add: ML-DSA, ML-KEM

Add the ML-DSA and ML-KEM primitives. These will replace the current
Dilithium and Kyber primitives.

.gitignore

@@ -17,32 +17,17 @@ debug.log
 
 # protobuf data -- included in package
 *.dat
+*.pb2
 !crypto_condor/primitives/_testu01/examples/excel.dat
 
 # objects
 *.o
 
-# compiled main -- included in package
-main
-
 # built docs
 docs/build
 
 # for importing NIST test vectors
 *.imported
 
-# Kyber executables -- included in package
-**/_kyber/kyber512
-**/_kyber/kyber512-90s
-**/_kyber/kyber768
-**/_kyber/kyber768-90s
-**/_kyber/kyber1024
-**/_kyber/kyber1024-90s
-
-# Dilithium executables -- included in package
-**/_dilithium/dilithium2
-**/_dilithium/dilithium3
-**/_dilithium/dilithium5
-
 # built package
 dist/

crypto_condor/cli/run.py

@@ -14,6 +14,8 @@
     ECDH,
     ECDSA,
     HMAC,
+    MLDSA,
+    MLKEM,
     RSAES,
     RSASSA,
     SHA,
@@ -794,3 +796,85 @@ def ecdh(
         raise typer.Exit(0)
     else:
         raise typer.Exit(1)
+
+
+# TODO: expand.
+_mlkem_help = "Run a ML-KEM wrapper"
+
+
+@app.command(name="MLKEM", no_args_is_help=True, help=_mlkem_help)
+@app.command(name="mlkem", no_args_is_help=True, help=_mlkem_help, hidden=True)
+def mlkem(
+    wrapper: Annotated[Path, typer.Argument()],
+    compliance: Annotated[bool, _compliance] = True,
+    resilience: Annotated[bool, _resilience] = False,
+    filename: Annotated[str, _filename] = "",
+    no_save: Annotated[bool, _no_save] = False,
+    debug: Annotated[Optional[bool], _debug] = None,
+):
+    """Runs a ML-KEM wrapper.
+
+    Args:
+        wrapper: The wrapper to test.
+        compliance: Whether to use compliance test vectors.
+        resilience: Whether to use resilience test vectors.
+        filename: Name of the file to save results.
+        no_save: Do not save results or prompt the user.
+        debug: When saving the results to a file, whether to add the debug data.
+    """
+    if not wrapper.is_file():
+        raise FileNotFoundError(f"ML-KEM wrapper not found: {str(wrapper)}")
+
+    match wrapper.suffix:
+        case ".py":
+            results = MLKEM.run_python_wrapper(wrapper, compliance, resilience)
+        case _:
+            console.print(
+                "There is no ML-KEM runner defined for %s wrappers" % wrapper.suffix
+            )
+            raise typer.Exit(1)
+    if console.process_results(results, filename, no_save, debug):
+        raise typer.Exit(0)
+    else:
+        raise typer.Exit(1)
+
+
+# TODO: expand.
+_mldsa_help = "Run a ML-DSA wrapper."
+
+
+@app.command(name="MLDSA", no_args_is_help=True, help=_mldsa_help)
+@app.command(name="mldsa", no_args_is_help=True, help=_mldsa_help, hidden=True)
+def mldsa(
+    wrapper: Annotated[Path, typer.Argument()],
+    compliance: Annotated[bool, _compliance] = True,
+    resilience: Annotated[bool, _resilience] = False,
+    filename: Annotated[str, _filename] = "",
+    no_save: Annotated[bool, _no_save] = False,
+    debug: Annotated[Optional[bool], _debug] = None,
+):
+    """Runs a ML-DSA wrapper.
+
+    Args:
+        wrapper: The wrapper to test.
+        compliance: Whether to use compliance test vectors.
+        resilience: Whether to use resilience test vectors.
+        filename: Name of the file to save results.
+        no_save: Do not save results or prompt the user.
+        debug: When saving the results to a file, whether to add the debug data.
+    """
+    if not wrapper.is_file():
+        raise FileNotFoundError(f"ML-DSA wrapper not found: {str(wrapper)}")
+
+    match wrapper.suffix:
+        case ".py":
+            results = MLDSA.run_python_wrapper(wrapper, compliance, resilience)
+        case _:
+            console.print(
+                "There is no ML-DSA runner defined for %s wrappers" % wrapper.suffix
+            )
+            raise typer.Exit(1)
+    if console.process_results(results, filename, no_save, debug):
+        raise typer.Exit(0)
+    else:
+        raise typer.Exit(1)

crypto_condor/constants.py

@@ -26,6 +26,8 @@ class Primitive(strenum.StrEnum):
     FALCON = "Falcon"
     HMAC = "HMAC"
     KYBER = "Kyber"
+    MLDSA = "MLDSA"
+    MLKEM = "MLKEM"
     RSASSA = "RSASSA"
     RSAES = "RSAES"
     SHA = "SHA"
@@ -43,6 +45,8 @@ def get_languages(self):
             ECDH,
             ECDSA,
             HMAC,
+            MLDSA,
+            MLKEM,
             RSAES,
             RSASSA,
             SHA,
@@ -59,14 +63,18 @@ def get_languages(self):
                 return ChaCha20.Wrapper
             case Primitive.DILITHIUM:
                 return Dilithium.Wrapper
+            case Primitive.ECDH:
+                return ECDH.Wrapper
             case Primitive.ECDSA:
                 return ECDSA.Wrapper
             case Primitive.HMAC:
                 return HMAC.Wrapper
-            case Primitive.ECDH:
-                return ECDH.Wrapper
             case Primitive.KYBER:
                 return Kyber.Wrapper
+            case Primitive.MLDSA:
+                return MLDSA.Wrapper
+            case Primitive.MLKEM:
+                return MLKEM.Wrapper
             case Primitive.RSASSA:
                 return RSASSA.Wrapper
             case Primitive.RSAES:
@@ -171,6 +179,20 @@ def get_languages(self):
         "wrapper": True,
         "harness": False,
     },
+    Primitive.MLDSA: {
+        "audit": False,
+        "method": True,
+        "output": False,
+        "wrapper": True,
+        "harness": False,
+    },
+    Primitive.MLKEM: {
+        "audit": False,
+        "method": True,
+        "output": False,
+        "wrapper": True,
+        "harness": False,
+    },
 }
 """Primitives and their supported CLI modes."""