This directory contains a minimal example for how to use mlkem-native as a code package, with a custom FIPS-202 backend and a custom configuration. We use the tiny_sha3 by Markku-J. O. Saarinen as an example.
An application using mlkem-native with a custom FIPS-202 backend and custom configuration needs the following:
- Arithmetic part of the mlkem-native source tree:
mlkem/. In this example, we disable arithmetic backends, hence it is safe to remove the entirenativesubfolder. - A secure pseudo random number generator, implementing
randombytes.h. WARNING: Therandombytes()implementation used here is for TESTING ONLY. You MUST NOT use this implementation outside of testing. - FIPS-202 part of the mlkem-native source tree,
fips202/. If you only want to use your backend, you can remove all existing backends; that's what this example does. - A custom FIPS-202 backend. In this example, the metadata file is
custom.h, the implementation shim is
custom_impl.h, wrapping the
sha3.c and setting
MLKEM_USE_FIPS101_X1_NATIVEto indicate that we replace 1-fold Keccak-F1600. - Either modify the existing config.h, or register a new config. In this example, we add
a new config custom_config.h and register it from the command line for
-DMLKEM_NATIVE_CONFIG_FILE="custom_config.h"-- no further changes to the build are needed. For the sake of demonstration, we set a custom namespace. We setMLKEM_NATIVE_FIPS202_BACKENDto point to our custom FIPS-202 backend, but leaveMLKEM_NATIVE_ARITH_BACKENDundefined to indicate that we wish to use the C backend.
The tiny_sha3 code uses a byte-reversed presentation of the Keccakf1600 state for big-endian targets. Since mlkem-native's FIPS202 frontend assumes a standard presentation, the corresponding byte-reversal in sha3.c is removed.
Build this example with make build, run with make run.