Skip to content

Commit

Permalink
CI: Add test for non-standard values of GEN_MATRIX_NBLOCKS
Browse files Browse the repository at this point in the history
GEN_MATRIX_NBLOCKS is a heuristic value estimating the amount of
rejection sampling input to sample 256 polynomial coefficients.

While this value is hardcoded to 3 by default, one should be able
to set it to any positive value. Moreover, some code-paths are not
as easily reached with the default value, and testing a lower value
increases the chances of catching bugs in those.

This commit allows the user to specify GEN_MATRIX_NBLOCKS in the
CFLAGS, and extends the CI to test the non-standard values 1,2, and 4.

Signed-off-by: Hanno Becker <[email protected]>
  • Loading branch information
hanno-becker committed Nov 16, 2024
1 parent 6077c42 commit 244f947
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 1 deletion.
58 changes: 57 additions & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -194,7 +194,63 @@ jobs:
nix-shell: ci-linter
gh_token: ${{ secrets.GITHUB_TOKEN }}
cross-prefix: "aarch64-unknown-linux-gnu-"

config_variations:
name: Non-standard configurations
needs: quickcheck
strategy:
fail-fast: false
matrix:
external:
- ${{ github.repository_owner != 'pq-code-package' }}
target:
- runner: pqcp-arm64
name: 'ubuntu-latest (aarch64)'
- runner: pqcp-x64
name: 'ubuntu-latest (x86_64)'
exclude:
- {external: true,
target: {
runner: pqcp-arm64,
name: 'ubuntu-latest (aarch64)',
}}
- {external: true,
target: {
runner: pqcp-x64,
name: 'ubuntu-latest (x86_64)',
}}
runs-on: ${{ matrix.target.runner }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: "GEN_MATRIX_NBLOCKS=1"
uses: ./.github/actions/multi-functest
with:
gh_token: ${{ secrets.GITHUB_TOKEN }}
compile_mode: native
cflags: "-fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all -DGEN_MATRIX_NBLOCKS=1"
func: true
nistkat: true
kat: false
acvp: false
- name: "GEN_MATRIX_NBLOCKS=2"
uses: ./.github/actions/multi-functest
with:
gh_token: ${{ secrets.GITHUB_TOKEN }}
compile_mode: native
cflags: "-fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all -DGEN_MATRIX_NBLOCKS=2"
func: true
nistkat: true
kat: false
acvp: false
- name: "GEN_MATRIX_NBLOCKS=4"
uses: ./.github/actions/multi-functest
with:
gh_token: ${{ secrets.GITHUB_TOKEN }}
compile_mode: native
cflags: "-fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all -DGEN_MATRIX_NBLOCKS=4"
func: true
nistkat: true
kat: false
acvp: false
ec2_functests:
needs: quickcheck
strategy:
Expand Down
2 changes: 2 additions & 0 deletions mlkem/indcpa.c
Original file line number Diff line number Diff line change
Expand Up @@ -124,8 +124,10 @@ static void unpack_ciphertext(polyvec *b, poly *v,
poly_decompress(v, c + MLKEM_POLYVECCOMPRESSEDBYTES);
}

#ifndef GEN_MATRIX_NBLOCKS
#define GEN_MATRIX_NBLOCKS \
((12 * MLKEM_N / 8 * (1 << 12) / MLKEM_Q + SHAKE128_RATE) / SHAKE128_RATE)
#endif

// Generate four A matrix entries from a seed, using rejection
// sampling on the output of a XOF.
Expand Down

0 comments on commit 244f947

Please sign in to comment.