Skip to content

Add mldsa-native and pqcp driver#652

Merged
valeriosetti merged 21 commits into
Mbed-TLS:developmentfrom
gilles-peskine-arm:mldsa-pqcp-add-driver
Feb 2, 2026
Merged

Add mldsa-native and pqcp driver#652
valeriosetti merged 21 commits into
Mbed-TLS:developmentfrom
gilles-peskine-arm:mldsa-pqcp-add-driver

Conversation

@gilles-peskine-arm

@gilles-peskine-arm gilles-peskine-arm commented Jan 12, 2026
edited
Loading

Copy link
Copy Markdown
Contributor
  • Create a pqcp driver.
  • Add mldsa-native as a submodule.
  • Include mldsa-native in the pqcp driver build.

Resolves #628. Resolves #655 since the WIndows CI is passing.

Note to reviewers: non-goals:

  • A solid integration configuration is out of scope. We'll review that later in Review mldsa-native integration #653. I'm not sure there are any more things we should configure (except SHAKE integration, which is a separate task, and other parameter sets, which is not planned yet). But if there are, now is not the time.
  • There's no functionality goal yet. I just want a passing build that includes mldsa-native (which is enabled in the full config).

Needs preceding PR:

PR checklist

@gilles-peskine-arm gilles-peskine-arm added size-s Estimated task size: small (~2d) priority-high High priority - will be reviewed soon needs-ci Needs to pass CI tests labels Jan 12, 2026
This was referenced Jan 12, 2026
Merged
Open
Closed
@gilles-peskine-arm gilles-peskine-arm added needs-preceding-pr Requires another PR to be merged first needs-work labels Jan 13, 2026
@gilles-peskine-arm

gilles-peskine-arm commented Jan 14, 2026
edited
Loading

Copy link
Copy Markdown
Contributor Author

@ronald-cron-arm I would appreciate a design review (no need to do a code review) on the file structure and CMake build. It's passing the CI (as of e663621, the remaining CI failures are not related to the build system) but I don't know if I've done things right.

One thing I wonder is if we should have three places for headers in a driver and not just two:

  • Public headers that need to be installed with the library (e.g. definitions of context structures). This obviously goes under include.
  • Headers needed for the core to call driver entry points. include or src?
  • Headers used inside the driver. This does into src.

@gilles-peskine-arm gilles-peskine-arm added needs-review Every commit must be reviewed by at least two team members and removed needs-work labels Jan 16, 2026
valeriosetti
valeriosetti requested changes Jan 16, 2026
View reviewed changes

@valeriosetti valeriosetti left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A part from the very 2 minimal typos the rest look good to me!

I noticed that you updated the framework twice, which is fine of course because you are updating it in a progressive way, but in case of conflicts it might be pain to refresh. I don't mind if you want to just update the framework once as first commit.

Comment thread include/psa/crypto_config.h Outdated
Comment thread include/psa/crypto_config.h Outdated
valeriosetti
valeriosetti reviewed Jan 16, 2026
View reviewed changes
Comment thread tests/suites/test_suite_pqcp_mldsa.function
gilles-peskine-arm added a commit to Mbed-TLS/mbedtls-test that referenced this pull request Jan 19, 2026
@gilles-peskine-arm
Revert "Disable mldsa-native integration on Windows"
b9549a9 
This reverts commit fb5e160.

The compilation failure has been fixed upstream
(pq-code-package/mldsa-native#884),
and we're picking up the fix in the initial integration
(Mbed-TLS/TF-PSA-Crypto#652), so we won't need
this temporary workaround for our development branch after all.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm gilles-peskine-arm mentioned this pull request Jan 19, 2026
Merged
@gilles-peskine-arm gilles-peskine-arm added needs-work and removed needs-review Every commit must be reviewed by at least two team members labels Jan 19, 2026
@gilles-peskine-arm

gilles-peskine-arm commented Jan 19, 2026

Copy link
Copy Markdown
Contributor Author

Once the CI passes and the content is approved, I will do a little history rewriting:

  • Squash all the submodule update commits.
  • Squash the fixup commits. This will also fix DCO.
  • Rebase on top of the merge of the framework prerequisite.

This was referenced Jan 20, 2026
Merged
Merged
@gilles-peskine-arm gilles-peskine-arm removed the needs-preceding-pr Requires another PR to be merged first label Jan 22, 2026
This was referenced Jan 22, 2026
Open
Merged
@gilles-peskine-arm

gilles-peskine-arm commented Jan 29, 2026

Copy link
Copy Markdown
Contributor Author

The CI has passed. Please review. Once the pull request is approved, I'll do a double rebase: a change of base to resolve the framework conflict, and some history rewriting to squash fixup commits (and fix DCO).

@gilles-peskine-arm
Let the pqcp MLDSA driver code see the mldsa-native functions
28b9fea 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Add the mldsa-native code to libtfpsacrypto
f725295 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Smoke test for the integrated mldsa-native build
531e9c4 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Don't include pqcp headers when not needed
3db1b43 
This way we can have build scripts that don't know about the pqcp driver,
and they will work as long as the library configuration doesn't enable a
PQCP feature (i.e. ML-DSA).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
library/Makefile: Detect if we're building libtestdriver1
9317ab3 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
When building libtestdriver1, skip all thirdparty drivers
1795c04 
Currently, the libtestdriver1 build in tests/Makefile in Mbed TLS creates
empty files `everest/Makefile.inc` and `p256-m/Makefile.inc` in the
libtestdriver1 tree, but does not know about `pqcp/Makefile.inc` which came
along later. Instead of requiring these files to exist, just don't try to
include them. Either way, libtestdriver1.a can't use any code from
third-party drivers.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Disable generated files generation when building libtestdriver1
e2a6fa2 
When we build libtestdriver1, the generated files are already present in the
original source tree, and we copy them to the libtestdriver1 tree. Thus we
don't need to generate them in the libtestdriver1 tree. Skip all the code
that tries to generate them, including file enumeration and dependencies.

The current version of `generate_config_checks.py` doesn't work in the
libtestdriver1 tree. This caused error messages when the makefile ran
`generate_config_checks.py --list`, but the build worked anyway because the
necessary targets were already present. So the practical consequence of this
commit is to suppress a confusing but effectively harmless error trace.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Don't test the PQCP driver when it's in a server and we're in a client
a742697 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
pqcp-config.h doesn't need to be visible outside pqcp
e4d4391 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
mld_zeroize_native might as well be a macro
697ffd7 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Create a pqcp include stub
7137b4b 
The pqcp driver doesn't need a public include yet. But `drivers.cmake`
declares an include directory. When a CMake package includes TF-PSA-Crypto
as a sub-package, this include directory must exists, otherwise it breaks
the build, as revealed by `all.sh test_tf_psa_crypto_as_package`. So start
having a public include, we will need it eventually.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Improve namespace explanations
7723f26 
Explain more precisely how mldsa-native functions end up being called
`tf_psa_crypto_pqcp_mldsa87_xxx`.

In `pqcp-config.h`, fix an obsolete explanation of the macros that the
wrapping code needs to define.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Don't include tf-psa-crypto/private/crypto_struct_pqcp.h by default
8f09b37 
There are still build scripts that can't find headers in the new pqcp
driver, notably libtestdriver1. For the time being, take advantage of the
fact that pqcp is not in the default config, so we don't need to update
these build scripts yet.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm

gilles-peskine-arm commented Jan 30, 2026

Copy link
Copy Markdown
Contributor Author

I have pushed a rebase of the branch on top of the latest target branch, to resolve the conflict in the framework. The history is the same except that I removed all commits that update the framework submodule or the mldsa-native submodule, and I changed the commit that adds the mldsa-native submodule to directly add the latest development branch.

I will now push a second rebase that keeps the same fork point, but squashes some boring parts of the history and will pass DCO:

  • Squash "fixup! mld_zeroize_native might as well be a macro". Just fixing a silly mistake.
  • Squash "amend! pqcp has no public include yet" and "fixup! amend! pqcp has no public include yet" to make instead "Create a pqcp include stub". I went back and forth on having a public include, but I only ever got all the build scripts to work with the public include present, and there's no historical interest on the back and forth. We will need a public include soon, so we might as well have it from the start.
  • Squash "Fix mldsa-native module location" into "Add configuration options to build mldsa-native (87 only)". Just fixing a naming inconsistency.
  • Squash "Pacify GCC 15" into "Smoke test for the integrated mldsa-native build". One-line fix with no historical interest.

The end result is identical to git checkout a4bb15d && git merge development (starting from the commit approved by Valerio).

@ronald-cron-arm

ronald-cron-arm commented Jan 30, 2026

Copy link
Copy Markdown
Contributor

The CMake part of the PR looks good to me. It's good to see that you have been able to use driver.cmake.

@gilles-peskine-arm gilles-peskine-arm requested review from valeriosetti and removed request for ronald-cron-arm January 30, 2026 15:21
@github-project-automation github-project-automation Bot moved this from In Development to Has Approval in Roadmap pull requests (new board) Feb 2, 2026
@valeriosetti valeriosetti added approved Design and code approved - may be waiting for CI or backports and removed needs-review Every commit must be reviewed by at least two team members labels Feb 2, 2026
@valeriosetti valeriosetti added this pull request to the merge queue Feb 2, 2026
Merged via the queue into Mbed-TLS:development with commit 09198b9 Feb 2, 2026
2 checks passed
@github-project-automation github-project-automation Bot moved this from Has Approval to Done in Roadmap pull requests (new board) Feb 2, 2026
@minosgalanakis minosgalanakis mentioned this pull request Feb 3, 2026
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bjwtaylor bjwtaylor bjwtaylor approved these changes

@valeriosetti valeriosetti valeriosetti approved these changes

Assignees

No one assigned

Labels

approved Design and code approved - may be waiting for CI or backports priority-high High priority - will be reviewed soon size-s Estimated task size: small (~2d)

Projects

Roadmap pull requests (new board)
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Fix mldsa-native integration on MSVC Integrate mldsa-native

4 participants

@gilles-peskine-arm @ronald-cron-arm @bjwtaylor @valeriosetti