, 0x58, 0x32, 0x42, 0xea, 0x2d, 0x7d, 0x02, 0x4d, 0xcc, + 0x39, 0x71, 0x99, 0xa6, 0x0b, 0x3e, 0x65, 0x86, 0x16, 0x17, 0x2b, 0x28, 0xc9, 0xc3, 0x24, 0x35, + 0x76, 0x8d, 0x2c, 0x34, 0xd4, 0xdf, 0xec, 0x2c, 0xec, 0x26, 0x2f, 0x8a, 0x94, 0xcb, 0x61, 0x36, + 0x39, 0xbf, 0xf9, 0x89, 0x0b, 0x9c, 0xed, 0x27, 0xde, 0x5d, 0xe4, 0xdb, 0xb4, 0xf1, 0xde, 0x6f, + 0x93, 0xad, 0x66, 0xde, 0x8e, 0x90, 0x45, 0x7b, 0xcb, 0x8e, 0x97, 0x28, 0x24, 0x89, 0xf7, 0xd1, + 0x03, 0x50, 0x66, 0xc1, 0xdb, 0x1f, 0x64, 0xea, 0x5c, 0x99, 0x00, 0x2b, 0xd4, 0x46, 0x70, 0xee, + 0x5b, 0x44, 0xfa, 0x82, 0xfe, 0xc5, 0x51, 0x19, 0x5a, 0xa8, 0x7c, 0x93, 0x72, 0x02, 0x1e, 0x5f, + 0x25, 0x09, 0x96, 0x62, 0x8b, 0xc4, 0x83, 0x0b, 0x56, 0x21, 0xd3, 0x3c, 0x1e, 0xc2, 0xb5, 0x55, + 0xf7, 0x8b, 0xe4, 0x2c, 0x86, 0x47, 0xaa, 0x69, 0x30, 0xf9, 0xd2, 0xc7, 0xc0, 0xed, 0x95, 0x5e, + 0x92, 0xf8, 0xdc, 0x6a, 0x7b, 0xa2, 0xb1, 0x95, 0x8a, 0x63, 0x38, 0x24, 0x79, 0x1c, 0x90, 0xe5, + 0xed, 0xf5, 0x72, 0x70, 0x58, 0x99, 0x96, 0xbb, 0xb8, 0x85, 0x3d, 0x73, 0x23, 0x8c, 0xba, 0xed, + 0xc0, 0x69, 0xbf, 0x40, 0x4a, 0xc4, 0x5b, 0x6b, 0x14, 0x0f, 0xf4, 0x68, 0x56, 0xfc, 0x1f, 0x01, + 0x59, 0xbe, 0x81, 0xab, 0xca, 0x3e, 0x4e, 0x0a, 0x79, 0x87, 0xef, 0x52, 0xac, 0x5c, 0x0e, 0x48, + 0x55, 0xc6, 0x9f, 0x94, 0xe9, 0x1d, 0xad, 0x83, 0xf2, 0x7c, 0xf9, 0x98, 0x59, 0x40, 0x04, 0xa9, + 0x72, 0x5a, 0x68, 0x50, 0x15, 0x34, 0xe6, 0xee, 0x2f, 0x54, 0x33, 0x3e, 0x22, 0xe2, 0xe4, 0xd4, + 0x8d, 0x0f, 0xe6, 0x9c, 0x6b, 0x55, 0xc5, 0xed, 0xfc, 0xeb, 0x68, 0x6c, 0x9e, 0x81, 0xc8, 0x1e, + 0xc6, 0x7d, 0x14, 0x6f, 0x4c, 0x15, 0xeb, 0x68, 0xe9, 0x52, 0x65, 0x92, 0xf0, 0xac, 0x73, 0x18, + 0x38, 0xd0, 0xff, 0x40, 0xe1, 0x8c, 0x97, 0x6f, 0x41, 0x1d, 0x35, 0x48, 0x41, 0xdd, 0x7e, 0xf0, + 0xfd, 0x44, 0x9f, 0x92, 0x86, 0xc9, 0x2f, 0xc6, 0x72, 0x11, 0x3d, 0xd6, 0xf6, 0x52, 0x3a, 0x14, + 0x4b, 0xa0, 0x0e, 0x93, 0xf1, 0x9a, 0x6f, 0x05, 0xd7, 0x01, 0x2d, 0x40, 0xb0, 0xf8, 0x91, 0x7b, + 0x7a, 0x50, 0x29, 0xd2, 0x5b, 0x13, 0xdd, 0x27, 0x89, 0x61, 0xa6, 0xe7, 0x08, 0x6b, 0xd3, 0x2c, + 0x84, 0x06, 0x24, 0xcc, 0x70, 0x9c, 0x0c, 0x23, 0x3f, 0x36, 0x93, 0x8c, 0xca, 0x39, 0xfd, 0x64, + 0x71, 0xab, 0x38, 0x8e, 0x14, 0x4b, 0x5e, 0xd7, 0xc0, 0x80, 0x20, 0xc5, 0x24, 0xd2, 0xb6, 0xd6, + 0x98, 0x85, 0xbd, 0xda, 0x02, 0x44, 0xac, 0x51, 0x99, 0xab, 0x44, 0x5d, 0x9f, 0xad, 0x3b, 0x76, + 0x83, 0xc8, 0x47, 0x1f, 0x69, 0x59, 0xb0, 0x6f, 0xce, 0x37, 0xa0, 0x89, 0xe6, 0x64, 0x75, 0xd0, + 0x0a, 0x29, 0xc4, 0x16, 0x93, 0xb4, 0x52, 0x00, 0xff, 0xae, 0xea, 0x17, 0x8b, 0xc7, 0x46, 0x2c, + 0xa6, 0x33, 0x03, 0x85, 0x61, 0x7e, 0x7d, 0x01, 0xa8, 0x6c, 0xa2, 0x79, 0xce, 0x03, 0x71, 0xe5, + 0x3c, 0x46, 0xb0, 0x79, 0x88, 0xf7, 0x3a, 0x5b, 0x5b, 0xb4, 0xa4, 0xaf, 0xec, 0x06, 0x3a, 0x7e, + 0x92, 0x8c, 0x53, 0xa3, 0x2d, 0xf4, 0xf4, 0x4e, 0xf1, 0x67, 0xf9, 0xcc, 0x51, 0x17, 0xa7, 0x2e, + 0x0c, 0x50, 0x19, 0xc3, 0x0d, 0x68, 0xda, 0x03, 0xf3, 0x7f, 0x25, 0x51, 0xd7, 0xef, 0x8e, 0x3b, + 0x4b, 0x8d, 0x41, 0x80, 0x97, 0x75, 0x42, 0xb0, 0x20, 0x75, 0x8f, 0x95, 0x53, 0xc0, 0x48, 0x1a, + 0x35, 0x00, 0xc5, 0xed, 0x09, 0x7a, 0x42, 0x74, 0xe8, 0x49, 0x5f, 0x48, 0xf6, 0x7d, 0x4a, 0xcf, + 0x4c, 0xa3, 0x6d, 0xcc, 0x80, 0x32, 0x89, 0xa8, 0x58, 0x90, 0xf6, 0x11, 0x6c, 0x30, 0x48, 0x82, + 0x0b, 0xfd, 0xc3, 0x3a, 0xbf, 0x8d, 0x74, 0x5d, 0x24, 0xda, 0xd9, 0x82, 0xd5, 0x03, 0x3d, 0x97, + 0x6c, 0x20, 0x56, 0xd0, 0xd7, 0x3c, 0x7d, 0xe7, 0xe3, 0xdf, 0x99, 0xf3, 0x56, 0x91, 0xc4, 0x52, + 0x98, 0xc1, 0xa9, 0x40, 0x47, 0x34, 0xfe, 0xfd, 0x3d, 0xde, 0x87, 0x95, 0xef, 0x5c, 0xca, 0x54, + 0x41, 0x9d, 0xf2, 0x25, 0x02, 0x0a, 0x3e, 0xf1, 0x7a, 0x4b, 0xd0, 0xd7, 0xa4, 0x39, 0x1b, 0xf8, + 0xdb, 0xcf, 0x9e, 0xe2, 0xec, 0x16, 0xff, 0x30, 0x41, 0x79, 0x96, 0xbd, 0xb2, 0xb3, 0x38, 0xbd, + 0x29, 0x3a, 0x57, 0xbb, 0xfd, 0xbc, 0x9c, 0x72, 0x6c, 0x10, 0x95, 0x09, 0x42, 0xde, 0x7a, 0x2f, + 0x2a, 0xc2, 0xe2, 0x6e, 0xe9, 0xc2, 0x81, 0x63, 0x11, 0x79, 0x40, 0xea, 0x71, 0xd0, 0x74, 0x2e, + 0xfc, 0xc9, 0x42, 0x7f, 0x35, 0xe1, 0x98, 0x40, 0xb7, 0xdd, 0xbf, 0xde, 0x13, 0x4e, 0x40, 0x7d, + 0x59, 0x0e, 0x26, 0xf9, 0xae, 0x55, 0xca, 0x37, 0x81, 0xa4, 0xeb, 0x25, 0xff, 0x28, 0xd1, 0x8d, + 0x8c, 0xbd, 0xd0, 0x42, 0x6d, 0x1d, 0x9b, 0x5d, 0x81, 0xa2, 0xa2, 0x4a, 0x14, 0xb6, 0x33, 0x1f, + 0xb3, 0x50, 0x25, 0x4b, 0x7e, 0x04, 0x9c, 0xa5, 0xe5, 0x89, 0x41, 0x85, 0x2b, 0xdf, 0x94, 0x37, + 0x9d, 0x37, 0x14, 0xc6, 0xda, 0x9e, 0xa7, 0x04, 0xb2, 0xac, 0x4d, 0x06, 0x8e, 0xa3, 0x2b, 0x09, + 0x84, 0x5a, 0x2c, 0x17, 0x43, 0xde, 0x09, 0x11, 0xb4, 0xe6, 0xa4, 0x4d, 0xce, 0x0a, 0x08, 0x3c, + 0xad, 0x5e, 0xd9, 0x54, 0x72, 0x19, 0x7e, 0xe9, 0xf2, 0x10, 0x66, 0x59, 0x18, 0x38, 0xc4, 0x56, + 0xf6, 0xbf, 0xbb, 0xc8, 0x89, 0xd8, 0x72, 0x1e, 0x06, 0xb2, 0x55, 0x21, 0xa9, 0xb2, 0x70, 0x8c, + 0x09, 0x30, 0xc4, 0x1c, 0x10, 0x89, 0xcd, 0x72, 0xce, 0x0c, 0x33, 0xcc, 0x44, 0x6c, 0x53, 0x0d, + 0xc1, 0x9f, 0x8a, 0xc3, 0x54, 0xdb, 0xc0, 0x86, 0x7c, 0x78, 0x4f, 0x1e, 0xfd, 0x06, 0x57, 0x77, + 0xd5, 0xd5, 0x35, 0xa8, 0x90, 0xb9, 0x2b, 0x2b, 0xd8, 0x34, 0xc7, 0xcc, 0xe9, 0x6b, 0x72, 0x08, + 0xba, 0x09, 0x62, 0x7b, 0xe7, 0x7c, 0x4e, 0xa8, 0xd3, 0x4b, 0xa5, 0x5f, 0xfe, 0xdf, 0xe3, 0xfc, + 0xef, 0xdb, 0xaa, 0xfa, 0x1f, 0x71, 0xc7, 0x67, 0xec, 0x9a, 0x57, 0x01, 0x7d, 0xbd, 0xb7, 0x94, + 0x72, 0x3a, 0x21, 0xb5, 0xa9, 0x87, 0x72, 0xee, 0xad, 0x19, 0x85, 0xc4, 0xda, 0x61, 0x7b, 0x19, + 0x93, 0x20, 0xa6, 0x9e, 0xdf, 0xae, 0x6d, 0xfa, 0x80, 0xb4, 0x62, 0xe7, 0xd6, 0x85, 0x79, 0x60, + 0x73, 0x00, 0xa5, 0xe7, 0x98, 0x91, 0x0c, 0xa3, 0xda, 0x83, 0xd8, 0x1d, 0x31, 0xa6, 0x66, 0xb1, + 0xe5, 0x9f, 0x84, 0x24, 0x2b, 0x98, 0xd9, 0xc3, 0x5f, 0xf1, 0xe1, 0x1a, 0x2b, 0x64, 0xd4, 0x05, + 0x20, 0x5c, 0x00, 0x79, 0xfd, 0x60, 0x8c, 0x9e, 0xe8, 0xb4, 0x8c, 0xd7, 0xf8, 0xd9, 0xf2, 0x5e, + 0xb1, 0x61, 0x1b, 0xd7, 0x70, 0xa0, 0xdd, 0x2a, 0x8e, 0x99, 0x6c, 0xd0, 0x75, 0x9b, 0xc3, 0xde, + 0x52, 0x40, 0x10, 0x61, 0xb4, 0x00, 0xc8, 0x5c, 0x7f, 0x9b, 0x88, 0x98, 0xe2, 0x57, 0x01, 0x38, + 0x32, 0x08, 0xa3, 0x5c, 0xbf, 0x84, 0xc4, 0xc9, 0x2c, 0xf9, 0xb3, 0x5c, 0x97, 0x77, 0xc8, 0x66, + 0x61, 0x5a, 0x59, 0x46, 0xf3, 0x86, 0x8f, 0x37, 0x90, 0xa8, 0x4c, 0x08, 0xd8, 0x77, 0x0b, 0xcb, + 0xab, 0x6b, 0xa5, 0xd3, 0x65, 0xaf, 0x21, 0x14, 0x54, 0x8b, 0x65, 0x07, 0x26, 0xe9, 0x76, 0x2c, + 0xda, 0x34, 0x46, 0x38, 0x8d, 0x40, 0x2f, 0x97, 0x4b, 0x9f, 0xd3, 0xe8, 0xa9, 0x22, 0xa2, 0xe8, + 0x53, 0xc6, 0x40, 0xa4, 0x4d, 0x08, 0x7d, 0x8e, 0xdb, 0x9d, 0x17, 0xa8, 0x85, 0x4b, 0x39, 0xf3, + 0x03, 0x31, 0xd6, 0x1a, 0x0d, 0xeb, 0xcc, 0x8e, 0x2b, 0x7d, 0xf1, 0x68, 0x31, 0xa9, 0x6d, 0x04, + 0x04, 0x1b, 0x10, 0x31, 0xe0, 0xbf, 0x0e, 0xb4, 0x3c, 0x48, 0xa5, 0x69, 0xb6, 0x2e, 0x80, 0x01, + 0x20, 0xca, 0x02, 0x17, 0x10, 0xcf, 0x47, 0x32, 0x77, 0xed, 0x07, 0xe4, 0x99, 0x28, 0x2a, 0xfb, + 0x25, 0xe1, 0x96, 0x52, 0xd2, 0x8f, 0x8e, 0xfe, 0xf8, 0xf9, 0x60, 0x5a, 0x0a, 0x49, 0xf2, 0xf9, + 0x38, 0xd6, 0x32, 0xe5, 0xfe, 0x7c, 0x9a, 0xe8, 0x75, 0x22, 0x31, 0x3f, 0xaa, 0xde, 0x60, 0xe7, + 0x85, 0x05, 0x8d, 0xbb, 0xce, 0xf6, 0x51, 0x27, 0xfb, 0x72, 0x4e, 0x79, 0xe6, 0xe9, 0x66, 0x4a, + 0x1e, 0xa7, 0x40, 0x90, 0xe4, 0xb0, 0x77, 0x8d, 0x64, 0x37, 0xd2, 0xc6, 0xbc, 0xf4, 0xd5, 0xad, + 0x22, 0x01, 0xe5, 0x2d, 0x3a, 0xa1, 0x54, 0x79, 0x4c, 0xe0, 0xd9, 0x7a, 0x81, 0xac, 0x7b, 0x5d, + 0x3c, 0x44, 0xe0, 0x3e, 0xf6, 0xc9, 0xd5, 0x41, 0xfb, 0xd8, 0x38, 0xdd, 0x32, 0x38, 0xbc, 0x8f, + 0x60, 0x5f, 0x41, 0xce, 0x1c, 0xbd, 0x06, 0xc8, 0xf2, 0xd9, 0xb1, 0x3f, 0xaf, 0xed, 0x48, 0x1d, + 0x43, 0x79, 0x0b, 0x42, 0xd5, 0xb0, 0x9e, 0x6c, 0xd7, 0x8f, 0x93, 0x5b, 0x55, 0x8b, 0xa1, 0x8f, + 0x2a, 0xdf, 0xf2, 0x23, 0x71, 0xd0, 0x21, 0x9c, 0x1c, 0xa3, 0x70, 0xcb, 0xbb, 0xa5, 0x50, 0xc1, + 0x5c, 0xaa, 0xd4, 0x06, 0x75, 0xc3, 0x5a, 0x80, 0xf9, 0x9f, 0x13, 0xad, 0x53, 0x70, 0x52, 0x79, + 0x74, 0x61, 0x18, 0x0c, 0x77, 0xca, 0x9e, 0xbf, 0xa8, 0xc1, 0x88, 0x63, 0xdb, 0x05, 0xb1, 0xf5, + 0xeb, 0xf7, 0x34, 0x55, 0x9e, 0x93, 0xc9, 0xea, 0xa3, 0x59, 0x47, 0xb5, 0xff, 0x1c, 0x5b, 0x77, + 0xc2, 0xf0, 0x9d, 0x95, 0xe6, 0xeb, 0x7d, 0xd4, 0xf5, 0x81, 0x57, 0xf7, 0xee, 0xae, 0x7c, 0x22, + 0xcf, 0xf0, 0x06, 0x2f, 0x31, 0xc0, 0xcd, 0x89, 0x5f, 0x75, 0x64, 0x66, 0xc0, 0x3a, 0x3e, 0xb1, + 0xbb, 0xfe, 0x1f, 0xdc, 0xb8, 0xd9, 0x78, 0x2c, 0xc6, 0xc5, 0xff, 0x99, 0xcf, 0x26, 0xf5, 0x32, + 0x4d, 0x2a, 0x9a, 0x6f, 0xde, 0x6e, 0x63, 0x25, 0x20, 0xd1, 0xfb, 0x7f, 0xeb, 0x49, 0x14, 0xcb, + 0x07, 0x7a, 0x20, 0x6e, 0xfa, 0xa8, 0x95, 0x7a, 0x5e, 0xaa, 0xe5, 0xb0, 0x85, 0xbc, 0xdc, 0x26, + 0xc1, 0x5b, 0xeb, 0x06, 0xd9, 0x27, 0x15, 0xc0, 0xd6, 0x38, 0x88, 0x49, 0xcd, 0x7d, 0xfe, 0xcc, + 0xbf, 0x37, 0xd9, 0x89, 0x6b, 0x77, 0xce, 0xc4, 0xfa, 0x26, 0x5a, 0xcb, 0xf3, 0x54, 0xa1, 0x63, + 0xff, 0x04, 0xdb, 0xc8, 0x3b, 0x0b, 0x5b, 0xf8, 0xd3, 0x6a, 0x09, 0xed, 0xe6, 0x79, 0x78, 0xc6, + 0xee, 0xfd, 0xe4, 0xa8, 0x36, 0x9c, 0xaa, 0xed, 0xd8, 0xb1, 0x06, 0x3c, 0x56, 0xdf, 0x1b, 0x1b, + 0x2c, 0x32, 0x19, 0xfb, 0x18, 0xac, 0x9c, 0x41, 0xfc, 0x93, 0x85, 0xad, 0x52, 0xd6, 0x4d, 0x95, + 0xe7, 0x37, 0xa5, 0x8a, 0xcc, 0x08, 0xf3, 0xdb, 0xf3, 0xb2, 0x60, 0x88, 0x2d, 0x47, 0x49, 0xfe, + 0x12, 0x94, 0xfa, 0xcb, 0x01, 0x2a, 0xc3, 0x67, 0xc4, 0xa2, 0x67, 0x7d, 0x0c, 0x16, 0x92, 0x34, + 0x5f, 0xc0, 0xa1, 0xdc, 0xd3, 0x3c, 0xf2, 0x91, 0x77, 0xcd, 0x88, 0x31, 0xe4, 0x6e, 0xda, 0xdb, + 0x47, 0x19, 0x57, 0x0e, 0xa3, 0xaf, 0xee, 0x20, 0xb6, 0xbf, 0xa6, 0xc5, 0x90, 0x0c, 0x31, 0xbb, + 0x73, 0x72, 0x7e, 0x2c, 0xe3, 0x13, 0x41, 0x3a, 0x4e, 0x97, 0x0c, 0x41, 0xb7, 0x23, 0x8d, 0x42, + 0x95, 0x8d, 0xbe, 0x65, 0x31, 0x13, 0xb9, 0xd7, 0xe9, 0x72, 0x5a, 0xa1, 0xe1, 0x82, 0xa1, 0x65, + 0xa8, 0xf0, 0x2c, 0xc7, 0x80, 0xf1, 0xd7, 0x54, 0xa5, 0x2b, 0x23, 0x8b, 0xff, 0x13, 0x41, 0xf1, + 0x9b, 0xdc, 0x81, 0xfd, 0x23, 0x4c, 0x20, 0x6c, 0x28, 0x1b, 0x38, 0x69, 0x5a, 0xc9, 0x34, 0x79, + 0xf9, 0x38, 0xbc, 0xac, 0x8f, 0x3d, 0xc1, 0x54, 0xf8, 0xb1, 0x4b, 0x1a, 0xc2, 0xcf, 0x08, 0x73, + 0xd6, 0x34, 0x9c, 0x9b, 0x6d, 0x75, 0x3f, 0xf5, 0x10, 0xa4, 0xbe, 0x75, 0xa8, 0x98, 0xf7, 0x71, + 0xcd, 0x08, 0xaf, 0xc0, 0x59, 0x72, 0x1a, 0x7a, 0xc4, 0x73, 0x89, 0xfc, 0xb1, 0x68, 0x3f, 0x2a, + 0x90, 0x4b, 0x0e, 0xca, 0xfc, 0x3a, 0x02, 0x23, 0xf6, 0x32, 0x70, 0x23, 0xce, 0x40, 0x8b, 0x12, + 0x8c, 0xca, 0xe8, 0xcc, 0x1c, 0x62, 0xc0, 0xae, 0x35, 0x47, 0xfb, 0x66, 0x84, 0x31, 0x03, 0xc5, + 0x1b, 0xa5, 0xed, 0x69, 0xe9, 0x6b, 0x71, 0x17, 0xf6, 0x55, 0x13, 0xd4, 0xd8, 0xd9, 0xa1, 0xd9, + 0x23, 0x56, 0x03, 0x07, 0x8b, 0x34, 0x26, 0x54, 0x3b, 0x11, 0x6e, 0x17, 0x9b, 0x60, 0xbe, 0xcf, + 0x80, 0x5f, 0x73, 0xb8, 0xb6, 0xdd, 0x8d, 0x70, 0x39, 0x31, 0x42, 0xc6, 0x1a, 0x61, 0xc7, 0xec, + 0x00, 0x07, 0x24, 0x2f, 0x32, 0x36, 0x3d, 0x4a, 0x4c, 0x50, 0x55, 0x7e, 0x91, 0xa7, 0xb2, 0xbb, + 0xc2, 0xd5, 0xe2, 0xf4, 0xfc, 0x02, 0x09, 0x10, 0x1f, 0x31, 0x38, 0x47, 0x55, 0x7d, 0x84, 0x96, + 0xaa, 0xb4, 0xb7, 0xbb, 0xbd, 0xc8, 0xd2, 0xd5, 0xd9, 0xe4, 0x0e, 0x1d, 0x21, 0x2e, 0x43, 0x4b, + 0x5f, 0x7f, 0x84, 0x8e, 0x94, 0x9b, 0xa7, 0xd4, 0xe6, 0xed, 0xf1, 0xf6, 0xf7, 0x12, 0x15, 0x19, + 0x32, 0x37, 0x5d, 0x5f, 0x61, 0x79, 0x8b, 0x94, 0x9d, 0x9f, 0xbd, 0xca, 0xcc, 0x00, 0x00, 0x00, + 0x15, 0x2a, 0x3d, 0x4d }; +#elif MLD_CONFIG_PARAMETER_SET == 65 +const uint8_t public_key[] = { + 0x02, 0x58, 0x29, 0x4f, 0x7c, 0xda, 0xfa, 0x62, 0x55, 0x37, 0x6d, 0x69, 0x21, 0x36, 0x96, 0xe1, + 0xf7, 0xdf, 0x41, 0x79, 0x1b, 0x98, 0x15, 0x33, 0xa7, 0x8c, 0x64, 0xbe, 0x9b, 0x49, 0x44, 0x11, + 0xd9, 0x91, 0x87, 0xe9, 0xb7, 0x19, 0x46, 0x61, 0xc9, 0xb2, 0x75, 0x9d, 0x6a, 0xf4, 0x19, 0xe2, + 0xa3, 0x2c, 0x4a, 0x7c, 0xa3, 0x28, 0x46, 0xdf, 0x99, 0xbb, 0x07, 0xfa, 0x95, 0x45, 0xe8, 0x86, + 0x87, 0x41, 0xbb, 0x3a, 0x1b, 0x45, 0x0c, 0xbc, 0xa6, 0x9a, 0xd5, 0x66, 0x1b, 0xcb, 0x72, 0xc5, + 0x8c, 0xe3, 0x6e, 0x58, 0xeb, 0xba, 0xfe, 0x69, 0x76, 0xc2, 0x16, 0x90, 0x75, 0xfc, 0x82, 0x10, + 0xe2, 0xab, 0xda, 0x80, 0x2b, 0xdc, 0xf8, 0xae, 0x63, 0xe0, 0x91, 0x09, 0xa7, 0xb0, 0x1f, 0xbc, + 0x87, 0x16, 0xe9, 0xe3, 0x55, 0x06, 0x85, 0x62, 0xbc, 0xcc, 0x00, 0xd5, 0x78, 0xf1, 0x4d, 0x84, + 0x0a, 0xe1, 0xab, 0xd4, 0xf0, 0x27, 0x93, 0x22, 0x97, 0xc8, 0xae, 0x20, 0xde, 0x2f, 0x15, 0x4c, + 0xed, 0x70, 0x93, 0xc8, 0x1e, 0xdc, 0x5b, 0xba, 0xd9, 0xbc, 0x12, 0x5a, 0xdd, 0x4c, 0xac, 0x63, + 0x42, 0x38, 0x5e, 0x7d, 0x7c, 0x21, 0xd5, 0xd6, 0xa9, 0xe8, 0x91, 0xa7, 0x92, 0x54, 0x55, 0x39, + 0x5a, 0x5f, 0x37, 0x0c, 0x0f, 0xa2, 0x5b, 0x06, 0x4d, 0xb9, 0x86, 0xcd, 0x20, 0xf6, 0xc7, 0x64, + 0x98, 0x5a, 0xca, 0xcd, 0x60, 0x21, 0x4a, 0xcd, 0x3d, 0x02, 0x7a, 0xe3, 0xf4, 0xeb, 0x7a, 0x6a, + 0x41, 0x38, 0x65, 0x76, 0xb0, 0xd3, 0x46, 0xd6, 0x94, 0x22, 0xe9, 0x40, 0x17, 0x3a, 0x34, 0xe4, + 0x81, 0xcf, 0xd3, 0xfc, 0xc9, 0x4a, 0x6d, 0x1a, 0xee, 0x74, 0xc0, 0x4e, 0xf2, 0x33, 0x2a, 0x2f, + 0xde, 0xb6, 0x0f, 0x7b, 0x01, 0xc7, 0x48, 0xf6, 0x35, 0x72, 0x75, 0x06, 0xc3, 0xac, 0x65, 0x96, + 0x1d, 0xee, 0x4d, 0xbf, 0x6a, 0x43, 0xa2, 0xfd, 0xd2, 0x78, 0x43, 0x1c, 0xbe, 0xed, 0xe3, 0xea, + 0x81, 0xd5, 0x2b, 0x6d, 0x54, 0x7c, 0xce, 0x82, 0xa4, 0xf6, 0xdb, 0x76, 0x2e, 0xd2, 0xb7, 0x19, + 0xdb, 0xe6, 0x20, 0x82, 0x3b, 0x37, 0x09, 0x64, 0xa9, 0xb7, 0x22, 0x94, 0x7d, 0x21, 0x50, 0xd4, + 0xfe, 0x4d, 0x55, 0x0b, 0x96, 0x65, 0xd4, 0x57, 0x90, 0x3f, 0xa3, 0xfc, 0x24, 0x38, 0xb3, 0x1b, + 0x9d, 0xbd, 0x7a, 0xaf, 0x01, 0xdb, 0xf2, 0xdf, 0xbf, 0xaf, 0x15, 0x78, 0x20, 0x8a, 0xb8, 0xf1, + 0x3e, 0x00, 0xdf, 0xe3, 0x2a, 0x9f, 0x6c, 0xf8, 0xfd, 0xe2, 0x91, 0xc0, 0xdf, 0x68, 0xb4, 0x6f, + 0xf8, 0x44, 0x80, 0x9b, 0x9e, 0xbd, 0xd8, 0xff, 0x72, 0x00, 0x74, 0x49, 0x92, 0xfc, 0x16, 0x5b, + 0x6d, 0x1a, 0x05, 0x83, 0x2d, 0x4e, 0xa1, 0x5c, 0xa8, 0x27, 0x99, 0xff, 0x99, 0xa4, 0x46, 0x19, + 0xb1, 0x9b, 0xb7, 0x85, 0xb5, 0x49, 0x4f, 0x25, 0x40, 0x16, 0xcb, 0xe9, 0x13, 0x09, 0xf3, 0xad, + 0x59, 0xda, 0xe4, 0x8f, 0x74, 0xcb, 0xda, 0x9a, 0xd7, 0x63, 0xc3, 0x80, 0x78, 0x88, 0xfa, 0x41, + 0x72, 0x37, 0x9c, 0x40, 0x33, 0xb2, 0x82, 0xfd, 0xf2, 0xac, 0x55, 0x5a, 0xaa, 0xb6, 0x72, 0xa2, + 0xee, 0xfd, 0x57, 0x92, 0xb0, 0xaf, 0x9c, 0x2c, 0xcc, 0xfe, 0x65, 0x63, 0x5c, 0x10, 0x0a, 0x1e, + 0xc1, 0xf5, 0x55, 0xca, 0x28, 0x63, 0x19, 0x38, 0xd7, 0x3c, 0x39, 0x1b, 0xaa, 0x2b, 0x73, 0x52, + 0x6a, 0xaf, 0xdf, 0x3f, 0x87, 0xcf, 0x2a, 0x04, 0xce, 0x0c, 0x5b, 0xdc, 0x2f, 0xf4, 0xa3, 0x73, + 0x52, 0x90, 0x18, 0x7f, 0x92, 0x17, 0x0f, 0x94, 0xa6, 0x0d, 0x1f, 0x55, 0xc0, 0xda, 0x4c, 0x4a, + 0xc6, 0xfb, 0x78, 0x1f, 0x24, 0x28, 0xdf, 0x41, 0x7c, 0x03, 0xba, 0x84, 0x32, 0x76, 0x63, 0xbd, + 0x74, 0x67, 0x0c, 0x4c, 0x5f, 0x7d, 0x55, 0xc1, 0x48, 0x3c, 0x0a, 0x4c, 0x6d, 0xf5, 0x84, 0xab, + 0x30, 0x9d, 0xa3, 0x25, 0xe3, 0x0a, 0xa0, 0x91, 0x27, 0x00, 0xcc, 0xcd, 0x3e, 0xbe, 0xcb, 0x0c, + 0x01, 0xe4, 0x77, 0x22, 0x22, 0xc8, 0x93, 0x87, 0x62, 0xb0, 0x33, 0x39, 0xbf, 0xc2, 0x4c, 0x85, + 0x6c, 0xd7, 0x98, 0x96, 0x58, 0x85, 0x25, 0xfd, 0x2f, 0x02, 0x72, 0x04, 0xe4, 0xe2, 0x4c, 0x5f, + 0x51, 0x46, 0xeb, 0x7f, 0x3b, 0xba, 0x0e, 0xd8, 0xb6, 0xb3, 0x7b, 0xc7, 0xc3, 0x1f, 0x5e, 0xac, + 0x53, 0xe7, 0x52, 0x98, 0x13, 0x86, 0x07, 0x1a, 0x9d, 0x73, 0x49, 0x7a, 0xf9, 0x62, 0x34, 0x2c, + 0x58, 0x80, 0x5f, 0xbd, 0x78, 0xbb, 0xe4, 0x81, 0xeb, 0xc0, 0x7a, 0xd1, 0xe2, 0xc1, 0x42, 0x55, + 0xd1, 0xe9, 0xd3, 0xa2, 0x62, 0xec, 0xd6, 0xc7, 0x73, 0x5b, 0x69, 0x1e, 0x7b, 0x15, 0x76, 0xda, + 0xf4, 0x30, 0xbf, 0xed, 0x59, 0x26, 0x18, 0xa7, 0xf6, 0x7b, 0xeb, 0xd6, 0x71, 0x22, 0xf4, 0xbc, + 0xf6, 0xde, 0xf4, 0x03, 0x7d, 0xfa, 0xbe, 0x7d, 0x1f, 0x03, 0xab, 0xb6, 0x08, 0xb6, 0x06, 0xa2, + 0xb5, 0xe2, 0x46, 0xa6, 0x96, 0x01, 0x2b, 0xc6, 0x1e, 0x9e, 0xb7, 0xf9, 0xf1, 0xb4, 0x02, 0x57, + 0xf4, 0xd9, 0x97, 0x91, 0x69, 0x21, 0x37, 0x1e, 0x65, 0xfa, 0xc6, 0x08, 0xf0, 0x7a, 0x68, 0xe8, + 0xb1, 0x8a, 0x0e, 0xb9, 0x1c, 0x05, 0xcc, 0x3a, 0x65, 0x52, 0xeb, 0xf4, 0xd7, 0x4e, 0xa4, 0x47, + 0x89, 0x92, 0xab, 0xc0, 0x13, 0xa0, 0xd5, 0x21, 0x71, 0xc8, 0x46, 0x2a, 0xcb, 0xd1, 0x79, 0x3e, + 0xf1, 0x9f, 0xa1, 0x29, 0x5b, 0x52, 0x79, 0x62, 0x37, 0x13, 0xc5, 0xad, 0x8e, 0xa4, 0x82, 0x5b, + 0x9d, 0x42, 0x42, 0x39, 0x53, 0x58, 0xfb, 0x9a, 0x02, 0xd6, 0x41, 0xc8, 0x30, 0x4f, 0xf2, 0x31, + 0x0b, 0xab, 0xee, 0x71, 0xe8, 0xc9, 0x6e, 0x4c, 0xd0, 0x71, 0x12, 0x6e, 0x9d, 0x23, 0x38, 0x2e, + 0x60, 0x2a, 0xca, 0xff, 0xce, 0xb4, 0xbe, 0x30, 0xc8, 0xa2, 0x73, 0x12, 0x5d, 0x5c, 0x10, 0x91, + 0x1f, 0x7a, 0xd1, 0x06, 0xfa, 0x1f, 0x78, 0xec, 0x8c, 0x69, 0x51, 0x98, 0x44, 0x22, 0xe6, 0x0c, + 0x93, 0x46, 0x7c, 0x37, 0xf1, 0xee, 0xb4, 0xe5, 0x7c, 0x31, 0x36, 0x03, 0x4a, 0xb6, 0xb4, 0xff, + 0xce, 0x8f, 0x9c, 0xb4, 0xa9, 0x32, 0x68, 0x78, 0xb5, 0xac, 0x9f, 0x60, 0x20, 0x1c, 0xab, 0x89, + 0xf7, 0xa9, 0x99, 0xdc, 0x4d, 0xa8, 0x18, 0x77, 0x6a, 0x84, 0x33, 0x4d, 0x2e, 0x8a, 0xda, 0xfd, + 0x81, 0xf5, 0x91, 0x4d, 0xd6, 0xe8, 0xcb, 0x11, 0x92, 0x59, 0x30, 0xf0, 0x86, 0x6f, 0xd9, 0xdc, + 0x80, 0x92, 0x2f, 0x69, 0xfe, 0xd6, 0x36, 0xc0, 0x13, 0x0c, 0xf0, 0x8b, 0x9c, 0x1c, 0xc6, 0x4d, + 0xe4, 0x0c, 0x34, 0xac, 0x48, 0x8f, 0x50, 0xc7, 0x72, 0xdb, 0x6c, 0x09, 0xae, 0xd8, 0xd1, 0xdd, + 0x4c, 0x9b, 0xeb, 0x08, 0x3c, 0xf7, 0x4f, 0x25, 0x4b, 0xe2, 0x62, 0xd1, 0x9c, 0xcf, 0x65, 0x8e, + 0x46, 0x4a, 0xd7, 0x15, 0xe4, 0xfe, 0x1f, 0x8e, 0x74, 0x9d, 0x79, 0x97, 0x92, 0x56, 0x44, 0x77, + 0x1d, 0x85, 0x2c, 0x78, 0xc7, 0xd9, 0x83, 0xd6, 0x8f, 0x03, 0xe8, 0xcd, 0x25, 0x0d, 0xd1, 0xd4, + 0x63, 0xe8, 0xa3, 0x3a, 0xeb, 0x8b, 0x0e, 0xb0, 0x52, 0x7f, 0x64, 0xc2, 0xe1, 0xfd, 0x3c, 0x71, + 0x45, 0x6b, 0xa3, 0x19, 0x4d, 0xd3, 0x47, 0x7f, 0x9c, 0x09, 0x5a, 0x71, 0xe8, 0xf9, 0x74, 0x7b, + 0x6d, 0x8b, 0x11, 0x37, 0x6d, 0xaa, 0xa7, 0x8f, 0x0b, 0xca, 0x4b, 0xb1, 0xaa, 0xed, 0x56, 0x2a, + 0x30, 0xf0, 0xe3, 0xc8, 0xff, 0x41, 0x4e, 0x72, 0x7f, 0x11, 0x14, 0xf7, 0x5d, 0xa1, 0xec, 0xc6, + 0x95, 0x60, 0x4a, 0xcf, 0xd2, 0x2b, 0xb7, 0xa9, 0x46, 0xff, 0x78, 0x91, 0xf9, 0xa5, 0xf4, 0x53, + 0x1b, 0x7e, 0xb9, 0xeb, 0x80, 0x58, 0x03, 0x25, 0xe8, 0xa1, 0xb2, 0x68, 0x47, 0xc3, 0xcb, 0xb8, + 0xcc, 0xf1, 0x9b, 0x48, 0x46, 0x4f, 0xa4, 0x80, 0xef, 0x56, 0x6b, 0x25, 0xef, 0x2b, 0x5e, 0x15, + 0xc1, 0xcb, 0xc3, 0xb0, 0x30, 0xcf, 0x43, 0x39, 0xcc, 0x33, 0xfa, 0xb7, 0xba, 0xea, 0x2e, 0xd9, + 0xae, 0x73, 0x4a, 0x7b, 0x12, 0x6b, 0x68, 0xf7, 0x2a, 0x6c, 0xe9, 0xb9, 0xd8, 0xb7, 0xb9, 0x0f, + 0x75, 0xb7, 0xd4, 0x9e, 0x29, 0xcf, 0x2a, 0x10, 0x84, 0xff, 0x70, 0x62, 0x34, 0xeb, 0xca, 0x11, + 0x3b, 0x49, 0x55, 0xfc, 0x55, 0xa6, 0x18, 0x7c, 0xcf, 0x06, 0x71, 0x3a, 0xe4, 0x41, 0x9f, 0xf7, + 0x5f, 0xb9, 0x6e, 0x05, 0x62, 0x6b, 0x14, 0xa8, 0x9b, 0xb5, 0x9f, 0xf0, 0x1b, 0xa9, 0x8c, 0x1c, + 0x3d, 0x76, 0x51, 0x68, 0xa9, 0x7a, 0x96, 0xb7, 0x96, 0x2b, 0xdb, 0x16, 0x07, 0xb1, 0xff, 0x03, + 0x11, 0x48, 0x1e, 0xc3, 0xc6, 0x24, 0x58, 0x2a, 0xbc, 0x29, 0xfa, 0x1b, 0x2a, 0xed, 0x96, 0x74, + 0x84, 0x9b, 0x7c, 0x47, 0x0e, 0xec, 0x18, 0x2c, 0xfe, 0xeb, 0xa6, 0xf0, 0xb0, 0x58, 0x28, 0x09, + 0x75, 0xf1, 0xef, 0x51, 0xa8, 0x51, 0x19, 0x42, 0xea, 0x98, 0xf7, 0xef, 0x92, 0x5b, 0xda, 0x61, + 0xfe, 0x95, 0xe9, 0x67, 0x6e, 0xb7, 0xbc, 0x3b, 0xdd, 0xda, 0x43, 0xae, 0x2b, 0xaa, 0xf1, 0x7e, + 0x3a, 0x6f, 0xa2, 0x2e, 0xb2, 0x8b, 0xbe, 0xb9, 0xd9, 0xb0, 0x05, 0xd3, 0x06, 0xd2, 0xd0, 0x5e, + 0xd6, 0xd3, 0x03, 0xae, 0xe6, 0x2e, 0xff, 0x69, 0xda, 0xe4, 0x33, 0x95, 0xf7, 0x3c, 0x5c, 0xe9, + 0x91, 0x87, 0x2a, 0xf5, 0xeb, 0x98, 0x36, 0xd7, 0x76, 0x4f, 0xdc, 0xd7, 0xc3, 0x86, 0xe8, 0xcc, + 0x86, 0x66, 0x4a, 0x2c, 0x90, 0xec, 0x8a, 0x8e, 0xda, 0xf0, 0x5f, 0x85, 0xc4, 0x20, 0x86, 0x4c, + 0x77, 0x93, 0xa8, 0x0d, 0x6e, 0xcd, 0xab, 0x6c, 0xc2, 0x85, 0x11, 0x4b, 0xe4, 0x9a, 0xbd, 0xda, + 0x45, 0x37, 0x9e, 0x82, 0xf0, 0xe9, 0x86, 0x25, 0x83, 0xc7, 0x55, 0xbe, 0x6d, 0x98, 0x8d, 0x1e, + 0xa1, 0xa9, 0x48, 0x03, 0x67, 0xe1, 0xb7, 0xa3, 0x45, 0xe6, 0xa6, 0x56, 0x09, 0x38, 0x44, 0x4c, + 0x1c, 0xb2, 0x7f, 0x80, 0xad, 0xbe, 0xd2, 0x96, 0xe6, 0x9c, 0xcf, 0xe9, 0x5b, 0x65, 0x1e, 0x78, + 0x23, 0xd7, 0x5a, 0x7f, 0x47, 0xe0, 0xf3, 0x68, 0x03, 0x0f, 0x03, 0x79, 0x6a, 0x1d, 0xa7, 0xce, + 0x87, 0x4b, 0xf7, 0x59, 0x36, 0x44, 0x71, 0x9b, 0x91, 0x29, 0x56, 0x39, 0x0f, 0xbc, 0x56, 0x05, + 0x87, 0x8a, 0x40, 0xbe, 0x52, 0x7d, 0x41, 0xb2, 0xb7, 0x45, 0x7c, 0xe6, 0xb3, 0x3f, 0x6c, 0x06, + 0x78, 0xad, 0x81, 0x0d, 0x24, 0x03, 0x53, 0x3f, 0x45, 0xdd, 0x88, 0x41, 0x75, 0x14, 0x80, 0xc1, + 0x4a, 0x68, 0x2e, 0xff, 0x86, 0xa8, 0x3c, 0x1d, 0x59, 0x35, 0xad, 0x34, 0xd6, 0x3a, 0xe8, 0x5e, + 0xa4, 0x96, 0x28, 0xcd, 0x19, 0x94, 0x3b, 0x25, 0x01, 0x83, 0xb2, 0x56, 0x67, 0x78, 0x45, 0xba, + 0x88, 0xa7, 0x02, 0xb0, 0xf1, 0xb2, 0x0c, 0x67, 0xfe, 0xfb, 0x00, 0xf5, 0x61, 0x2a, 0xe6, 0xad, + 0xef, 0x9e, 0x9f, 0xe5, 0x17, 0xe2, 0xa8, 0xc3, 0x01, 0xad, 0x10, 0xa3, 0xd7, 0x32, 0xd9, 0x0a, + 0x17, 0xfb, 0xfa, 0x48, 0x7c, 0x95, 0x2e, 0xce, 0x12, 0xbe, 0x05, 0x7a, 0xe6, 0x15, 0xc0, 0x30, + 0x17, 0x01, 0xf4, 0x16, 0x84, 0x17, 0x69, 0x3c, 0x7b, 0xfe, 0xca, 0x47, 0x13, 0xe2, 0xbe, 0xf3, + 0x32, 0x76, 0x7b, 0x8d, 0xc3, 0xbc, 0x26, 0xb7, 0xfe, 0xe5, 0x2a, 0xe4, 0xeb, 0xc7, 0x62, 0x21, + 0xdb, 0xac, 0x9e, 0x6a, 0xc5, 0x43, 0x60, 0x35, 0xf5, 0x4f, 0xeb, 0x1d, 0x99, 0x43, 0xb0, 0x00, + 0x1f, 0x90, 0x6c, 0x29, 0xcf, 0xb6, 0x24, 0xb1, 0x97, 0xc0, 0x43, 0x0a, 0x76, 0x08, 0x31, 0x14, + 0x3e, 0xe8, 0xfa, 0x73, 0xe2, 0x75, 0x2e, 0x10, 0xa6, 0x8e, 0xb3, 0xb8, 0x86, 0xa2, 0xca, 0xbc, + 0xc8, 0x79, 0x75, 0x3e, 0x86, 0xde, 0x03, 0xa3, 0x42, 0xde, 0x92, 0xf0, 0x06, 0xec, 0x8e, 0xcf, + 0x8c, 0x21, 0x90, 0x4e, 0x7c, 0xa8, 0x51, 0xeb, 0x45, 0x5f, 0x64, 0x71, 0xf0, 0x85, 0xad, 0x86, + 0xff, 0xf6, 0xa5, 0xdb, 0x5a, 0xbe, 0x31, 0x04, 0xe2, 0x81, 0xc1, 0x58, 0x07, 0x1c, 0x57, 0x19, + 0xc7, 0x0a, 0xff, 0x54, 0x6c, 0x2a, 0x90, 0xf7, 0x49, 0x30, 0x07, 0xbc, 0x9b, 0xe0, 0x1b, 0xf4, + 0x2f, 0xee, 0x00, 0x31, 0xde, 0xce, 0xd1, 0x87, 0x70, 0xa4, 0x6b, 0x2f, 0x34, 0x95, 0x2c, 0xf7, + 0x5c, 0x42, 0xd9, 0xc4, 0x9e, 0x72, 0x9c, 0x7a, 0x40, 0x7d, 0xfc, 0x5d, 0xbb, 0x5c, 0xfa, 0x5a, + 0x19, 0x1b, 0x52, 0x50, 0xd5, 0x5f, 0x79, 0x1f, 0xc6, 0xeb, 0xc5, 0xff, 0x17, 0xc1, 0x22, 0x80, + 0xfe, 0x08, 0xb0, 0xca, 0xef, 0xd5, 0x1a, 0xa7, 0x35, 0xff, 0xdc, 0x8e, 0xa6, 0x72, 0x31, 0xae, + 0x6e, 0xe3, 0xef, 0x14, 0xca, 0x6e, 0x48, 0x62, 0x3d, 0xb9, 0x4b, 0xf2, 0xaa, 0x17, 0x08, 0xa3, + 0x0d, 0xdf, 0x13, 0xf4, 0x85, 0xc8, 0xc3, 0x2e, 0x4a, 0xf0, 0x7e, 0x9d, 0x1a, 0x43, 0xe0, 0xb9, + 0x1e, 0x7c, 0x77, 0xff, 0xd4, 0x5d, 0x69, 0x72, 0x82, 0xe8, 0x61, 0xc0, 0xc9, 0xfb, 0x45, 0x72, + 0x3d, 0xd7, 0x21, 0x00, 0x34, 0x93, 0x56, 0x06, 0xff, 0x5e, 0xdd, 0x2f, 0x66, 0x2a, 0x98, 0x91, + 0x12, 0x1c, 0x78, 0x84, 0x3c, 0xbe, 0x86, 0xd3, 0x2d, 0x94, 0xe6, 0x68, 0x74, 0xf0, 0xaf, 0xc3, + 0xe5, 0x26, 0xb0, 0x3e, 0x53, 0x10, 0xc3, 0xfd, 0x32, 0x78, 0x68, 0x56, 0xfa, 0x4a, 0xff, 0x26, + 0xf3, 0x73, 0x09, 0x3f, 0x3c, 0x1c, 0x4e, 0x73, 0x58, 0x7c, 0x60, 0xa6, 0x4c, 0x54, 0x9c, 0x30, + 0xc7, 0x44, 0xfc, 0x64, 0xdb, 0x50, 0x47, 0xdf, 0x49, 0x2e, 0x2a, 0x99, 0xb8, 0x42, 0xb1, 0xcb, + 0x07, 0xae, 0x50, 0xe9, 0x3b, 0xbc, 0xd5, 0x76, 0x63, 0x78, 0x04, 0xb0, 0x8f, 0x2d, 0xf4, 0x21, + 0x0d, 0x70, 0x2d, 0xa6, 0xdd, 0x77, 0x9d, 0xed, 0x1e, 0xae, 0x3a, 0x87, 0xe6, 0x64, 0xdf, 0x98, + 0x8f, 0x11, 0xcd, 0x33, 0x13, 0x5e, 0x9b, 0xb5, 0x68, 0xe2, 0x25, 0x12, 0xf0, 0x9c, 0x0b, 0xce, + 0x15, 0x4e, 0x9b, 0xfd, 0xc1, 0xd9, 0xdc, 0xf2, 0x04, 0xa8, 0xdc, 0xd9, 0xca, 0x15, 0xe0, 0x0c, + 0xe8, 0x04, 0x0d, 0x69, 0xeb, 0x99, 0x25, 0x2d, 0x5a, 0x85, 0xcf, 0x09, 0x1b, 0xae, 0x49, 0xaf, + 0x0a, 0x4f, 0xac, 0x95, 0xae, 0x7d, 0x29, 0xde, 0xcc, 0xa5, 0x38, 0x56, 0x7d, 0xcd, 0x58, 0x7d, + 0xb8, 0xf4, 0x34, 0xf1, 0x77, 0x70, 0x1f, 0xe8, 0xae, 0x19, 0xa1, 0xa9, 0x6d, 0x9d, 0x4b, 0x65}; +const uint8_t expected_signature[] = { + 0x10, 0xac, 0x6a, 0x14, 0xad, 0x16, 0xc3, 0x75, 0x25, 0x82, 0x68, 0x89, 0xa2, 0xa6, 0x86, 0xc1, + 0x32, 0x9f, 0xfc, 0xe8, 0xae, 0x75, 0x7d, 0x4e, 0x0a, 0xee, 0xdd, 0x00, 0x0c, 0xb7, 0x58, 0x25, + 0x6f, 0x46, 0xde, 0xa4, 0xdc, 0x9f, 0x2f, 0x47, 0xe5, 0x24, 0x18, 0xd5, 0xa1, 0x88, 0x91, 0x3b, + 0x2a, 0xd3, 0x30, 0x64, 0xf3, 0x09, 0xc3, 0x66, 0x30, 0xeb, 0xd3, 0x43, 0x72, 0x07, 0x99, 0x2d, + 0x2e, 0x94, 0xb9, 0x02, 0x60, 0x70, 0x8c, 0x58, 0xf9, 0x41, 0x8b, 0x84, 0xd1, 0xe6, 0xfb, 0x31, + 0x59, 0x98, 0xb0, 0x29, 0xb0, 0xff, 0xba, 0xff, 0x4c, 0x6d, 0x33, 0x62, 0x94, 0x7e, 0xc6, 0x4c, + 0xd4, 0xf0, 0x3e, 0x1f, 0xd3, 0xfc, 0xfe, 0x42, 0x53, 0xcf, 0x70, 0xe9, 0x7d, 0xb5, 0x00, 0xfb, + 0x4e, 0x3a, 0x0e, 0x6d, 0x72, 0x77, 0x05, 0x12, 0xd1, 0xdc, 0xca, 0x88, 0x42, 0x09, 0xf4, 0x52, + 0xc0, 0x1d, 0x6c, 0x90, 0x0e, 0xd6, 0x3c, 0x08, 0xf0, 0xac, 0x88, 0xf0, 0xc8, 0x17, 0x9f, 0x6a, + 0x30, 0x27, 0xde, 0x92, 0x99, 0x5e, 0x7a, 0x8c, 0xc5, 0xaa, 0x6a, 0xc6, 0x74, 0x57, 0x1c, 0x2b, + 0x3b, 0xa0, 0x9e, 0x7e, 0xe2, 0x69, 0xae, 0x72, 0xa3, 0x8d, 0x88, 0x30, 0x41, 0x3d, 0xf0, 0xed, + 0xaf, 0x6c, 0xe8, 0x08, 0xfa, 0xee, 0x79, 0xfc, 0x22, 0x86, 0x77, 0x78, 0xce, 0x1b, 0x00, 0x1b, + 0x1d, 0x3b, 0xec, 0xa7, 0x92, 0xe6, 0x16, 0x11, 0x9b, 0xcd, 0x7f, 0x28, 0x87, 0x5d, 0x36, 0xc8, + 0x81, 0xd3, 0xda, 0x41, 0x0f, 0xd7, 0x6a, 0x9c, 0x1f, 0x4b, 0xaf, 0x0e, 0xf0, 0xf6, 0xb4, 0x8a, + 0x4b, 0xb3, 0x3a, 0xfe, 0x02, 0xad, 0xd6, 0x8f, 0x6d, 0x90, 0x77, 0x8f, 0xed, 0xe9, 0xa6, 0xfa, + 0x84, 0x3e, 0x25, 0xec, 0x68, 0x38, 0x86, 0xa3, 0x9f, 0x2d, 0x6e, 0xde, 0x90, 0x05, 0xa4, 0xb3, + 0x4a, 0xc6, 0x04, 0x6e, 0xf0, 0xc8, 0x19, 0x7a, 0xdf, 0x3d, 0x6d, 0xa9, 0xef, 0xfc, 0xa1, 0x08, + 0x7f, 0xee, 0x3f, 0xd5, 0xef, 0xb3, 0xf9, 0x53, 0x26, 0x72, 0x87, 0xe7, 0x46, 0x7c, 0xc5, 0xb1, + 0x42, 0xe9, 0x2e, 0x66, 0x15, 0x01, 0x55, 0x6e, 0x90, 0x91, 0xbc, 0xc4, 0x33, 0xf7, 0x35, 0x96, + 0xc3, 0x1f, 0x85, 0x13, 0xb1, 0x79, 0x5b, 0xf0, 0x03, 0x90, 0x4a, 0xfa, 0x91, 0xfc, 0xb2, 0x7e, + 0xf3, 0xc7, 0x93, 0xcb, 0xb0, 0xe3, 0xdf, 0xae, 0x03, 0x26, 0x39, 0xeb, 0x04, 0x1d, 0xb3, 0x32, + 0xa5, 0x6d, 0xe8, 0xcd, 0xa9, 0xdc, 0xb0, 0x55, 0xc7, 0xf8, 0xaa, 0x17, 0xe4, 0x63, 0x88, 0x4f, + 0xa5, 0xf3, 0xad, 0x4e, 0x53, 0x1d, 0xa2, 0xa4, 0xeb, 0xca, 0x4e, 0x7b, 0x4b, 0xd8, 0xae, 0x02, + 0xed, 0x91, 0x23, 0x81, 0x85, 0x70, 0x6e, 0x85, 0x96, 0xff, 0x0d, 0x68, 0xfa, 0xe4, 0x15, 0x11, + 0xcb, 0xfe, 0xf9, 0x85, 0x16, 0x7e, 0x7e, 0x84, 0xda, 0x88, 0x39, 0x71, 0x43, 0xaf, 0x1e, 0x19, + 0x1b, 0x01, 0xb0, 0x2d, 0x1d, 0xa7, 0x1c, 0xfc, 0x97, 0xf2, 0xf1, 0xcd, 0xbe, 0xa1, 0x9d, 0xb0, + 0x18, 0xc0, 0xb9, 0x15, 0xdf, 0x62, 0x46, 0x5e, 0x3a, 0x48, 0xce, 0x8f, 0x90, 0x8c, 0x38, 0x0c, + 0xb6, 0x3b, 0x9d, 0x83, 0x00, 0xc8, 0x07, 0x15, 0x61, 0x51, 0x62, 0x58, 0xd4, 0x99, 0x40, 0xdd, + 0xc8, 0xee, 0x16, 0x4d, 0x66, 0x33, 0xc1, 0xe5, 0x91, 0x22, 0x37, 0x7e, 0x0b, 0x5b, 0x6e, 0x29, + 0x00, 0x63, 0x3e, 0x13, 0x4f, 0x43, 0x7c, 0x93, 0x5d, 0xd8, 0x22, 0xf4, 0xfa, 0x9c, 0x57, 0x3e, + 0xb4, 0x7e, 0x13, 0xcc, 0x67, 0xbf, 0xbf, 0xc1, 0xeb, 0xdc, 0x46, 0x95, 0x8f, 0x18, 0x55, 0x3a, + 0x55, 0x74, 0x90, 0xfd, 0x50, 0x96, 0xb7, 0x46, 0x54, 0x99, 0x42, 0x84, 0x03, 0x1a, 0x54, 0xe4, + 0xce, 0xd1, 0x3a, 0x56, 0x7c, 0x98, 0x4d, 0x87, 0xf1, 0x81, 0x22, 0x64, 0x87, 0x41, 0x29, 0xff, + 0x58, 0x65, 0x4a, 0xf3, 0xb1, 0x4c, 0x94, 0xb0, 0xe2, 0x27, 0x4e, 0xfe, 0x52, 0x9b, 0x01, 0xf9, + 0x44, 0xd1, 0x4b, 0xcb, 0xee, 0x56, 0x64, 0xf2, 0x72, 0x2e, 0x40, 0x94, 0xfb, 0xcd, 0xaf, 0x77, + 0x6c, 0xd0, 0x14, 0x36, 0x1d, 0x40, 0x36, 0x78, 0x1c, 0xa1, 0x09, 0x1b, 0x4a, 0x2a, 0x65, 0x98, + 0x04, 0xa6, 0x54, 0x2a, 0x46, 0xdb, 0xd2, 0x70, 0xa3, 0xc8, 0x45, 0x2a, 0x17, 0x63, 0xb8, 0x9c, + 0xd9, 0x2d, 0x6d, 0x16, 0x45, 0x09, 0x30, 0x91, 0x99, 0x2f, 0x37, 0xf5, 0x21, 0xff, 0x0d, 0x8a, + 0x72, 0xf0, 0xa4, 0xb1, 0xa2, 0x94, 0x59, 0x16, 0x28, 0x14, 0x90, 0xbd, 0xc6, 0xd9, 0x7c, 0x96, + 0x92, 0x18, 0xa1, 0xb2, 0xf1, 0xc3, 0xed, 0x7d, 0xa3, 0x26, 0x3b, 0x9b, 0x60, 0x0f, 0x45, 0xa8, + 0x5d, 0x83, 0x43, 0x56, 0x1d, 0x0e, 0xa6, 0x86, 0x4f, 0x55, 0x5e, 0x30, 0xd6, 0xc8, 0xa4, 0xde, + 0xde, 0x09, 0x05, 0xc3, 0x9e, 0x3f, 0x5f, 0x1d, 0xb3, 0x0d, 0xa7, 0x75, 0x09, 0xee, 0xc1, 0xfe, + 0xac, 0x33, 0x9f, 0xf4, 0xce, 0x75, 0x2d, 0x9a, 0x29, 0x46, 0xbe, 0xfa, 0x54, 0x2f, 0x03, 0x43, + 0x3e, 0x54, 0xbe, 0xb0, 0x28, 0xe0, 0xe7, 0x35, 0x27, 0xb5, 0xab, 0x6e, 0x17, 0x2e, 0x82, 0xa9, + 0x90, 0x09, 0xe9, 0x90, 0x40, 0xe9, 0x11, 0xf9, 0xc2, 0x40, 0xdb, 0x58, 0xfc, 0x84, 0x20, 0x33, + 0xf0, 0xc4, 0x67, 0xf4, 0xc5, 0x99, 0x6c, 0x48, 0x56, 0x62, 0x11, 0xdd, 0x05, 0xea, 0x93, 0x5f, + 0x96, 0x70, 0x9a, 0xcf, 0x23, 0xcf, 0x05, 0x9c, 0x80, 0xb5, 0xcf, 0xd0, 0x4c, 0x0b, 0x95, 0x8b, + 0x03, 0x1c, 0x6d, 0x62, 0xd0, 0x68, 0x13, 0x8c, 0xa9, 0x8e, 0x44, 0xce, 0xa3, 0x87, 0x75, 0xe0, + 0x77, 0x95, 0xcb, 0x19, 0xb1, 0x4c, 0x73, 0x67, 0x5d, 0x86, 0xcc, 0x11, 0x8e, 0xc3, 0xb4, 0x1a, + 0xdb, 0x81, 0xfb, 0x09, 0x6d, 0x78, 0xd7, 0x98, 0xb1, 0x4c, 0xd0, 0xe8, 0xc8, 0x77, 0x45, 0x93, + 0x91, 0x9e, 0x6b, 0x01, 0x0c, 0xc4, 0x7d, 0xc4, 0x7b, 0xd1, 0x27, 0x80, 0xff, 0x2a, 0x99, 0x92, + 0xbf, 0x91, 0x02, 0x24, 0x99, 0x21, 0xbd, 0xda, 0xd8, 0xd1, 0x30, 0x77, 0x81, 0x52, 0x90, 0xb2, + 0x54, 0xa7, 0xd1, 0x69, 0x12, 0x0b, 0x32, 0xfd, 0xb7, 0x3d, 0x10, 0x7d, 0x2c, 0xf4, 0xf7, 0x3f, + 0xfc, 0x76, 0x7c, 0x27, 0xe6, 0x56, 0x64, 0xe2, 0x47, 0x6b, 0x22, 0xf9, 0xbd, 0x76, 0xca, 0xc0, + 0x8a, 0xcf, 0xc6, 0x5c, 0xb8, 0x55, 0xbd, 0xac, 0xd4, 0x66, 0xd4, 0x97, 0x3c, 0x65, 0x54, 0xd0, + 0xb4, 0xf6, 0x50, 0xdb, 0x26, 0xf7, 0xe7, 0xf4, 0xc8, 0x32, 0xa9, 0x24, 0xda, 0x90, 0xc0, 0x62, + 0x50, 0x62, 0x86, 0xb8, 0xf6, 0x48, 0xea, 0x06, 0x8e, 0xfe, 0xbc, 0xfa, 0xda, 0x0b, 0x5b, 0x22, + 0x7d, 0xba, 0x78, 0x19, 0xad, 0x53, 0x76, 0xae, 0x27, 0xe0, 0xff, 0x32, 0x8a, 0x2b, 0x65, 0xf6, + 0xbe, 0xfd, 0xaa, 0x0a, 0x9a, 0xba, 0x83, 0x0c, 0x83, 0x1c, 0xe8, 0x8e, 0x0f, 0x1c, 0xd6, 0x67, + 0xf7, 0xeb, 0x2f, 0x2f, 0x10, 0xf8, 0xbf, 0xde, 0xd7, 0x5c, 0x3f, 0xd3, 0xbe, 0x79, 0xf3, 0xdd, + 0x74, 0x89, 0x68, 0xd8, 0xa4, 0xa6, 0x85, 0xd1, 0x6e, 0x37, 0x7f, 0x3e, 0x86, 0xfd, 0x1c, 0x1a, + 0x12, 0x28, 0x71, 0x9b, 0xa1, 0x7a, 0xa8, 0x02, 0xfd, 0x89, 0x2c, 0x72, 0x07, 0xd1, 0x42, 0x7c, + 0x61, 0x6f, 0xf2, 0x7f, 0x1f, 0x67, 0xca, 0x56, 0xdf, 0x42, 0x5c, 0xd0, 0xbb, 0xbc, 0xe6, 0x36, + 0x6b, 0x4a, 0xf9, 0x75, 0xa9, 0xec, 0xb6, 0x77, 0x04, 0x5b, 0x29, 0xc4, 0x37, 0xfa, 0x20, 0x7e, + 0xac, 0xa3, 0xc2, 0xb9, 0xe3, 0x8e, 0x14, 0x5a, 0x25, 0x35, 0x2a, 0x5b, 0x83, 0x6f, 0x0d, 0x46, + 0xd1, 0x78, 0x8b, 0xdf, 0x8b, 0x13, 0x79, 0x87, 0xc9, 0xa5, 0x1d, 0xea, 0xa8, 0x34, 0x4f, 0x9b, + 0x14, 0xd3, 0x06, 0x26, 0x29, 0x22, 0x39, 0x8f, 0x24, 0x12, 0x69, 0xf2, 0x00, 0x8c, 0xe1, 0x99, + 0x2e, 0xa7, 0x4e, 0xc6, 0x5a, 0x1a, 0xf3, 0x78, 0x6a, 0x16, 0x2d, 0xcc, 0x1d, 0x93, 0x59, 0x97, + 0x9d, 0x75, 0x50, 0x70, 0x89, 0x8d, 0xe2, 0x41, 0x70, 0xcc, 0xb1, 0x69, 0x15, 0xee, 0x88, 0xc6, + 0x1c, 0x7e, 0x34, 0xcd, 0xec, 0x6f, 0x5c, 0xad, 0xdd, 0x56, 0x1a, 0x62, 0xf0, 0x4e, 0x2b, 0xb0, + 0x33, 0x2f, 0x58, 0x18, 0xbc, 0x38, 0x3b, 0xf4, 0x87, 0xab, 0x5c, 0xaf, 0xdb, 0x1f, 0x3a, 0xdc, + 0xf7, 0xa1, 0xd5, 0x31, 0xc9, 0x25, 0xdf, 0x98, 0xc9, 0x3b, 0x91, 0x4c, 0xcb, 0x22, 0xd3, 0xc7, + 0xe9, 0x7a, 0x1f, 0x24, 0x1a, 0x52, 0x56, 0x53, 0x0e, 0xf7, 0x84, 0xbd, 0x29, 0x40, 0x45, 0x4e, + 0x20, 0x4a, 0xf9, 0x92, 0xbe, 0x33, 0x30, 0xd8, 0xfb, 0x08, 0x74, 0xbc, 0xa1, 0xf1, 0x1e, 0x03, + 0xc4, 0x4a, 0xef, 0x1b, 0xad, 0x5a, 0x38, 0x2f, 0xf7, 0xa6, 0x79, 0x71, 0x32, 0x7d, 0x1e, 0xc1, + 0x9c, 0xab, 0x99, 0x48, 0xea, 0x02, 0x82, 0x6a, 0x64, 0x34, 0x04, 0xce, 0x3a, 0x10, 0xf7, 0x6a, + 0xdd, 0x23, 0x06, 0x0c, 0xd4, 0xf9, 0x8c, 0x03, 0x4c, 0x92, 0xd1, 0x35, 0x64, 0x72, 0x02, 0x4c, + 0x5a, 0x53, 0x79, 0xe8, 0x27, 0x55, 0x1b, 0x83, 0x86, 0xbe, 0x53, 0xd0, 0xb4, 0xa7, 0x66, 0x0a, + 0xe2, 0x55, 0xb4, 0x7c, 0xef, 0xb4, 0x54, 0xee, 0xae, 0xdb, 0x80, 0x3a, 0x8a, 0xe5, 0xaf, 0xbb, + 0x7f, 0xbf, 0xff, 0xeb, 0xe1, 0xca, 0x74, 0x27, 0x82, 0x43, 0x5b, 0x4e, 0xb0, 0xc0, 0x3c, 0xaf, + 0xde, 0x45, 0x46, 0x27, 0x8b, 0x9b, 0x48, 0xef, 0x6f, 0xa6, 0x26, 0x86, 0x8d, 0x5c, 0x01, 0x31, + 0xf1, 0x32, 0xce, 0xa2, 0x8d, 0x5b, 0x8c, 0x5d, 0x3b, 0x48, 0x79, 0x86, 0xc3, 0x89, 0xe2, 0x9f, + 0x74, 0xa7, 0x28, 0xcf, 0x4f, 0xfd, 0x20, 0x36, 0xa5, 0xaa, 0x15, 0x84, 0xd5, 0x99, 0xdd, 0xc6, + 0xef, 0xfa, 0x9d, 0x3a, 0x98, 0xd6, 0x84, 0xd3, 0xc2, 0x5a, 0xa4, 0xa3, 0x6c, 0x78, 0x13, 0x11, + 0x5e, 0xeb, 0x2a, 0xbb, 0xf6, 0x35, 0x20, 0x2b, 0x29, 0xb8, 0xe9, 0xc8, 0xfa, 0x07, 0x24, 0x34, + 0x4b, 0xb0, 0x3d, 0xbf, 0x95, 0x7d, 0x9b, 0x96, 0x24, 0x1a, 0x14, 0xd9, 0xc0, 0xc7, 0x51, 0x73, + 0x0c, 0xbc, 0x0b, 0xc8, 0x97, 0xe4, 0xee, 0xb0, 0x6e, 0xca, 0x00, 0x27, 0x90, 0xa4, 0xc8, 0x47, + 0x54, 0xe6, 0x5e, 0x72, 0xee, 0x69, 0xab, 0x4e, 0x9a, 0xca, 0xf0, 0xf0, 0x7b, 0xc5, 0x7a, 0xe9, + 0x4c, 0xe5, 0xfb, 0x17, 0x14, 0x18, 0x34, 0x51, 0xf1, 0xcf, 0x82, 0xda, 0x15, 0x0e, 0x28, 0x30, + 0x42, 0x9d, 0x35, 0x35, 0x90, 0xcf, 0x86, 0xa8, 0xd1, 0xeb, 0xbe, 0xde, 0x56, 0x66, 0xc3, 0x03, + 0x60, 0xd4, 0x87, 0x22, 0x1e, 0x2c, 0xb4, 0xa8, 0xac, 0x65, 0xe2, 0x67, 0x33, 0xc0, 0x7d, 0x32, + 0x1b, 0xb4, 0x87, 0x67, 0x0c, 0xee, 0xe9, 0xc8, 0x44, 0xa6, 0x4f, 0x58, 0xe4, 0xcb, 0x76, 0xa8, + 0x2f, 0x17, 0x3a, 0x4f, 0x23, 0x74, 0x4c, 0xd3, 0x1b, 0x5b, 0xc2, 0xf6, 0xba, 0x77, 0x49, 0xc9, + 0x01, 0x96, 0x97, 0xa8, 0x08, 0x45, 0x4b, 0x7f, 0x50, 0x7c, 0xb7, 0xb1, 0x33, 0xca, 0x51, 0x29, + 0xe2, 0x30, 0x43, 0xb7, 0xf6, 0x7a, 0xec, 0x0a, 0xfd, 0x5d, 0x09, 0xdc, 0x19, 0x67, 0xcd, 0xbb, + 0x9a, 0x3c, 0x15, 0xe1, 0x2d, 0x2a, 0x0a, 0x55, 0xa6, 0xe5, 0xc3, 0x85, 0x57, 0xea, 0x40, 0x2c, + 0xcd, 0xda, 0xfb, 0xaf, 0x72, 0xd0, 0x0c, 0x69, 0xd9, 0x0e, 0xde, 0x38, 0xdf, 0x0f, 0x6b, 0x14, + 0xb1, 0x1e, 0x48, 0x3d, 0xac, 0x8f, 0x90, 0x6d, 0x8b, 0x2c, 0xc4, 0xf6, 0x8b, 0x8b, 0x3b, 0xb6, + 0x1b, 0xa6, 0x14, 0xea, 0xc8, 0x48, 0x48, 0x91, 0x1c, 0xf2, 0xc4, 0xfb, 0xfb, 0x23, 0x6e, 0x70, + 0x5c, 0x8b, 0xe7, 0x75, 0x2f, 0x59, 0x12, 0x54, 0xf6, 0x6b, 0x6e, 0xd6, 0x32, 0xcc, 0xb2, 0x38, + 0x38, 0xbd, 0xcb, 0x81, 0x1d, 0xe6, 0xf1, 0xfc, 0x28, 0x18, 0x15, 0x2d, 0x94, 0x45, 0xce, 0xe1, + 0x5e, 0xbd, 0xd5, 0x15, 0xcb, 0x83, 0x4a, 0xa3, 0x4a, 0x4d, 0x2f, 0x27, 0xee, 0x14, 0x06, 0xca, + 0xda, 0xbb, 0xe1, 0xae, 0x94, 0xee, 0xb1, 0x9a, 0xd5, 0xc4, 0xf6, 0x9b, 0xe4, 0x6f, 0x23, 0xaa, + 0x97, 0x8d, 0x8e, 0xa7, 0x39, 0x5f, 0x88, 0x58, 0x68, 0x0b, 0x80, 0xf3, 0x20, 0x4c, 0xe5, 0x3c, + 0x27, 0x56, 0x68, 0xe1, 0xf2, 0x5e, 0x40, 0x03, 0x33, 0xd8, 0xa1, 0x7f, 0x58, 0x66, 0xe6, 0x16, + 0x0b, 0x89, 0x4e, 0x06, 0x56, 0x37, 0x18, 0x10, 0x13, 0xca, 0xd7, 0x83, 0xdf, 0x81, 0x26, 0xdf, + 0xf3, 0x52, 0x85, 0xdd, 0x1f, 0xfa, 0x7d, 0x5d, 0x1e, 0x6a, 0x32, 0xe7, 0x1d, 0x54, 0x0d, 0xdb, + 0x32, 0x4e, 0x49, 0xa8, 0xaa, 0xa4, 0xb0, 0xc7, 0x30, 0xa4, 0x8e, 0xf9, 0xc5, 0x9c, 0xab, 0x81, + 0x44, 0x62, 0x5e, 0x0d, 0xb1, 0xd0, 0xc0, 0x01, 0x7e, 0x51, 0x0e, 0xdf, 0x8d, 0x68, 0x72, 0x67, + 0xa7, 0x4c, 0x14, 0x52, 0xfb, 0x33, 0x03, 0xc3, 0x3b, 0x06, 0xb7, 0x97, 0xb6, 0xed, 0xb7, 0xda, + 0x99, 0xb5, 0x16, 0x21, 0x33, 0xb5, 0x84, 0xee, 0x1f, 0xa6, 0xce, 0x8f, 0x91, 0x13, 0xe8, 0x1e, + 0xee, 0xf9, 0xd4, 0xca, 0x0f, 0x01, 0x51, 0x20, 0xa5, 0xc5, 0xb5, 0x1c, 0x00, 0xf8, 0x11, 0x10, + 0xb7, 0x1f, 0xb0, 0x77, 0xf4, 0x2b, 0x41, 0x7b, 0xe2, 0x11, 0xe2, 0xd5, 0x49, 0x78, 0xc4, 0xac, + 0x0d, 0x0d, 0xaf, 0x82, 0xe1, 0xb1, 0xf8, 0x60, 0x71, 0x42, 0xfa, 0x27, 0x03, 0x16, 0x5b, 0x70, + 0xc8, 0x17, 0xb6, 0xb8, 0x13, 0x43, 0x9d, 0xc9, 0x0e, 0xe1, 0x80, 0x12, 0x8f, 0x2d, 0xc6, 0x3d, + 0x1c, 0x14, 0x50, 0xd0, 0x48, 0x25, 0x4c, 0xba, 0xd3, 0x97, 0xe8, 0x37, 0x67, 0x2f, 0x71, 0x4d, + 0x64, 0xda, 0x29, 0x50, 0xc6, 0x96, 0x3c, 0x32, 0x12, 0x12, 0xbb, 0x40, 0xec, 0x23, 0x66, 0xb1, + 0xfb, 0x2b, 0x77, 0x23, 0x8f, 0x7f, 0x4d, 0xf6, 0xfb, 0xbc, 0x09, 0x47, 0x56, 0x94, 0x9a, 0x7d, + 0x7c, 0xd9, 0xa1, 0x5f, 0x74, 0xa0, 0x2c, 0x37, 0x41, 0x8a, 0x4b, 0x90, 0x39, 0x87, 0xce, 0x81, + 0x45, 0x23, 0xfb, 0x2b, 0x65, 0x9b, 0xd3, 0x61, 0x80, 0xac, 0x85, 0xb6, 0xda, 0xa2, 0xd5, 0xa7, + 0xf3, 0x91, 0x28, 0xf9, 0xe4, 0xf8, 0xaf, 0x1b, 0x86, 0xa4, 0xd8, 0x85, 0x44, 0xed, 0x8d, 0xf2, + 0xc5, 0x90, 0x89, 0x45, 0x42, 0x02, 0x07, 0xc0, 0x44, 0xc6, 0xae, 0x7f, 0xd3, 0xcb, 0x38, 0x7a, + 0xbb, 0xb4, 0xa6, 0x23, 0x7f, 0x1f, 0xed, 0xd5, 0x3b, 0x15, 0x62, 0x12, 0x73, 0x30, 0x42, 0xe0, + 0xe4, 0xc2, 0x4f, 0x75, 0x7a, 0xd3, 0xe1, 0x0d, 0xd9, 0x95, 0x03, 0xff, 0x34, 0xff, 0x70, 0xa0, + 0x2a, 0x4e, 0x66, 0x54, 0x97, 0xf1, 0x83, 0xc1, 0xe1, 0x72, 0xa8, 0xdd, 0xd6, 0xfa, 0x19, 0x1f, + 0x9b, 0x2d, 0x9d, 0x99, 0xa2, 0xee, 0x31, 0x7b, 0xfb, 0xc9, 0x7d, 0x32, 0x68, 0x99, 0x36, 0x00, + 0x4e, 0x6e, 0x22, 0xca, 0x74, 0x01, 0xef, 0x62, 0xc2, 0xfa, 0x8a, 0xff, 0x07, 0x5e, 0x93, 0xb0, + 0x8d, 0xe4, 0x6b, 0xeb, 0xdf, 0xde, 0xe9, 0x4a, 0xb6, 0x63, 0xf9, 0xa1, 0x1f, 0x02, 0x18, 0x60, + 0xc9, 0x60, 0x7c, 0xa6, 0xff, 0xd0, 0x58, 0xb0, 0x19, 0x4d, 0x3d, 0xff, 0x1d, 0x76, 0xfd, 0x29, + 0x1d, 0x12, 0xa9, 0xd4, 0x32, 0x54, 0x41, 0x54, 0x35, 0x4f, 0x6b, 0xae, 0xc7, 0x94, 0x7e, 0xe6, + 0xb9, 0xfd, 0x66, 0x22, 0x97, 0xed, 0xf4, 0xcc, 0xb6, 0x91, 0xef, 0xf0, 0x57, 0x84, 0xc5, 0xb3, + 0x59, 0x12, 0xd9, 0x15, 0xb8, 0xbc, 0xd2, 0x19, 0x90, 0xbb, 0x3c, 0x57, 0xd9, 0x17, 0x10, 0xf1, + 0x6f, 0x9f, 0xa8, 0x78, 0xe9, 0x52, 0xf0, 0xcd, 0x38, 0xb2, 0x11, 0x21, 0x8f, 0x54, 0xe4, 0x08, + 0x92, 0x4b, 0x0d, 0x40, 0xe6, 0x2f, 0x35, 0x36, 0x56, 0x05, 0xe1, 0x17, 0xfa, 0x04, 0x2f, 0xf4, + 0xef, 0x9b, 0x15, 0x12, 0x28, 0x94, 0x5c, 0x7e, 0x9c, 0xb3, 0xdc, 0x86, 0xb2, 0xe9, 0xc5, 0xeb, + 0xdd, 0xd2, 0xaf, 0xab, 0xa7, 0x7a, 0x61, 0x98, 0x2a, 0xfd, 0x1b, 0x91, 0x54, 0xe0, 0xd3, 0xac, + 0xfb, 0x4f, 0x32, 0x66, 0x02, 0xa8, 0x78, 0x26, 0xf2, 0x45, 0xcb, 0xa8, 0xa1, 0x61, 0x0d, 0xf6, + 0x96, 0x00, 0xfa, 0x36, 0xbb, 0xbc, 0xc6, 0xd7, 0xc6, 0xf7, 0xcb, 0x70, 0xcc, 0x84, 0x58, 0x3c, + 0x70, 0x0f, 0x5f, 0x57, 0x73, 0x5f, 0x02, 0x81, 0x0f, 0xec, 0xfc, 0x82, 0xf3, 0x0f, 0x2a, 0x76, + 0xec, 0x50, 0x94, 0x96, 0xd7, 0x78, 0x3c, 0x16, 0x79, 0xc7, 0xe2, 0xf7, 0x87, 0xe7, 0x31, 0xb0, + 0x3c, 0x66, 0x33, 0xed, 0x3c, 0x45, 0x37, 0xcf, 0xad, 0x7a, 0x5a, 0x50, 0xbf, 0x8c, 0x04, 0xf9, + 0xca, 0x0a, 0x9a, 0x95, 0xe4, 0x34, 0x76, 0xae, 0x8a, 0xb1, 0xfe, 0x51, 0x7a, 0xa3, 0xa5, 0xb0, + 0xca, 0x8b, 0xaf, 0x60, 0x07, 0xe9, 0xea, 0x5b, 0xd8, 0x7c, 0x7f, 0xa9, 0x21, 0x49, 0x7d, 0x8a, + 0x94, 0xb0, 0xd5, 0xd6, 0xe9, 0xcb, 0xa7, 0xbc, 0xf9, 0x24, 0x14, 0x00, 0x74, 0xc8, 0x4f, 0xe0, + 0x04, 0xc6, 0xb8, 0xbc, 0xd4, 0xdf, 0x17, 0x9d, 0x5f, 0x47, 0x38, 0xd3, 0x1c, 0x43, 0x05, 0x8d, + 0x03, 0x7c, 0xa4, 0x5e, 0x30, 0xd2, 0xaa, 0xeb, 0xca, 0x6c, 0x1b, 0xbb, 0x74, 0xad, 0x22, 0x0d, + 0x13, 0xf1, 0xfc, 0xad, 0x3c, 0x6a, 0x4b, 0xf6, 0x3f, 0x9a, 0xa2, 0xd5, 0xa9, 0xe0, 0x02, 0xcf, + 0x37, 0xe3, 0x7d, 0xee, 0x61, 0xe8, 0xe7, 0x05, 0x7d, 0x07, 0xa1, 0x95, 0xd0, 0x4f, 0x5e, 0x4b, + 0x90, 0x7a, 0x66, 0xde, 0x0e, 0xd8, 0x68, 0xc8, 0xca, 0x6c, 0x8c, 0x36, 0x16, 0x19, 0xe4, 0xc5, + 0xc0, 0x11, 0x4d, 0xd0, 0xe4, 0xd2, 0x5f, 0x85, 0x97, 0x64, 0x23, 0x7d, 0x22, 0x7b, 0x49, 0x1f, + 0xc1, 0xdb, 0x97, 0x01, 0xc8, 0x5a, 0x65, 0xb9, 0x59, 0xbc, 0x9d, 0x2a, 0xa2, 0xf3, 0x64, 0x81, + 0xb0, 0x6f, 0x51, 0x85, 0x9a, 0x2d, 0x18, 0xa9, 0x72, 0xa7, 0xfe, 0x48, 0xcd, 0xa4, 0x28, 0x8f, + 0x71, 0xec, 0x42, 0x73, 0xce, 0xd2, 0x21, 0x35, 0x08, 0x9c, 0x07, 0xed, 0x05, 0xbe, 0xe6, 0x27, + 0xb6, 0xb2, 0x9b, 0x89, 0x20, 0x47, 0x0b, 0xd0, 0xfa, 0x52, 0x4a, 0x2f, 0x7e, 0xd2, 0x5e, 0xd6, + 0xac, 0x6a, 0xc7, 0xa6, 0x97, 0x10, 0xf0, 0x21, 0x84, 0x82, 0x25, 0x2f, 0xc7, 0xee, 0x3b, 0x5e, + 0xaa, 0x22, 0x85, 0x82, 0x9a, 0x7f, 0x3f, 0x41, 0xd8, 0xd8, 0x21, 0x86, 0x75, 0x8b, 0xaf, 0x2e, + 0x5c, 0x7b, 0x8c, 0x95, 0x05, 0x4e, 0xe9, 0x8c, 0x58, 0xfc, 0xdb, 0x55, 0x58, 0xa6, 0x11, 0x50, + 0xa2, 0xf4, 0x3f, 0xe6, 0xda, 0xdf, 0xbb, 0x42, 0xb5, 0x6d, 0x85, 0x6a, 0x37, 0xc1, 0xdb, 0x9d, + 0x5d, 0x22, 0xf3, 0xcc, 0x72, 0x29, 0x7b, 0x3a, 0xfc, 0x9f, 0x63, 0x47, 0x0c, 0x1b, 0xb8, 0xd1, + 0x74, 0x7c, 0x83, 0x8a, 0xbe, 0x70, 0x1d, 0x16, 0x46, 0xe7, 0x31, 0xca, 0x38, 0x5d, 0xd8, 0x2e, + 0xf6, 0x5b, 0x7f, 0xaa, 0x49, 0xc9, 0x7b, 0x48, 0x6d, 0x23, 0xf1, 0x2b, 0x7d, 0x15, 0x2b, 0xf2, + 0x8c, 0xb0, 0x0e, 0x24, 0xe4, 0xcc, 0xbc, 0xe3, 0x3e, 0x5e, 0x61, 0xdb, 0x19, 0xbb, 0x4a, 0xd1, + 0x36, 0xea, 0x4d, 0xd3, 0xb0, 0x36, 0x2f, 0xf1, 0x41, 0x89, 0x14, 0x40, 0xef, 0xce, 0x9d, 0x1c, + 0x42, 0x44, 0xeb, 0x60, 0x1f, 0x7b, 0xf8, 0x2b, 0x52, 0x0d, 0xbc, 0x97, 0x64, 0x37, 0x78, 0x9d, + 0x04, 0x43, 0xe5, 0x4c, 0x3a, 0x6a, 0x8a, 0xab, 0x2c, 0x22, 0x96, 0x46, 0x21, 0xf6, 0x31, 0x11, + 0x3a, 0x09, 0xdd, 0x24, 0x9a, 0xe3, 0x25, 0x71, 0x90, 0x0b, 0x22, 0x28, 0x27, 0x69, 0x6c, 0xaa, + 0x59, 0x1a, 0xf6, 0x8c, 0x54, 0x1b, 0xdd, 0xde, 0x08, 0xe4, 0x4a, 0x25, 0xa3, 0xcb, 0x77, 0x56, + 0x1a, 0x30, 0x76, 0x71, 0xaf, 0x83, 0xc2, 0x32, 0xd0, 0x22, 0xcb, 0x93, 0x37, 0xc5, 0x98, 0xcc, + 0x32, 0x9c, 0xc5, 0xac, 0xa9, 0xc6, 0xde, 0x1c, 0xaf, 0xc5, 0x60, 0x26, 0x68, 0x54, 0x86, 0x84, + 0x28, 0xfb, 0x6f, 0xb5, 0x4e, 0x47, 0x80, 0x0c, 0x8e, 0xe3, 0x56, 0x7b, 0x92, 0x54, 0x44, 0x94, + 0x60, 0xe8, 0x8e, 0x22, 0xc0, 0xe7, 0x72, 0xcd, 0xfa, 0x43, 0xe3, 0xaa, 0x9e, 0x6b, 0xad, 0x0a, + 0x93, 0xc1, 0x49, 0x27, 0x94, 0xb1, 0x09, 0x41, 0x42, 0xbc, 0xd1, 0x86, 0xf2, 0x12, 0xf1, 0xe1, + 0x7c, 0x76, 0xd9, 0xbd, 0xc1, 0xed, 0x5b, 0x85, 0xa1, 0x88, 0x93, 0xe1, 0x2a, 0x50, 0x5a, 0xa0, + 0x04, 0x99, 0x91, 0x93, 0x21, 0xcc, 0x5f, 0xe1, 0x20, 0xb7, 0xad, 0xc7, 0x3c, 0x07, 0xf1, 0xd4, + 0x1e, 0xd7, 0x2a, 0x3f, 0xeb, 0x8b, 0xe1, 0x0c, 0x0e, 0x16, 0x15, 0x19, 0x23, 0x9f, 0xe7, 0x1b, + 0xd7, 0x9f, 0xdb, 0xdc, 0x23, 0xa3, 0xbd, 0xca, 0x0e, 0x37, 0xfa, 0xa4, 0x5c, 0x79, 0xa0, 0x7a, + 0xbb, 0xbd, 0xaa, 0xee, 0x3c, 0xb7, 0xfd, 0xbf, 0x4b, 0x5d, 0xad, 0x0f, 0xac, 0x97, 0xc4, 0x00, + 0xaa, 0xed, 0xde, 0xf4, 0x48, 0x5e, 0xae, 0x0a, 0x6a, 0x75, 0xbc, 0xd2, 0xac, 0x41, 0x5b, 0x51, + 0x1e, 0xf4, 0x72, 0xaf, 0x9d, 0xf5, 0x27, 0xf0, 0x0c, 0x90, 0x73, 0xe6, 0x87, 0x08, 0x47, 0x05, + 0x73, 0x4a, 0x8f, 0x02, 0xb1, 0x96, 0xe7, 0x96, 0x09, 0x74, 0xaa, 0x1e, 0xbb, 0x16, 0xeb, 0x35, + 0x99, 0xd1, 0x81, 0x6c, 0xa1, 0xcc, 0xd6, 0xe8, 0x40, 0x5c, 0xbc, 0xcb, 0x7f, 0x5b, 0x28, 0x06, + 0x4f, 0x71, 0x5b, 0x92, 0xba, 0xa0, 0x65, 0xa0, 0x93, 0xd1, 0x9c, 0x19, 0xd8, 0x1d, 0x64, 0xd1, + 0x84, 0x07, 0xbc, 0x59, 0x96, 0x5e, 0x22, 0xa2, 0x8a, 0xbf, 0x11, 0xbf, 0xdd, 0xe6, 0xd9, 0xdf, + 0x24, 0xcf, 0xa3, 0x74, 0xdd, 0x7a, 0x81, 0xfc, 0x73, 0xd5, 0x2c, 0x72, 0x2f, 0xa2, 0x11, 0x9f, + 0x44, 0x1f, 0x7f, 0x67, 0x22, 0xaf, 0x32, 0x0c, 0x66, 0xec, 0x76, 0x30, 0x32, 0xc1, 0x2c, 0x6c, + 0x1b, 0x88, 0xda, 0x22, 0x77, 0x82, 0x6c, 0xa5, 0xca, 0x0a, 0xaa, 0xe9, 0xb4, 0x77, 0xb8, 0xaf, + 0x10, 0x41, 0x0c, 0xcb, 0x41, 0x94, 0x3e, 0x69, 0xe9, 0xdc, 0x5b, 0x99, 0xe8, 0xba, 0xcf, 0x3d, + 0xfd, 0x48, 0x8b, 0x5d, 0x82, 0x9f, 0x89, 0xf1, 0xd0, 0x1b, 0x37, 0xce, 0x4a, 0xa8, 0x58, 0xa8, + 0x5c, 0x9b, 0x2a, 0x7f, 0xb9, 0x6e, 0x37, 0x4e, 0x59, 0xcd, 0x03, 0x58, 0x4d, 0xc9, 0xe9, 0x04, + 0xdd, 0x25, 0x21, 0x0a, 0x2c, 0x95, 0xec, 0xd5, 0xf7, 0x4a, 0x2e, 0xbb, 0x43, 0x26, 0x39, 0x4f, + 0xc7, 0xda, 0xed, 0xa1, 0x9c, 0x69, 0xe1, 0xc0, 0x4f, 0x78, 0x30, 0xa5, 0xa5, 0x5d, 0x65, 0x4d, + 0x82, 0x3e, 0xab, 0xb4, 0x68, 0x5c, 0x29, 0xb1, 0x67, 0xae, 0x9a, 0x54, 0x58, 0x82, 0x25, 0xeb, + 0xb5, 0x92, 0x4b, 0xc0, 0xa7, 0x4a, 0x7f, 0x92, 0x22, 0x12, 0xbb, 0x26, 0x8b, 0x47, 0xd0, 0x02, + 0x8a, 0xf9, 0xda, 0x49, 0x9c, 0xbe, 0x76, 0x3f, 0x1e, 0x98, 0x9c, 0x3e, 0x2c, 0x72, 0xac, 0x60, + 0xe8, 0xa1, 0x69, 0x17, 0x80, 0x0a, 0x39, 0xbd, 0xb0, 0xbd, 0xce, 0x95, 0xa5, 0x29, 0x12, 0x6a, + 0x4f, 0x9d, 0xb2, 0xcb, 0x1a, 0x8e, 0x60, 0x5b, 0x88, 0x54, 0x9d, 0xc8, 0xf3, 0x36, 0x63, 0xea, + 0xf4, 0x25, 0xd3, 0x4c, 0x3a, 0xed, 0x34, 0xbd, 0x10, 0x3b, 0xb5, 0x88, 0xde, 0xad, 0x5a, 0x52, + 0x4d, 0x45, 0xf2, 0x0a, 0x59, 0xd7, 0xa0, 0xb2, 0x7c, 0x14, 0x1c, 0xd0, 0x6a, 0x6d, 0x51, 0x68, + 0x60, 0xbc, 0xcb, 0x21, 0xc0, 0xcd, 0xb3, 0x42, 0xc1, 0x2a, 0x99, 0x67, 0x89, 0x7b, 0x33, 0x6b, + 0x3e, 0xe9, 0xf6, 0xeb, 0xe8, 0x96, 0x0f, 0xe2, 0x4f, 0xe4, 0x16, 0xd2, 0xbb, 0x04, 0x51, 0x47, + 0x43, 0x18, 0x9e, 0x11, 0x17, 0x21, 0x32, 0xca, 0x0f, 0x32, 0xa6, 0xb5, 0xdf, 0x86, 0x0d, 0xbc, + 0x30, 0xba, 0x8d, 0xb1, 0xfc, 0x1f, 0xd9, 0x96, 0xa1, 0xab, 0x60, 0x7b, 0xe2, 0xee, 0x05, 0x56, + 0x84, 0x40, 0xac, 0x44, 0x6b, 0x78, 0x50, 0x7c, 0x95, 0x89, 0x1f, 0x62, 0xf8, 0xb7, 0x2a, 0x7b, + 0x1a, 0x2d, 0x54, 0x5a, 0x9e, 0xa0, 0xce, 0xeb, 0xfb, 0x05, 0x06, 0x2c, 0x33, 0x34, 0xeb, 0xf8, + 0x0f, 0x24, 0x25, 0x29, 0x5d, 0x6b, 0xbc, 0xd9, 0x52, 0x70, 0x9a, 0xbd, 0x0d, 0x47, 0x54, 0x59, + 0x70, 0x87, 0x8a, 0xed, 0x54, 0x57, 0x64, 0x77, 0xab, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09, 0x10, 0x18, 0x1c, 0x24, 0x2a}; +#elif MLD_CONFIG_PARAMETER_SET == 87 +const uint8_t public_key[] = { + 0xf2, 0xd6, 0x10, 0x04, 0x41, 0xfb, 0x22, 0xda, 0xdb, 0x51, 0xa2, 0xef, 0x58, 0x8d, 0xd5, 0x1d, + 0xdb, 0x19, 0x1a, 0x52, 0x53, 0x0e, 0x61, 0xa1, 0x23, 0x2e, 0xd0, 0x94, 0x8c, 0x25, 0x1f, 0x5c, + 0xbd, 0xbd, 0x0f, 0x08, 0x31, 0xb3, 0xf7, 0x8a, 0xed, 0x6f, 0x2e, 0xf6, 0x47, 0x5e, 0xda, 0xe5, + 0xea, 0xf9, 0xb0, 0xaf, 0xf1, 0x91, 0x09, 0x93, 0x51, 0x0f, 0xb8, 0x24, 0xfa, 0xf2, 0x9e, 0xfc, + 0x59, 0x06, 0x99, 0x9d, 0x99, 0x9a, 0x1d, 0x59, 0xf3, 0x44, 0x9c, 0xf1, 0x4e, 0x9f, 0x80, 0x6f, + 0x49, 0x04, 0xac, 0xe1, 0xe3, 0xf5, 0x27, 0x92, 0x54, 0x98, 0x2d, 0xe8, 0x7a, 0x07, 0x83, 0x25, + 0x46, 0xe5, 0xfc, 0x67, 0x9d, 0xa7, 0xa3, 0x00, 0x7e, 0xac, 0xa6, 0xf1, 0x1d, 0x04, 0x6d, 0x11, + 0x9c, 0xa5, 0x56, 0x6b, 0x85, 0xb8, 0x1e, 0xa3, 0xfd, 0x99, 0x21, 0xdd, 0x82, 0xd3, 0xcd, 0x62, + 0x97, 0xb8, 0x25, 0xf8, 0xcb, 0x4c, 0x9e, 0x25, 0xa5, 0xb5, 0x1f, 0xee, 0xd6, 0xf0, 0x0b, 0x65, + 0xf6, 0xdd, 0xfe, 0x45, 0x7d, 0x03, 0xdc, 0x5d, 0x61, 0x15, 0x5d, 0x5a, 0xcd, 0xc8, 0x44, 0x82, + 0x8a, 0x76, 0x5e, 0x38, 0xcf, 0xc4, 0x56, 0x21, 0xad, 0xc0, 0x15, 0xbf, 0x22, 0x92, 0x76, 0xa4, + 0x44, 0x93, 0x03, 0x89, 0xce, 0x2f, 0x9e, 0x8f, 0xb7, 0x4b, 0x6e, 0x63, 0x0f, 0xbb, 0xee, 0x55, + 0x85, 0x59, 0x37, 0xae, 0x95, 0x97, 0xc6, 0x99, 0xaf, 0x4a, 0x70, 0x64, 0x15, 0x37, 0x1b, 0x08, + 0x57, 0x46, 0xae, 0x81, 0x94, 0xdc, 0x28, 0x4a, 0x8d, 0x55, 0x09, 0x2a, 0x7c, 0x31, 0xdf, 0xcf, + 0xd6, 0x00, 0x2e, 0xf9, 0x88, 0x93, 0x0d, 0x64, 0xbd, 0x7b, 0x74, 0x7d, 0x43, 0xc1, 0x0b, 0xa6, + 0x14, 0x35, 0x94, 0x28, 0x80, 0x8d, 0xcb, 0xf3, 0x86, 0xd1, 0xdd, 0x0f, 0x02, 0x7a, 0xe7, 0xb1, + 0xef, 0x57, 0x8e, 0xfe, 0xb6, 0x8a, 0x6a, 0xba, 0xf2, 0x3e, 0x6a, 0x38, 0x5e, 0x38, 0x5f, 0x8e, + 0x97, 0x28, 0xfa, 0xd2, 0x82, 0x22, 0xa5, 0x24, 0x94, 0x2a, 0x7a, 0x66, 0x4d, 0x0b, 0x30, 0x65, + 0x10, 0x0c, 0x38, 0x0e, 0x88, 0x0c, 0x9d, 0xc4, 0xdd, 0x0d, 0x9f, 0xed, 0x43, 0xae, 0xc4, 0xc2, + 0xc6, 0xf8, 0x25, 0x8a, 0x64, 0x20, 0x8b, 0x35, 0xa5, 0xd1, 0xed, 0x0e, 0x57, 0xbb, 0x31, 0x96, + 0x4b, 0xe1, 0xc9, 0x7f, 0xa9, 0x7e, 0x77, 0x1e, 0x69, 0x96, 0xcf, 0xb1, 0x83, 0x55, 0xde, 0x18, + 0x31, 0x71, 0x38, 0x50, 0xdb, 0xe8, 0x6e, 0x02, 0x2a, 0xd7, 0xf6, 0xaa, 0x45, 0x4f, 0x0b, 0x3a, + 0xd1, 0xea, 0x22, 0xc8, 0xae, 0x83, 0x54, 0x64, 0xc2, 0xe1, 0x53, 0x3d, 0xa5, 0xa8, 0xea, 0xa7, + 0x57, 0x61, 0x7d, 0x8e, 0x94, 0x76, 0xba, 0xcc, 0x6b, 0x2f, 0xc3, 0x08, 0xc1, 0xe4, 0x82, 0x6e, + 0x19, 0x50, 0xf3, 0xa9, 0x1f, 0xc5, 0x4a, 0xe0, 0x10, 0x75, 0xe0, 0x1c, 0xff, 0x0e, 0x33, 0x07, + 0xf3, 0xdd, 0x38, 0xf7, 0xbf, 0xb9, 0x56, 0x4d, 0x52, 0x5f, 0x46, 0xc7, 0x70, 0x87, 0x0e, 0x22, + 0x27, 0x7f, 0x06, 0x89, 0x6a, 0xaa, 0x77, 0xc7, 0x45, 0xe7, 0x9c, 0xcc, 0xaf, 0x53, 0xe3, 0x24, + 0x8e, 0xd6, 0x41, 0xdb, 0xcc, 0xaf, 0x17, 0x65, 0x08, 0xfc, 0x81, 0xf2, 0xaf, 0x1f, 0xc2, 0xe5, + 0x9f, 0x4c, 0x25, 0x86, 0x5c, 0xf0, 0xe6, 0xa5, 0x7d, 0x31, 0x51, 0xfc, 0xb6, 0x81, 0x42, 0xd9, + 0x60, 0x41, 0xd1, 0x66, 0xfd, 0x06, 0x04, 0x81, 0x60, 0xa3, 0xd9, 0x95, 0x9f, 0x4e, 0x7c, 0xd2, + 0x80, 0x9d, 0x68, 0x85, 0x09, 0x21, 0x16, 0x93, 0x8e, 0x5d, 0x37, 0x43, 0x59, 0x70, 0xf6, 0x23, + 0xd1, 0x7c, 0xf2, 0xe6, 0x5f, 0x13, 0x86, 0xee, 0x91, 0xe0, 0x8e, 0x30, 0x6f, 0xcc, 0x24, 0xec, + 0x4d, 0x95, 0xff, 0xa0, 0x27, 0xe8, 0xa4, 0xf7, 0x39, 0x90, 0x51, 0x20, 0x61, 0x63, 0x78, 0x83, + 0x83, 0x12, 0xce, 0x00, 0x94, 0x54, 0x6f, 0x90, 0x36, 0x91, 0xbf, 0xac, 0x42, 0x00, 0x00, 0x6c, + 0xa5, 0xcb, 0x07, 0x8a, 0x9d, 0x6a, 0xcc, 0x95, 0xcb, 0x78, 0x68, 0x83, 0x81, 0x3d, 0x1b, 0xbe, + 0xb9, 0x98, 0x0b, 0x4b, 0xf3, 0x73, 0x67, 0x86, 0xc5, 0x57, 0xbf, 0x9d, 0x47, 0xd3, 0x3f, 0x36, + 0x79, 0x39, 0x2c, 0x2f, 0x8f, 0x84, 0x0f, 0xf9, 0x53, 0x01, 0x60, 0x28, 0x9f, 0x2c, 0x9a, 0xeb, + 0x40, 0xa6, 0x1b, 0x20, 0x09, 0x5e, 0xeb, 0xb1, 0x18, 0x3a, 0x53, 0xb2, 0xc6, 0x2f, 0x97, 0x6c, + 0x74, 0x14, 0xd6, 0xb1, 0xf2, 0x19, 0x12, 0xaa, 0x08, 0x89, 0x97, 0xd9, 0x41, 0xb1, 0x2a, 0x9a, + 0x40, 0x8f, 0xa8, 0x8f, 0xe1, 0xa7, 0x0f, 0xdf, 0x8d, 0x62, 0x0b, 0x71, 0xbd, 0xc1, 0x6f, 0xf1, + 0x7b, 0x39, 0xd9, 0x13, 0xf9, 0x42, 0x83, 0x0f, 0x48, 0x7a, 0x7b, 0xbb, 0x39, 0x8c, 0x54, 0x8d, + 0x8d, 0xef, 0xc8, 0xde, 0x1b, 0xd8, 0xdd, 0xb3, 0x07, 0x30, 0x33, 0x02, 0x1d, 0xe8, 0xe6, 0xdf, + 0xe4, 0xae, 0x3b, 0xe6, 0xb7, 0xdb, 0xe0, 0x1e, 0x4b, 0x10, 0x4b, 0x6c, 0xdb, 0x26, 0x36, 0xeb, + 0x92, 0xb2, 0x68, 0x1a, 0xe4, 0xf1, 0x68, 0xf6, 0xf2, 0xeb, 0x2d, 0xa9, 0xb2, 0x09, 0xe2, 0xf5, + 0xd6, 0x2c, 0x7d, 0x94, 0x3a, 0xd2, 0x43, 0x9c, 0x51, 0xb7, 0x9f, 0x47, 0x28, 0x9a, 0xfa, 0xdb, + 0x02, 0x08, 0x74, 0x17, 0xae, 0xe7, 0x50, 0x07, 0xe5, 0x38, 0x28, 0xaf, 0x3c, 0xe1, 0x27, 0xd4, + 0xf1, 0x6a, 0x99, 0xbd, 0x4d, 0x6a, 0x2c, 0xa9, 0xdc, 0x2c, 0x2c, 0x32, 0x6f, 0xd1, 0xc7, 0x8c, + 0x93, 0x24, 0x76, 0xab, 0x1c, 0xc9, 0x9d, 0x1c, 0x45, 0xfb, 0xa9, 0xc5, 0xde, 0xb0, 0x4e, 0xc4, + 0x04, 0xd0, 0xb6, 0x00, 0xd3, 0xfc, 0x30, 0xf7, 0xf0, 0x97, 0x02, 0xda, 0xbe, 0xea, 0x9a, 0xcc, + 0x75, 0xe5, 0x8d, 0xde, 0x44, 0x1c, 0xcc, 0xa8, 0x07, 0x5f, 0xa8, 0x67, 0x5e, 0x61, 0x90, 0x0f, + 0x2b, 0xf0, 0xf7, 0x85, 0xe8, 0x12, 0x9a, 0x69, 0x06, 0x73, 0x88, 0x80, 0x77, 0x2c, 0x0e, 0xc7, + 0x57, 0x2a, 0x8c, 0xba, 0x8f, 0x62, 0xa7, 0xf6, 0x72, 0x6b, 0x67, 0xb9, 0xb4, 0xe9, 0x27, 0x6d, + 0xd4, 0x55, 0x70, 0x7d, 0x5f, 0x32, 0x75, 0x9c, 0x3a, 0xfb, 0x69, 0xdd, 0x4a, 0x28, 0x16, 0xb8, + 0xa4, 0x3c, 0x93, 0x08, 0x88, 0xa1, 0x92, 0xf3, 0x3b, 0x68, 0xb4, 0xf3, 0x59, 0x61, 0xba, 0xd1, + 0x1e, 0x7b, 0xc0, 0x78, 0x8e, 0x63, 0x7a, 0xa9, 0x19, 0xde, 0x32, 0x16, 0x9f, 0x8e, 0xa6, 0xad, + 0x7b, 0x6d, 0x93, 0x3c, 0x51, 0x67, 0xb7, 0xa9, 0xe2, 0x7f, 0x4c, 0x56, 0xe7, 0xd4, 0x60, 0x8c, + 0x6b, 0xbb, 0x03, 0xf4, 0x42, 0xd3, 0x21, 0xbe, 0x7d, 0xdd, 0x7b, 0x1d, 0xab, 0xe7, 0x4d, 0xc9, + 0x69, 0x23, 0xa5, 0x89, 0x6d, 0x15, 0x2f, 0x8f, 0xdb, 0x0a, 0xb4, 0x5f, 0xda, 0x35, 0xf7, 0xb6, + 0xe7, 0xb1, 0x37, 0xd3, 0xc3, 0x72, 0xcc, 0x0e, 0xcd, 0x84, 0xd6, 0x58, 0x1b, 0x01, 0xb2, 0x40, + 0xa3, 0xca, 0x3d, 0x0f, 0x5d, 0x7c, 0x61, 0x42, 0x5c, 0x5a, 0x5c, 0x6b, 0x7a, 0x6f, 0x0e, 0xbf, + 0x29, 0x0f, 0x52, 0xc9, 0x22, 0x5d, 0x8f, 0x99, 0xb0, 0xbe, 0x4d, 0x4e, 0x00, 0x1e, 0x89, 0x04, + 0x09, 0xf9, 0xd5, 0x94, 0x82, 0xcc, 0x15, 0x2a, 0xf1, 0x6a, 0x49, 0x43, 0xf1, 0x3d, 0xa8, 0x6b, + 0xbf, 0x33, 0x43, 0x29, 0x22, 0xf7, 0x1b, 0x1c, 0x98, 0xcc, 0x0f, 0xc6, 0xed, 0xe7, 0x27, 0x8a, + 0xe9, 0x1e, 0x4f, 0xac, 0xe8, 0x81, 0x88, 0xce, 0x9f, 0x2c, 0x23, 0xf8, 0x0f, 0x0e, 0x9d, 0xdf, + 0x3b, 0x59, 0x47, 0x15, 0x5a, 0x4d, 0x12, 0xe5, 0x22, 0x4e, 0xb9, 0xf1, 0xf5, 0x1f, 0xde, 0xad, + 0x2c, 0xd5, 0xe8, 0xd7, 0x6b, 0x22, 0x33, 0x9e, 0x12, 0xb9, 0x43, 0x98, 0x7d, 0x7c, 0xea, 0xf2, + 0x7a, 0x1d, 0x7b, 0x86, 0x24, 0x6b, 0x3b, 0x1f, 0xd3, 0x97, 0xea, 0xf6, 0xf9, 0x9f, 0xfa, 0xcb, + 0x8a, 0xe3, 0x87, 0x8f, 0xd9, 0x14, 0xf4, 0xde, 0x21, 0xa8, 0x01, 0x4f, 0x06, 0x23, 0xad, 0xd4, + 0x1c, 0xe6, 0xb4, 0x8c, 0x5c, 0x89, 0x48, 0x48, 0x7b, 0x8c, 0x7e, 0x57, 0x2b, 0x37, 0xd7, 0x11, + 0xfd, 0x6d, 0xc7, 0x34, 0xb9, 0x44, 0x89, 0x09, 0x3a, 0x94, 0xc2, 0x58, 0x50, 0xbf, 0xf0, 0xc2, + 0xf9, 0x12, 0xcb, 0x6f, 0x29, 0x6c, 0xc0, 0x06, 0x88, 0x5b, 0x06, 0xa8, 0xf0, 0x42, 0x40, 0x3d, + 0xd1, 0x43, 0xac, 0xd5, 0x7a, 0x83, 0xf6, 0xfc, 0x14, 0x64, 0xc3, 0xcc, 0x00, 0x83, 0xca, 0x2c, + 0xb1, 0x8a, 0x20, 0x22, 0x82, 0x0b, 0x4c, 0x9c, 0x67, 0x0a, 0x36, 0xe7, 0x19, 0x75, 0x0c, 0xb5, + 0x06, 0x8c, 0x4d, 0x24, 0xaa, 0x2b, 0x54, 0x08, 0xc1, 0xb5, 0x99, 0x79, 0xcb, 0x94, 0xa6, 0x94, + 0xd0, 0x68, 0xe6, 0x01, 0xbb, 0xb5, 0x5a, 0x99, 0xa9, 0xdb, 0xea, 0xb5, 0xbb, 0x5e, 0x44, 0xca, + 0x74, 0x55, 0xbe, 0xd3, 0x67, 0xe3, 0x85, 0x79, 0x1b, 0x9a, 0x72, 0x9f, 0xca, 0xfe, 0xe9, 0x97, + 0xb7, 0x8a, 0x2e, 0x69, 0x6d, 0x59, 0xaf, 0x98, 0x66, 0x00, 0x41, 0xaf, 0xf1, 0xac, 0x3e, 0x7e, + 0x7c, 0xa6, 0x9e, 0xb5, 0x2f, 0x0a, 0x0c, 0x12, 0x3d, 0x37, 0xe1, 0xa8, 0x57, 0xb5, 0xf7, 0x82, + 0x44, 0xf4, 0x88, 0xfc, 0x97, 0x10, 0xd0, 0xc1, 0x60, 0xd8, 0x4a, 0x18, 0x0b, 0xd7, 0x7e, 0x13, + 0x53, 0xb8, 0xba, 0xf4, 0x69, 0x25, 0xa9, 0xb0, 0xa1, 0x90, 0x2c, 0x86, 0x2d, 0xae, 0xe6, 0x3a, + 0x69, 0x3d, 0xf7, 0xcc, 0x6e, 0x7e, 0xfc, 0xa9, 0xfd, 0xdb, 0xb1, 0xf5, 0xe9, 0x39, 0xef, 0x74, + 0x45, 0x07, 0x2a, 0xc9, 0x04, 0x69, 0x12, 0x12, 0xb3, 0x34, 0xb0, 0x78, 0xa9, 0xe9, 0x6f, 0x0c, + 0xb6, 0xf8, 0x84, 0xe7, 0x8d, 0xe0, 0x5c, 0x9e, 0xdb, 0xc9, 0x6f, 0x3d, 0xba, 0xa2, 0x1d, 0x74, + 0x26, 0x3b, 0xb3, 0x90, 0xd9, 0xdc, 0x20, 0xc8, 0xd2, 0xcf, 0x9f, 0xad, 0xc6, 0x02, 0xe3, 0xdd, + 0x68, 0xb8, 0x32, 0x44, 0xc7, 0x86, 0xc3, 0x21, 0x54, 0x2b, 0x91, 0xfd, 0x16, 0x6c, 0x2c, 0x16, + 0x26, 0x0b, 0x97, 0x1e, 0xa2, 0xa9, 0xa8, 0x05, 0xea, 0x26, 0xcc, 0xcf, 0x60, 0x19, 0xec, 0x93, + 0xf1, 0x55, 0x1f, 0x9f, 0x52, 0x8a, 0x98, 0x68, 0x28, 0xa9, 0xa8, 0xc5, 0x0f, 0x72, 0xf3, 0x66, + 0xa5, 0x79, 0xad, 0x2b, 0xd1, 0xef, 0x1e, 0xc9, 0x83, 0x6f, 0x90, 0xc1, 0x11, 0x2c, 0x9f, 0xf0, + 0xea, 0x02, 0xe7, 0xb9, 0x53, 0xe4, 0xfa, 0xaa, 0x56, 0xad, 0xbf, 0xd4, 0xf4, 0xeb, 0x25, 0x86, + 0x5b, 0x11, 0x86, 0x03, 0x87, 0xd0, 0xb5, 0x50, 0x8b, 0xb6, 0x9f, 0x3a, 0x6d, 0xde, 0xfa, 0x6e, + 0xd3, 0x35, 0x80, 0xf8, 0x08, 0x7e, 0x45, 0xc4, 0x62, 0x42, 0x05, 0xd7, 0x55, 0x58, 0xda, 0xa3, + 0x5f, 0x5f, 0x0b, 0x1c, 0x0e, 0xc7, 0x53, 0x14, 0x99, 0xef, 0x93, 0x80, 0x69, 0x3c, 0xfb, 0x21, + 0xdf, 0x0f, 0x3d, 0x40, 0xf8, 0xc9, 0xe0, 0xca, 0xe0, 0x34, 0x27, 0x17, 0x26, 0x80, 0x5f, 0xd2, + 0x11, 0x35, 0x9b, 0x88, 0xac, 0xde, 0x29, 0x4b, 0xd8, 0xa9, 0xa4, 0xc7, 0x0b, 0x4c, 0x53, 0xc4, + 0x8d, 0x02, 0x72, 0x92, 0x9e, 0xef, 0x2a, 0xf5, 0x69, 0xb3, 0xbc, 0xb9, 0xc0, 0x9d, 0x6d, 0x3e, + 0x73, 0xed, 0xba, 0x6c, 0x76, 0x63, 0x21, 0xe8, 0x08, 0xc9, 0xcd, 0x1a, 0x43, 0x27, 0xdb, 0xbf, + 0xa9, 0xe0, 0x12, 0x81, 0xe9, 0x2a, 0x8d, 0xce, 0x17, 0x60, 0x4e, 0xdb, 0x5e, 0xd8, 0x1f, 0x1b, + 0x0d, 0xd4, 0x0a, 0x9d, 0x22, 0x5b, 0x05, 0xf3, 0x66, 0xf9, 0x65, 0x12, 0xd4, 0x3a, 0x12, 0xed, + 0xed, 0x54, 0x14, 0x3e, 0x96, 0xcc, 0x7c, 0x0c, 0x40, 0x44, 0x09, 0x56, 0x2a, 0x4c, 0x37, 0x16, + 0x0a, 0x46, 0x7f, 0xbc, 0x9c, 0xb7, 0xf0, 0x32, 0xaf, 0x5b, 0x55, 0xc6, 0xb2, 0xd0, 0xff, 0xed, + 0x1e, 0xae, 0xd5, 0xfe, 0xab, 0x9c, 0x12, 0x65, 0xd9, 0x5b, 0x50, 0x8c, 0xe4, 0x17, 0xa9, 0xa2, + 0x62, 0x3a, 0x0c, 0x4a, 0x1f, 0x70, 0xa1, 0x1e, 0xfc, 0x1f, 0x9d, 0x73, 0x70, 0x9e, 0x93, 0xaf, + 0x90, 0xee, 0xd3, 0x7a, 0xc1, 0xd0, 0x08, 0xf5, 0xcb, 0x9a, 0xae, 0x81, 0x4b, 0xf6, 0xc2, 0xde, + 0xf6, 0x34, 0x6a, 0xbb, 0x85, 0x79, 0x8c, 0x0a, 0xf2, 0x37, 0xfa, 0xb5, 0xa6, 0x9d, 0x64, 0x3b, + 0x03, 0x45, 0x9f, 0xc6, 0xb3, 0x34, 0xf6, 0x83, 0x50, 0xf6, 0x60, 0xe8, 0x31, 0xd0, 0xed, 0x81, + 0xc5, 0xee, 0xb8, 0xee, 0xb6, 0xd8, 0x8b, 0x6c, 0xe5, 0x22, 0x5c, 0x4c, 0x07, 0x12, 0xb0, 0xf2, + 0x29, 0x9c, 0xcf, 0x4e, 0x59, 0x45, 0xc2, 0xc3, 0x86, 0x05, 0x09, 0x8e, 0x43, 0xac, 0x42, 0xa5, + 0xe5, 0x21, 0x37, 0x90, 0xf2, 0x6b, 0x47, 0x99, 0x34, 0x70, 0xb5, 0xba, 0xc9, 0xfd, 0x4a, 0xa4, + 0x2e, 0x3b, 0x68, 0x6b, 0x14, 0x34, 0x6a, 0x78, 0x9a, 0x23, 0xed, 0xc2, 0x57, 0xe2, 0x41, 0x7b, + 0xf7, 0x44, 0x98, 0x8a, 0xcb, 0x39, 0xea, 0xb9, 0x06, 0x23, 0xa8, 0x93, 0x79, 0x55, 0xe4, 0x90, + 0x0a, 0x8d, 0xf1, 0x66, 0x3f, 0x11, 0x16, 0x0d, 0xc5, 0xed, 0xc5, 0x9b, 0x9e, 0xbc, 0x2d, 0xd5, + 0xaa, 0xc9, 0x11, 0x01, 0xe0, 0xbd, 0xbd, 0xee, 0x27, 0xff, 0xf2, 0x12, 0xab, 0xc4, 0xe5, 0xe1, + 0xc5, 0x58, 0x26, 0x27, 0x39, 0x6e, 0xe8, 0xe4, 0x26, 0x6a, 0xeb, 0xf6, 0x89, 0x77, 0x48, 0xf1, + 0x29, 0x05, 0xd5, 0xdb, 0xbc, 0x70, 0xa7, 0x4d, 0x7a, 0xde, 0xae, 0x52, 0x96, 0xd6, 0x50, 0xf2, + 0x29, 0x05, 0x7b, 0xd5, 0x2f, 0x6e, 0x66, 0x39, 0x05, 0x90, 0x90, 0xa8, 0x5b, 0xc1, 0x32, 0xa5, + 0xff, 0x35, 0xf2, 0x84, 0xd8, 0x56, 0xf4, 0x07, 0x79, 0xb3, 0xa8, 0x35, 0xbc, 0xd9, 0x0d, 0xdd, + 0xeb, 0x3d, 0xd4, 0x86, 0x5e, 0x2f, 0xb8, 0xa4, 0x29, 0x0a, 0x54, 0xfd, 0x31, 0xf5, 0x11, 0xe3, + 0x97, 0x7c, 0x22, 0x07, 0x31, 0x5b, 0xbd, 0x58, 0xff, 0x8b, 0x64, 0x6d, 0x35, 0x72, 0xaf, 0xd7, + 0x7a, 0x6c, 0x85, 0x7b, 0xa4, 0xb3, 0xb0, 0x74, 0x4a, 0x6d, 0x6d, 0xdf, 0xe6, 0xfd, 0x7d, 0x92, + 0x42, 0x8d, 0x50, 0x00, 0x57, 0x42, 0x85, 0x4a, 0x68, 0x4d, 0x5c, 0x58, 0x41, 0x36, 0xc9, 0x44, + 0x7f, 0x56, 0x5f, 0xa3, 0x45, 0xb9, 0x02, 0x3c, 0xd6, 0x57, 0x2b, 0x4d, 0xb0, 0x17, 0xe7, 0x12, + 0xd4, 0x1c, 0x48, 0xac, 0x1f, 0x9e, 0x41, 0x65, 0x6d, 0xec, 0x05, 0x14, 0xcd, 0x46, 0x00, 0x7d, + 0x25, 0x77, 0xdb, 0x64, 0x56, 0x58, 0x0a, 0xee, 0xc6, 0x81, 0xa3, 0xd5, 0x52, 0xf9, 0x79, 0xc9, + 0x82, 0xb7, 0x3d, 0xb8, 0x7c, 0xa1, 0xef, 0x5b, 0x5f, 0x0c, 0x02, 0x81, 0x5e, 0x26, 0xb8, 0xce, + 0x20, 0xc9, 0x38, 0x5c, 0x09, 0xd2, 0x14, 0x89, 0xc9, 0xd9, 0x38, 0x2c, 0xe6, 0x9a, 0x1a, 0x0e, + 0xad, 0x43, 0xc1, 0xfe, 0x5b, 0xe9, 0x50, 0x27, 0x3a, 0xa6, 0x42, 0x1c, 0xc0, 0xe9, 0x14, 0x08, + 0x1b, 0x16, 0xa1, 0xe2, 0x7d, 0x21, 0x5c, 0xda, 0x5d, 0x84, 0x23, 0x6d, 0x45, 0xcb, 0x0d, 0xf2, + 0xb5, 0x32, 0x81, 0x5f, 0xfd, 0xe8, 0xad, 0xab, 0x36, 0x45, 0x4b, 0xf2, 0xc7, 0x2c, 0x11, 0x5c, + 0xcd, 0xce, 0x0b, 0xea, 0xe8, 0x62, 0x4b, 0x61, 0x34, 0x35, 0x3b, 0x35, 0x2c, 0x49, 0x45, 0x56, + 0x62, 0x4c, 0x87, 0xfd, 0xf9, 0x75, 0x38, 0xc3, 0x5b, 0xb4, 0xb7, 0x58, 0x5f, 0x3e, 0x22, 0xba, + 0xc8, 0xb1, 0x21, 0x1d, 0x64, 0x9d, 0x6e, 0xc6, 0x8c, 0x9b, 0x48, 0xf7, 0x5e, 0xc7, 0x49, 0x81, + 0xb6, 0xf1, 0xdf, 0xa4, 0xd1, 0xae, 0x67, 0x61, 0x0a, 0xe8, 0xa4, 0x39, 0x47, 0x66, 0x59, 0xc1, + 0x5b, 0x85, 0x59, 0x0b, 0x50, 0xbf, 0x92, 0x2f, 0x41, 0x8f, 0xc6, 0x44, 0xfd, 0x17, 0x66, 0xda, + 0x1a, 0x5c, 0x2d, 0x5e, 0x4a, 0x0b, 0xb9, 0x08, 0xca, 0xed, 0x09, 0xa1, 0x48, 0xbc, 0xd5, 0xb4, + 0x1b, 0x0b, 0x48, 0xc0, 0x5a, 0x62, 0x13, 0x70, 0xf2, 0x6c, 0xbb, 0xc1, 0x9d, 0x0e, 0x66, 0x97, + 0x98, 0xf8, 0xfd, 0x0c, 0x79, 0xe2, 0xaa, 0xcd, 0xb2, 0xdc, 0x84, 0x69, 0x8b, 0xb5, 0x09, 0x0c, + 0xb4, 0xc9, 0xcf, 0xac, 0xa6, 0xf8, 0x64, 0x95, 0xf9, 0x0a, 0x4d, 0x5f, 0x91, 0xcb, 0xc5, 0x02, + 0x30, 0x40, 0x26, 0xdd, 0x55, 0x6c, 0xc3, 0x9a, 0x63, 0xd2, 0x8c, 0x71, 0x1a, 0x81, 0x91, 0x25, + 0x8b, 0xe6, 0x30, 0x6a, 0xac, 0x68, 0x64, 0x60, 0x3d, 0xec, 0x36, 0x14, 0xca, 0x37, 0x48, 0x89, + 0x23, 0x61, 0xa3, 0x78, 0x10, 0x6e, 0x9d, 0x10, 0x9b, 0xc9, 0xb7, 0x2d, 0x59, 0x9a, 0x1f, 0xb1, + 0x0b, 0x1a, 0xc7, 0xc9, 0x3a, 0xe1, 0x3d, 0x45, 0x26, 0x1f, 0x5c, 0x5f, 0x86, 0x99, 0x36, 0x88, + 0xc4, 0xa1, 0x03, 0x4c, 0x6e, 0xd9, 0x99, 0x7f, 0xc2, 0xb1, 0x6f, 0x6b, 0x22, 0x29, 0xfb, 0x39, + 0x04, 0x21, 0x5d, 0x52, 0x2b, 0x3b, 0x2a, 0x5b, 0x12, 0x5d, 0x85, 0xe9, 0x31, 0x39, 0xb9, 0x8e, + 0xc9, 0x4c, 0x3b, 0x9e, 0x7a, 0x4f, 0xf3, 0xb0, 0x15, 0x6d, 0x08, 0x77, 0xfb, 0xfa, 0x74, 0x8f, + 0x43, 0xd5, 0x82, 0x7b, 0x2e, 0x8b, 0xe8, 0x8c, 0xdb, 0xdd, 0xcf, 0x83, 0x0d, 0x31, 0x9a, 0x68, + 0xae, 0x33, 0xf1, 0xd2, 0x7e, 0x21, 0x2b, 0x4f, 0x02, 0xab, 0x29, 0x7a, 0x15, 0x45, 0xd5, 0x13, + 0x6c, 0xf2, 0x10, 0x15, 0x6a, 0xfb, 0xb7, 0x0f, 0x3b, 0xd6, 0x9a, 0x78, 0xb7, 0x3e, 0x51, 0xba, + 0x75, 0xf5, 0x6c, 0x6d, 0xaa, 0xb3, 0x4b, 0x76, 0xfd, 0x4c, 0xc6, 0x62, 0x4d, 0x20, 0x29, 0x6c, + 0xb2, 0xa3, 0xa2, 0x94, 0x3b, 0xf3, 0x70, 0xe1, 0x18, 0xf3, 0xb9, 0xa1, 0xc1, 0xfc, 0x16, 0xed, + 0xca, 0x7c, 0x2a, 0x20, 0xa3, 0xc1, 0xd0, 0x09, 0x8f, 0x2c, 0xfc, 0x8e, 0xce, 0xfc, 0xa9, 0x23, + 0x4a, 0xd3, 0x08, 0xbe, 0x72, 0x61, 0x5c, 0x38, 0xf7, 0xdb, 0x59, 0x9f, 0x93, 0x2c, 0xff, 0xbb, + 0x99, 0x2b, 0x07, 0xb5, 0x7d, 0x05, 0xd4, 0x1d, 0x78, 0x76, 0x04, 0x58, 0xfe, 0x9e, 0x66, 0x43, + 0x56, 0x94, 0x3d, 0xff, 0xcc, 0xd6, 0x2c, 0x75, 0xb1, 0xf9, 0xbe, 0x5e, 0xb4, 0x9e, 0x28, 0xba, + 0x45, 0x56, 0xee, 0x13, 0xd5, 0x75, 0x90, 0x3b, 0x87, 0xf7, 0x20, 0x14, 0x8c, 0x06, 0xc5, 0xc7, + 0xe4, 0x3e, 0xfe, 0x37, 0x98, 0x41, 0xeb, 0xd8, 0xb5, 0xdd, 0xce, 0x3e, 0xb1, 0xa4, 0x2c, 0xbe, + 0x84, 0x82, 0xc9, 0x13, 0x13, 0xac, 0xed, 0x8b, 0xe0, 0xd6, 0x42, 0x9a, 0xe4, 0xf9, 0x60, 0x54, + 0xe8, 0x7f, 0x60, 0x54, 0xdb, 0x53, 0x93, 0x6b, 0x50, 0xcf, 0x9d, 0x56, 0x13, 0x64, 0xd9, 0x71, + 0x3d, 0xee, 0x5b, 0xf4, 0xc3, 0xe2, 0x53, 0x9d, 0x96, 0x6c, 0x5c, 0x1b, 0xc5, 0xa1, 0x72, 0x72, + 0xed, 0xbc, 0xa8, 0x42, 0x8f, 0x8f, 0x61, 0xd1, 0xb4, 0x1b, 0x8b, 0x6c, 0x34, 0x31, 0x7c, 0xab, + 0x19, 0x67, 0xf0, 0xe1, 0x63, 0x3d, 0xbb, 0x77, 0x6e, 0x4c, 0x34, 0x12, 0x70, 0xe0, 0xd2, 0x60, + 0xa5, 0xdc, 0x30, 0xb5, 0xc1, 0x9d, 0xc9, 0x91, 0xe0, 0xfb, 0xf1, 0xda, 0x1e, 0xf3, 0x50, 0x2a, + 0xee, 0x48, 0x69, 0xce, 0x5f, 0x46, 0xc8, 0xf1, 0x63, 0x69, 0xce, 0xbe, 0x30, 0x1e, 0xaf, 0x84}; +const uint8_t expected_signature[] = { + 0x56, 0xaf, 0xd6, 0xbb, 0xf3, 0x77, 0x36, 0x49, 0x34, 0xd1, 0xc1, 0xca, 0x83, 0x7d, 0xea, 0x11, + 0x38, 0xd8, 0x27, 0x5f, 0x3d, 0xfe, 0xb3, 0x33, 0x6d, 0x40, 0xaf, 0x8d, 0x82, 0x1d, 0x8f, 0x67, + 0x56, 0xda, 0x7e, 0x29, 0xdb, 0x4f, 0x66, 0x2c, 0x2c, 0x09, 0xdc, 0x7c, 0xfc, 0xe3, 0xa2, 0xa4, + 0x4c, 0xad, 0xe4, 0xa7, 0x80, 0x16, 0xc6, 0xac, 0xb7, 0x4d, 0xfb, 0x73, 0x1d, 0xd5, 0x6a, 0x89, + 0xdf, 0x73, 0x04, 0xd0, 0x27, 0x51, 0xe1, 0x34, 0x59, 0xf0, 0xfc, 0x3b, 0xc1, 0xc1, 0x3d, 0x73, + 0x34, 0xec, 0xf3, 0x57, 0x4e, 0x35, 0xc5, 0xd4, 0x70, 0x28, 0x3f, 0x2b, 0x1d, 0x3a, 0x4e, 0x63, + 0xdc, 0xd8, 0x17, 0x92, 0x05, 0x07, 0x1d, 0x6e, 0x43, 0x93, 0xb9, 0xb2, 0x52, 0x34, 0xf5, 0xc0, + 0x29, 0xd2, 0xff, 0x16, 0xf0, 0x23, 0x83, 0xba, 0x02, 0x0c, 0xcb, 0x3c, 0x05, 0xe8, 0xe1, 0x94, + 0xa8, 0xdf, 0xe7, 0xfc, 0x44, 0x43, 0x63, 0xac, 0xa0, 0x60, 0xa5, 0x6d, 0x3e, 0x77, 0x35, 0xa6, + 0x8b, 0xd9, 0xf5, 0xe4, 0x99, 0x99, 0xeb, 0x95, 0xa6, 0x50, 0x37, 0x30, 0x3d, 0x17, 0x6e, 0x5d, + 0x3f, 0xe6, 0x6a, 0x71, 0x84, 0xad, 0xee, 0x7d, 0x8a, 0xed, 0x59, 0xc1, 0x6c, 0x68, 0x28, 0x68, + 0x88, 0xa5, 0x8c, 0xd4, 0x8b, 0x50, 0x37, 0xfc, 0xec, 0x65, 0xe6, 0x82, 0xa8, 0xcc, 0xb3, 0xa6, + 0xdf, 0x4e, 0x27, 0xf8, 0x69, 0x49, 0xf6, 0xe9, 0xa9, 0xdf, 0x3b, 0xdf, 0x98, 0x27, 0xcf, 0x83, + 0x92, 0xbc, 0x4c, 0x94, 0xab, 0x55, 0x6b, 0xb7, 0x49, 0x33, 0x6b, 0x4a, 0x3b, 0x1c, 0x6d, 0x8f, + 0x70, 0x7a, 0xa0, 0xd0, 0x3b, 0xc7, 0xca, 0xf7, 0x25, 0x82, 0xf7, 0x47, 0x6f, 0x18, 0xc1, 0x50, + 0xa8, 0x50, 0xaf, 0x38, 0x9b, 0x5c, 0xe5, 0x99, 0x0d, 0x07, 0x81, 0x9a, 0x0c, 0xcc, 0xa4, 0xbe, + 0xd2, 0x8a, 0x4e, 0xbe, 0x2e, 0xaf, 0x24, 0x38, 0xdd, 0xb4, 0xda, 0xf0, 0x07, 0xb3, 0x76, 0xea, + 0x9e, 0xef, 0x55, 0xaa, 0x21, 0xda, 0x97, 0x54, 0x8b, 0xa5, 0xa0, 0x77, 0xd3, 0xbb, 0x41, 0x95, + 0xd2, 0x36, 0xc0, 0x82, 0xaa, 0xd9, 0x4b, 0xd3, 0xda, 0x1b, 0x3c, 0x30, 0x39, 0x38, 0x32, 0xb1, + 0x54, 0xcc, 0xb9, 0xce, 0xd4, 0x27, 0x3b, 0x4d, 0x4d, 0xeb, 0xd0, 0xea, 0x26, 0x4f, 0xe8, 0x39, + 0x67, 0xa0, 0x98, 0x8a, 0x6b, 0xfa, 0xec, 0xd4, 0x11, 0x50, 0x15, 0xf8, 0xde, 0x1d, 0xce, 0xc9, + 0xdf, 0xdc, 0x50, 0x34, 0xc3, 0xe3, 0xb4, 0x59, 0xa2, 0x69, 0x4e, 0x72, 0xcb, 0xaf, 0xb6, 0x68, + 0xd6, 0xe7, 0xcf, 0xef, 0xf9, 0x59, 0x49, 0xba, 0x6a, 0x2c, 0x1c, 0xf6, 0xe0, 0x02, 0x8c, 0xef, + 0xf2, 0xc7, 0x1d, 0x8e, 0xd3, 0x61, 0x76, 0xc3, 0x4e, 0x8b, 0x75, 0xd6, 0xd5, 0xca, 0xe0, 0x3a, + 0xe6, 0x1c, 0xf0, 0x19, 0xbd, 0x7e, 0x35, 0x35, 0xf3, 0x38, 0xaa, 0x58, 0x25, 0x3e, 0xaa, 0x9f, + 0xac, 0xe6, 0x55, 0xfd, 0xff, 0x46, 0xe9, 0x24, 0x17, 0xdf, 0x4b, 0x70, 0xf9, 0xf1, 0xf1, 0x8b, + 0x00, 0x6f, 0xd0, 0x77, 0xf7, 0x58, 0x55, 0xec, 0x41, 0x3e, 0xf5, 0xdb, 0x30, 0x21, 0x9c, 0xec, + 0xcd, 0xc4, 0xd1, 0x67, 0x39, 0x6b, 0xf5, 0x6c, 0xf1, 0xb0, 0xf2, 0x17, 0x60, 0xb6, 0x1d, 0xed, + 0xc3, 0x62, 0xdb, 0x98, 0x58, 0x4d, 0x5e, 0x93, 0xf3, 0x60, 0xd8, 0xd0, 0x08, 0x5f, 0x2c, 0xb8, + 0xd9, 0x3b, 0x37, 0xe3, 0x50, 0x9e, 0xee, 0x14, 0x8b, 0x75, 0xe0, 0x6b, 0x9b, 0x4e, 0x61, 0x89, + 0x76, 0xd5, 0xe2, 0x14, 0xde, 0xd9, 0xd5, 0xf4, 0xf5, 0x67, 0x22, 0x81, 0x8c, 0x2e, 0x7a, 0xd2, + 0x8f, 0xc1, 0xe3, 0x43, 0x12, 0x42, 0x95, 0x04, 0x2e, 0x47, 0x65, 0xae, 0x35, 0x84, 0xa8, 0x74, + 0x3a, 0x16, 0xae, 0xa8, 0x13, 0xc1, 0x05, 0x83, 0x67, 0xd3, 0xc1, 0xdc, 0xee, 0x2a, 0x64, 0x58, + 0x56, 0x54, 0x79, 0xd0, 0xa0, 0x09, 0x06, 0xe6, 0x93, 0x88, 0x7c, 0xdb, 0x21, 0xb3, 0xff, 0xe1, + 0x35, 0xdf, 0x09, 0x58, 0x8f, 0xea, 0x34, 0x64, 0xef, 0xfc, 0xc6, 0x34, 0x5c, 0xd2, 0xf4, 0x55, + 0xea, 0x86, 0x79, 0xac, 0xc5, 0x60, 0xca, 0x61, 0x2e, 0x90, 0x53, 0xe8, 0x60, 0xe1, 0x80, 0x4d, + 0x31, 0x37, 0xd8, 0xfb, 0x3c, 0x75, 0xb6, 0x3e, 0x82, 0xa0, 0xac, 0xd2, 0x44, 0x63, 0xfa, 0x6e, + 0x2e, 0xd4, 0x98, 0x83, 0x5a, 0x80, 0xe4, 0xbf, 0x3d, 0x48, 0x24, 0xe6, 0xc2, 0x6f, 0x10, 0xae, + 0xa0, 0xa7, 0xdd, 0xe4, 0x14, 0x68, 0x3c, 0xbe, 0x4a, 0xea, 0x2e, 0x39, 0xac, 0x05, 0xaf, 0x3a, + 0xdf, 0xf4, 0x77, 0xd5, 0xec, 0x96, 0xdf, 0xba, 0x0c, 0xb7, 0x27, 0x37, 0x8f, 0xc8, 0x43, 0x28, + 0xf2, 0x96, 0x3d, 0x17, 0x41, 0xbe, 0x69, 0xf8, 0xf1, 0x2e, 0x1c, 0x91, 0x4d, 0x9b, 0xbf, 0x70, + 0xc7, 0xd3, 0x3d, 0xcb, 0x59, 0xf5, 0xd5, 0x0a, 0xee, 0xcd, 0x4f, 0x08, 0x98, 0x9a, 0x8f, 0xda, + 0x57, 0xaf, 0xd4, 0xf6, 0xf9, 0x61, 0x49, 0x12, 0x83, 0xee, 0xdd, 0x8d, 0x0b, 0x5d, 0x94, 0x7f, + 0x42, 0x08, 0xa8, 0xf1, 0x0b, 0x99, 0x4e, 0x36, 0xd0, 0xa0, 0xc6, 0x43, 0x0d, 0x0b, 0x2e, 0xf3, + 0x46, 0x94, 0x84, 0x64, 0xde, 0x84, 0x85, 0x2c, 0xd7, 0xac, 0xf7, 0xa2, 0x13, 0x53, 0x18, 0xca, + 0x8e, 0xce, 0xfe, 0x9a, 0x6d, 0x74, 0xbf, 0x82, 0xa4, 0x97, 0x61, 0xe0, 0x6d, 0x16, 0xb6, 0x74, + 0x07, 0x68, 0x09, 0xa0, 0xd1, 0x4e, 0x3c, 0x5d, 0x0e, 0x5e, 0xcc, 0x58, 0x26, 0x02, 0x01, 0x22, + 0xe4, 0xc3, 0xe5, 0x51, 0xea, 0x08, 0x94, 0xb2, 0x38, 0x12, 0x3c, 0xcf, 0xfe, 0x62, 0xd8, 0xd0, + 0xc0, 0x1e, 0xdc, 0xfd, 0xc7, 0x0d, 0x71, 0x2d, 0x37, 0x77, 0xf1, 0xd4, 0x7e, 0x21, 0xeb, 0xdb, + 0x92, 0x1a, 0x9f, 0xa4, 0xdf, 0x05, 0xfd, 0xc8, 0x2b, 0x8c, 0x63, 0xd3, 0x11, 0x36, 0x2f, 0xb6, + 0xd0, 0xf2, 0xf0, 0xef, 0x22, 0x42, 0x13, 0x1b, 0xfe, 0x07, 0x67, 0x8d, 0x91, 0x16, 0x9e, 0xd3, + 0xe0, 0x9a, 0x86, 0x9e, 0xcc, 0xba, 0x93, 0x97, 0x23, 0xce, 0x54, 0xec, 0x97, 0xe4, 0xbf, 0xeb, + 0x0a, 0x7e, 0x6e, 0x0d, 0x16, 0xe8, 0x31, 0x40, 0xe8, 0x61, 0x19, 0x8b, 0xd6, 0x9e, 0xd4, 0x62, + 0xfd, 0x3d, 0xf1, 0x3b, 0x21, 0x0d, 0xb4, 0x6a, 0x9f, 0x47, 0xb0, 0xf0, 0xe6, 0x46, 0x73, 0x4c, + 0x44, 0x3c, 0x81, 0xff, 0xfc, 0xf3, 0x64, 0x4d, 0x94, 0x06, 0xc6, 0x9f, 0x99, 0x17, 0x83, 0x77, + 0xa8, 0x5a, 0xe1, 0x64, 0xfd, 0x64, 0x0c, 0x4e, 0x96, 0xef, 0xf2, 0x0c, 0x0c, 0xa8, 0xe0, 0x7f, + 0x5f, 0xc7, 0x6e, 0x74, 0x03, 0x56, 0xba, 0xe9, 0x65, 0xfa, 0xc8, 0x9b, 0x05, 0xa4, 0xc2, 0x5f, + 0xd6, 0x39, 0x03, 0xf8, 0x47, 0x13, 0xb2, 0x38, 0x7d, 0x3c, 0x84, 0x3b, 0x8d, 0x51, 0x2c, 0x50, + 0x00, 0xa7, 0x4c, 0xdc, 0xc8, 0x60, 0xae, 0x04, 0x5b, 0xcc, 0x53, 0x69, 0xff, 0x6c, 0x98, 0x35, + 0xe4, 0xc9, 0x89, 0xcf, 0x51, 0x1c, 0x70, 0x17, 0x66, 0xe0, 0xc2, 0x9e, 0x5b, 0x3a, 0x0f, 0xe5, + 0xd5, 0xea, 0xca, 0x63, 0xb5, 0x9f, 0x2f, 0xcb, 0x4e, 0x84, 0xa5, 0x9e, 0xa4, 0x09, 0xfb, 0xd7, + 0x22, 0xe6, 0xc7, 0xa6, 0x11, 0x37, 0xf1, 0xef, 0x23, 0xfa, 0x66, 0x30, 0x00, 0x64, 0x73, 0xd7, + 0xd9, 0x56, 0xcc, 0xbd, 0x3c, 0x28, 0x28, 0x4d, 0x16, 0xb4, 0xe5, 0x62, 0x76, 0x9e, 0xd2, 0x78, + 0x97, 0x6d, 0xfb, 0xcb, 0x26, 0xc9, 0xc9, 0x24, 0x6f, 0x3a, 0x2f, 0xb1, 0x43, 0x99, 0x44, 0x56, + 0x19, 0x70, 0x0a, 0xdf, 0x5d, 0xee, 0x13, 0xb9, 0xfe, 0xd4, 0x5e, 0x0d, 0x37, 0x52, 0x84, 0x58, + 0x3c, 0x5a, 0x31, 0x2b, 0x29, 0x86, 0x03, 0x66, 0x26, 0xc5, 0xcc, 0xe6, 0xf2, 0x18, 0x66, 0x2a, + 0x45, 0x24, 0x96, 0x5c, 0x73, 0xb1, 0xfd, 0x44, 0xe3, 0x56, 0x8f, 0x82, 0x58, 0x8d, 0x0e, 0x58, + 0x84, 0xfa, 0xbd, 0x82, 0xf2, 0x1f, 0x13, 0x44, 0x8e, 0xa3, 0x78, 0x29, 0x4a, 0xa1, 0xb1, 0x69, + 0x95, 0x2d, 0xe4, 0x0b, 0x58, 0x09, 0x01, 0xef, 0xe9, 0xaa, 0x16, 0xbd, 0xc2, 0x7f, 0x45, 0xc9, + 0xce, 0x70, 0xa3, 0x00, 0x17, 0x73, 0x67, 0xa7, 0xf5, 0xc4, 0xde, 0x46, 0x4a, 0x6e, 0x26, 0x4d, + 0xa2, 0x9d, 0x78, 0xbb, 0x39, 0x28, 0x25, 0xc3, 0xe2, 0x38, 0x53, 0x90, 0x6b, 0xaa, 0xf0, 0x8a, + 0x59, 0x8b, 0xb7, 0x01, 0xe6, 0x3d, 0xe2, 0xb6, 0xaf, 0xd2, 0x20, 0x49, 0x51, 0x9e, 0xe7, 0xaf, + 0x46, 0xf3, 0xef, 0xd2, 0x07, 0x0b, 0x64, 0x10, 0x23, 0xc9, 0xd1, 0xe6, 0x1c, 0x3a, 0xeb, 0x21, + 0x38, 0x4a, 0x8a, 0x3f, 0xe0, 0x5c, 0x59, 0xec, 0x46, 0x1b, 0xbd, 0x5f, 0xf8, 0xce, 0x40, 0x07, + 0xbf, 0x22, 0xcb, 0x7e, 0xd3, 0x16, 0xe9, 0xb8, 0xb8, 0xd7, 0x7c, 0xc6, 0xd8, 0xfb, 0x8b, 0x5d, + 0x66, 0x52, 0x9a, 0xc3, 0x55, 0xe5, 0x38, 0xf9, 0x68, 0xc9, 0x39, 0xc5, 0x72, 0x24, 0x59, 0xa5, + 0x1c, 0x26, 0x83, 0x35, 0x49, 0xf1, 0x70, 0x19, 0x2f, 0xfa, 0x9e, 0x68, 0x47, 0x4e, 0xde, 0x67, + 0xed, 0x6d, 0x2c, 0x87, 0x24, 0x5b, 0x51, 0x83, 0x0b, 0x74, 0x84, 0x7a, 0x9d, 0xc0, 0x4f, 0x61, + 0xf2, 0x26, 0xba, 0x15, 0x2b, 0x5d, 0x33, 0x27, 0x70, 0x7d, 0xea, 0x60, 0x1c, 0xe9, 0xea, 0x18, + 0x05, 0x3b, 0x21, 0x5d, 0x94, 0x7d, 0xb5, 0x46, 0x08, 0xf2, 0x2e, 0xe1, 0x0b, 0x16, 0xdd, 0x4a, + 0x23, 0x65, 0xfe, 0xd5, 0x20, 0x76, 0xbc, 0xdc, 0x29, 0x01, 0x7c, 0xc0, 0x93, 0x5f, 0x5c, 0x39, + 0x35, 0xa1, 0x32, 0x56, 0x75, 0xd6, 0xbb, 0xb7, 0xb5, 0x91, 0x8a, 0x3c, 0xf3, 0xb9, 0x3a, 0x62, + 0xd3, 0x6b, 0xf8, 0x54, 0xcd, 0x38, 0xac, 0x67, 0x50, 0x67, 0xcc, 0xf1, 0x9c, 0xcc, 0xf0, 0xc0, + 0x3c, 0xfa, 0xbc, 0x0f, 0xb1, 0x51, 0xe2, 0x0f, 0xe5, 0x26, 0x36, 0x1a, 0xc6, 0x1b, 0x67, 0x1f, + 0xa5, 0xb3, 0xc3, 0x4e, 0xe7, 0xb1, 0x48, 0x7f, 0x36, 0x9f, 0xc0, 0xa9, 0x92, 0xa8, 0x07, 0xa5, + 0x4c, 0x35, 0xb3, 0x17, 0x20, 0xac, 0x5a, 0x4c, 0x31, 0x42, 0xb6, 0xf1, 0xde, 0xc7, 0x88, 0x6c, + 0xa1, 0xa9, 0x14, 0xfb, 0x9e, 0x10, 0x33, 0x12, 0xd4, 0x89, 0xb3, 0x3d, 0x61, 0x8c, 0x84, 0x53, + 0xb5, 0xa9, 0x10, 0xfa, 0x61, 0xb2, 0xc8, 0xfb, 0x98, 0x58, 0xbd, 0xaa, 0xce, 0xb6, 0x95, 0x0c, + 0x56, 0xd0, 0x95, 0x8f, 0xfe, 0x38, 0x2c, 0x63, 0x7d, 0x89, 0x4c, 0x9c, 0x1c, 0xb5, 0x58, 0x3e, + 0x01, 0x79, 0x72, 0x40, 0x87, 0x78, 0xbd, 0xf5, 0x72, 0x42, 0xa0, 0x66, 0x87, 0xdb, 0xab, 0x9b, + 0x37, 0x55, 0x87, 0x94, 0xdb, 0x20, 0x06, 0x39, 0x4b, 0xb1, 0x3b, 0xec, 0xc2, 0xcd, 0xc7, 0x61, + 0x8c, 0xa7, 0x98, 0x9c, 0xb0, 0x43, 0x0e, 0xe4, 0x4c, 0x33, 0x75, 0x43, 0xa8, 0xbd, 0x49, 0xa8, + 0xb7, 0x42, 0x74, 0x9e, 0x42, 0x08, 0x7f, 0xaf, 0xe0, 0xcb, 0x68, 0x37, 0x15, 0x3e, 0x80, 0xf9, + 0x8f, 0xb8, 0xe5, 0x03, 0x8a, 0xaf, 0x48, 0x2f, 0xfb, 0xdb, 0xf8, 0x74, 0x26, 0xd5, 0xb8, 0x88, + 0x8e, 0xa3, 0x02, 0x3b, 0x4c, 0x95, 0x23, 0xad, 0xfb, 0x5b, 0x26, 0xce, 0xd1, 0xdb, 0x9f, 0xbe, + 0x74, 0xf4, 0xde, 0x6c, 0x9f, 0x75, 0xa5, 0x99, 0x8e, 0x14, 0xe6, 0xce, 0xb7, 0x87, 0x98, 0xfe, + 0x6e, 0xf8, 0x7a, 0x62, 0xb6, 0x54, 0x5c, 0x6d, 0x61, 0xf1, 0xae, 0x6e, 0xd0, 0x19, 0x4a, 0x96, + 0xd5, 0x4a, 0x61, 0x62, 0x26, 0xd2, 0x3e, 0x27, 0xa3, 0xc6, 0xf0, 0x9d, 0x0a, 0x32, 0xd4, 0xc5, + 0x87, 0x2f, 0xa4, 0xda, 0x35, 0x59, 0x45, 0xbb, 0x7f, 0x08, 0xcd, 0x8f, 0xda, 0x4c, 0xab, 0x1f, + 0xc0, 0xdf, 0xc1, 0x11, 0xf6, 0x13, 0xa3, 0x21, 0x8c, 0xb5, 0x12, 0xc5, 0x5b, 0xdd, 0x55, 0xd0, + 0xa9, 0xde, 0x2f, 0x08, 0x21, 0xf0, 0x2c, 0x52, 0x52, 0x0a, 0xc7, 0x04, 0x33, 0x1a, 0xea, 0x9a, + 0xfa, 0x22, 0xa1, 0x66, 0x07, 0x5d, 0x69, 0x68, 0xb1, 0x21, 0xef, 0x52, 0xd4, 0x0f, 0x18, 0xae, + 0x8c, 0x52, 0x15, 0xb4, 0xac, 0xc4, 0x92, 0x5f, 0x7e, 0x3f, 0x4d, 0xa0, 0x67, 0xab, 0xce, 0x8e, + 0x72, 0x83, 0x78, 0xed, 0x93, 0xb7, 0xc2, 0x5a, 0x39, 0x4b, 0x65, 0x69, 0x28, 0xf2, 0xde, 0xee, + 0xf1, 0x93, 0x32, 0x63, 0x75, 0x1d, 0xfb, 0xcc, 0x49, 0xc0, 0xee, 0x2c, 0xb5, 0x7b, 0xcc, 0x87, + 0x24, 0x5e, 0x0d, 0xa4, 0xe3, 0x73, 0x6e, 0x8f, 0xd2, 0xc4, 0xba, 0x26, 0x38, 0x2c, 0x5c, 0xd1, + 0x69, 0x11, 0xdb, 0x8b, 0xf4, 0xbc, 0x45, 0x0d, 0x96, 0x0c, 0x48, 0x12, 0x62, 0xac, 0x4d, 0xdd, + 0xb9, 0xbe, 0x3a, 0xc3, 0x7a, 0xde, 0x44, 0x50, 0xf9, 0x72, 0x30, 0xcb, 0xd6, 0xc2, 0x89, 0x88, + 0x11, 0xe4, 0x12, 0xce, 0x61, 0x18, 0x4c, 0x7a, 0xcd, 0x25, 0xa6, 0x5c, 0xb4, 0x0c, 0x1f, 0xfa, + 0x9f, 0x40, 0x77, 0x84, 0x7d, 0x94, 0x6f, 0x05, 0x6c, 0xd8, 0xec, 0x8d, 0x16, 0xdb, 0xf9, 0x98, + 0xb0, 0x59, 0x59, 0xaf, 0x31, 0xe8, 0x2a, 0x21, 0x4e, 0x2f, 0xe1, 0x85, 0x49, 0xce, 0x23, 0xdc, + 0x92, 0x87, 0xd7, 0x61, 0x1e, 0x37, 0xcc, 0x35, 0xbf, 0x7e, 0xa6, 0x0a, 0xfc, 0x1b, 0x89, 0x5e, + 0x16, 0xb3, 0xe7, 0xe1, 0x3b, 0x68, 0x68, 0xea, 0x09, 0x83, 0x42, 0xb1, 0x03, 0xac, 0xe5, 0x41, + 0x6c, 0xb1, 0x83, 0x2b, 0xf3, 0xf7, 0xf1, 0xa6, 0xef, 0x6b, 0xb3, 0x46, 0x79, 0xa6, 0x7c, 0x60, + 0x0f, 0x6b, 0xbb, 0xd2, 0xaf, 0xd4, 0x22, 0x8a, 0xfd, 0x96, 0x8e, 0x19, 0x25, 0xac, 0x04, 0x11, + 0xb0, 0x5f, 0x42, 0x3a, 0x57, 0xd3, 0x32, 0x71, 0x5d, 0x1b, 0xb0, 0x2c, 0x35, 0x32, 0x3c, 0xef, + 0x55, 0x7a, 0x1a, 0x98, 0xda, 0x7f, 0xd4, 0xce, 0x3b, 0x7a, 0x32, 0x7e, 0x08, 0xd8, 0x18, 0x2f, + 0x07, 0x25, 0x1f, 0xd2, 0x4d, 0x0e, 0x38, 0x48, 0xde, 0xa1, 0x85, 0x55, 0x7e, 0xdc, 0x09, 0xf1, + 0xcc, 0xc7, 0xeb, 0xe7, 0x02, 0x7e, 0xa3, 0xbf, 0xca, 0x19, 0x4c, 0xa7, 0x14, 0xff, 0x9a, 0x37, + 0x37, 0x37, 0x9d, 0xc5, 0xe1, 0x71, 0x5c, 0xfb, 0x83, 0xb4, 0xdb, 0xdb, 0x90, 0xf0, 0xb0, 0x96, + 0xbd, 0xa3, 0x70, 0x81, 0x46, 0x1b, 0x36, 0xe0, 0xa4, 0xb1, 0x73, 0xbb, 0xd7, 0x28, 0x64, 0xdf, + 0xae, 0x8f, 0x7a, 0x90, 0xab, 0x56, 0x1d, 0x4f, 0xf3, 0x50, 0x5b, 0x3b, 0x8c, 0x20, 0xbf, 0x00, + 0xdc, 0x85, 0x13, 0xcf, 0x10, 0x2d, 0x2e, 0x96, 0x33, 0xee, 0xef, 0x21, 0x52, 0xfd, 0x5e, 0xe7, + 0x12, 0xb1, 0x07, 0xa6, 0x53, 0x60, 0x85, 0x6f, 0xf0, 0xcc, 0x98, 0xd7, 0x2c, 0xcb, 0x73, 0x74, + 0x86, 0xa9, 0x29, 0x88, 0x7f, 0x65, 0xc8, 0x18, 0x30, 0x01, 0x1c, 0x77, 0x43, 0x47, 0xf0, 0xd0, + 0xd0, 0x14, 0x06, 0xb2, 0xbc, 0xcd, 0xe1, 0xde, 0x1d, 0xae, 0x7a, 0x4f, 0x33, 0xa6, 0xd3, 0xe8, + 0x2f, 0xb2, 0x2c, 0x31, 0x6d, 0xc7, 0x5f, 0x0c, 0x81, 0xcd, 0x66, 0x02, 0x58, 0x92, 0xcf, 0x90, + 0x22, 0x9b, 0xd0, 0xe1, 0xc5, 0x8a, 0x8f, 0x64, 0xdc, 0x9d, 0xad, 0x65, 0xcb, 0xc9, 0x3a, 0x99, + 0x8d, 0xee, 0xe4, 0x86, 0x6b, 0xc1, 0x7e, 0x05, 0x97, 0x2d, 0x18, 0xa5, 0x1c, 0x51, 0x48, 0x77, + 0xae, 0xf7, 0x21, 0xbd, 0xa0, 0xe5, 0x58, 0xcd, 0xb7, 0x59, 0x7c, 0xdd, 0x9b, 0xd1, 0xf6, 0x55, + 0x02, 0xa1, 0xb0, 0x63, 0x48, 0x89, 0x41, 0x4f, 0x01, 0x0a, 0x42, 0x7b, 0xa9, 0xef, 0x1a, 0xb6, + 0x66, 0x27, 0x98, 0x92, 0xc1, 0x44, 0x68, 0x51, 0xb8, 0xb5, 0x3a, 0xce, 0x85, 0x45, 0xf0, 0x16, + 0x15, 0xda, 0x9d, 0x2c, 0x01, 0x0a, 0x08, 0xb5, 0x11, 0x30, 0x2f, 0xcf, 0xe8, 0xf7, 0x5b, 0x9b, + 0x5e, 0xeb, 0x1c, 0x02, 0x74, 0x36, 0x5d, 0x3d, 0xf2, 0xf8, 0xc6, 0x3d, 0x3a, 0x64, 0xe1, 0x44, + 0xc0, 0x0a, 0xaa, 0x79, 0x0c, 0xff, 0x71, 0xe5, 0x12, 0xb1, 0x05, 0xc3, 0xb9, 0xeb, 0x2a, 0xf5, + 0xaf, 0xc7, 0x11, 0x8c, 0x49, 0x6b, 0xb5, 0x8e, 0x72, 0xa7, 0xb5, 0xf3, 0x7a, 0x9b, 0xd7, 0x6a, + 0x88, 0xa0, 0xeb, 0x3f, 0xab, 0xa8, 0x8a, 0xd7, 0x81, 0x6c, 0xe9, 0x37, 0x75, 0x55, 0x71, 0x07, + 0x76, 0xb7, 0x15, 0x04, 0x87, 0x37, 0x78, 0x31, 0xca, 0xf3, 0x61, 0xa4, 0xf8, 0xd7, 0x50, 0xfc, + 0x02, 0xb1, 0xf8, 0x92, 0xc5, 0x20, 0x17, 0x31, 0xff, 0xde, 0x4d, 0xa8, 0x6e, 0x82, 0x7d, 0xc4, + 0x05, 0xd0, 0x5c, 0xc0, 0xdf, 0x32, 0x37, 0x24, 0x31, 0xb6, 0x6f, 0x34, 0xc9, 0x1f, 0xbc, 0xbf, + 0xb1, 0xa9, 0x49, 0xd3, 0x63, 0x24, 0xe0, 0xfb, 0x9d, 0xa4, 0x6b, 0x82, 0xcd, 0x3b, 0xab, 0xbc, + 0x54, 0x99, 0x01, 0xca, 0xb5, 0x37, 0x88, 0x6e, 0xb0, 0xd0, 0xe6, 0x36, 0x89, 0x19, 0xb7, 0xce, + 0x68, 0x19, 0x50, 0x34, 0xd5, 0xf7, 0xb0, 0xbb, 0xa2, 0xbe, 0x3a, 0xb7, 0x9d, 0x9f, 0x28, 0xf4, + 0x98, 0x16, 0x2f, 0x95, 0x3b, 0x29, 0xc8, 0x12, 0x0f, 0x59, 0x09, 0xad, 0x96, 0xf4, 0x9e, 0x29, + 0x46, 0x44, 0xbe, 0xce, 0x49, 0x53, 0x6e, 0xc1, 0x16, 0xe5, 0xd9, 0x0d, 0xa9, 0x04, 0xa1, 0xb9, + 0xf2, 0x23, 0x86, 0xc5, 0x3a, 0x43, 0x5f, 0xb1, 0x97, 0x95, 0x31, 0x42, 0x20, 0x2c, 0x06, 0xb2, + 0x8a, 0x5a, 0xa4, 0xb0, 0x31, 0x3e, 0x20, 0xf3, 0x0d, 0xac, 0xe1, 0xc1, 0xe7, 0xd8, 0x1e, 0xec, + 0xa4, 0x92, 0x58, 0xea, 0x0e, 0xd4, 0x64, 0x0e, 0xe1, 0x46, 0x2d, 0x0a, 0x49, 0x0c, 0xc4, 0x3e, + 0xd8, 0x25, 0xae, 0x98, 0x75, 0x8e, 0xd6, 0xab, 0x1d, 0x4f, 0x8d, 0xe9, 0x61, 0xc2, 0xfe, 0x0b, + 0x57, 0x24, 0x95, 0x7a, 0x1b, 0xc3, 0xc8, 0x2c, 0x3f, 0xd2, 0x14, 0xb9, 0x78, 0xe2, 0x8e, 0x5e, + 0x90, 0xab, 0x23, 0x94, 0x0e, 0x8c, 0x72, 0x4e, 0x09, 0x2b, 0x3a, 0xe5, 0x86, 0xab, 0xf6, 0x76, + 0xe5, 0x35, 0x55, 0xc9, 0xa1, 0x6c, 0x1c, 0xc5, 0xbc, 0xc3, 0x69, 0x0d, 0x0d, 0x1d, 0xd1, 0xd2, + 0x49, 0xc4, 0xf5, 0x0c, 0xc9, 0xa9, 0x4c, 0x05, 0x96, 0x1f, 0xbc, 0x78, 0xba, 0x64, 0x81, 0x09, + 0x0a, 0x78, 0x61, 0xb3, 0xc1, 0xeb, 0xcf, 0x8c, 0x3c, 0xe8, 0xd4, 0x1c, 0x05, 0x72, 0x1e, 0x5b, + 0xd4, 0x84, 0x47, 0x3d, 0x1f, 0xef, 0xfd, 0xf1, 0x41, 0xaf, 0xce, 0x06, 0x70, 0x7f, 0xb7, 0xa3, + 0xe0, 0x24, 0x86, 0x0c, 0x08, 0x41, 0xca, 0xff, 0x1d, 0xf3, 0xd2, 0x70, 0xe6, 0xbb, 0x5d, 0xa6, + 0x1c, 0xdd, 0xe4, 0x1c, 0x15, 0x98, 0xc9, 0xd3, 0xd0, 0x77, 0xef, 0xd1, 0xde, 0x11, 0xd6, 0x35, + 0x32, 0xc6, 0xa8, 0xcf, 0xda, 0x1e, 0xc4, 0x5d, 0xe7, 0xee, 0xe0, 0x02, 0x69, 0x4b, 0xdd, 0x49, + 0xbe, 0x85, 0x11, 0x6e, 0xb9, 0x53, 0x4c, 0x29, 0xfe, 0xf4, 0x3a, 0xe6, 0x53, 0x1c, 0x12, 0x2f, + 0x6a, 0x36, 0x98, 0x79, 0xe9, 0x60, 0xbb, 0xe7, 0x90, 0xd6, 0xc0, 0x0d, 0x44, 0x3b, 0x38, 0x29, + 0xf6, 0x72, 0x90, 0x4a, 0x02, 0x26, 0xf4, 0xac, 0x4c, 0xf8, 0x18, 0xa0, 0xe2, 0x55, 0xc2, 0x98, + 0xa0, 0x7d, 0x82, 0x83, 0x5d, 0x3e, 0x9a, 0xb8, 0x04, 0x46, 0x49, 0xfe, 0x38, 0xc6, 0xdb, 0x97, + 0x11, 0x9b, 0x21, 0x63, 0x69, 0xa6, 0x1f, 0x74, 0x5b, 0xc1, 0x12, 0xca, 0xbe, 0x26, 0x00, 0x17, + 0x32, 0xcb, 0x4d, 0xc1, 0x63, 0x7b, 0xfc, 0xc0, 0xe7, 0xc4, 0x48, 0xe7, 0x9d, 0x5c, 0xf3, 0xbb, + 0x47, 0x00, 0xe9, 0xb6, 0x72, 0x8a, 0x84, 0x48, 0x55, 0x45, 0x1c, 0xba, 0x8a, 0x5e, 0xd4, 0x56, + 0x6f, 0x62, 0x1d, 0xef, 0x29, 0x96, 0xc5, 0xc1, 0x4e, 0x9b, 0xc9, 0xb3, 0xec, 0xd0, 0x16, 0xd1, + 0x41, 0x1b, 0xf0, 0x6f, 0x23, 0xbc, 0x4d, 0x9f, 0x91, 0x81, 0x90, 0xb0, 0xfe, 0xb9, 0x65, 0xca, + 0x73, 0x22, 0x7c, 0xb6, 0x30, 0x21, 0x45, 0xb2, 0xb8, 0x7b, 0x2b, 0x74, 0x94, 0x46, 0xf2, 0x54, + 0x31, 0xba, 0x9b, 0xa8, 0x6c, 0x42, 0x1e, 0x94, 0x09, 0xcd, 0x00, 0x12, 0x34, 0xc0, 0x72, 0xd6, + 0x46, 0xdf, 0xc0, 0x75, 0xdf, 0x20, 0x81, 0xf6, 0xa7, 0x39, 0x7f, 0xa8, 0x0f, 0x01, 0x95, 0x0b, + 0xdb, 0x4e, 0x94, 0xb7, 0x90, 0x4c, 0x2d, 0xe8, 0x56, 0xf8, 0x11, 0x0c, 0x87, 0xc3, 0x85, 0xce, + 0x3d, 0xff, 0x15, 0x33, 0x58, 0xdf, 0xc5, 0xa1, 0x98, 0xd9, 0x65, 0xfc, 0x70, 0xff, 0x46, 0xe3, + 0xe2, 0xc3, 0xd4, 0x7f, 0x33, 0xfd, 0xa1, 0x5e, 0xee, 0x4b, 0x4a, 0xaf, 0x24, 0x7b, 0xdd, 0x22, + 0xb6, 0xc7, 0xf1, 0xd7, 0xe0, 0x39, 0x57, 0x63, 0xb5, 0x66, 0x63, 0xd6, 0xd9, 0xeb, 0xbd, 0xf5, + 0x86, 0x15, 0x0c, 0x7e, 0x9c, 0x2e, 0x92, 0x3c, 0x11, 0x1a, 0xb3, 0x0e, 0x3f, 0x4c, 0xb0, 0xea, + 0x36, 0x65, 0x2e, 0x6a, 0x6f, 0x63, 0x22, 0x3c, 0xda, 0x9e, 0x8a, 0x15, 0x27, 0x44, 0x3c, 0x49, + 0x04, 0x3d, 0x2f, 0xca, 0x4c, 0xf7, 0xa4, 0xa8, 0xba, 0xcb, 0x3b, 0x36, 0x6c, 0x2b, 0x45, 0x24, + 0xc2, 0xec, 0x68, 0xda, 0x83, 0xc2, 0x29, 0x0c, 0x80, 0x5e, 0xb7, 0xfb, 0x9f, 0x22, 0x23, 0xc2, + 0x11, 0xe9, 0xc6, 0x51, 0x59, 0xf5, 0x8d, 0xb8, 0xa7, 0x85, 0xa4, 0xdd, 0x91, 0xa1, 0xe6, 0x24, + 0xbd, 0x53, 0x46, 0x1d, 0xf3, 0x6a, 0xc2, 0x6f, 0x90, 0x46, 0xde, 0x60, 0xf3, 0xf1, 0x55, 0x7f, + 0x3e, 0x07, 0xfa, 0xc3, 0xa9, 0xa4, 0xfe, 0x2b, 0x3c, 0x4b, 0xc2, 0x58, 0xef, 0xe9, 0xa8, 0xb5, + 0x35, 0x2e, 0xeb, 0x0f, 0x38, 0x2f, 0xe9, 0xde, 0x30, 0x43, 0xbc, 0x35, 0xcd, 0x7c, 0x31, 0x63, + 0xf7, 0xf8, 0x31, 0x83, 0x78, 0xe3, 0x9d, 0x79, 0x94, 0xc6, 0xc2, 0x3d, 0x0f, 0xcc, 0xf3, 0x0f, + 0xdd, 0x66, 0x2d, 0x51, 0x46, 0x24, 0x36, 0xe7, 0x0e, 0x6f, 0x8b, 0x1f, 0xf3, 0xef, 0x67, 0x23, + 0x4c, 0xaa, 0xd8, 0x42, 0x13, 0x5e, 0x22, 0xfe, 0x91, 0x47, 0x50, 0xb0, 0xad, 0x6d, 0xf1, 0x02, + 0x75, 0x11, 0x45, 0xe7, 0x37, 0x44, 0x9b, 0xca, 0x2d, 0x69, 0xe8, 0xd9, 0x75, 0x0a, 0x67, 0x6c, + 0x1b, 0x4b, 0xbb, 0x76, 0xc3, 0x55, 0xe7, 0xb1, 0x6a, 0x31, 0xf5, 0x71, 0x21, 0xcb, 0x19, 0xf9, + 0x54, 0x2b, 0x65, 0x6b, 0x65, 0xc5, 0xfe, 0x87, 0x3f, 0xbf, 0x83, 0xf3, 0x4b, 0x1f, 0x9b, 0x43, + 0x42, 0x07, 0xa4, 0xce, 0x91, 0x89, 0x11, 0x84, 0xda, 0xc8, 0xaa, 0x71, 0x4f, 0xd2, 0xc3, 0x2e, + 0xca, 0x86, 0x1e, 0x0c, 0xde, 0x73, 0x23, 0x25, 0x09, 0x07, 0xb9, 0x38, 0x9c, 0xf7, 0x9d, 0x1f, + 0x9f, 0x9b, 0x68, 0x7c, 0x65, 0xf6, 0x3c, 0x2a, 0xeb, 0x3a, 0x5a, 0xba, 0xd2, 0x8f, 0x39, 0xe1, + 0xd8, 0xb0, 0x8d, 0x17, 0x46, 0xde, 0x0e, 0xc4, 0x52, 0x00, 0x12, 0x45, 0x76, 0x4d, 0x28, 0x5f, + 0xdf, 0x58, 0x5d, 0xbc, 0xb2, 0xe6, 0x81, 0xbe, 0xc9, 0xda, 0x43, 0x99, 0x71, 0x76, 0x36, 0x9e, + 0x16, 0x7e, 0x0c, 0x51, 0x85, 0x17, 0xe2, 0x53, 0x79, 0xfd, 0xc4, 0xa0, 0x6a, 0xd3, 0x9c, 0xf3, + 0xd2, 0x15, 0xba, 0xe0, 0xe4, 0x9b, 0x2f, 0x31, 0x72, 0xcd, 0x26, 0xe8, 0xe8, 0xb7, 0x7d, 0x4b, + 0x6e, 0x39, 0x95, 0xb7, 0x65, 0xff, 0xe5, 0x45, 0x6f, 0x96, 0x4d, 0xc6, 0x92, 0x02, 0x70, 0xbc, + 0x8b, 0x79, 0xa4, 0x38, 0x35, 0xa4, 0x5b, 0x90, 0xed, 0xfe, 0x00, 0x5a, 0x1c, 0x17, 0x62, 0x3f, + 0xde, 0xe8, 0x4a, 0x7f, 0xf3, 0xf4, 0x86, 0x6a, 0x91, 0xff, 0x74, 0xa9, 0xa5, 0x2e, 0x80, 0xbc, + 0x09, 0x56, 0xd7, 0x4a, 0x0b, 0x8c, 0xf4, 0x1d, 0xbe, 0xd5, 0x1e, 0xfa, 0xdb, 0x6d, 0xbb, 0xe9, + 0x3c, 0xc1, 0x70, 0xea, 0xcc, 0xd8, 0x96, 0xae, 0x5a, 0x3e, 0x98, 0xc0, 0x82, 0x24, 0x2e, 0xb1, + 0xce, 0x99, 0xf7, 0xd2, 0x57, 0xa7, 0xab, 0x38, 0xe4, 0x82, 0xb2, 0x7a, 0xf4, 0x3c, 0x41, 0x01, + 0x4c, 0xfe, 0x87, 0x2a, 0x21, 0x2f, 0xfb, 0x06, 0x76, 0xec, 0x5b, 0xe0, 0x87, 0x9e, 0x6e, 0xb7, + 0xc1, 0x2f, 0x42, 0xb3, 0x8b, 0x67, 0x5f, 0x53, 0xa2, 0x12, 0x84, 0x8e, 0xb8, 0x95, 0xf7, 0x57, + 0x7d, 0x73, 0xec, 0x62, 0xd2, 0x1f, 0x30, 0x3b, 0x5b, 0xb5, 0x5a, 0x77, 0xa8, 0xd8, 0x44, 0x71, + 0xdd, 0x6b, 0xcd, 0x62, 0x25, 0x43, 0xf4, 0xe3, 0x6c, 0x2a, 0x95, 0xfe, 0x6e, 0x67, 0x34, 0x33, + 0x19, 0xb3, 0xd6, 0x90, 0x20, 0xf1, 0xb6, 0x73, 0xb4, 0x24, 0xde, 0xbe, 0xc3, 0xf8, 0xb1, 0xe8, + 0x32, 0x7b, 0xf7, 0x5c, 0x6c, 0xec, 0x84, 0x23, 0xde, 0xf6, 0x95, 0x7d, 0x22, 0x54, 0x0f, 0xbf, + 0xa4, 0x92, 0xa2, 0xea, 0x0f, 0xe5, 0xe8, 0xd4, 0x25, 0x0d, 0x47, 0x22, 0x32, 0x9e, 0x8d, 0xd4, + 0x4f, 0x14, 0x1b, 0xb0, 0x8d, 0x41, 0x23, 0x7a, 0x83, 0x14, 0x75, 0xdb, 0x3b, 0xa0, 0x51, 0xb5, + 0xa8, 0x57, 0xcb, 0x7a, 0x6a, 0xc4, 0x2b, 0xaa, 0x96, 0x3f, 0xc2, 0x16, 0x0d, 0xbc, 0x25, 0x1b, + 0xc1, 0xad, 0xce, 0x3d, 0xb5, 0xab, 0x38, 0x19, 0xf3, 0x03, 0xf9, 0xcc, 0x82, 0xe1, 0x4f, 0x7e, + 0xbf, 0xaf, 0x1d, 0x9f, 0xdc, 0x99, 0xff, 0xf3, 0xbc, 0x4c, 0x75, 0x6d, 0x4b, 0xfc, 0xec, 0x7a, + 0x3f, 0xa5, 0xab, 0x94, 0x1b, 0x2a, 0x10, 0xd2, 0x1d, 0xbc, 0xd0, 0x2e, 0xf9, 0x81, 0x8b, 0xb2, + 0x13, 0xc3, 0x3c, 0xbe, 0x59, 0xad, 0x6a, 0x75, 0xc9, 0xfb, 0xa0, 0xe7, 0x2b, 0xf2, 0x4e, 0x53, + 0x5a, 0xa0, 0x81, 0x72, 0x70, 0x36, 0xc0, 0x6a, 0x61, 0x9d, 0xf8, 0x09, 0x7b, 0x50, 0x70, 0xfa, + 0x6f, 0x1f, 0x71, 0xcb, 0x86, 0x2f, 0xb8, 0xab, 0x2e, 0x45, 0x46, 0x8e, 0x07, 0x97, 0x9d, 0xb8, + 0xe5, 0x83, 0x91, 0x7a, 0xea, 0xa1, 0x9b, 0xc5, 0x6a, 0x62, 0x91, 0xfd, 0x37, 0x44, 0x9f, 0x6b, + 0x0d, 0x37, 0xf2, 0xdf, 0xc4, 0xc5, 0xd9, 0x82, 0x85, 0xa1, 0x89, 0xa5, 0xee, 0x4b, 0x78, 0x0b, + 0xa3, 0x2c, 0x75, 0x9d, 0x9f, 0x76, 0x81, 0xa1, 0x68, 0x51, 0x61, 0xdc, 0xf9, 0x5a, 0xed, 0x55, + 0xae, 0xc0, 0x20, 0xec, 0xc2, 0xec, 0xdf, 0x3d, 0x31, 0x34, 0x8f, 0x23, 0x6b, 0x8b, 0x25, 0x70, + 0x89, 0x36, 0xe3, 0xd2, 0x87, 0xff, 0x4f, 0xae, 0xf4, 0x0a, 0xd9, 0xca, 0x5a, 0xe9, 0xbd, 0x57, + 0xad, 0xfb, 0x7e, 0xc5, 0x37, 0x88, 0x35, 0x6a, 0x0b, 0xd8, 0x0d, 0xb2, 0x06, 0x13, 0xed, 0x91, + 0x9e, 0xfb, 0xd4, 0xa9, 0x12, 0x6d, 0xd9, 0x3f, 0x55, 0xd5, 0xc8, 0xc0, 0x88, 0x75, 0x5e, 0xce, + 0xef, 0x11, 0x1f, 0x3e, 0xb4, 0x1b, 0x3b, 0x88, 0xc5, 0x15, 0xbd, 0x10, 0xc7, 0xb2, 0xad, 0xe5, + 0x23, 0x73, 0x58, 0x4e, 0x78, 0x5c, 0xc3, 0x81, 0xa8, 0x71, 0xf7, 0xba, 0xa3, 0x1c, 0xa9, 0x38, + 0x35, 0xb8, 0xd2, 0x0a, 0xa3, 0x16, 0x69, 0xe8, 0xcb, 0x39, 0xa6, 0xda, 0xc8, 0x76, 0x60, 0xf6, + 0xc5, 0x4d, 0x7d, 0xbc, 0x74, 0xbc, 0x40, 0x67, 0xbe, 0xae, 0x20, 0x0f, 0x0b, 0x3a, 0x8d, 0x4c, + 0x12, 0x4f, 0xb4, 0xf3, 0xc2, 0x06, 0x8d, 0x3d, 0xf1, 0x14, 0xce, 0x25, 0x0b, 0xfd, 0x43, 0x5a, + 0x0e, 0x68, 0xc9, 0xea, 0x9e, 0x7e, 0xbd, 0xf2, 0x70, 0xdd, 0x20, 0xb9, 0xe6, 0xea, 0x80, 0xdb, + 0x71, 0x65, 0x3b, 0xa3, 0x84, 0x2c, 0x0e, 0xb4, 0x4a, 0x95, 0x9d, 0xd6, 0x8c, 0xf8, 0x50, 0xe6, + 0xe4, 0xee, 0x45, 0xf1, 0x2f, 0xa9, 0x17, 0x03, 0x7c, 0x16, 0xd8, 0x6d, 0x30, 0x07, 0xeb, 0x0d, + 0x0a, 0xd5, 0xc3, 0xd5, 0x94, 0x01, 0xef, 0x3f, 0xe3, 0x1b, 0x54, 0x3b, 0xba, 0x98, 0xba, 0xaf, + 0x9b, 0x98, 0xc9, 0x2a, 0xde, 0xc6, 0x17, 0x70, 0xe3, 0x42, 0x78, 0xf1, 0x87, 0x7c, 0x9c, 0xe9, + 0xd8, 0x49, 0x3a, 0xfa, 0xf4, 0x3f, 0xbf, 0xb0, 0x70, 0xa1, 0x2d, 0xbc, 0xc1, 0x24, 0x8d, 0x7a, + 0xb0, 0x1a, 0x49, 0xc7, 0x93, 0xa4, 0xf0, 0x10, 0x7a, 0x0f, 0x28, 0x98, 0x6a, 0xcc, 0xe1, 0xeb, + 0x26, 0xfb, 0x33, 0xaa, 0x3f, 0x7b, 0x41, 0xba, 0x0f, 0x6b, 0xfa, 0xbd, 0xa1, 0x1b, 0x39, 0xdb, + 0x93, 0x9f, 0xeb, 0xcd, 0x8c, 0x45, 0x20, 0x15, 0xfc, 0xc5, 0xe7, 0x5d, 0x1c, 0x6f, 0x1b, 0x48, + 0x7b, 0xa2, 0xad, 0xc3, 0xa9, 0xa6, 0x3e, 0x94, 0x50, 0xbd, 0x7c, 0xcd, 0x06, 0x44, 0xc0, 0x8a, + 0x63, 0x68, 0xf7, 0xe8, 0x8f, 0x76, 0x6e, 0x84, 0x98, 0xe3, 0x63, 0x01, 0x97, 0xa8, 0xee, 0xbf, + 0x06, 0x4c, 0x33, 0xc3, 0xee, 0xbb, 0xff, 0x86, 0x49, 0xef, 0xd0, 0x3f, 0x54, 0xee, 0x26, 0xf3, + 0x23, 0x93, 0xcc, 0x88, 0x36, 0xe2, 0x0e, 0xa3, 0x72, 0xdf, 0xc1, 0x86, 0x1b, 0x5b, 0x98, 0xb9, + 0x82, 0x70, 0x17, 0x70, 0xe9, 0x36, 0xed, 0xbd, 0x5b, 0xbc, 0x79, 0xcf, 0xc4, 0x60, 0xa8, 0x67, + 0x02, 0x83, 0xbf, 0x17, 0xe6, 0x77, 0x39, 0x98, 0xc4, 0x7f, 0xea, 0xf3, 0x83, 0x0d, 0x6b, 0x6b, + 0x55, 0x46, 0x9e, 0x6b, 0x9b, 0xa0, 0x38, 0x4e, 0xb8, 0x85, 0x98, 0xf2, 0x1d, 0x69, 0x1a, 0xb6, + 0xa5, 0x15, 0x83, 0xf5, 0x29, 0x8b, 0xf0, 0xa2, 0x1e, 0x6a, 0xbc, 0x79, 0x01, 0xab, 0xab, 0x8a, + 0x6e, 0xd6, 0x92, 0xdc, 0x0b, 0x4e, 0x9e, 0xb3, 0x1e, 0x1d, 0xf1, 0x28, 0x81, 0x6b, 0xd7, 0xec, + 0x1a, 0x61, 0x8a, 0x32, 0x81, 0x10, 0x2c, 0x5c, 0xd6, 0x5c, 0x00, 0x49, 0x26, 0x70, 0x34, 0x84, + 0xf5, 0x8a, 0x31, 0x68, 0x74, 0x12, 0xfd, 0x72, 0xec, 0xce, 0xa0, 0x15, 0x33, 0x1d, 0x47, 0x08, + 0x30, 0xb8, 0xfc, 0x00, 0xf5, 0xd7, 0x21, 0x6d, 0x70, 0xcd, 0x2b, 0xd3, 0x3b, 0x4c, 0xaf, 0xd5, + 0xdc, 0x70, 0xf9, 0xc4, 0x37, 0xe9, 0xe2, 0x14, 0x78, 0x9c, 0x0b, 0x62, 0x7b, 0x4c, 0x95, 0x16, + 0x42, 0xca, 0x6e, 0x01, 0xf8, 0x3b, 0xa6, 0xe3, 0x40, 0xe0, 0xa5, 0x89, 0x3c, 0x73, 0xcb, 0xb2, + 0xd4, 0x95, 0x1f, 0x2d, 0xf8, 0x6f, 0x58, 0x3c, 0xd4, 0xee, 0x67, 0x49, 0xf3, 0x12, 0x38, 0x6b, + 0x3c, 0xa5, 0x49, 0x5e, 0xeb, 0xa6, 0xc7, 0xc1, 0xe0, 0x3d, 0x59, 0xd8, 0x22, 0x82, 0x44, 0xaf, + 0x67, 0xcf, 0x68, 0x41, 0x73, 0xe5, 0xfe, 0xcb, 0xf0, 0xa8, 0x3a, 0x96, 0x7e, 0xa0, 0xa7, 0xdc, + 0xcb, 0xf4, 0xad, 0x8c, 0x39, 0x3e, 0x2c, 0x0c, 0x90, 0xd4, 0x6a, 0xca, 0x7f, 0xe4, 0x74, 0xbf, + 0xaf, 0x53, 0xf2, 0xeb, 0xe4, 0x1b, 0x44, 0xe5, 0xa1, 0xc0, 0x61, 0x5c, 0xe7, 0x26, 0xda, 0x1b, + 0x5b, 0xbb, 0xa6, 0x04, 0x9f, 0xe5, 0xfd, 0x00, 0x06, 0xcb, 0x71, 0x9b, 0xf8, 0x79, 0xe8, 0xd7, + 0x23, 0xc8, 0xef, 0x29, 0x81, 0x3d, 0x12, 0x69, 0x6d, 0x04, 0x0b, 0xb8, 0x6b, 0xc6, 0x2d, 0x1f, + 0x3e, 0x56, 0xd2, 0xed, 0x57, 0xf9, 0x7f, 0x34, 0x0b, 0x14, 0x9e, 0xf0, 0x06, 0x67, 0x4b, 0x8c, + 0xa1, 0xc7, 0x8a, 0x55, 0x61, 0x49, 0x77, 0xca, 0x23, 0xb9, 0xdb, 0x96, 0x94, 0x38, 0x1c, 0x41, + 0x8c, 0xf3, 0x39, 0x7d, 0x1b, 0x66, 0x3e, 0x2c, 0xb2, 0xf9, 0x1f, 0x37, 0x8e, 0xb5, 0xef, 0xd4, + 0x09, 0x01, 0xf4, 0xf1, 0x6a, 0xd2, 0x43, 0x21, 0xf4, 0xa4, 0x64, 0xba, 0xc3, 0x4a, 0x08, 0x1a, + 0x86, 0x78, 0x80, 0x00, 0x2a, 0x71, 0xdf, 0x63, 0x17, 0x93, 0x6d, 0x20, 0xe7, 0xa5, 0xac, 0xde, + 0x53, 0xe4, 0xdb, 0x01, 0x49, 0xd4, 0xe7, 0x09, 0x83, 0xc2, 0x63, 0xc7, 0xb2, 0xf5, 0x24, 0x08, + 0x44, 0x96, 0x34, 0xbe, 0x86, 0xe3, 0x0f, 0x64, 0x32, 0x8d, 0x12, 0xd9, 0x22, 0x6b, 0x76, 0xde, + 0x5e, 0x03, 0x11, 0x3c, 0xe8, 0x83, 0x99, 0x06, 0x59, 0x0a, 0x95, 0x47, 0x05, 0xca, 0xa7, 0x8c, + 0x26, 0x46, 0x8c, 0x9f, 0x72, 0xbb, 0x77, 0xbe, 0x9e, 0x69, 0xe0, 0x0c, 0xa9, 0xbc, 0x32, 0x94, + 0xc7, 0x90, 0x85, 0x5a, 0xf8, 0xe9, 0x93, 0x10, 0x7f, 0x20, 0x95, 0x78, 0x35, 0x8d, 0xcc, 0xb3, + 0xd0, 0xce, 0xa7, 0x55, 0x62, 0x73, 0x89, 0xf7, 0x1f, 0x08, 0xec, 0x02, 0x80, 0x64, 0x0c, 0xa6, + 0x5f, 0xd5, 0xe1, 0x0c, 0xdf, 0x2b, 0xd1, 0xd4, 0xb3, 0x42, 0x74, 0x11, 0xb8, 0x87, 0xff, 0x1f, + 0x10, 0xd8, 0x84, 0x18, 0x8f, 0x8e, 0x0d, 0x54, 0x3d, 0xef, 0x07, 0xb4, 0xac, 0xa8, 0xe4, 0xf2, + 0xef, 0xb2, 0x19, 0x68, 0xe8, 0x79, 0xaf, 0xf1, 0xeb, 0x4a, 0x6d, 0xad, 0x3c, 0x9e, 0x45, 0x51, + 0x21, 0x50, 0xad, 0x46, 0xc1, 0x30, 0x8f, 0xfa, 0xe5, 0xee, 0x92, 0xa7, 0x89, 0xd9, 0x86, 0xd0, + 0xcc, 0x16, 0x69, 0x7b, 0xf4, 0x80, 0x6c, 0x1b, 0xe7, 0x17, 0x24, 0x5c, 0x1b, 0xbf, 0x03, 0xc9, + 0xba, 0xbb, 0xac, 0x51, 0x2f, 0xf6, 0x7e, 0x4c, 0xb7, 0xef, 0xa8, 0xa0, 0xaa, 0x1e, 0xea, 0xb4, + 0x25, 0xa0, 0xc5, 0x4a, 0x60, 0x5f, 0x68, 0xd9, 0xb4, 0x53, 0x85, 0x3d, 0x42, 0xde, 0x42, 0x8b, + 0x9d, 0xef, 0x46, 0x6c, 0xf5, 0xf2, 0x83, 0xd4, 0xb6, 0xcc, 0xf7, 0x33, 0x77, 0xb5, 0xa9, 0xfe, + 0x1f, 0xd4, 0x8b, 0x0c, 0x5a, 0x51, 0xdb, 0x0b, 0xb0, 0x2a, 0x38, 0xef, 0xdd, 0x3c, 0x33, 0xd5, + 0x0f, 0x8a, 0x32, 0xab, 0x0b, 0x70, 0x62, 0x3e, 0x24, 0xec, 0x98, 0x31, 0x12, 0xf9, 0x4c, 0xf4, + 0x5e, 0x87, 0xc9, 0xfc, 0x14, 0xb4, 0x5a, 0x95, 0xd2, 0x7b, 0x0e, 0x79, 0x9a, 0xeb, 0xc9, 0x3d, + 0xbb, 0x27, 0x4e, 0x50, 0x23, 0x4f, 0xd5, 0xcf, 0x5a, 0x93, 0x2b, 0x08, 0x21, 0x53, 0x97, 0x3e, + 0x07, 0x39, 0xc5, 0x8b, 0x47, 0xa4, 0xbb, 0xc2, 0x18, 0xc7, 0x9a, 0x4f, 0x71, 0x3e, 0x7d, 0x1c, + 0x2e, 0xe5, 0xbb, 0x2b, 0xb5, 0xb7, 0xdb, 0x51, 0x62, 0x3e, 0x56, 0x5d, 0xf5, 0x92, 0x03, 0x0a, + 0x57, 0x04, 0x21, 0x14, 0xa5, 0x52, 0xcc, 0x52, 0xb5, 0xd9, 0xb3, 0x8a, 0xb9, 0xf6, 0xc8, 0x45, + 0x35, 0x72, 0xbc, 0xc8, 0xd2, 0xdc, 0x00, 0x12, 0x1e, 0x55, 0x56, 0x90, 0xbb, 0xf6, 0xfe, 0x2a, + 0x4a, 0x82, 0x89, 0x98, 0xc6, 0x10, 0x15, 0x25, 0x41, 0x45, 0x77, 0x94, 0xa0, 0xe9, 0xf7, 0xf8, + 0x4e, 0x71, 0x78, 0xaf, 0xb1, 0xb6, 0xd3, 0xd7, 0xd9, 0x05, 0x13, 0x30, 0x78, 0x86, 0x8a, 0x99, + 0xb2, 0xc8, 0xd1, 0x0e, 0x79, 0xea, 0x0b, 0x0c, 0x1a, 0x24, 0x2a, 0x34, 0x59, 0xac, 0xc1, 0xf7, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x0f, 0x15, 0x20, 0x29, + 0x33, 0x36, 0x40}; +#endif /* MLD_CONFIG_PARAMETER_SET == 87 */ +#endif /* !EXPECTED_SIGNATURES_H */ diff --git a/examples/monolithic_build_verify_native/main.c b/examples/monolithic_build_verify_native/main.c new file mode 100644 index 000000000..2877062f6 --- /dev/null +++ b/examples/monolithic_build_verify_native/main.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) The mlkem-native project authors + * Copyright (c) The mldsa-native project authors + * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT + */ + +#include +#include +#include + +/* Import public mldsa-native API + * + * This requires specifying the parameter set and namespace prefix + * used for the build. + * + * The parameter set is configured on the command line + */ + +#include +#include "expected_signatures.h" + +#define CHECK(x) \ + do \ + { \ + int rc; \ + rc = (x); \ + if (!rc) \ + { \ + fprintf(stderr, "ERROR (%s,%d)\n", __FILE__, __LINE__); \ + return 1; \ + } \ + } while (0) + +int main(void) +{ + printf("ML-DSA-%d monolithic_build_verify_native Example\n", + MLD_CONFIG_API_PARAMETER_SET); + printf("======================\n\n"); + + printf("Verifying signature... "); + + const uint8_t prefix[2] = { + 0x00, // MLD_PREHASH_NONE + 0x00}; // Context length + + CHECK(mldsa_verify_internal(expected_signature, sizeof(expected_signature), + message, sizeof(message), prefix, sizeof(prefix), public_key, 0) == 0); + + printf("DONE\n"); + + printf("\nAll tests passed! ML-DSA signature verification successful.\n"); + return 0; +} diff --git a/examples/monolithic_build_verify_native/mldsa_native/mldsa_native.c b/examples/monolithic_build_verify_native/mldsa_native/mldsa_native.c new file mode 120000 index 000000000..107fe39e1 --- /dev/null +++ b/examples/monolithic_build_verify_native/mldsa_native/mldsa_native.c @@ -0,0 +1 @@ +../../../mldsa/mldsa_native.c \ No newline at end of file diff --git a/examples/monolithic_build_verify_native/mldsa_native/mldsa_native.h b/examples/monolithic_build_verify_native/mldsa_native/mldsa_native.h new file mode 120000 index 000000000..f25191336 --- /dev/null +++ b/examples/monolithic_build_verify_native/mldsa_native/mldsa_native.h @@ -0,0 +1 @@ +../../../mldsa/mldsa_native.h \ No newline at end of file diff --git a/examples/monolithic_build_verify_native/mldsa_native/mldsa_native_asm.S b/examples/monolithic_build_verify_native/mldsa_native/mldsa_native_asm.S new file mode 120000 index 000000000..7cb815a2d --- /dev/null +++ b/examples/monolithic_build_verify_native/mldsa_native/mldsa_native_asm.S @@ -0,0 +1 @@ +../../../mldsa/mldsa_native_asm.S \ No newline at end of file diff --git a/examples/monolithic_build_verify_native/mldsa_native/mldsa_native_config.h b/examples/monolithic_build_verify_native/mldsa_native/mldsa_native_config.h new file mode 100644 index 000000000..855141d00 --- /dev/null +++ b/examples/monolithic_build_verify_native/mldsa_native/mldsa_native_config.h @@ -0,0 +1,792 @@ +/* + * Copyright (c) The mldsa-native project authors + * SPDX-License-Identifier: Apache-2.0 OR ISC OR MIT + */ + +/* References + * ========== + * + * - [FIPS140_3_IG] + * Implementation Guidance for FIPS 140-3 and the Cryptographic Module + * Validation Program + * National Institute of Standards and Technology + * https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements + * + * - [FIPS204] + * FIPS 204 Module-Lattice-Based Digital Signature Standard + * National Institute of Standards and Technology + * https://csrc.nist.gov/pubs/fips/204/final + */ + +/* + * WARNING: This file is auto-generated from scripts/autogen + * in the mldsa-native repository. + * Do not modify it directly. + */ + +/* + * Test configuration: Monolithic build config (native backends disabled) + * + * This configuration differs from the default mldsa/mldsa_native_config.h in + * the following places: + * - MLD_CONFIG_PARAMETER_SET + * - MLD_CONFIG_NAMESPACE_PREFIX + * - MLD_CONFIG_NO_KEYPAIR_API + * - MLD_CONFIG_NO_SIGN_API + * - MLD_CONFIG_INTERNAL_API_ONLY + * - MLD_CONFIG_USE_NATIVE_BACKEND_ARITH + * - MLD_CONFIG_USE_NATIVE_BACKEND_FIPS202 + * - MLD_CONFIG_INTERNAL_API_QUALIFIER + * - MLD_CONFIG_REDUCE_RAM + */ + + +#ifndef MLD_CONFIG_H +#define MLD_CONFIG_H + +/****************************************************************************** + * Name: MLD_CONFIG_PARAMETER_SET + * + * Description: Specifies the parameter set for ML-DSA + * - MLD_CONFIG_PARAMETER_SET=44 corresponds to ML-DSA-44 + * - MLD_CONFIG_PARAMETER_SET=65 corresponds to ML-DSA-65 + * - MLD_CONFIG_PARAMETER_SET=87 corresponds to ML-DSA-87 + * + * If you want to support multiple parameter sets, build the + * library multiple times and set MLD_CONFIG_MULTILEVEL_BUILD. + * See MLD_CONFIG_MULTILEVEL_BUILD for how to do this while + * minimizing code duplication. + * + * This can also be set using CFLAGS. + * + *****************************************************************************/ +#ifndef MLD_CONFIG_PARAMETER_SET +#define MLD_CONFIG_PARAMETER_SET \ + 87 /* Change this for different security strengths */ +#endif + +/****************************************************************************** + * Name: MLD_CONFIG_FILE + * + * Description: If defined, this is a header that will be included instead + * of the default configuration file mldsa/mldsa_native_config.h. + * + * When you need to build mldsa-native in multiple configurations, + * using varying MLD_CONFIG_FILE can be more convenient + * then configuring everything through CFLAGS. + * + * To use, MLD_CONFIG_FILE _must_ be defined prior + * to the inclusion of any mldsa-native headers. For example, + * it can be set by passing `-DMLD_CONFIG_FILE="..."` + * on the command line. + * + *****************************************************************************/ +/* No need to set this -- we _are_ already in a custom config */ +/* #define MLD_CONFIG_FILE "mldsa_native_config.h" */ + +/****************************************************************************** + * Name: MLD_CONFIG_NAMESPACE_PREFIX + * + * Description: The prefix to use to namespace global symbols from mldsa/. + * + * In a multi-level build, level-dependent symbols will + * additionally be prefixed with the parameter set (44/65/87). + * + * This can also be set using CFLAGS. + * + *****************************************************************************/ +#define MLD_CONFIG_NAMESPACE_PREFIX mldsa + +/****************************************************************************** + * Name: MLD_CONFIG_MULTILEVEL_BUILD + * + * Description: Set this if the build is part of a multi-level build supporting + * multiple parameter sets. + * + * If you need only a single parameter set, keep this unset. + * + * To build mldsa-native with support for all parameter sets, + * build it three times -- once per parameter set -- and set the + * option MLD_CONFIG_MULTILEVEL_WITH_SHARED for exactly one of + * them, and MLD_CONFIG_MULTILEVEL_NO_SHARED for the others. + * MLD_CONFIG_MULTILEVEL_BUILD should be set for all of them. + * + * See examples/multilevel_build for an example. + * + * This can also be set using CFLAGS. + * + *****************************************************************************/ +/* #define MLD_CONFIG_MULTILEVEL_BUILD */ + +/****************************************************************************** + * Name: MLD_CONFIG_EXTERNAL_API_QUALIFIER + * + * Description: If set, this option provides an additional function + * qualifier to be added to declarations of mldsa-native's + * public API. + * + * The primary use case for this option are single-CU builds + * where the public API exposed by mldsa-native is wrapped by + * another API in the consuming application. In this case, + * even mldsa-native's public API can be marked `static`. + * + *****************************************************************************/ +/* #define MLD_CONFIG_EXTERNAL_API_QUALIFIER */ + +/****************************************************************************** + * Name: MLD_CONFIG_NO_KEYPAIR_API + * + * Description: By default, mldsa-native includes support for generating key + * pairs. If you don't need this, set MLD_CONFIG_NO_KEYPAIR_API + * to exclude crypto_sign_keypair, crypto_sign_keypair_internal, + * crypto_sign_pk_from_sk, and all internal APIs only needed by + * those functions. + * + *****************************************************************************/ +#define MLD_CONFIG_NO_KEYPAIR_API + +/****************************************************************************** + * Name: MLD_CONFIG_NO_SIGN_API + * + * Description: By default, mldsa-native includes support for creating + * signatures. If you don't need this, set MLD_CONFIG_NO_SIGN_API + * to exclude crypto_sign, crypto_sign_signature, + * crypto_sign_signature_extmu, crypto_sign_signature_internal, + * crypto_sign_signature_pre_hash_internal, + * crypto_sign_signature_pre_hash_shake256, and all internal APIs + * only needed by those functions. + * + *****************************************************************************/ +#define MLD_CONFIG_NO_SIGN_API + +/****************************************************************************** + * Name: MLD_CONFIG_NO_VERIFY_API + * + * Description: By default, mldsa-native includes support for verifying + * signatures. If you don't need this, set + * MLD_CONFIG_NO_VERIFY_API to exclude crypto_sign_open, + * crypto_sign_verify, crypto_sign_verify_extmu, + * crypto_sign_verify_internal, + * crypto_sign_verify_pre_hash_internal, + * crypto_sign_verify_pre_hash_shake256, and all internal APIs + * only needed by those functions. + * + *****************************************************************************/ +/* #define MLD_CONFIG_NO_VERIFY_API */ + +/****************************************************************************** + * Name: MLD_CONFIG_INTERNAL_API_ONLY + * + * Description: Set this to remove all public APIs except + * crypto_sign_keypair_internal, crypto_sign_signature_internal, + * and crypto_sign_verify_internal. + * + *****************************************************************************/ +#define MLD_CONFIG_INTERNAL_API_ONLY + +/****************************************************************************** + * Name: MLD_CONFIG_NO_RANDOMIZED_API + * + * Description: If this option is set, mldsa-native will be built without the + * randomized API functions (crypto_sign_keypair, + * crypto_sign, crypto_sign_signature, and + * crypto_sign_signature_extmu). + * This allows users to build mldsa-native without providing a + * randombytes() implementation if they only need the + * internal deterministic API + * (crypto_sign_keypair_internal, crypto_sign_signature_internal). + * + * NOTE: This option is incompatible with MLD_CONFIG_KEYGEN_PCT + * as the current PCT implementation requires + * crypto_sign_signature(). + * + *****************************************************************************/ +/* #define MLD_CONFIG_NO_RANDOMIZED_API */ + +/****************************************************************************** + * Name: MLD_CONFIG_NO_SUPERCOP + * + * Description: By default, mldsa_native.h exposes the mldsa-native API in the + * SUPERCOP naming convention (crypto_sign_xxx). If you don't need + * this, set MLD_CONFIG_NO_SUPERCOP. + * + * NOTE: You must set this for a multi-level build as the SUPERCOP + * naming does not disambiguate between the parameter sets. + * + *****************************************************************************/ +/* #define MLD_CONFIG_NO_SUPERCOP */ + +/****************************************************************************** + * Name: MLD_CONFIG_CONSTANTS_ONLY + * + * Description: If you only need the size constants (MLDSA_PUBLICKEYBYTES, etc.) + * but no function declarations, set MLD_CONFIG_CONSTANTS_ONLY. + * + * This only affects the public header mldsa_native.h, not + * the implementation. + * + *****************************************************************************/ +/* #define MLD_CONFIG_CONSTANTS_ONLY */ + +/****************************************************************************** + * + * Build-only configuration options + * + * The remaining configurations are build-options only. + * They do not affect the API described in mldsa_native.h. + * + *****************************************************************************/ + +#if defined(MLD_BUILD_INTERNAL) +/****************************************************************************** + * Name: MLD_CONFIG_MULTILEVEL_WITH_SHARED + * + * Description: This is for multi-level builds of mldsa-native only. If you + * need only a single parameter set, keep this unset. + * + * If this is set, all MLD_CONFIG_PARAMETER_SET-independent + * code will be included in the build, including code needed only + * for other parameter sets. + * + * Example: TODO: add example + * + * To build mldsa-native with support for all parameter sets, + * build it three times -- once per parameter set -- and set the + * option MLD_CONFIG_MULTILEVEL_WITH_SHARED for exactly one of + * them, and MLD_CONFIG_MULTILEVEL_NO_SHARED for the others. + * + * See examples/multilevel_build_mldsa for an example. + * + * This can also be set using CFLAGS. + * + *****************************************************************************/ +/* #define MLD_CONFIG_MULTILEVEL_WITH_SHARED */ + +/****************************************************************************** + * Name: MLD_CONFIG_MULTILEVEL_NO_SHARED + * + * Description: This is for multi-level builds of mldsa-native only. If you + * need only a single parameter set, keep this unset. + * + * If this is set, no MLD_CONFIG_PARAMETER_SET-independent code + * will be included in the build. + * + * To build mldsa-native with support for all parameter sets, + * build it three times -- once per parameter set -- and set the + * option MLD_CONFIG_MULTILEVEL_WITH_SHARED for exactly one of + * them, and MLD_CONFIG_MULTILEVEL_NO_SHARED for the others. + * + * See examples/multilevel_build_mldsa for an example. + * + * This can also be set using CFLAGS. + * + *****************************************************************************/ +/* #define MLD_CONFIG_MULTILEVEL_NO_SHARED */ + +/****************************************************************************** + * Name: MLD_CONFIG_MONOBUILD_KEEP_SHARED_HEADERS + * + * Description: This is only relevant for single compilation unit (SCU) + * builds of mldsa-native. In this case, it determines whether + * directives defined in parameter-set-independent headers should + * be #undef'ined or not at the of the SCU file. This is needed + * in multilevel builds. + * + * See examples/multilevel_build_native for an example. + * + * This can also be set using CFLAGS. + * + *****************************************************************************/ +/* #define MLD_CONFIG_MONOBUILD_KEEP_SHARED_HEADERS */ + +/****************************************************************************** + * Name: MLD_CONFIG_USE_NATIVE_BACKEND_ARITH + * + * Description: Determines whether an native arithmetic backend should be used. + * + * The arithmetic backend covers performance critical functions + * such as the number-theoretic transform (NTT). + * + * If this option is unset, the C backend will be used. + * + * If this option is set, the arithmetic backend to be use is + * determined by MLD_CONFIG_ARITH_BACKEND_FILE: If the latter is + * unset, the default backend for your the target architecture + * will be used. If set, it must be the name of a backend metadata + * file. + * + * This can also be set using CFLAGS. + * + *****************************************************************************/ +#define MLD_CONFIG_USE_NATIVE_BACKEND_ARITH + +/****************************************************************************** + * Name: MLD_CONFIG_ARITH_BACKEND_FILE + * + * Description: The arithmetic backend to use. + * + * If MLD_CONFIG_USE_NATIVE_BACKEND_ARITH is unset, this option + * is ignored. + * + * If MLD_CONFIG_USE_NATIVE_BACKEND_ARITH is set, this option must + * either be undefined or the filename of an arithmetic backend. + * If unset, the default backend will be used. + * + * This can be set using CFLAGS. + * + *****************************************************************************/ +#if defined(MLD_CONFIG_USE_NATIVE_BACKEND_ARITH) && \ + !defined(MLD_CONFIG_ARITH_BACKEND_FILE) +#define MLD_CONFIG_ARITH_BACKEND_FILE "native/meta.h" +#endif + +/****************************************************************************** + * Name: MLD_CONFIG_USE_NATIVE_BACKEND_FIPS202 + * + * Description: Determines whether an native FIPS202 backend should be used. + * + * The FIPS202 backend covers 1x/2x/4x-fold Keccak-f1600, which is + * the performance bottleneck of SHA3 and SHAKE. + * + * If this option is unset, the C backend will be used. + * + * If this option is set, the FIPS202 backend to be use is + * determined by MLD_CONFIG_FIPS202_BACKEND_FILE: If the latter is + * unset, the default backend for your the target architecture + * will be used. If set, it must be the name of a backend metadata + * file. + * + * This can also be set using CFLAGS. + * + *****************************************************************************/ +#define MLD_CONFIG_USE_NATIVE_BACKEND_FIPS202 + +/****************************************************************************** + * Name: MLD_CONFIG_FIPS202_BACKEND_FILE + * + * Description: The FIPS-202 backend to use. + * + * If MLD_CONFIG_USE_NATIVE_BACKEND_FIPS202 is set, this option + * must either be undefined or the filename of a FIPS202 backend. + * If unset, the default backend will be used. + * + * This can be set using CFLAGS. + * + *****************************************************************************/ +#if defined(MLD_CONFIG_USE_NATIVE_BACKEND_FIPS202) && \ + !defined(MLD_CONFIG_FIPS202_BACKEND_FILE) +#define MLD_CONFIG_FIPS202_BACKEND_FILE "fips202/native/auto.h" +#endif + +/****************************************************************************** + * Name: MLD_CONFIG_FIPS202_CUSTOM_HEADER + * + * Description: Custom header to use for FIPS-202 + * + * This should only be set if you intend to use a custom + * FIPS-202 implementation, different from the one shipped + * with mldsa-native. + * + * If set, it must be the name of a file serving as the + * replacement for mldsa/src/fips202/fips202.h, and exposing + * the same API (see FIPS202.md). + * + *****************************************************************************/ +/* #define MLD_CONFIG_FIPS202_CUSTOM_HEADER "SOME_FILE.h" */ + +/****************************************************************************** + * Name: MLD_CONFIG_FIPS202X4_CUSTOM_HEADER + * + * Description: Custom header to use for FIPS-202-X4 + * + * This should only be set if you intend to use a custom + * FIPS-202 implementation, different from the one shipped + * with mldsa-native. + * + * If set, it must be the name of a file serving as the + * replacement for mldsa/src/fips202/fips202x4.h, and exposing + * the same API (see FIPS202.md). + * + *****************************************************************************/ +/* #define MLD_CONFIG_FIPS202X4_CUSTOM_HEADER "SOME_FILE.h" */ + +/****************************************************************************** + * Name: MLD_CONFIG_CUSTOM_ZEROIZE + * + * Description: In compliance with @[FIPS204, Section 3.6.3], mldsa-native, + * zeroizes intermediate stack buffers before returning from + * function calls. + * + * Set this option and define `mld_zeroize` if you want to + * use a custom method to zeroize intermediate stack buffers. + * The default implementation uses SecureZeroMemory on Windows + * and a memset + compiler barrier otherwise. If neither of those + * is available on the target platform, compilation will fail, + * and you will need to use MLD_CONFIG_CUSTOM_ZEROIZE to provide + * a custom implementation of `mld_zeroize()`. + * + * WARNING: + * The explicit stack zeroization conducted by mldsa-native + * reduces the likelihood of data leaking on the stack, but + * does not eliminate it! The C standard makes no guarantee about + * where a compiler allocates structures and whether/where it makes + * copies of them. Also, in addition to entire structures, there + * may also be potentially exploitable leakage of individual values + * on the stack. + * + * If you need bullet-proof zeroization of the stack, you need to + * consider additional measures instead of what this feature + * provides. In this case, you can set mld_zeroize to a + * no-op. + * + *****************************************************************************/ +/* #define MLD_CONFIG_CUSTOM_ZEROIZE + #if !defined(__ASSEMBLER__) + #include + #include "src/src.h" + static MLD_INLINE void mld_zeroize(void *ptr, size_t len) + { + ... your implementation ... + } + #endif +*/ + +/****************************************************************************** + * Name: MLD_CONFIG_CUSTOM_RANDOMBYTES + * + * Description: mldsa-native does not provide a secure randombytes + * implementation. Such an implementation has to provided by the + * consumer. + * + * If this option is not set, mldsa-native expects a function + * int randombytes(uint8_t *out, size_t outlen). + * + * Set this option and define `mld_randombytes` if you want to + * use a custom method to sample randombytes with a different name + * or signature. + * + *****************************************************************************/ +/* #define MLD_CONFIG_CUSTOM_RANDOMBYTES + #if !defined(__ASSEMBLER__) + #include + #include "src/src.h" + static MLD_INLINE int mld_randombytes(uint8_t *ptr, size_t len) + { + ... your implementation ... + return 0; + } + #endif +*/ + +/****************************************************************************** + * Name: MLD_CONFIG_CUSTOM_CAPABILITY_FUNC + * + * Description: mldsa-native backends may rely on specific hardware features. + * Those backends will only be included in an mldsa-native build + * if support for the respective features is enabled at + * compile-time. However, when building for a heteroneous set + * of CPUs to run the resulting binary/library on, feature + * detection at _runtime_ is needed to decided whether a backend + * can be used or not. + * + * Set this option and define `mld_sys_check_capability` if you + * want to use a custom method to dispatch between implementations. + * + * Return value 1 indicates that a capability is supported. + * Return value 0 indicates that a capability is not supported. + * + * If this option is not set, mldsa-native uses compile-time + * feature detection only to decide which backend to use. + * + * If you compile mldsa-native on a system with different + * capabilities than the system that the resulting binary/library + * will be run on, you must use this option. + * + *****************************************************************************/ +/* #define MLD_CONFIG_CUSTOM_CAPABILITY_FUNC + static MLD_INLINE int mld_sys_check_capability(mld_sys_cap cap) + { + ... your implementation ... + } +*/ + +/****************************************************************************** + * Name: MLD_CONFIG_CUSTOM_ALLOC_FREE [EXPERIMENTAL] + * + * Description: Set this option and define `MLD_CUSTOM_ALLOC` and + * `MLD_CUSTOM_FREE` if you want to use custom allocation for + * large local structures or buffers. + * + * By default, all buffers/structures are allocated on the stack. + * If this option is set, most of them will be allocated via + * MLD_CUSTOM_ALLOC. + * + * Parameters to MLD_CUSTOM_ALLOC: + * - T* v: Target pointer to declare. + * - T: Type of structure to be allocated + * - N: Number of elements to be allocated. + * + * Parameters to MLD_CUSTOM_FREE: + * - T* v: Target pointer to free. May be NULL. + * - T: Type of structure to be freed. + * - N: Number of elements to be freed. + * + * WARNING: This option is experimental! + * Its scope, configuration and function/macro signatures may + * change at any time. We expect a stable API for v2. + * + * NOTE: Even if this option is set, some allocations further down + * the call stack will still be made from the stack. Those will + * likely be added to the scope of this option in the future. + * + * NOTE: MLD_CUSTOM_ALLOC need not guarantee a successful + * allocation nor include error handling. Upon failure, the + * target pointer should simply be set to NULL. The calling + * code will handle this case and invoke MLD_CUSTOM_FREE. + * + *****************************************************************************/ +/* #define MLD_CONFIG_CUSTOM_ALLOC_FREE + #if !defined(__ASSEMBLER__) + #include + #define MLD_CUSTOM_ALLOC(v, T, N) \ + T* (v) = (T *)aligned_alloc(MLD_DEFAULT_ALIGN, \ + MLD_ALIGN_UP(sizeof(T) * (N))) + #define MLD_CUSTOM_FREE(v, T, N) free(v) + #endif +*/ + +/****************************************************************************** + * Name: MLD_CONFIG_CUSTOM_MEMCPY + * + * Description: Set this option and define `mld_memcpy` if you want to + * use a custom method to copy memory instead of the standard + * library memcpy function. + * + * The custom implementation must have the same signature and + * behavior as the standard memcpy function: + * void *mld_memcpy(void *dest, const void *src, size_t n) + * + *****************************************************************************/ +/* #define MLD_CONFIG_CUSTOM_MEMCPY + #if !defined(__ASSEMBLER__) + #include + #include "src/src.h" + static MLD_INLINE void *mld_memcpy(void *dest, const void *src, size_t n) + { + ... your implementation ... + } + #endif +*/ + +/****************************************************************************** + * Name: MLD_CONFIG_CUSTOM_MEMSET + * + * Description: Set this option and define `mld_memset` if you want to + * use a custom method to set memory instead of the standard + * library memset function. + * + * The custom implementation must have the same signature and + * behavior as the standard memset function: + * void *mld_memset(void *s, int c, size_t n) + * + *****************************************************************************/ +/* #define MLD_CONFIG_CUSTOM_MEMSET + #if !defined(__ASSEMBLER__) + #include + #include "src/src.h" + static MLD_INLINE void *mld_memset(void *s, int c, size_t n) + { + ... your implementation ... + } + #endif +*/ + +/****************************************************************************** + * Name: MLD_CONFIG_INTERNAL_API_QUALIFIER + * + * Description: If set, this option provides an additional function + * qualifier to be added to declarations of internal API. + * + * The primary use case for this option are single-CU builds, + * in which case this option can be set to `static`. + * + *****************************************************************************/ +#define MLD_CONFIG_INTERNAL_API_QUALIFIER static + +/****************************************************************************** + * Name: MLD_CONFIG_CT_TESTING_ENABLED + * + * Description: If set, mldsa-native annotates data as secret / public using + * valgrind's annotations VALGRIND_MAKE_MEM_UNDEFINED and + * VALGRIND_MAKE_MEM_DEFINED, enabling various checks for secret- + * dependent control flow of variable time execution (depending + * on the exact version of valgrind installed). + * + *****************************************************************************/ +/* #define MLD_CONFIG_CT_TESTING_ENABLED */ + +/****************************************************************************** + * Name: MLD_CONFIG_NO_ASM + * + * Description: If this option is set, mldsa-native will be built without + * use of native code or inline assembly. + * + * By default, inline assembly is used to implement value barriers. + * Without inline assembly, mldsa-native will use a global volatile + * 'opt blocker' instead; see ct.h. + * + * Inline assembly is also used to implement a secure zeroization + * function on non-Windows platforms. If this option is set and + * the target platform is not Windows, you MUST set + * MLD_CONFIG_CUSTOM_ZEROIZE and provide a custom zeroization + * function. + * + * If this option is set, MLD_CONFIG_USE_NATIVE_BACKEND_FIPS202 and + * and MLD_CONFIG_USE_NATIVE_BACKEND_ARITH will be ignored, and no + * native backends will be used. + * + *****************************************************************************/ +/* #define MLD_CONFIG_NO_ASM */ + +/****************************************************************************** + * Name: MLD_CONFIG_NO_ASM_VALUE_BARRIER + * + * Description: If this option is set, mldsa-native will be built without + * use of native code or inline assembly for value barriers. + * + * By default, inline assembly (if available) is used to implement + * value barriers. + * Without inline assembly, mldsa-native will use a global volatile + * 'opt blocker' instead; see ct.h. + * + *****************************************************************************/ +/* #define MLD_CONFIG_NO_ASM_VALUE_BARRIER */ + +/****************************************************************************** + * Name: MLD_CONFIG_KEYGEN_PCT + * + * Description: Compliance with @[FIPS140_3_IG, p.87] requires a + * Pairwise Consistency Test (PCT) to be carried out on a freshly + * generated keypair before it can be exported. + * + * Set this option if such a check should be implemented. + * In this case, crypto_sign_keypair_internal and + * crypto_sign_keypair will return a non-zero error code if the + * PCT failed. + * + * NOTE: This feature will drastically lower the performance of + * key generation. + * + *****************************************************************************/ +/* #define MLD_CONFIG_KEYGEN_PCT */ + +/****************************************************************************** + * Name: MLD_CONFIG_KEYGEN_PCT_BREAKAGE_TEST + * + * Description: If this option is set, the user must provide a runtime + * function `static inline int mld_break_pct() { ... }` to + * indicate whether the PCT should be made fail. + * + * This option only has an effect if MLD_CONFIG_KEYGEN_PCT is set. + * + *****************************************************************************/ +/* #define MLD_CONFIG_KEYGEN_PCT_BREAKAGE_TEST + #if !defined(__ASSEMBLER__) + #include "src/src.h" + static MLD_INLINE int mld_break_pct(void) + { + ... return 0/1 depending on whether PCT should be broken ... + } + #endif +*/ + +/****************************************************************************** + * Name: MLD_CONFIG_SERIAL_FIPS202_ONLY + * + * Description: Set this to use a FIPS202 implementation with global state + * that supports only one active Keccak computation at a time + * (e.g. some hardware accelerators). + * + * If this option is set, ML-DSA will use FIPS202 operations + * serially, ensuring that only one SHAKE context is active + * at any given time. + * + * This allows offloading Keccak computations to a hardware + * accelerator that holds only a single Keccak state locally, + * rather than requiring support for multiple concurrent + * Keccak states. + * + * NOTE: Depending on the target CPU, this may reduce + * performance when using software FIPS202 implementations. + * Only enable this when you have to. + * + *****************************************************************************/ +/* #define MLD_CONFIG_SERIAL_FIPS202_ONLY */ + +/****************************************************************************** + * Name: MLD_CONFIG_CONTEXT_PARAMETER + * + * Description: Set this to add a context parameter that is provided to public + * API functions and is then available in custom callbacks. + * + * The type of the context parameter is configured via + * MLD_CONFIG_CONTEXT_PARAMETER_TYPE. + * + *****************************************************************************/ +/* #define MLD_CONFIG_CONTEXT_PARAMETER */ + +/****************************************************************************** + * Name: MLD_CONFIG_CONTEXT_PARAMETER_TYPE + * + * Description: Set this to define the type for the context parameter used by + * MLD_CONFIG_CONTEXT_PARAMETER. + * + * This is only relevant if MLD_CONFIG_CONTEXT_PARAMETER is set. + * + *****************************************************************************/ +/* #define MLD_CONFIG_CONTEXT_PARAMETER_TYPE void* */ + +/****************************************************************************** + * Name: MLD_CONFIG_REDUCE_RAM [EXPERIMENTAL] + * + * Description: Set this to reduce RAM usage. + * This trades memory for performance. + * + * For expected memory usage, see the MLD_TOTAL_ALLOC_* constants + * defined in mldsa_native.h. + * + * This option is useful for embedded systems with tight RAM + * constraints but relaxed performance requirements. + * + * WARNING: This option is experimental! + * CBMC proofs do not currently cover this configuration option. + * Its scope and configuration may change at any time. + * + *****************************************************************************/ +#define MLD_CONFIG_REDUCE_RAM + +/************************* Config internals ********************************/ + +#endif /* MLD_BUILD_INTERNAL */ + +/* Default namespace + * + * Don't change this. If you need a different namespace, re-define + * MLD_CONFIG_NAMESPACE_PREFIX above instead, and remove the following. + * + * The default MLDSA namespace is + * + * PQCP_MLDSA_NATIVE_MLDSA_ + * + * e.g., PQCP_MLDSA_NATIVE_MLDSA44_ + */ + +#if MLD_CONFIG_PARAMETER_SET == 44 +#define MLD_DEFAULT_NAMESPACE_PREFIX PQCP_MLDSA_NATIVE_MLDSA44 +#elif MLD_CONFIG_PARAMETER_SET == 65 +#define MLD_DEFAULT_NAMESPACE_PREFIX PQCP_MLDSA_NATIVE_MLDSA65 +#elif MLD_CONFIG_PARAMETER_SET == 87 +#define MLD_DEFAULT_NAMESPACE_PREFIX PQCP_MLDSA_NATIVE_MLDSA87 +#endif + +#endif /* !MLD_CONFIG_H */ diff --git a/examples/monolithic_build_verify_native/mldsa_native/src b/examples/monolithic_build_verify_native/mldsa_native/src new file mode 120000 index 000000000..3fd9af3d7 --- /dev/null +++ b/examples/monolithic_build_verify_native/mldsa_native/src @@ -0,0 +1 @@ +../../../mldsa/src/ \ No newline at end of file diff --git a/mldsa/mldsa_native.h b/mldsa/mldsa_native.h index fd150a9df..770781945 100644 --- a/mldsa/mldsa_native.h +++ b/mldsa/mldsa_native.h @@ -205,6 +205,7 @@ extern "C" { #endif +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) /************************************************* * Name: crypto_sign_keypair_internal * @@ -243,6 +244,7 @@ int MLD_API_NAMESPACE(keypair_internal)( #endif ); +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) /************************************************* * Name: crypto_sign_keypair * @@ -276,7 +278,10 @@ int MLD_API_NAMESPACE(keypair)( MLD_CONFIG_CONTEXT_PARAMETER_TYPE context #endif ); +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) /************************************************* * Name: crypto_sign_signature_internal * @@ -323,6 +328,7 @@ int MLD_API_NAMESPACE(signature_internal)( #endif ); +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) /************************************************* * Name: crypto_sign_signature * @@ -438,7 +444,10 @@ int MLD_API_NAMESPACE(sign)( MLD_CONFIG_CONTEXT_PARAMETER_TYPE context #endif ); +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) /************************************************* * Name: crypto_sign_verify_internal * @@ -477,6 +486,7 @@ int MLD_API_NAMESPACE(verify_internal)( #endif ); +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) /************************************************* * Name: crypto_sign_verify * @@ -581,6 +591,8 @@ int MLD_API_NAMESPACE(open)( MLD_CONFIG_CONTEXT_PARAMETER_TYPE context #endif ); +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ +#endif /* !MLD_CONFIG_NO_VERIFY_API */ /************************************************* * Hash algorithm constants for domain separation @@ -599,6 +611,8 @@ int MLD_API_NAMESPACE(open)( #define MLD_PREHASH_SHAKE_128 11 #define MLD_PREHASH_SHAKE_256 12 +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) +#if !defined(MLD_CONFIG_NO_SIGN_API) /************************************************* * Name: crypto_sign_signature_pre_hash_internal * @@ -647,7 +661,9 @@ int MLD_API_NAMESPACE(signature_pre_hash_internal)( MLD_CONFIG_CONTEXT_PARAMETER_TYPE context #endif ); +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) /************************************************* * Name: crypto_sign_verify_pre_hash_internal * @@ -691,7 +707,9 @@ int MLD_API_NAMESPACE(verify_pre_hash_internal)( MLD_CONFIG_CONTEXT_PARAMETER_TYPE context #endif ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) /************************************************* * Name: crypto_sign_signature_pre_hash_shake256 * @@ -731,7 +749,9 @@ int MLD_API_NAMESPACE(signature_pre_hash_shake256)( MLD_CONFIG_CONTEXT_PARAMETER_TYPE context #endif ); +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) /************************************************* * Name: crypto_sign_verify_pre_hash_shake256 * @@ -767,10 +787,13 @@ int MLD_API_NAMESPACE(verify_pre_hash_shake256)( MLD_CONFIG_CONTEXT_PARAMETER_TYPE context #endif ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ /* Maximum formatted domain separation message length */ #define MLD_DOMAIN_SEPARATION_MAX_BYTES (2 + 255 + 11 + 64) +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) /************************************************* * Name: mld_prepare_domain_separation_prefix * @@ -815,6 +838,7 @@ size_t MLD_API_NAMESPACE(prepare_domain_separation_prefix)( uint8_t prefix[MLD_DOMAIN_SEPARATION_MAX_BYTES], const uint8_t *ph, size_t phlen, const uint8_t *ctx, size_t ctxlen, int hashalg); +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) /************************************************* * Name: crypto_sign_pk_from_sk * @@ -850,6 +874,8 @@ int MLD_API_NAMESPACE(pk_from_sk)( MLD_CONFIG_CONTEXT_PARAMETER_TYPE context #endif ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ #ifdef __cplusplus } diff --git a/mldsa/mldsa_native_config.h b/mldsa/mldsa_native_config.h index 25dc88771..df405e32b 100644 --- a/mldsa/mldsa_native_config.h +++ b/mldsa/mldsa_native_config.h @@ -111,6 +111,57 @@ *****************************************************************************/ /* #define MLD_CONFIG_EXTERNAL_API_QUALIFIER */ +/****************************************************************************** + * Name: MLD_CONFIG_NO_KEYPAIR_API + * + * Description: By default, mldsa-native includes support for generating key + * pairs. If you don't need this, set MLD_CONFIG_NO_KEYPAIR_API + * to exclude crypto_sign_keypair, crypto_sign_keypair_internal, + * crypto_sign_pk_from_sk, and all internal APIs only needed by + * those functions. + * + *****************************************************************************/ +/* #define MLD_CONFIG_NO_KEYPAIR_API */ + +/****************************************************************************** + * Name: MLD_CONFIG_NO_SIGN_API + * + * Description: By default, mldsa-native includes support for creating + * signatures. If you don't need this, set MLD_CONFIG_NO_SIGN_API + * to exclude crypto_sign, crypto_sign_signature, + * crypto_sign_signature_extmu, crypto_sign_signature_internal, + * crypto_sign_signature_pre_hash_internal, + * crypto_sign_signature_pre_hash_shake256, and all internal APIs + * only needed by those functions. + * + *****************************************************************************/ +/* #define MLD_CONFIG_NO_SIGN_API */ + +/****************************************************************************** + * Name: MLD_CONFIG_NO_VERIFY_API + * + * Description: By default, mldsa-native includes support for verifying + * signatures. If you don't need this, set + * MLD_CONFIG_NO_VERIFY_API to exclude crypto_sign_open, + * crypto_sign_verify, crypto_sign_verify_extmu, + * crypto_sign_verify_internal, + * crypto_sign_verify_pre_hash_internal, + * crypto_sign_verify_pre_hash_shake256, and all internal APIs + * only needed by those functions. + * + *****************************************************************************/ +/* #define MLD_CONFIG_NO_VERIFY_API */ + +/****************************************************************************** + * Name: MLD_CONFIG_INTERNAL_API_ONLY + * + * Description: Set this to remove all public APIs except + * crypto_sign_keypair_internal, crypto_sign_signature_internal, + * and crypto_sign_verify_internal. + * + *****************************************************************************/ +/* #define MLD_CONFIG_INTERNAL_API_ONLY */ + /****************************************************************************** * Name: MLD_CONFIG_NO_RANDOMIZED_API * diff --git a/mldsa/src/fips202/fips202.c b/mldsa/src/fips202/fips202.c index 0cf2c0e76..7ec46de6a 100644 --- a/mldsa/src/fips202/fips202.c +++ b/mldsa/src/fips202/fips202.c @@ -260,6 +260,7 @@ void mld_shake256_release(mld_shake256ctx *state) mld_zeroize(state, sizeof(mld_shake256ctx)); } +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_INTERNAL_API_ONLY) MLD_INTERNAL_API void mld_shake256(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) { @@ -271,5 +272,6 @@ void mld_shake256(uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen) mld_shake256_squeeze(out, outlen, &state); mld_shake256_release(&state); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_INTERNAL_API_ONLY */ #endif /* !MLD_CONFIG_MULTILEVEL_NO_SHARED */ diff --git a/mldsa/src/fips202/fips202.h b/mldsa/src/fips202/fips202.h index 65a7bd1ab..fe688123e 100644 --- a/mldsa/src/fips202/fips202.h +++ b/mldsa/src/fips202/fips202.h @@ -221,6 +221,7 @@ __contract__( assigns(memory_slice(state, sizeof(mld_shake256ctx))) ); +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_INTERNAL_API_ONLY) #define mld_shake256 MLD_NAMESPACE(shake256) /************************************************* * Name: mld_shake256 @@ -241,5 +242,6 @@ __contract__( requires(memory_no_alias(out, outlen)) assigns(memory_slice(out, outlen)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_INTERNAL_API_ONLY */ #endif /* !MLD_FIPS202_FIPS202_H */ diff --git a/mldsa/src/fips202/fips202x4.c b/mldsa/src/fips202/fips202x4.c index 668c282c9..b464f2e4c 100644 --- a/mldsa/src/fips202/fips202x4.c +++ b/mldsa/src/fips202/fips202x4.c @@ -23,6 +23,7 @@ #include "fips202x4.h" #include "keccakf1600.h" +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_REDUCE_RAM) static void mld_keccak_absorb_once_x4(uint64_t *s, uint32_t r, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, const uint8_t *in3, @@ -117,6 +118,7 @@ __contract__( nblocks--; } } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_REDUCE_RAM */ #if !defined(MLD_CONFIG_REDUCE_RAM) MLD_INTERNAL_API @@ -148,6 +150,7 @@ void mld_shake128x4_release(mld_shake128x4ctx *state) } #endif /* !MLD_CONFIG_REDUCE_RAM */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API void mld_shake256x4_absorb_once(mld_shake256x4ctx *state, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, @@ -175,6 +178,7 @@ void mld_shake256x4_release(mld_shake256x4ctx *state) /* @[FIPS204, Section 3.6.3] Destruction of intermediate values. */ mld_zeroize(state, sizeof(mld_shake256x4ctx)); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ #endif /* !MLD_CONFIG_MULTILEVEL_NO_SHARED && !MLD_CONFIG_SERIAL_FIPS202_ONLY \ */ diff --git a/mldsa/src/fips202/fips202x4.h b/mldsa/src/fips202/fips202x4.h index 5a961ebe9..7ca554134 100644 --- a/mldsa/src/fips202/fips202x4.h +++ b/mldsa/src/fips202/fips202x4.h @@ -72,6 +72,7 @@ MLD_INTERNAL_API void mld_shake128x4_release(mld_shake128x4ctx *state); #endif /* !MLD_CONFIG_REDUCE_RAM */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) #define mld_shake256x4_absorb_once MLD_NAMESPACE(shake256x4_absorb_once) MLD_INTERNAL_API void mld_shake256x4_absorb_once(mld_shake256x4ctx *state, const uint8_t *in0, @@ -113,6 +114,7 @@ void mld_shake256x4_init(mld_shake256x4ctx *state); #define mld_shake256x4_release MLD_NAMESPACE(shake256x4_release) MLD_INTERNAL_API void mld_shake256x4_release(mld_shake256x4ctx *state); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ #endif /* !MLD_CONFIG_SERIAL_FIPS202_ONLY */ #endif /* !MLD_FIPS202_FIPS202X4_H */ diff --git a/mldsa/src/fips202/keccakf1600.c b/mldsa/src/fips202/keccakf1600.c index ad9a427ec..e765d49c6 100644 --- a/mldsa/src/fips202/keccakf1600.c +++ b/mldsa/src/fips202/keccakf1600.c @@ -81,6 +81,7 @@ void mld_keccakf1600_xor_bytes(uint64_t *state, const unsigned char *data, #endif /* !MLD_SYS_LITTLE_ENDIAN */ } +#if (!defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_REDUCE_RAM)) && !defined(MLD_CONFIG_SERIAL_FIPS202_ONLY) MLD_INTERNAL_API void mld_keccakf1600x4_extract_bytes(uint64_t *state, unsigned char *data0, unsigned char *data1, unsigned char *data2, @@ -128,6 +129,7 @@ void mld_keccakf1600x4_permute(uint64_t *state) mld_keccakf1600_permute(state + MLD_KECCAK_LANES * 2); mld_keccakf1600_permute(state + MLD_KECCAK_LANES * 3); } +#endif /* (!MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_REDUCE_RAM) && !MLD_CONFIG_SERIAL_FIPS202_ONLY */ static const uint64_t mld_KeccakF_RoundConstants[MLD_KECCAK_NROUNDS] = { (uint64_t)0x0000000000000001ULL, (uint64_t)0x0000000000008082ULL, diff --git a/mldsa/src/fips202/keccakf1600.h b/mldsa/src/fips202/keccakf1600.h index 2921b4cce..3e049cf3c 100644 --- a/mldsa/src/fips202/keccakf1600.h +++ b/mldsa/src/fips202/keccakf1600.h @@ -44,6 +44,7 @@ __contract__( assigns(memory_slice(state, sizeof(uint64_t) * MLD_KECCAK_LANES)) ); +#if (!defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_REDUCE_RAM)) && !defined(MLD_CONFIG_SERIAL_FIPS202_ONLY) #define mld_keccakf1600x4_extract_bytes \ MLD_NAMESPACE(keccakf1600x4_extract_bytes) MLD_INTERNAL_API @@ -94,6 +95,7 @@ __contract__( requires(memory_no_alias(state, sizeof(uint64_t) * MLD_KECCAK_LANES * MLD_KECCAK_WAY)) assigns(memory_slice(state, sizeof(uint64_t) * MLD_KECCAK_LANES * MLD_KECCAK_WAY)) ); +#endif /* (!MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_REDUCE_RAM) && !MLD_CONFIG_SERIAL_FIPS202_ONLY */ #define mld_keccakf1600_permute MLD_NAMESPACE(keccakf1600_permute) MLD_INTERNAL_API diff --git a/mldsa/src/fips202/native/aarch64/auto.h b/mldsa/src/fips202/native/aarch64/auto.h index 4375cc197..5da037a15 100644 --- a/mldsa/src/fips202/native/aarch64/auto.h +++ b/mldsa/src/fips202/native/aarch64/auto.h @@ -37,6 +37,7 @@ #include "x1_scalar.h" #endif +#if !defined(MLD_CONFIG_SERIAL_FIPS202_ONLY) && !defined(MLD_CONFIG_REDUCE_RAM) /* * Keccak-f1600x2/x4 * @@ -68,4 +69,6 @@ #endif /* !__ARM_FEATURE_SHA3 */ +#endif /* !MLD_CONFIG_SERIAL_FIPS202_ONLY && !MLD_CONFIG_REDUCE_RAM */ + #endif /* !MLD_FIPS202_NATIVE_AARCH64_AUTO_H */ diff --git a/mldsa/src/native/aarch64/meta.h b/mldsa/src/native/aarch64/meta.h index 2923b8c55..688ba4c14 100644 --- a/mldsa/src/native/aarch64/meta.h +++ b/mldsa/src/native/aarch64/meta.h @@ -66,6 +66,7 @@ static MLD_INLINE int mld_rej_uniform_native(int32_t *r, unsigned len, return (int)mld_rej_uniform_asm(r, buf, buflen, mld_rej_uniform_table); } +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_rej_uniform_eta2_native(int32_t *r, unsigned len, @@ -119,7 +120,9 @@ static MLD_INLINE int mld_rej_uniform_eta4_native(int32_t *r, unsigned len, return (int)outlen; } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4 */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -140,6 +143,7 @@ static MLD_INLINE int mld_poly_decompose_88_native(int32_t *a1, int32_t *a0) } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ +#endif /* !MLD_CONFIG_NO_SIGN_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) @@ -148,6 +152,7 @@ static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) return MLD_NATIVE_FUNC_SUCCESS; } +#if !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -170,6 +175,7 @@ static MLD_INLINE int mld_poly_use_hint_88_native(int32_t *b, const int32_t *a, } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ +#endif /* !MLD_CONFIG_NO_VERIFY_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) @@ -177,6 +183,7 @@ static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) return mld_poly_chknorm_asm(a, B); } +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_polyz_unpack_17_native(int32_t *r, const uint8_t *buf) @@ -206,6 +213,7 @@ static MLD_INLINE int mld_poly_pointwise_montgomery_native( mld_poly_pointwise_montgomery_asm(out, in0, in1); return MLD_NATIVE_FUNC_SUCCESS; } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_L == 4 MLD_MUST_CHECK_RETURN_VALUE diff --git a/mldsa/src/native/aarch64/src/arith_native_aarch64.h b/mldsa/src/native/aarch64/src/arith_native_aarch64.h index 50ad20c90..666bd10a9 100644 --- a/mldsa/src/native/aarch64/src/arith_native_aarch64.h +++ b/mldsa/src/native/aarch64/src/arith_native_aarch64.h @@ -27,13 +27,17 @@ extern const int32_t mld_aarch64_intt_zetas_layer123456[]; #define mld_rej_uniform_table MLD_NAMESPACE(rej_uniform_table) extern const uint8_t mld_rej_uniform_table[]; +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_rej_uniform_eta_table MLD_NAMESPACE(rej_uniform_eta_table) extern const uint8_t mld_rej_uniform_eta_table[]; +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyz_unpack_17_indices MLD_NAMESPACE(polyz_unpack_17_indices) extern const uint8_t mld_polyz_unpack_17_indices[]; #define mld_polyz_unpack_19_indices MLD_NAMESPACE(polyz_unpack_19_indices) extern const uint8_t mld_polyz_unpack_19_indices[]; +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ /* @@ -61,6 +65,7 @@ MLD_MUST_CHECK_RETURN_VALUE uint64_t mld_rej_uniform_asm(int32_t *r, const uint8_t *buf, unsigned buflen, const uint8_t *table); +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_rej_uniform_eta2_asm MLD_NAMESPACE(rej_uniform_eta2_asm) MLD_MUST_CHECK_RETURN_VALUE uint64_t mld_rej_uniform_eta2_asm(int32_t *r, const uint8_t *buf, @@ -70,12 +75,15 @@ uint64_t mld_rej_uniform_eta2_asm(int32_t *r, const uint8_t *buf, MLD_MUST_CHECK_RETURN_VALUE uint64_t mld_rej_uniform_eta4_asm(int32_t *r, const uint8_t *buf, unsigned buflen, const uint8_t *table); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_poly_decompose_32_asm MLD_NAMESPACE(poly_decompose_32_asm) void mld_poly_decompose_32_asm(int32_t *a1, int32_t *a0); #define mld_poly_decompose_88_asm MLD_NAMESPACE(poly_decompose_88_asm) void mld_poly_decompose_88_asm(int32_t *a1, int32_t *a0); +#endif /* !MLD_CONFIG_NO_SIGN_API */ #define mld_poly_caddq_asm MLD_NAMESPACE(poly_caddq_asm) void mld_poly_caddq_asm(int32_t *a) @@ -88,16 +96,19 @@ __contract__( ensures(array_bound(a, 0, MLDSA_N, 0, MLDSA_Q)) ); +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_use_hint_32_asm MLD_NAMESPACE(poly_use_hint_32_asm) void mld_poly_use_hint_32_asm(int32_t *b, const int32_t *a, const int32_t *h); #define mld_poly_use_hint_88_asm MLD_NAMESPACE(poly_use_hint_88_asm) void mld_poly_use_hint_88_asm(int32_t *b, const int32_t *a, const int32_t *h); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ #define mld_poly_chknorm_asm MLD_NAMESPACE(poly_chknorm_asm) MLD_MUST_CHECK_RETURN_VALUE int mld_poly_chknorm_asm(const int32_t *a, int32_t B); +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyz_unpack_17_asm MLD_NAMESPACE(polyz_unpack_17_asm) void mld_polyz_unpack_17_asm(int32_t *r, const uint8_t *buf, const uint8_t *indices); @@ -110,6 +121,7 @@ void mld_polyz_unpack_19_asm(int32_t *r, const uint8_t *buf, MLD_NAMESPACE(poly_pointwise_montgomery_asm) void mld_poly_pointwise_montgomery_asm(int32_t *, const int32_t *, const int32_t *); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #define mld_polyvecl_pointwise_acc_montgomery_l4_asm \ MLD_NAMESPACE(polyvecl_pointwise_acc_montgomery_l4_asm) diff --git a/mldsa/src/native/aarch64/src/pointwise_montgomery.S b/mldsa/src/native/aarch64/src/pointwise_montgomery.S index 6ed2f9ebb..c276a419f 100644 --- a/mldsa/src/native/aarch64/src/pointwise_montgomery.S +++ b/mldsa/src/native/aarch64/src/pointwise_montgomery.S @@ -3,7 +3,9 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) +#if defined(MLD_ARITH_BACKEND_AARCH64) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ + !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) /* * WARNING: This file is auto-derived from the mldsa-native source file @@ -76,4 +78,6 @@ Lpoly_pointwise_montgomery_loop_start: MLD_ASM_FN_SIZE(poly_pointwise_montgomery_asm) -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ +#endif /* MLD_ARITH_BACKEND_AARCH64 && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED */ diff --git a/mldsa/src/native/aarch64/src/poly_decompose_32_asm.S b/mldsa/src/native/aarch64/src/poly_decompose_32_asm.S index 64c0c3c94..7c935beaa 100644 --- a/mldsa/src/native/aarch64/src/poly_decompose_32_asm.S +++ b/mldsa/src/native/aarch64/src/poly_decompose_32_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_SIGN_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) /* @@ -80,6 +80,6 @@ Lpoly_decompose_32_loop: MLD_ASM_FN_SIZE(poly_decompose_32_asm) -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87) */ diff --git a/mldsa/src/native/aarch64/src/poly_decompose_88_asm.S b/mldsa/src/native/aarch64/src/poly_decompose_88_asm.S index 60fc06a6c..da16a435d 100644 --- a/mldsa/src/native/aarch64/src/poly_decompose_88_asm.S +++ b/mldsa/src/native/aarch64/src/poly_decompose_88_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_SIGN_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44) /* @@ -80,6 +80,6 @@ Lpoly_decompose_88_loop: MLD_ASM_FN_SIZE(poly_decompose_88_asm) -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \ */ diff --git a/mldsa/src/native/aarch64/src/poly_use_hint_32_asm.S b/mldsa/src/native/aarch64/src/poly_use_hint_32_asm.S index e772c1c17..4efb3e2a9 100644 --- a/mldsa/src/native/aarch64/src/poly_use_hint_32_asm.S +++ b/mldsa/src/native/aarch64/src/poly_use_hint_32_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_VERIFY_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) /* @@ -97,6 +97,6 @@ Lpoly_use_hint_32_loop: MLD_ASM_FN_SIZE(poly_use_hint_32_asm) -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87) */ diff --git a/mldsa/src/native/aarch64/src/poly_use_hint_88_asm.S b/mldsa/src/native/aarch64/src/poly_use_hint_88_asm.S index a2429c8da..fe28bf935 100644 --- a/mldsa/src/native/aarch64/src/poly_use_hint_88_asm.S +++ b/mldsa/src/native/aarch64/src/poly_use_hint_88_asm.S @@ -4,7 +4,7 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_NO_VERIFY_API) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44) /* @@ -105,6 +105,6 @@ Lpoly_use_hint_88_loop: MLD_ASM_FN_SIZE(poly_use_hint_88_asm) -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \ */ diff --git a/mldsa/src/native/aarch64/src/polyz_unpack_17_asm.S b/mldsa/src/native/aarch64/src/polyz_unpack_17_asm.S index d6ba23526..c6fa5b145 100644 --- a/mldsa/src/native/aarch64/src/polyz_unpack_17_asm.S +++ b/mldsa/src/native/aarch64/src/polyz_unpack_17_asm.S @@ -5,7 +5,9 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ + !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44) /* @@ -66,6 +68,8 @@ Lpolyz_unpack_17_loop: MLD_ASM_FN_SIZE(polyz_unpack_17_asm) -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44) \ */ diff --git a/mldsa/src/native/aarch64/src/polyz_unpack_19_asm.S b/mldsa/src/native/aarch64/src/polyz_unpack_19_asm.S index f21dddb03..ef345263c 100644 --- a/mldsa/src/native/aarch64/src/polyz_unpack_19_asm.S +++ b/mldsa/src/native/aarch64/src/polyz_unpack_19_asm.S @@ -5,7 +5,9 @@ */ #include "../../../common.h" -#if defined(MLD_ARITH_BACKEND_AARCH64) && !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ +#if defined(MLD_ARITH_BACKEND_AARCH64) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ + !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) /* @@ -63,6 +65,8 @@ Lpolyz_unpack_19_loop: MLD_ASM_FN_SIZE(polyz_unpack_19_asm) -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87) */ diff --git a/mldsa/src/native/aarch64/src/polyz_unpack_table.c b/mldsa/src/native/aarch64/src/polyz_unpack_table.c index 7eb766bc0..a60d1f003 100644 --- a/mldsa/src/native/aarch64/src/polyz_unpack_table.c +++ b/mldsa/src/native/aarch64/src/polyz_unpack_table.c @@ -17,6 +17,7 @@ #include #include "arith_native_aarch64.h" +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) /* Table of indices used for tbl instructions in polyz_unpack_{17,19}. * See autogen for details. */ @@ -33,6 +34,7 @@ MLD_ALIGN const uint8_t mld_polyz_unpack_19_indices[] = { 4, 5, 6, 255, 6, 7, 8, 255, 9, 10, 11, 255, 11, 12, 13, 255, 14, 15, 16, 255, 16, 17, 18, 255, 19, 20, 21, 255, 21, 22, 23, 255, }; +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #else /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ diff --git a/mldsa/src/native/aarch64/src/rej_uniform_eta2_asm.S b/mldsa/src/native/aarch64/src/rej_uniform_eta2_asm.S index eecfb2d6e..73d644a63 100644 --- a/mldsa/src/native/aarch64/src/rej_uniform_eta2_asm.S +++ b/mldsa/src/native/aarch64/src/rej_uniform_eta2_asm.S @@ -6,6 +6,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_AARCH64) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2) @@ -131,5 +132,5 @@ Lrej_uniform_eta2_final_copy: MLD_ASM_FN_SIZE(rej_uniform_eta2_asm) -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 2) */ diff --git a/mldsa/src/native/aarch64/src/rej_uniform_eta4_asm.S b/mldsa/src/native/aarch64/src/rej_uniform_eta4_asm.S index caa89e273..e4f19d0c0 100644 --- a/mldsa/src/native/aarch64/src/rej_uniform_eta4_asm.S +++ b/mldsa/src/native/aarch64/src/rej_uniform_eta4_asm.S @@ -6,6 +6,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_AARCH64) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 4) @@ -124,5 +125,5 @@ Lrej_uniform_eta4_final_copy: MLD_ASM_FN_SIZE(rej_uniform_eta4_asm) -#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ +#endif /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4) */ diff --git a/mldsa/src/native/aarch64/src/rej_uniform_eta_table.c b/mldsa/src/native/aarch64/src/rej_uniform_eta_table.c index cf21509cb..240644cdb 100644 --- a/mldsa/src/native/aarch64/src/rej_uniform_eta_table.c +++ b/mldsa/src/native/aarch64/src/rej_uniform_eta_table.c @@ -12,6 +12,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_AARCH64) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) #include @@ -537,8 +538,8 @@ MLD_ALIGN const uint8_t mld_rej_uniform_eta_table[] = { 8, 9, 10, 11, 12, 13, 14, 15 /* 255 */, }; -#else /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ +#else /* MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED */ MLD_EMPTY_CU(aarch64_rej_uniform_eta_table) -#endif /* !(MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_MULTILEVEL_NO_SHARED) */ +#endif /* !(MLD_ARITH_BACKEND_AARCH64 && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED) */ diff --git a/mldsa/src/native/api.h b/mldsa/src/native/api.h index a403d3ece..422c31194 100644 --- a/mldsa/src/native/api.h +++ b/mldsa/src/native/api.h @@ -194,6 +194,7 @@ __contract__( ); #endif /* MLD_USE_NATIVE_REJ_UNIFORM */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #if defined(MLD_USE_NATIVE_REJ_UNIFORM_ETA2) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2 /************************************************* @@ -263,7 +264,9 @@ __contract__( ); #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4 */ #endif /* MLD_USE_NATIVE_REJ_UNIFORM_ETA4 */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #if defined(MLD_USE_NATIVE_POLY_DECOMPOSE_32) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) @@ -336,6 +339,7 @@ __contract__( #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ #endif /* MLD_USE_NATIVE_POLY_DECOMPOSE_88 */ +#endif /* !MLD_CONFIG_NO_SIGN_API */ #if defined(MLD_USE_NATIVE_POLY_CADDQ) /************************************************* @@ -359,6 +363,7 @@ __contract__( ); #endif /* MLD_USE_NATIVE_POLY_CADDQ */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_USE_NATIVE_POLY_USE_HINT_32) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) @@ -421,6 +426,7 @@ __contract__( #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ #endif /* MLD_USE_NATIVE_POLY_USE_HINT_88 */ +#endif /* !MLD_CONFIG_NO_VERIFY_API */ #if defined(MLD_USE_NATIVE_POLY_CHKNORM) /************************************************* @@ -446,6 +452,7 @@ __contract__( ); #endif /* MLD_USE_NATIVE_POLY_CHKNORM */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_USE_NATIVE_POLYZ_UNPACK_17) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44 /************************************************* @@ -530,6 +537,7 @@ __contract__( ensures((return_value == MLD_NATIVE_FUNC_FALLBACK) ==> array_unchanged(c, MLDSA_N)) ); #endif /* MLD_USE_NATIVE_POINTWISE_MONTGOMERY */ +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #if defined(MLD_USE_NATIVE_POLYVECL_POINTWISE_ACC_MONTGOMERY_L4) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_L == 4 diff --git a/mldsa/src/native/x86_64/meta.h b/mldsa/src/native/x86_64/meta.h index 9e45b661e..c9a533a5e 100644 --- a/mldsa/src/native/x86_64/meta.h +++ b/mldsa/src/native/x86_64/meta.h @@ -83,6 +83,7 @@ static MLD_INLINE int mld_rej_uniform_native(int32_t *r, unsigned len, return (int)mld_rej_uniform_avx2(r, buf); } +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_rej_uniform_eta2_native(int32_t *r, unsigned len, @@ -140,7 +141,9 @@ static MLD_INLINE int mld_rej_uniform_eta4_native(int32_t *r, unsigned len, return (int)outlen; } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4 */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -169,7 +172,7 @@ static MLD_INLINE int mld_poly_decompose_88_native(int32_t *a1, int32_t *a0) } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ - +#endif /* !MLD_CONFIG_NO_SIGN_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) @@ -182,6 +185,7 @@ static MLD_INLINE int mld_poly_caddq_native(int32_t a[MLDSA_N]) return MLD_NATIVE_FUNC_SUCCESS; } +#if !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87) MLD_MUST_CHECK_RETURN_VALUE @@ -212,7 +216,7 @@ static MLD_INLINE int mld_poly_use_hint_88_native(int32_t *b, const int32_t *a, } #endif /* MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 44 \ */ - +#endif /* !MLD_CONFIG_NO_VERIFY_API */ MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) @@ -224,6 +228,7 @@ static MLD_INLINE int mld_poly_chknorm_native(const int32_t *a, int32_t B) return mld_poly_chknorm_avx2(a, B); } +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLD_CONFIG_PARAMETER_SET == 44 MLD_MUST_CHECK_RETURN_VALUE static MLD_INLINE int mld_polyz_unpack_17_native(int32_t *r, const uint8_t *a) @@ -264,6 +269,7 @@ static MLD_INLINE int mld_poly_pointwise_montgomery_native( mld_pointwise_avx2(c, a, b, mld_qdata); return MLD_NATIVE_FUNC_SUCCESS; } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #if defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_L == 4 MLD_MUST_CHECK_RETURN_VALUE diff --git a/mldsa/src/native/x86_64/src/arith_native_x86_64.h b/mldsa/src/native/x86_64/src/arith_native_x86_64.h index 15c004374..ca254d1f8 100644 --- a/mldsa/src/native/x86_64/src/arith_native_x86_64.h +++ b/mldsa/src/native/x86_64/src/arith_native_x86_64.h @@ -68,6 +68,7 @@ MLD_MUST_CHECK_RETURN_VALUE unsigned mld_rej_uniform_avx2(int32_t *r, const uint8_t buf[MLD_AVX2_REJ_UNIFORM_BUFLEN]); +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_rej_uniform_eta2_avx2 MLD_NAMESPACE(mld_rej_uniform_eta2_avx2) MLD_MUST_CHECK_RETURN_VALUE unsigned mld_rej_uniform_eta2_avx2( @@ -77,31 +78,38 @@ unsigned mld_rej_uniform_eta2_avx2( MLD_MUST_CHECK_RETURN_VALUE unsigned mld_rej_uniform_eta4_avx2( int32_t *r, const uint8_t buf[MLD_AVX2_REJ_UNIFORM_ETA4_BUFLEN]); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_poly_decompose_32_avx2 MLD_NAMESPACE(mld_poly_decompose_32_avx2) void mld_poly_decompose_32_avx2(int32_t *a1, int32_t *a0); #define mld_poly_decompose_88_avx2 MLD_NAMESPACE(mld_poly_decompose_88_avx2) void mld_poly_decompose_88_avx2(int32_t *a1, int32_t *a0); +#endif /* !MLD_CONFIG_NO_SIGN_API */ #define mld_poly_caddq_avx2 MLD_NAMESPACE(poly_caddq_avx2) void mld_poly_caddq_avx2(int32_t *r); +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_use_hint_32_avx2 MLD_NAMESPACE(mld_poly_use_hint_32_avx2) void mld_poly_use_hint_32_avx2(int32_t *b, const int32_t *a, const int32_t *h); #define mld_poly_use_hint_88_avx2 MLD_NAMESPACE(mld_poly_use_hint_88_avx2) void mld_poly_use_hint_88_avx2(int32_t *b, const int32_t *a, const int32_t *h); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ #define mld_poly_chknorm_avx2 MLD_NAMESPACE(mld_poly_chknorm_avx2) MLD_MUST_CHECK_RETURN_VALUE int mld_poly_chknorm_avx2(const int32_t *a, int32_t B); +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyz_unpack_17_avx2 MLD_NAMESPACE(mld_polyz_unpack_17_avx2) void mld_polyz_unpack_17_avx2(int32_t *r, const uint8_t *a); #define mld_polyz_unpack_19_avx2 MLD_NAMESPACE(mld_polyz_unpack_19_avx2) void mld_polyz_unpack_19_avx2(int32_t *r, const uint8_t *a); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #define mld_pointwise_avx2 MLD_NAMESPACE(pointwise_avx2) void mld_pointwise_avx2(int32_t *c, const int32_t *a, const int32_t *b, diff --git a/mldsa/src/native/x86_64/src/poly_decompose_32_avx2.c b/mldsa/src/native/x86_64/src/poly_decompose_32_avx2.c index a51c3ac95..6d238599a 100644 --- a/mldsa/src/native/x86_64/src/poly_decompose_32_avx2.c +++ b/mldsa/src/native/x86_64/src/poly_decompose_32_avx2.c @@ -24,6 +24,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_SIGN_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) @@ -145,13 +146,14 @@ void mld_poly_decompose_32_avx2(int32_t *a1, int32_t *a0) } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 65 || MLD_CONFIG_PARAMETER_SET == 87) */ MLD_EMPTY_CU(avx2_poly_decompose_32) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + !MLD_CONFIG_NO_SIGN_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87)) */ diff --git a/mldsa/src/native/x86_64/src/poly_decompose_88_avx2.c b/mldsa/src/native/x86_64/src/poly_decompose_88_avx2.c index e63a310eb..fba6245d4 100644 --- a/mldsa/src/native/x86_64/src/poly_decompose_88_avx2.c +++ b/mldsa/src/native/x86_64/src/poly_decompose_88_avx2.c @@ -24,6 +24,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_SIGN_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ MLD_CONFIG_PARAMETER_SET == 44) @@ -145,13 +146,14 @@ void mld_poly_decompose_88_avx2(int32_t *a1, int32_t *a0) _mm256_store_si256((__m256i *)&a0[8 * i], f0); } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_SIGN_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44) */ MLD_EMPTY_CU(avx2_poly_decompose_88) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + !MLD_CONFIG_NO_SIGN_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44)) */ diff --git a/mldsa/src/native/x86_64/src/poly_use_hint_32_avx2.c b/mldsa/src/native/x86_64/src/poly_use_hint_32_avx2.c index b069ca859..7608dc8a3 100644 --- a/mldsa/src/native/x86_64/src/poly_use_hint_32_avx2.c +++ b/mldsa/src/native/x86_64/src/poly_use_hint_32_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_VERIFY_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) @@ -88,13 +89,14 @@ void mld_poly_use_hint_32_avx2(int32_t *b, const int32_t *a, } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 65 || MLD_CONFIG_PARAMETER_SET == 87) */ MLD_EMPTY_CU(avx2_poly_use_hint_32) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + !MLD_CONFIG_NO_VERIFY_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87)) */ diff --git a/mldsa/src/native/x86_64/src/poly_use_hint_88_avx2.c b/mldsa/src/native/x86_64/src/poly_use_hint_88_avx2.c index 257394819..02efb7b7e 100644 --- a/mldsa/src/native/x86_64/src/poly_use_hint_88_avx2.c +++ b/mldsa/src/native/x86_64/src/poly_use_hint_88_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_VERIFY_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ MLD_CONFIG_PARAMETER_SET == 44) @@ -90,13 +91,14 @@ void mld_poly_use_hint_88_avx2(int32_t *b, const int32_t *a, } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_VERIFY_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44) */ MLD_EMPTY_CU(avx2_poly_use_hint_88) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + !MLD_CONFIG_NO_VERIFY_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44)) */ diff --git a/mldsa/src/native/x86_64/src/polyz_unpack_17_avx2.c b/mldsa/src/native/x86_64/src/polyz_unpack_17_avx2.c index c45140cea..44aa6cc88 100644 --- a/mldsa/src/native/x86_64/src/polyz_unpack_17_avx2.c +++ b/mldsa/src/native/x86_64/src/polyz_unpack_17_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ MLD_CONFIG_PARAMETER_SET == 44) @@ -80,13 +81,16 @@ void mld_polyz_unpack_17_avx2(int32_t *r, const uint8_t *a) _mm256_store_si256((__m256i *)&r[8 * i], f); } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44) */ MLD_EMPTY_CU(avx2_polyz_unpack_17) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 44)) */ diff --git a/mldsa/src/native/x86_64/src/polyz_unpack_19_avx2.c b/mldsa/src/native/x86_64/src/polyz_unpack_19_avx2.c index f98990503..6b629d298 100644 --- a/mldsa/src/native/x86_64/src/polyz_unpack_19_avx2.c +++ b/mldsa/src/native/x86_64/src/polyz_unpack_19_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + (!defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API)) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || \ (MLD_CONFIG_PARAMETER_SET == 65 || MLD_CONFIG_PARAMETER_SET == 87)) @@ -82,13 +83,16 @@ void mld_polyz_unpack_19_avx2(int32_t *r, const uint8_t *a) } } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ + !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == \ 65 || MLD_CONFIG_PARAMETER_SET == 87) */ MLD_EMPTY_CU(avx2_polyz_unpack_19) #endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ + (!MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API) && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLD_CONFIG_PARAMETER_SET == 65 \ || MLD_CONFIG_PARAMETER_SET == 87)) */ diff --git a/mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c b/mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c index a34694325..f0d32139d 100644 --- a/mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c +++ b/mldsa/src/native/x86_64/src/rej_uniform_eta2_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 2) @@ -143,12 +144,12 @@ unsigned int mld_rej_uniform_eta2_avx2( return ctr; } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 2) */ MLD_EMPTY_CU(avx2_rej_uniform_eta2) -#endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ +#endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_KEYPAIR_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 2)) */ diff --git a/mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c b/mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c index 2cffd9b44..d2d04c484 100644 --- a/mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c +++ b/mldsa/src/native/x86_64/src/rej_uniform_eta4_avx2.c @@ -20,6 +20,7 @@ #include "../../../common.h" #if defined(MLD_ARITH_BACKEND_X86_64_DEFAULT) && \ + !defined(MLD_CONFIG_NO_KEYPAIR_API) && \ !defined(MLD_CONFIG_MULTILEVEL_NO_SHARED) && \ (defined(MLD_CONFIG_MULTILEVEL_WITH_SHARED) || MLDSA_ETA == 4) @@ -127,12 +128,12 @@ unsigned int mld_rej_uniform_eta4_avx2( return ctr; } -#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ +#else /* MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_KEYPAIR_API && !MLD_CONFIG_MULTILEVEL_NO_SHARED \ && (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4) */ MLD_EMPTY_CU(avx2_rej_uniform_eta4) -#endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && \ +#endif /* !(MLD_ARITH_BACKEND_X86_64_DEFAULT && !MLD_CONFIG_NO_KEYPAIR_API && \ !MLD_CONFIG_MULTILEVEL_NO_SHARED && \ (MLD_CONFIG_MULTILEVEL_WITH_SHARED || MLDSA_ETA == 4)) */ diff --git a/mldsa/src/packing.c b/mldsa/src/packing.c index 26da27385..746e83834 100644 --- a/mldsa/src/packing.c +++ b/mldsa/src/packing.c @@ -16,6 +16,7 @@ #define mld_unpack_hints MLD_ADD_PARAM_SET(mld_unpack_hints) /* End of parameter set namespacing */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) MLD_INTERNAL_API void mld_pack_pk(uint8_t pk[MLDSA_CRYPTO_PUBLICKEYBYTES], const uint8_t rho[MLDSA_SEEDBYTES], const mld_polyveck *t1) @@ -33,7 +34,9 @@ void mld_pack_pk(uint8_t pk[MLDSA_CRYPTO_PUBLICKEYBYTES], &t1->vec[i]); } } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_unpack_pk(uint8_t rho[MLDSA_SEEDBYTES], mld_polyveck *t1, const uint8_t pk[MLDSA_CRYPTO_PUBLICKEYBYTES]) @@ -48,7 +51,9 @@ void mld_unpack_pk(uint8_t rho[MLDSA_SEEDBYTES], mld_polyveck *t1, mld_polyt1_unpack(&t1->vec[i], pk + i * MLDSA_POLYT1_PACKEDBYTES); } } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) MLD_INTERNAL_API void mld_pack_sk(uint8_t sk[MLDSA_CRYPTO_SECRETKEYBYTES], const uint8_t rho[MLDSA_SEEDBYTES], @@ -73,7 +78,9 @@ void mld_pack_sk(uint8_t sk[MLDSA_CRYPTO_SECRETKEYBYTES], mld_polyveck_pack_t0(sk, t0); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API void mld_unpack_sk(uint8_t rho[MLDSA_SEEDBYTES], uint8_t tr[MLDSA_TRBYTES], uint8_t key[MLDSA_SEEDBYTES], mld_polyveck *t0, @@ -97,7 +104,9 @@ void mld_unpack_sk(uint8_t rho[MLDSA_SEEDBYTES], uint8_t tr[MLDSA_TRBYTES], mld_polyveck_unpack_t0(t0, sk); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API void mld_pack_sig_c_h(uint8_t sig[MLDSA_CRYPTO_BYTES], const uint8_t c[MLDSA_CTILDEBYTES], const mld_polyveck *h, @@ -176,7 +185,9 @@ void mld_pack_sig_z(uint8_t sig[MLDSA_CRYPTO_BYTES], const mld_poly *zi, sig += i * MLDSA_POLYZ_PACKEDBYTES; mld_polyz_pack(sig, zi); } +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) /************************************************* * Name: mld_unpack_hints * @@ -267,7 +278,9 @@ __contract__( return 0; } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API int mld_unpack_sig(uint8_t c[MLDSA_CTILDEBYTES], mld_polyvecl *z, mld_polyveck *h, const uint8_t sig[MLDSA_CRYPTO_BYTES]) @@ -280,6 +293,7 @@ int mld_unpack_sig(uint8_t c[MLDSA_CTILDEBYTES], mld_polyvecl *z, return mld_unpack_hints(h, sig); } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mldsa/src/packing.h b/mldsa/src/packing.h index 19095d08c..fab27d88e 100644 --- a/mldsa/src/packing.h +++ b/mldsa/src/packing.h @@ -8,6 +8,7 @@ #include #include "polyvec.h" +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_pack_pk MLD_NAMESPACE_KL(pack_pk) /************************************************* * Name: mld_pack_pk @@ -67,8 +68,9 @@ __contract__( array_abs_bound(s2->vec[k2].coeffs, 0, MLDSA_N, MLDSA_ETA + 1))) assigns(memory_slice(sk, MLDSA_CRYPTO_SECRETKEYBYTES)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ - +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_pack_sig_c_h MLD_NAMESPACE_KL(pack_sig_c_h) /************************************************* * Name: mld_pack_sig_c_h @@ -124,7 +126,9 @@ __contract__( requires(array_bound(zi->coeffs, 0, MLDSA_N, -(MLDSA_GAMMA1 - 1), MLDSA_GAMMA1 + 1)) assigns(memory_slice(sig, MLDSA_CRYPTO_BYTES)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_unpack_pk MLD_NAMESPACE_KL(unpack_pk) /************************************************* * Name: mld_unpack_pk @@ -147,8 +151,9 @@ __contract__( ensures(forall(k0, 0, MLDSA_K, array_bound(t1->vec[k0].coeffs, 0, MLDSA_N, 0, 1 << 10))) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ - +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) #define mld_unpack_sk MLD_NAMESPACE_KL(unpack_sk) /************************************************* * Name: mld_unpack_sk @@ -189,7 +194,9 @@ __contract__( ensures(forall(k2, 0, MLDSA_K, array_bound(s2->vec[k2].coeffs, 0, MLDSA_N, MLD_POLYETA_UNPACK_LOWER_BOUND, MLDSA_ETA + 1))) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_unpack_sig MLD_NAMESPACE_KL(unpack_sig) /************************************************* * Name: mld_unpack_sig @@ -222,4 +229,6 @@ __contract__( array_bound(h->vec[k1].coeffs, 0, MLDSA_N, 0, 2))) ensures(return_value >= 0 && return_value <= 1) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ + #endif /* !MLD_PACKING_H */ diff --git a/mldsa/src/poly.c b/mldsa/src/poly.c index e40534e77..f52771cf8 100644 --- a/mldsa/src/poly.c +++ b/mldsa/src/poly.c @@ -91,6 +91,7 @@ void mld_poly_caddq(mld_poly *a) mld_poly_caddq_c(a); } +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) /* Reference: We use destructive version (output=first input) to avoid * reasoning about aliasing in the CBMC specification */ MLD_INTERNAL_API @@ -110,7 +111,9 @@ void mld_poly_add(mld_poly *r, const mld_poly *b) r->coeffs[i] = r->coeffs[i] + b->coeffs[i]; } } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) /* Reference: We use destructive version (output=first input) to avoid * reasoning about aliasing in the CBMC specification */ MLD_INTERNAL_API @@ -132,7 +135,9 @@ void mld_poly_sub(mld_poly *r, const mld_poly *b) mld_assert_bound(r->coeffs, MLDSA_N, INT32_MIN, MLD_REDUCE32_DOMAIN_MAX); } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_poly_shiftl(mld_poly *a) { @@ -152,7 +157,7 @@ void mld_poly_shiftl(mld_poly *a) } mld_assert_bound(a->coeffs, MLDSA_N, 0, MLDSA_Q); } - +#endif /* !MLD_CONFIG_NO_VERIFY_API */ static MLD_INLINE int32_t mld_fqmul(int32_t a, int32_t b) __contract__( @@ -441,6 +446,7 @@ void mld_poly_invntt_tomont(mld_poly *a) mld_poly_invntt_tomont_c(a); } +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) MLD_STATIC_TESTABLE void mld_poly_pointwise_montgomery_c(mld_poly *c, const mld_poly *a, const mld_poly *b) @@ -486,7 +492,9 @@ void mld_poly_pointwise_montgomery(mld_poly *c, const mld_poly *a, #endif /* MLD_USE_NATIVE_POINTWISE_MONTGOMERY */ mld_poly_pointwise_montgomery_c(c, a, b); } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) MLD_INTERNAL_API void mld_poly_power2round(mld_poly *a1, mld_poly *a0, const mld_poly *a) { @@ -508,6 +516,7 @@ void mld_poly_power2round(mld_poly *a1, mld_poly *a0, const mld_poly *a) (MLD_2_POW_D / 2) + 1); mld_assert_bound(a1->coeffs, MLDSA_N, 0, ((MLDSA_Q - 1) / MLD_2_POW_D) + 1); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ #ifndef MLD_POLY_UNIFORM_NBLOCKS #define MLD_POLY_UNIFORM_NBLOCKS \ @@ -724,6 +733,7 @@ void mld_poly_uniform_4x(mld_poly *vec0, mld_poly *vec1, mld_poly *vec2, #endif /* !MLD_CONFIG_SERIAL_FIPS202_ONLY && !MLD_CONFIG_REDUCE_RAM */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) MLD_INTERNAL_API void mld_polyt1_pack(uint8_t r[MLDSA_POLYT1_PACKEDBYTES], const mld_poly *a) { @@ -747,7 +757,9 @@ void mld_polyt1_pack(uint8_t r[MLDSA_POLYT1_PACKEDBYTES], const mld_poly *a) r[5 * i + 4] = (uint8_t)((a->coeffs[4 * i + 3] >> 2) & 0xFF); } } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_polyt1_unpack(mld_poly *r, const uint8_t a[MLDSA_POLYT1_PACKEDBYTES]) { @@ -770,7 +782,9 @@ void mld_polyt1_unpack(mld_poly *r, const uint8_t a[MLDSA_POLYT1_PACKEDBYTES]) mld_assert_bound(r->coeffs, MLDSA_N, 0, 1 << 10); } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) MLD_INTERNAL_API void mld_polyt0_pack(uint8_t r[MLDSA_POLYT0_PACKEDBYTES], const mld_poly *a) { @@ -817,7 +831,9 @@ void mld_polyt0_pack(uint8_t r[MLDSA_POLYT0_PACKEDBYTES], const mld_poly *a) r[13 * i + 12] = (uint8_t)((t[7] >> 5) & 0xFF); } } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API void mld_polyt0_unpack(mld_poly *r, const uint8_t a[MLDSA_POLYT0_PACKEDBYTES]) { @@ -877,6 +893,7 @@ void mld_polyt0_unpack(mld_poly *r, const uint8_t a[MLDSA_POLYT0_PACKEDBYTES]) mld_assert_bound(r->coeffs, MLDSA_N, -(1 << (MLDSA_D - 1)) + 1, (1 << (MLDSA_D - 1)) + 1); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ MLD_STATIC_TESTABLE uint32_t mld_poly_chknorm_c(const mld_poly *a, int32_t B) __contract__( diff --git a/mldsa/src/poly.h b/mldsa/src/poly.h index 6bdcdd4ae..2b41448a9 100644 --- a/mldsa/src/poly.h +++ b/mldsa/src/poly.h @@ -58,6 +58,7 @@ __contract__( ensures(array_bound(a->coeffs, 0, MLDSA_N, 0, MLDSA_Q)) ); +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) #define mld_poly_add MLD_NAMESPACE(poly_add) /************************************************* * Name: mld_poly_add @@ -85,7 +86,9 @@ __contract__( ensures(forall(k3, 0, MLDSA_N, r->coeffs[k3] < MLD_REDUCE32_DOMAIN_MAX)) ensures(forall(k4, 0, MLDSA_N, r->coeffs[k4] >= INT32_MIN)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_sub MLD_NAMESPACE(poly_sub) /************************************************* * Name: mld_poly_sub @@ -111,7 +114,9 @@ __contract__( assigns(memory_slice(r, sizeof(mld_poly))) ensures(array_bound(r->coeffs, 0, MLDSA_N, INT32_MIN, MLD_REDUCE32_DOMAIN_MAX)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_shiftl MLD_NAMESPACE(poly_shiftl) /************************************************* * Name: mld_poly_shiftl @@ -129,6 +134,7 @@ __contract__( assigns(memory_slice(a, sizeof(mld_poly))) ensures(array_bound(a->coeffs, 0, MLDSA_N, 0, MLDSA_Q)) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ #define mld_poly_ntt MLD_NAMESPACE(poly_ntt) /************************************************* @@ -169,6 +175,7 @@ __contract__( ensures(array_abs_bound(a->coeffs, 0, MLDSA_N, MLD_INTT_BOUND)) ); +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_pointwise_montgomery MLD_NAMESPACE(poly_pointwise_montgomery) /************************************************* * Name: mld_poly_pointwise_montgomery @@ -193,7 +200,9 @@ __contract__( assigns(memory_slice(c, sizeof(mld_poly))) ensures(array_abs_bound(c->coeffs, 0, MLDSA_N, MLDSA_Q)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_poly_power2round MLD_NAMESPACE(poly_power2round) /************************************************* * Name: mld_poly_power2round @@ -221,6 +230,7 @@ __contract__( ensures(array_bound(a0->coeffs, 0, MLDSA_N, -(MLD_2_POW_D/2)+1, (MLD_2_POW_D/2)+1)) ensures(array_bound(a1->coeffs, 0, MLDSA_N, 0, ((MLDSA_Q - 1) / MLD_2_POW_D) + 1)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ #define mld_poly_uniform MLD_NAMESPACE(poly_uniform) /************************************************* @@ -279,6 +289,7 @@ __contract__( ); #endif /* !MLD_CONFIG_SERIAL_FIPS202_ONLY && !MLD_CONFIG_REDUCE_RAM */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_polyt1_pack MLD_NAMESPACE(polyt1_pack) /************************************************* * Name: mld_polyt1_pack @@ -298,7 +309,9 @@ __contract__( requires(array_bound(a->coeffs, 0, MLDSA_N, 0, 1 << 10)) assigns(memory_slice(r, MLDSA_POLYT1_PACKEDBYTES)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyt1_unpack MLD_NAMESPACE(polyt1_unpack) /************************************************* * Name: mld_polyt1_unpack @@ -317,7 +330,9 @@ __contract__( assigns(memory_slice(r, sizeof(mld_poly))) ensures(array_bound(r->coeffs, 0, MLDSA_N, 0, 1 << 10)) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_polyt0_pack MLD_NAMESPACE(polyt0_pack) /************************************************* * Name: mld_polyt0_pack @@ -337,8 +352,9 @@ __contract__( requires(array_bound(a->coeffs, 0, MLDSA_N, -(1<<(MLDSA_D-1)) + 1, (1<<(MLDSA_D-1)) + 1)) assigns(memory_slice(r, MLDSA_POLYT0_PACKEDBYTES)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ - +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) #define mld_polyt0_unpack MLD_NAMESPACE(polyt0_unpack) /************************************************* * Name: mld_polyt0_unpack @@ -357,6 +373,7 @@ __contract__( assigns(memory_slice(r, sizeof(mld_poly))) ensures(array_bound(r->coeffs, 0, MLDSA_N, -(1<<(MLDSA_D-1)) + 1, (1<<(MLDSA_D-1)) + 1)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ #define mld_poly_chknorm MLD_NAMESPACE(poly_chknorm) /************************************************* diff --git a/mldsa/src/poly_kl.c b/mldsa/src/poly_kl.c index 7a319ca51..20651d45e 100644 --- a/mldsa/src/poly_kl.c +++ b/mldsa/src/poly_kl.c @@ -39,6 +39,7 @@ /* End of parameter set namespacing */ +#if !defined(MLD_CONFIG_NO_SIGN_API) MLD_STATIC_TESTABLE void mld_poly_decompose_c(mld_poly *a1, mld_poly *a0) __contract__( @@ -123,7 +124,9 @@ unsigned int mld_poly_make_hint(mld_poly *h, const mld_poly *a0, mld_assert_bound(h->coeffs, MLDSA_N, 0, 2); return s; } +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_STATIC_TESTABLE void mld_poly_use_hint_c(mld_poly *b, const mld_poly *a, const mld_poly *h) __contract__( @@ -180,7 +183,9 @@ void mld_poly_use_hint(mld_poly *b, const mld_poly *a, const mld_poly *h) 65 || MLD_CONFIG_PARAMETER_SET == 87) */ mld_poly_use_hint_c(b, a, h); } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) /************************************************* * Name: mld_rej_eta * @@ -483,7 +488,9 @@ void mld_poly_uniform_eta(mld_poly *r, const uint8_t seed[MLDSA_CRHBYTES], mld_zeroize(extseed, sizeof(extseed)); } #endif /* MLD_CONFIG_SERIAL_FIPS202_ONLY */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #define MLD_POLY_UNIFORM_GAMMA1_NBLOCKS \ ((MLDSA_POLYZ_PACKEDBYTES + MLD_STREAM256_BLOCKBYTES - 1) / \ MLD_STREAM256_BLOCKBYTES) @@ -569,7 +576,9 @@ void mld_poly_uniform_gamma1_4x(mld_poly *r0, mld_poly *r1, mld_poly *r2, mld_zeroize(extseed, sizeof(extseed)); } #endif /* !MLD_CONFIG_SERIAL_FIPS202_ONLY */ +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_poly_challenge(mld_poly *c, const uint8_t seed[MLDSA_CTILDEBYTES]) { @@ -649,7 +658,9 @@ void mld_poly_challenge(mld_poly *c, const uint8_t seed[MLDSA_CTILDEBYTES]) mld_zeroize(buf, sizeof(buf)); mld_zeroize(&signs, sizeof(signs)); } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) MLD_INTERNAL_API void mld_polyeta_pack(uint8_t r[MLDSA_POLYETA_PACKEDBYTES], const mld_poly *a) { @@ -695,7 +706,9 @@ void mld_polyeta_pack(uint8_t r[MLDSA_POLYETA_PACKEDBYTES], const mld_poly *a) #error "Invalid value of MLDSA_ETA" #endif /* MLDSA_ETA != 2 && MLDSA_ETA != 4 */ } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) void mld_polyeta_unpack(mld_poly *r, const uint8_t a[MLDSA_POLYETA_PACKEDBYTES]) { unsigned int i; @@ -742,8 +755,9 @@ void mld_polyeta_unpack(mld_poly *r, const uint8_t a[MLDSA_POLYETA_PACKEDBYTES]) mld_assert_bound(r->coeffs, MLDSA_N, MLD_POLYETA_UNPACK_LOWER_BOUND, MLDSA_ETA + 1); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ - +#if !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API void mld_polyz_pack(uint8_t r[MLDSA_POLYZ_PACKEDBYTES], const mld_poly *a) { @@ -794,7 +808,9 @@ void mld_polyz_pack(uint8_t r[MLDSA_POLYZ_PACKEDBYTES], const mld_poly *a) } #endif /* MLD_CONFIG_PARAMETER_SET != 44 */ } +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) MLD_STATIC_TESTABLE void mld_polyz_unpack_c( mld_poly *r, const uint8_t a[MLDSA_POLYZ_PACKEDBYTES]) __contract__( @@ -916,6 +932,7 @@ void mld_polyw1_pack(uint8_t r[MLDSA_POLYW1_PACKEDBYTES], const mld_poly *a) } #endif /* MLD_CONFIG_PARAMETER_SET != 44 */ } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. */ diff --git a/mldsa/src/poly_kl.h b/mldsa/src/poly_kl.h index a7c71707d..19c24ee2e 100644 --- a/mldsa/src/poly_kl.h +++ b/mldsa/src/poly_kl.h @@ -9,6 +9,7 @@ #include "common.h" #include "poly.h" +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_poly_decompose MLD_NAMESPACE_KL(poly_decompose) /************************************************* * Name: mld_poly_decompose @@ -69,7 +70,9 @@ __contract__( ensures(return_value <= MLDSA_N) ensures(array_bound(h->coeffs, 0, MLDSA_N, 0, 2)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_use_hint MLD_NAMESPACE_KL(poly_use_hint) /************************************************* * Name: mld_poly_use_hint @@ -92,7 +95,9 @@ __contract__( assigns(memory_slice(b, sizeof(mld_poly))) ensures(array_bound(b->coeffs, 0, MLDSA_N, 0, (MLDSA_Q-1)/(2*MLDSA_GAMMA2))) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #if !defined(MLD_CONFIG_SERIAL_FIPS202_ONLY) #define mld_poly_uniform_eta_4x MLD_NAMESPACE_KL(poly_uniform_eta_4x) /************************************************* @@ -159,7 +164,9 @@ __contract__( ensures(array_abs_bound(r->coeffs, 0, MLDSA_N, MLDSA_ETA + 1)) ); #endif /* MLD_CONFIG_SERIAL_FIPS202_ONLY */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #if MLD_CONFIG_PARAMETER_SET == 65 || defined(MLD_CONFIG_SERIAL_FIPS202_ONLY) #define mld_poly_uniform_gamma1 MLD_NAMESPACE_KL(poly_uniform_gamma1) /************************************************* @@ -221,7 +228,9 @@ __contract__( ensures(array_bound(r3->coeffs, 0, MLDSA_N, -(MLDSA_GAMMA1 - 1), MLDSA_GAMMA1 + 1)) ); #endif /* !MLD_CONFIG_SERIAL_FIPS202_ONLY */ +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_poly_challenge MLD_NAMESPACE_KL(poly_challenge) /************************************************* * Name: mld_poly_challenge @@ -243,7 +252,9 @@ __contract__( /* All coefficients of c are -1, 0 or +1 */ ensures(array_bound(c->coeffs, 0, MLDSA_N, -1, 2)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_polyeta_pack MLD_NAMESPACE_KL(polyeta_pack) /************************************************* * Name: mld_polyeta_pack @@ -262,7 +273,9 @@ __contract__( requires(array_abs_bound(a->coeffs, 0, MLDSA_N, MLDSA_ETA + 1)) assigns(memory_slice(r, MLDSA_POLYETA_PACKEDBYTES)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) /* * polyeta_unpack produces coefficients in [-MLDSA_ETA,MLDSA_ETA] for * well-formed inputs (i.e., those produced by polyeta_pack). @@ -296,7 +309,9 @@ __contract__( assigns(memory_slice(r, sizeof(mld_poly))) ensures(array_bound(r->coeffs, 0, MLDSA_N, MLD_POLYETA_UNPACK_LOWER_BOUND, MLDSA_ETA + 1)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_polyz_pack MLD_NAMESPACE_KL(polyz_pack) /************************************************* * Name: mld_polyz_pack @@ -316,8 +331,9 @@ __contract__( requires(array_bound(a->coeffs, 0, MLDSA_N, -(MLDSA_GAMMA1 - 1), MLDSA_GAMMA1 + 1)) assigns(memory_slice(r, MLDSA_POLYZ_PACKEDBYTES)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API */ - +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyz_unpack MLD_NAMESPACE_KL(polyz_unpack) /************************************************* * Name: mld_polyz_unpack @@ -356,5 +372,6 @@ __contract__( requires(array_bound(a->coeffs, 0, MLDSA_N, 0, (MLDSA_Q-1)/(2*MLDSA_GAMMA2))) assigns(memory_slice(r, MLDSA_POLYW1_PACKEDBYTES)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #endif /* !MLD_POLY_KL_H */ diff --git a/mldsa/src/polyvec.c b/mldsa/src/polyvec.c index eeac10067..1746cfa0e 100644 --- a/mldsa/src/polyvec.c +++ b/mldsa/src/polyvec.c @@ -247,6 +247,7 @@ void mld_polyvec_matrix_pointwise_montgomery(mld_polyveck *t, mld_polymat *mat, /**************************************************************/ /************ Vectors of polynomials of length MLDSA_L **************/ /**************************************************************/ +#if !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API void mld_polyvecl_uniform_gamma1(mld_polyvecl *v, const uint8_t seed[MLDSA_CRHBYTES], @@ -289,6 +290,7 @@ void mld_polyvecl_uniform_gamma1(mld_polyvecl *v, mld_assert_bound_2d(v->vec, MLDSA_L, MLDSA_N, -(MLDSA_GAMMA1 - 1), MLDSA_GAMMA1 + 1); } +#endif /* !MLD_CONFIG_NO_SIGN_API */ MLD_INTERNAL_API void mld_polyvecl_ntt(mld_polyvecl *v) @@ -413,6 +415,7 @@ void mld_polyvecl_pointwise_acc_montgomery(mld_poly *w, const mld_polyvecl *u, mld_polyvecl_pointwise_acc_montgomery_c(w, u, v); } +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API uint32_t mld_polyvecl_chknorm(const mld_polyvecl *v, int32_t bound) { @@ -436,6 +439,7 @@ uint32_t mld_polyvecl_chknorm(const mld_polyvecl *v, int32_t bound) } return t; } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_VERIFY_API */ /**************************************************************/ /************ Vectors of polynomials of length MLDSA_K **************/ @@ -482,6 +486,7 @@ void mld_polyveck_caddq(mld_polyveck *v) mld_assert_bound_2d(v->vec, MLDSA_K, MLDSA_N, 0, MLDSA_Q); } +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) /* Reference: We use destructive version (output=first input) to avoid * reasoning about aliasing in the CBMC specification */ MLD_INTERNAL_API @@ -503,7 +508,9 @@ void mld_polyveck_add(mld_polyveck *u, const mld_polyveck *v) mld_assert_bound_2d(u->vec, MLDSA_L, MLDSA_N, INT32_MIN, MLD_REDUCE32_DOMAIN_MAX); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_polyveck_sub(mld_polyveck *u, const mld_polyveck *v) { @@ -526,7 +533,9 @@ void mld_polyveck_sub(mld_polyveck *u, const mld_polyveck *v) mld_assert_bound_2d(u->vec, MLDSA_K, MLDSA_N, INT32_MIN, MLD_REDUCE32_DOMAIN_MAX); } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_polyveck_shiftl(mld_polyveck *v) { @@ -547,7 +556,9 @@ void mld_polyveck_shiftl(mld_polyveck *v) mld_assert_bound_2d(v->vec, MLDSA_K, MLDSA_N, 0, MLDSA_Q); } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_polyveck_ntt(mld_polyveck *v) { @@ -565,6 +576,7 @@ void mld_polyveck_ntt(mld_polyveck *v) } mld_assert_abs_bound_2d(v->vec, MLDSA_K, MLDSA_N, MLD_NTT_BOUND); } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ MLD_INTERNAL_API void mld_polyveck_invntt_tomont(mld_polyveck *v) @@ -585,6 +597,7 @@ void mld_polyveck_invntt_tomont(mld_polyveck *v) mld_assert_abs_bound_2d(v->vec, MLDSA_K, MLDSA_N, MLD_INTT_BOUND); } +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_polyveck_pointwise_poly_montgomery(mld_polyveck *r, const mld_poly *a, const mld_polyveck *v) @@ -603,7 +616,9 @@ void mld_polyveck_pointwise_poly_montgomery(mld_polyveck *r, const mld_poly *a, } mld_assert_abs_bound_2d(r->vec, MLDSA_K, MLDSA_N, MLDSA_Q); } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API uint32_t mld_polyveck_chknorm(const mld_polyveck *v, int32_t bound) { @@ -628,7 +643,9 @@ uint32_t mld_polyveck_chknorm(const mld_polyveck *v, int32_t bound) return t; } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) MLD_INTERNAL_API void mld_polyveck_power2round(mld_polyveck *v1, mld_polyveck *v0, const mld_polyveck *v) @@ -652,7 +669,9 @@ void mld_polyveck_power2round(mld_polyveck *v1, mld_polyveck *v0, mld_assert_bound_2d(v1->vec, MLDSA_K, MLDSA_N, 0, ((MLDSA_Q - 1) / MLD_2_POW_D) + 1); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API void mld_polyveck_decompose(mld_polyveck *v1, mld_polyveck *v0) { @@ -699,7 +718,9 @@ unsigned int mld_polyveck_make_hint(mld_polyveck *h, const mld_polyveck *v0, mld_assert_bound_2d(h->vec, MLDSA_K, MLDSA_N, 0, 2); return s; } +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_polyveck_use_hint(mld_polyveck *w, const mld_polyveck *u, const mld_polyveck *h) @@ -723,7 +744,9 @@ void mld_polyveck_use_hint(mld_polyveck *w, const mld_polyveck *u, mld_assert_bound_2d(w->vec, MLDSA_K, MLDSA_N, 0, (MLDSA_Q - 1) / (2 * MLDSA_GAMMA2)); } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_polyveck_pack_w1(uint8_t r[MLDSA_K * MLDSA_POLYW1_PACKEDBYTES], const mld_polyveck *w1) @@ -741,7 +764,9 @@ void mld_polyveck_pack_w1(uint8_t r[MLDSA_K * MLDSA_POLYW1_PACKEDBYTES], mld_polyw1_pack(&r[i * MLDSA_POLYW1_PACKEDBYTES], &w1->vec[i]); } } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) MLD_INTERNAL_API void mld_polyveck_pack_eta(uint8_t r[MLDSA_K * MLDSA_POLYETA_PACKEDBYTES], const mld_polyveck *p) @@ -790,7 +815,9 @@ void mld_polyveck_pack_t0(uint8_t r[MLDSA_K * MLDSA_POLYT0_PACKEDBYTES], mld_polyt0_pack(&r[i * MLDSA_POLYT0_PACKEDBYTES], &p->vec[i]); } } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API void mld_polyvecl_unpack_eta( mld_polyvecl *p, const uint8_t r[MLDSA_L * MLDSA_POLYETA_PACKEDBYTES]) @@ -804,7 +831,9 @@ void mld_polyvecl_unpack_eta( mld_assert_bound_2d(p->vec, MLDSA_L, MLDSA_N, MLD_POLYETA_UNPACK_LOWER_BOUND, MLDSA_ETA + 1); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_INTERNAL_API void mld_polyvecl_unpack_z(mld_polyvecl *z, const uint8_t r[MLDSA_L * MLDSA_POLYZ_PACKEDBYTES]) @@ -818,7 +847,9 @@ void mld_polyvecl_unpack_z(mld_polyvecl *z, mld_assert_bound_2d(z->vec, MLDSA_L, MLDSA_N, -(MLDSA_GAMMA1 - 1), MLDSA_GAMMA1 + 1); } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) MLD_INTERNAL_API void mld_polyveck_unpack_eta( mld_polyveck *p, const uint8_t r[MLDSA_K * MLDSA_POLYETA_PACKEDBYTES]) @@ -846,6 +877,7 @@ void mld_polyveck_unpack_t0(mld_polyveck *p, mld_assert_bound_2d(p->vec, MLDSA_K, MLDSA_N, -(1 << (MLDSA_D - 1)) + 1, (1 << (MLDSA_D - 1)) + 1); } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mldsa/src/polyvec.h b/mldsa/src/polyvec.h index 66f6696cc..6368b0da9 100644 --- a/mldsa/src/polyvec.h +++ b/mldsa/src/polyvec.h @@ -27,6 +27,7 @@ typedef struct } mld_polyvecl; +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_polyvecl_uniform_gamma1 MLD_NAMESPACE_KL(polyvecl_uniform_gamma1) /************************************************* * Name: mld_polyvecl_uniform_gamma1 @@ -52,6 +53,7 @@ __contract__( ensures(forall(k0, 0, MLDSA_L, array_bound(v->vec[k0].coeffs, 0, MLDSA_N, -(MLDSA_GAMMA1 - 1), MLDSA_GAMMA1 + 1))) ); +#endif /* !MLD_CONFIG_NO_SIGN_API */ #define mld_polyvecl_ntt MLD_NAMESPACE_KL(polyvecl_ntt) /************************************************* @@ -109,7 +111,7 @@ __contract__( ensures(array_abs_bound(w->coeffs, 0, MLDSA_N, MLDSA_Q)) ); - +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyvecl_chknorm MLD_NAMESPACE_KL(polyvecl_chknorm) /************************************************* * Name: mld_polyvecl_chknorm @@ -134,6 +136,7 @@ __contract__( ensures(return_value == 0 || return_value == 0xFFFFFFFF) ensures((return_value == 0) == forall(k1, 0, MLDSA_L, array_abs_bound(v->vec[k1].coeffs, 0, MLDSA_N, B))) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_VERIFY_API */ /* Vectors of polynomials of length MLDSA_K */ typedef struct @@ -193,6 +196,7 @@ __contract__( array_bound(v->vec[k1].coeffs, 0, MLDSA_N, 0, MLDSA_Q))) ); +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) #define mld_polyveck_add MLD_NAMESPACE_KL(polyveck_add) /************************************************* * Name: mld_polyveck_add @@ -217,7 +221,9 @@ __contract__( ensures(forall(q2, 0, MLDSA_K, array_bound(u->vec[q2].coeffs, 0, MLDSA_N, INT32_MIN, MLD_REDUCE32_DOMAIN_MAX))) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyveck_sub MLD_NAMESPACE_KL(polyveck_sub) /************************************************* * Name: mld_polyveck_sub @@ -240,7 +246,9 @@ __contract__( ensures(forall(k0, 0, MLDSA_K, array_bound(u->vec[k0].coeffs, 0, MLDSA_N, INT32_MIN, MLD_REDUCE32_DOMAIN_MAX))) ); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyveck_shiftl MLD_NAMESPACE_KL(polyveck_shiftl) /************************************************* * Name: mld_polyveck_shiftl @@ -259,7 +267,9 @@ __contract__( assigns(memory_slice(v, sizeof(mld_polyveck))) ensures(forall(k1, 0, MLDSA_K, array_bound(v->vec[k1].coeffs, 0, MLDSA_N, 0, MLDSA_Q))) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyveck_ntt MLD_NAMESPACE_KL(polyveck_ntt) /************************************************* * Name: mld_polyveck_ntt @@ -277,6 +287,7 @@ __contract__( assigns(memory_slice(v, sizeof(mld_polyveck))) ensures(forall(k1, 0, MLDSA_K, array_abs_bound(v->vec[k1].coeffs, 0, MLDSA_N, MLD_NTT_BOUND))) ); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ #define mld_polyveck_invntt_tomont MLD_NAMESPACE_KL(polyveck_invntt_tomont) /************************************************* @@ -297,6 +308,7 @@ __contract__( ensures(forall(k1, 0, MLDSA_K, array_abs_bound(v->vec[k1].coeffs, 0, MLDSA_N, MLD_INTT_BOUND))) ); +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyveck_pointwise_poly_montgomery \ MLD_NAMESPACE_KL(polyveck_pointwise_poly_montgomery) /************************************************* @@ -322,7 +334,9 @@ __contract__( assigns(memory_slice(r, sizeof(mld_polyveck))) ensures(forall(k1, 0, MLDSA_K, array_abs_bound(r->vec[k1].coeffs, 0, MLDSA_N, MLDSA_Q))) ); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) #define mld_polyveck_chknorm MLD_NAMESPACE_KL(polyveck_chknorm) /************************************************* * Name: mld_polyveck_chknorm @@ -348,7 +362,9 @@ __contract__( ensures(return_value == 0 || return_value == 0xFFFFFFFF) ensures((return_value == 0) == forall(k1, 0, MLDSA_K, array_abs_bound(v->vec[k1].coeffs, 0, MLDSA_N, B))) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_polyveck_power2round MLD_NAMESPACE_KL(polyveck_power2round) /************************************************* * Name: mld_polyveck_power2round @@ -377,7 +393,9 @@ __contract__( ensures(forall(k1, 0, MLDSA_K, array_bound(v0->vec[k1].coeffs, 0, MLDSA_N, -(MLD_2_POW_D/2)+1, (MLD_2_POW_D/2)+1))) ensures(forall(k2, 0, MLDSA_K, array_bound(v1->vec[k2].coeffs, 0, MLDSA_N, 0, ((MLDSA_Q - 1) / MLD_2_POW_D) + 1))) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) #define mld_polyveck_decompose MLD_NAMESPACE_KL(polyveck_decompose) /************************************************* * Name: mld_polyveck_decompose @@ -438,7 +456,9 @@ __contract__( ensures(return_value <= MLDSA_N * MLDSA_K) ensures(forall(k1, 0, MLDSA_K, array_bound(h->vec[k1].coeffs, 0, MLDSA_N, 0, 2))) ); +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyveck_use_hint MLD_NAMESPACE_KL(polyveck_use_hint) /************************************************* * Name: mld_polyveck_use_hint @@ -465,7 +485,9 @@ __contract__( ensures(forall(k2, 0, MLDSA_K, array_bound(w->vec[k2].coeffs, 0, MLDSA_N, 0, (MLDSA_Q-1)/(2*MLDSA_GAMMA2)))) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyveck_pack_w1 MLD_NAMESPACE_KL(polyveck_pack_w1) /************************************************* * Name: mld_polyveck_pack_w1 @@ -488,7 +510,9 @@ __contract__( array_bound(w1->vec[k1].coeffs, 0, MLDSA_N, 0, (MLDSA_Q-1)/(2*MLDSA_GAMMA2)))) assigns(memory_slice(r, MLDSA_K * MLDSA_POLYW1_PACKEDBYTES)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) #define mld_polyveck_pack_eta MLD_NAMESPACE_KL(polyveck_pack_eta) /************************************************* * Name: mld_polyveck_pack_eta @@ -554,7 +578,9 @@ __contract__( array_bound(p->vec[k0].coeffs, 0, MLDSA_N, -(1<<(MLDSA_D-1)) + 1, (1<<(MLDSA_D-1)) + 1))) assigns(memory_slice(r, MLDSA_K * MLDSA_POLYT0_PACKEDBYTES)) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) #define mld_polyvecl_unpack_eta MLD_NAMESPACE_KL(polyvecl_unpack_eta) /************************************************* * Name: mld_polyvecl_unpack_eta @@ -576,7 +602,9 @@ __contract__( ensures(forall(k1, 0, MLDSA_L, array_bound(p->vec[k1].coeffs, 0, MLDSA_N, MLD_POLYETA_UNPACK_LOWER_BOUND, MLDSA_ETA + 1))) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) #define mld_polyvecl_unpack_z MLD_NAMESPACE_KL(polyvecl_unpack_z) /************************************************* * Name: mld_polyvecl_unpack_z @@ -598,7 +626,9 @@ __contract__( ensures(forall(k1, 0, MLDSA_L, array_bound(z->vec[k1].coeffs, 0, MLDSA_N, -(MLDSA_GAMMA1 - 1), MLDSA_GAMMA1 + 1))) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) || !defined(MLD_CONFIG_NO_SIGN_API) #define mld_polyveck_unpack_eta MLD_NAMESPACE_KL(polyveck_unpack_eta) /************************************************* * Name: mld_polyveck_unpack_eta @@ -642,6 +672,7 @@ __contract__( ensures(forall(k1, 0, MLDSA_K, array_bound(p->vec[k1].coeffs, 0, MLDSA_N, -(1<<(MLDSA_D-1)) + 1, (1<<(MLDSA_D-1)) + 1))) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API || !MLD_CONFIG_NO_SIGN_API */ #define mld_polymat_get_row MLD_NAMESPACE_KL(polymat_get_row) /************************************************* diff --git a/mldsa/src/sign.c b/mldsa/src/sign.c index 32bba52d6..6837dc5a0 100644 --- a/mldsa/src/sign.c +++ b/mldsa/src/sign.c @@ -56,6 +56,7 @@ /* End of parameter set namespacing */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) static int mld_check_pct(uint8_t const pk[MLDSA_CRYPTO_PUBLICKEYBYTES], uint8_t const sk[MLDSA_CRYPTO_SECRETKEYBYTES], MLD_CONFIG_CONTEXT_PARAMETER_TYPE context) @@ -363,6 +364,7 @@ int mld_sign_keypair_internal(uint8_t pk[MLDSA_CRYPTO_PUBLICKEYBYTES], return mld_check_pct(pk, sk, context); } +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) #if !defined(MLD_CONFIG_NO_RANDOMIZED_API) MLD_MUST_CHECK_RETURN_VALUE MLD_EXTERNAL_API @@ -386,7 +388,10 @@ int mld_sign_keypair(uint8_t pk[MLDSA_CRYPTO_PUBLICKEYBYTES], return ret; } #endif /* !MLD_CONFIG_NO_RANDOMIZED_API */ +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) /************************************************* * Name: mld_H * @@ -442,7 +447,9 @@ __contract__( /* @[FIPS204, Section 3.6.3] Destruction of intermediate values. */ mld_zeroize(&state, sizeof(state)); } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) /************************************************* * Name: mld_compute_pack_z * @@ -851,6 +858,7 @@ int mld_sign_signature_internal(uint8_t sig[MLDSA_CRYPTO_BYTES], size_t *siglen, return ret; } +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) #if !defined(MLD_CONFIG_NO_RANDOMIZED_API) MLD_MUST_CHECK_RETURN_VALUE MLD_EXTERNAL_API @@ -970,7 +978,10 @@ int mld_sign(uint8_t *sm, size_t *smlen, const uint8_t *m, size_t mlen, return ret; } #endif /* !MLD_CONFIG_NO_RANDOMIZED_API */ +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_MUST_CHECK_RETURN_VALUE MLD_EXTERNAL_API int mld_sign_verify_internal(const uint8_t *sig, size_t siglen, @@ -1099,6 +1110,7 @@ int mld_sign_verify_internal(const uint8_t *sig, size_t siglen, return ret; } +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) MLD_MUST_CHECK_RETURN_VALUE MLD_EXTERNAL_API int mld_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m, @@ -1182,8 +1194,11 @@ int mld_sign_open(uint8_t *m, size_t *mlen, const uint8_t *sm, size_t smlen, return ret; } +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ +#endif /* !MLD_CONFIG_NO_VERIFY_API */ - +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) +#if !defined(MLD_CONFIG_NO_SIGN_API) MLD_MUST_CHECK_RETURN_VALUE MLD_EXTERNAL_API int mld_sign_signature_pre_hash_internal( @@ -1224,7 +1239,9 @@ int mld_sign_signature_pre_hash_internal( mld_zeroize(pre, sizeof(pre)); return ret; } +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_MUST_CHECK_RETURN_VALUE MLD_EXTERNAL_API int mld_sign_verify_pre_hash_internal( @@ -1253,7 +1270,9 @@ int mld_sign_verify_pre_hash_internal( mld_zeroize(pre, sizeof(pre)); return ret; } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) MLD_MUST_CHECK_RETURN_VALUE MLD_EXTERNAL_API int mld_sign_signature_pre_hash_shake256( @@ -1273,7 +1292,9 @@ int mld_sign_signature_pre_hash_shake256( mld_zeroize(ph, sizeof(ph)); return ret; } +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) MLD_MUST_CHECK_RETURN_VALUE MLD_EXTERNAL_API int mld_sign_verify_pre_hash_shake256( @@ -1292,8 +1313,9 @@ int mld_sign_verify_pre_hash_shake256( mld_zeroize(ph, sizeof(ph)); return ret; } +#endif /* !MLD_CONFIG_NO_VERIFY_API */ - +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) #define MLD_PRE_HASH_OID_LEN 11 /************************************************* @@ -1418,7 +1440,9 @@ size_t mld_prepare_domain_separation_prefix( mld_memcpy(prefix + 2 + ctxlen + MLD_PRE_HASH_OID_LEN, ph, phlen); return 2 + ctxlen + MLD_PRE_HASH_OID_LEN + phlen; } +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) MLD_EXTERNAL_API int mld_sign_pk_from_sk(uint8_t pk[MLDSA_CRYPTO_PUBLICKEYBYTES], const uint8_t sk[MLDSA_CRYPTO_SECRETKEYBYTES], @@ -1493,6 +1517,8 @@ int mld_sign_pk_from_sk(uint8_t pk[MLDSA_CRYPTO_PUBLICKEYBYTES], return ret; } +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ /* To facilitate single-compilation-unit (SCU) builds, undefine all macros. * Don't modify by hand -- this is auto-generated by scripts/autogen. */ diff --git a/mldsa/src/sign.h b/mldsa/src/sign.h index 2e0bac32e..f6006810e 100644 --- a/mldsa/src/sign.h +++ b/mldsa/src/sign.h @@ -89,6 +89,7 @@ #define MLD_PREHASH_SHAKE_128 11 #define MLD_PREHASH_SHAKE_256 12 +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) /************************************************* * Name: mld_sign_keypair_internal * @@ -126,6 +127,7 @@ __contract__( return_value == MLD_ERR_OUT_OF_MEMORY || return_value == MLD_ERR_RNG_FAIL) ); +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) /************************************************* * Name: mld_sign_keypair * @@ -159,7 +161,10 @@ __contract__( ensures(return_value == 0 || return_value == MLD_ERR_FAIL || return_value == MLD_ERR_OUT_OF_MEMORY || return_value == MLD_ERR_RNG_FAIL) ); +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) /************************************************* * Name: mld_sign_signature_internal * @@ -218,6 +223,7 @@ __contract__( ensures(return_value != 0 ==> *siglen == 0) ); +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) /************************************************* * Name: mld_sign_signature * @@ -352,7 +358,10 @@ __contract__( || return_value == MLD_ERR_OUT_OF_MEMORY || return_value == MLD_ERR_RNG_FAIL)) ); +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) /************************************************* * Name: mld_sign_verify_internal * @@ -397,6 +406,7 @@ __contract__( ensures(return_value == 0 || return_value == MLD_ERR_FAIL || return_value == MLD_ERR_OUT_OF_MEMORY) ); +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) /************************************************* * Name: mld_sign_verify * @@ -511,7 +521,11 @@ __contract__( assigns(memory_slice(mlen, sizeof(size_t))) ensures(return_value == 0 || return_value == MLD_ERR_FAIL || return_value == MLD_ERR_OUT_OF_MEMORY) ); +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_INTERNAL_API_ONLY) +#if !defined(MLD_CONFIG_NO_SIGN_API) /************************************************* * Name: mld_sign_signature_pre_hash_internal * @@ -568,7 +582,9 @@ __contract__( ensures((return_value == 0 && *siglen == MLDSA_CRYPTO_BYTES) || ((return_value == MLD_ERR_FAIL || return_value == MLD_ERR_OUT_OF_MEMORY) && *siglen == 0)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) /************************************************* * Name: mld_sign_verify_pre_hash_internal * @@ -617,7 +633,9 @@ __contract__( requires(memory_no_alias(pk, MLDSA_CRYPTO_PUBLICKEYBYTES)) ensures(return_value == 0 || return_value == MLD_ERR_FAIL || return_value == MLD_ERR_OUT_OF_MEMORY) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) /************************************************* * Name: mld_sign_signature_pre_hash_shake256 * @@ -666,7 +684,9 @@ __contract__( ensures((return_value == 0 && *siglen == MLDSA_CRYPTO_BYTES) || ((return_value == MLD_ERR_FAIL || return_value == MLD_ERR_OUT_OF_MEMORY) && *siglen == 0)) ); +#endif /* !MLD_CONFIG_NO_SIGN_API */ +#if !defined(MLD_CONFIG_NO_VERIFY_API) /************************************************* * Name: mld_sign_verify_pre_hash_shake256 * @@ -708,7 +728,9 @@ __contract__( requires(memory_no_alias(pk, MLDSA_CRYPTO_PUBLICKEYBYTES)) ensures(return_value == 0 || return_value == MLD_ERR_FAIL || return_value == MLD_ERR_OUT_OF_MEMORY) ); +#endif /* !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_SIGN_API) || !defined(MLD_CONFIG_NO_VERIFY_API) /* Maximum formatted domain separation message length: * - Pure ML-DSA: 0x00 || ctxlen || ctx (max 255) * - HashML-DSA: 0x01 || ctxlen || ctx (max 255) || oid (11) || ph (max 64) */ @@ -766,7 +788,9 @@ __contract__( assigns(memory_slice(prefix, MLD_DOMAIN_SEPARATION_MAX_BYTES)) ensures(return_value <= MLD_DOMAIN_SEPARATION_MAX_BYTES) ); +#endif /* !MLD_CONFIG_NO_SIGN_API || !MLD_CONFIG_NO_VERIFY_API */ +#if !defined(MLD_CONFIG_NO_KEYPAIR_API) /************************************************* * Name: mld_sign_pk_from_sk * @@ -804,4 +828,7 @@ __contract__( assigns(memory_slice(pk, MLDSA_CRYPTO_PUBLICKEYBYTES)) ensures(return_value == 0 || return_value == MLD_ERR_FAIL || return_value == MLD_ERR_OUT_OF_MEMORY) ); +#endif /* !MLD_CONFIG_NO_KEYPAIR_API */ +#endif /* !MLD_CONFIG_INTERNAL_API_ONLY */ + #endif /* !MLD_SIGN_H */