config.h: Add missing MLK_CONFIG_NO_ASM_VALUE_BARRIER

BIBLIOGRAPHY.md

@@ -81,9 +81,20 @@ source code and documentation.
 * URL: https://csrc.nist.gov/pubs/fips/203/final
 * Referenced from:
   - [README.md](README.md)
+  - [examples/basic_deterministic/mlkem_native/custom_no_randomized_config.h](examples/basic_deterministic/mlkem_native/custom_no_randomized_config.h)
+  - [examples/custom_backend/mlkem_native/custom_config.h](examples/custom_backend/mlkem_native/custom_config.h)
+  - [examples/monolithic_build/config_1024.h](examples/monolithic_build/config_1024.h)
+  - [examples/monolithic_build/config_512.h](examples/monolithic_build/config_512.h)
+  - [examples/monolithic_build/config_768.h](examples/monolithic_build/config_768.h)
+  - [examples/monolithic_build_multilevel/multilevel_config.h](examples/monolithic_build_multilevel/multilevel_config.h)
+  - [examples/monolithic_build_multilevel_native/multilevel_config.h](examples/monolithic_build_multilevel_native/multilevel_config.h)
+  - [examples/monolithic_build_native/config_1024.h](examples/monolithic_build_native/config_1024.h)
+  - [examples/monolithic_build_native/config_512.h](examples/monolithic_build_native/config_512.h)
+  - [examples/monolithic_build_native/config_768.h](examples/monolithic_build_native/config_768.h)
   - [mlkem/mlkem_native.h](mlkem/mlkem_native.h)
   - [mlkem/src/compress.c](mlkem/src/compress.c)
   - [mlkem/src/compress.h](mlkem/src/compress.h)
+  - [mlkem/src/config.h](mlkem/src/config.h)
   - [mlkem/src/fips202/fips202.c](mlkem/src/fips202/fips202.c)
   - [mlkem/src/fips202/fips202x4.c](mlkem/src/fips202/fips202x4.c)
   - [mlkem/src/indcpa.c](mlkem/src/indcpa.c)
@@ -97,6 +108,18 @@ source code and documentation.
   - [mlkem/src/sampling.h](mlkem/src/sampling.h)
   - [mlkem/src/symmetric.h](mlkem/src/symmetric.h)
   - [mlkem/src/verify.h](mlkem/src/verify.h)
+  - [test/break_pct_config.h](test/break_pct_config.h)
+  - [test/custom_memcpy_config.h](test/custom_memcpy_config.h)
+  - [test/custom_memset_config.h](test/custom_memset_config.h)
+  - [test/custom_native_capability_config_0.h](test/custom_native_capability_config_0.h)
+  - [test/custom_native_capability_config_1.h](test/custom_native_capability_config_1.h)
+  - [test/custom_native_capability_config_CPUID_AVX2.h](test/custom_native_capability_config_CPUID_AVX2.h)
+  - [test/custom_native_capability_config_ID_AA64PFR1_EL1.h](test/custom_native_capability_config_ID_AA64PFR1_EL1.h)
+  - [test/custom_randombytes_config.h](test/custom_randombytes_config.h)
+  - [test/custom_stdlib_config.h](test/custom_stdlib_config.h)
+  - [test/custom_zeroize_config.h](test/custom_zeroize_config.h)
+  - [test/no_asm_config.h](test/no_asm_config.h)
+  - [test/serial_fips202_config.h](test/serial_fips202_config.h)
 
 ### `HYBRID`
 

examples/basic_deterministic/mlkem_native/custom_no_randomized_config.h

@@ -11,6 +11,11 @@
  *   Validation Program
  *   National Institute of Standards and Technology
  *   https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
+ *
+ * - [FIPS203]
+ *   FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism Standard
+ *   National Institute of Standards and Technology
+ *   https://csrc.nist.gov/pubs/fips/203/final
  */
 
 /*
@@ -266,8 +271,9 @@
 /******************************************************************************
  * Name:        MLK_CONFIG_CUSTOM_ZEROIZE
  *
- * Description: In compliance with FIPS 203 Section 3.3, mlkem-native zeroizes
- *              intermediate stack buffers before returning from function calls.
+ * Description: In compliance with @[FIPS203, Section 3.3], mlkem-native
+ *              zeroizes intermediate stack buffers before returning from
+ *              function calls.
  *
  *              Set this option and define `mlk_zeroize` if you want to
  *              use a custom method to zeroize intermediate stack buffers.
@@ -468,6 +474,20 @@
  *****************************************************************************/
 /* #define MLK_CONFIG_NO_ASM */
 
+/******************************************************************************
+ * Name:        MLK_CONFIG_NO_ASM_VALUE_BARRIER
+ *
+ * Description: If this option is set, mlkem-native will be built without
+ *              use of native code or inline assembly for value barriers.
+ *
+ *              By default, inline assembly (if available) is used to implement
+ *              value barriers.
+ *              Without inline assembly, mlkem-native will use a global volatile
+ *              'opt blocker' instead; see verify.h.
+ *
+ *****************************************************************************/
+/* #define MLk_CONFIG_NO_ASM_VALUE_BARRIER */
+
 /******************************************************************************
  * Name:        MLK_CONFIG_NO_RANDOMIZED_API
  *

examples/custom_backend/mlkem_native/custom_config.h

@@ -11,6 +11,11 @@
  *   Validation Program
  *   National Institute of Standards and Technology
  *   https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
+ *
+ * - [FIPS203]
+ *   FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism Standard
+ *   National Institute of Standards and Technology
+ *   https://csrc.nist.gov/pubs/fips/203/final
  */
 
 /*
@@ -262,8 +267,9 @@
 /******************************************************************************
  * Name:        MLK_CONFIG_CUSTOM_ZEROIZE
  *
- * Description: In compliance with FIPS 203 Section 3.3, mlkem-native zeroizes
- *              intermediate stack buffers before returning from function calls.
+ * Description: In compliance with @[FIPS203, Section 3.3], mlkem-native
+ *              zeroizes intermediate stack buffers before returning from
+ *              function calls.
  *
  *              Set this option and define `mlk_zeroize` if you want to
  *              use a custom method to zeroize intermediate stack buffers.
@@ -464,6 +470,20 @@
  *****************************************************************************/
 /* #define MLK_CONFIG_NO_ASM */
 
+/******************************************************************************
+ * Name:        MLK_CONFIG_NO_ASM_VALUE_BARRIER
+ *
+ * Description: If this option is set, mlkem-native will be built without
+ *              use of native code or inline assembly for value barriers.
+ *
+ *              By default, inline assembly (if available) is used to implement
+ *              value barriers.
+ *              Without inline assembly, mlkem-native will use a global volatile
+ *              'opt blocker' instead; see verify.h.
+ *
+ *****************************************************************************/
+/* #define MLk_CONFIG_NO_ASM_VALUE_BARRIER */
+
 /******************************************************************************
  * Name:        MLK_CONFIG_NO_RANDOMIZED_API
  *

examples/monolithic_build/config_1024.h

@@ -11,6 +11,11 @@
  *   Validation Program
  *   National Institute of Standards and Technology
  *   https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
+ *
+ * - [FIPS203]
+ *   FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism Standard
+ *   National Institute of Standards and Technology
+ *   https://csrc.nist.gov/pubs/fips/203/final
  */
 
 /*
@@ -263,8 +268,9 @@
 /******************************************************************************
  * Name:        MLK_CONFIG_CUSTOM_ZEROIZE
  *
- * Description: In compliance with FIPS 203 Section 3.3, mlkem-native zeroizes
- *              intermediate stack buffers before returning from function calls.
+ * Description: In compliance with @[FIPS203, Section 3.3], mlkem-native
+ *              zeroizes intermediate stack buffers before returning from
+ *              function calls.
  *
  *              Set this option and define `mlk_zeroize` if you want to
  *              use a custom method to zeroize intermediate stack buffers.
@@ -465,6 +471,20 @@
  *****************************************************************************/
 /* #define MLK_CONFIG_NO_ASM */
 
+/******************************************************************************
+ * Name:        MLK_CONFIG_NO_ASM_VALUE_BARRIER
+ *
+ * Description: If this option is set, mlkem-native will be built without
+ *              use of native code or inline assembly for value barriers.
+ *
+ *              By default, inline assembly (if available) is used to implement
+ *              value barriers.
+ *              Without inline assembly, mlkem-native will use a global volatile
+ *              'opt blocker' instead; see verify.h.
+ *
+ *****************************************************************************/
+/* #define MLk_CONFIG_NO_ASM_VALUE_BARRIER */
+
 /******************************************************************************
  * Name:        MLK_CONFIG_NO_RANDOMIZED_API
  *

examples/monolithic_build/config_512.h

@@ -11,6 +11,11 @@
  *   Validation Program
  *   National Institute of Standards and Technology
  *   https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
+ *
+ * - [FIPS203]
+ *   FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism Standard
+ *   National Institute of Standards and Technology
+ *   https://csrc.nist.gov/pubs/fips/203/final
  */
 
 /*
@@ -263,8 +268,9 @@
 /******************************************************************************
  * Name:        MLK_CONFIG_CUSTOM_ZEROIZE
  *
- * Description: In compliance with FIPS 203 Section 3.3, mlkem-native zeroizes
- *              intermediate stack buffers before returning from function calls.
+ * Description: In compliance with @[FIPS203, Section 3.3], mlkem-native
+ *              zeroizes intermediate stack buffers before returning from
+ *              function calls.
  *
  *              Set this option and define `mlk_zeroize` if you want to
  *              use a custom method to zeroize intermediate stack buffers.
@@ -465,6 +471,20 @@
  *****************************************************************************/
 /* #define MLK_CONFIG_NO_ASM */
 
+/******************************************************************************
+ * Name:        MLK_CONFIG_NO_ASM_VALUE_BARRIER
+ *
+ * Description: If this option is set, mlkem-native will be built without
+ *              use of native code or inline assembly for value barriers.
+ *
+ *              By default, inline assembly (if available) is used to implement
+ *              value barriers.
+ *              Without inline assembly, mlkem-native will use a global volatile
+ *              'opt blocker' instead; see verify.h.
+ *
+ *****************************************************************************/
+/* #define MLk_CONFIG_NO_ASM_VALUE_BARRIER */
+
 /******************************************************************************
  * Name:        MLK_CONFIG_NO_RANDOMIZED_API
  *

examples/monolithic_build/config_768.h

@@ -11,6 +11,11 @@
  *   Validation Program
  *   National Institute of Standards and Technology
  *   https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
+ *
+ * - [FIPS203]
+ *   FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism Standard
+ *   National Institute of Standards and Technology
+ *   https://csrc.nist.gov/pubs/fips/203/final
  */
 
 /*
@@ -263,8 +268,9 @@
 /******************************************************************************
  * Name:        MLK_CONFIG_CUSTOM_ZEROIZE
  *
- * Description: In compliance with FIPS 203 Section 3.3, mlkem-native zeroizes
- *              intermediate stack buffers before returning from function calls.
+ * Description: In compliance with @[FIPS203, Section 3.3], mlkem-native
+ *              zeroizes intermediate stack buffers before returning from
+ *              function calls.
  *
  *              Set this option and define `mlk_zeroize` if you want to
  *              use a custom method to zeroize intermediate stack buffers.
@@ -465,6 +471,20 @@
  *****************************************************************************/
 /* #define MLK_CONFIG_NO_ASM */
 
+/******************************************************************************
+ * Name:        MLK_CONFIG_NO_ASM_VALUE_BARRIER
+ *
+ * Description: If this option is set, mlkem-native will be built without
+ *              use of native code or inline assembly for value barriers.
+ *
+ *              By default, inline assembly (if available) is used to implement
+ *              value barriers.
+ *              Without inline assembly, mlkem-native will use a global volatile
+ *              'opt blocker' instead; see verify.h.
+ *
+ *****************************************************************************/
+/* #define MLk_CONFIG_NO_ASM_VALUE_BARRIER */
+
 /******************************************************************************
  * Name:        MLK_CONFIG_NO_RANDOMIZED_API
  *

examples/monolithic_build_multilevel/multilevel_config.h

@@ -11,6 +11,11 @@
  *   Validation Program
  *   National Institute of Standards and Technology
  *   https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
+ *
+ * - [FIPS203]
+ *   FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism Standard
+ *   National Institute of Standards and Technology
+ *   https://csrc.nist.gov/pubs/fips/203/final
  */
 
 /*
@@ -265,8 +270,9 @@
 /******************************************************************************
  * Name:        MLK_CONFIG_CUSTOM_ZEROIZE
  *
- * Description: In compliance with FIPS 203 Section 3.3, mlkem-native zeroizes
- *              intermediate stack buffers before returning from function calls.
+ * Description: In compliance with @[FIPS203, Section 3.3], mlkem-native
+ *              zeroizes intermediate stack buffers before returning from
+ *              function calls.
  *
  *              Set this option and define `mlk_zeroize` if you want to
  *              use a custom method to zeroize intermediate stack buffers.
@@ -467,6 +473,20 @@
  *****************************************************************************/
 /* #define MLK_CONFIG_NO_ASM */
 
+/******************************************************************************
+ * Name:        MLK_CONFIG_NO_ASM_VALUE_BARRIER
+ *
+ * Description: If this option is set, mlkem-native will be built without
+ *              use of native code or inline assembly for value barriers.
+ *
+ *              By default, inline assembly (if available) is used to implement
+ *              value barriers.
+ *              Without inline assembly, mlkem-native will use a global volatile
+ *              'opt blocker' instead; see verify.h.
+ *
+ *****************************************************************************/
+/* #define MLk_CONFIG_NO_ASM_VALUE_BARRIER */
+
 /******************************************************************************
  * Name:        MLK_CONFIG_NO_RANDOMIZED_API
  *

examples/monolithic_build_multilevel_native/multilevel_config.h

@@ -11,6 +11,11 @@
  *   Validation Program
  *   National Institute of Standards and Technology
  *   https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
+ *
+ * - [FIPS203]
+ *   FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism Standard
+ *   National Institute of Standards and Technology
+ *   https://csrc.nist.gov/pubs/fips/203/final
  */
 
 /*
@@ -265,8 +270,9 @@
 /******************************************************************************
  * Name:        MLK_CONFIG_CUSTOM_ZEROIZE
  *
- * Description: In compliance with FIPS 203 Section 3.3, mlkem-native zeroizes
- *              intermediate stack buffers before returning from function calls.
+ * Description: In compliance with @[FIPS203, Section 3.3], mlkem-native
+ *              zeroizes intermediate stack buffers before returning from
+ *              function calls.
  *
  *              Set this option and define `mlk_zeroize` if you want to
  *              use a custom method to zeroize intermediate stack buffers.
@@ -474,6 +480,20 @@ static MLK_INLINE void mlk_randombytes(uint8_t *ptr, size_t len)
  *****************************************************************************/
 /* #define MLK_CONFIG_NO_ASM */
 
+/******************************************************************************
+ * Name:        MLK_CONFIG_NO_ASM_VALUE_BARRIER
+ *
+ * Description: If this option is set, mlkem-native will be built without
+ *              use of native code or inline assembly for value barriers.
+ *
+ *              By default, inline assembly (if available) is used to implement
+ *              value barriers.
+ *              Without inline assembly, mlkem-native will use a global volatile
+ *              'opt blocker' instead; see verify.h.
+ *
+ *****************************************************************************/
+/* #define MLk_CONFIG_NO_ASM_VALUE_BARRIER */
+
 /******************************************************************************
  * Name:        MLK_CONFIG_NO_RANDOMIZED_API
  *

examples/monolithic_build_native/config_1024.h

@@ -11,6 +11,11 @@
  *   Validation Program
  *   National Institute of Standards and Technology
  *   https://csrc.nist.gov/projects/cryptographic-module-validation-program/fips-140-3-ig-announcements
+ *
+ * - [FIPS203]
+ *   FIPS 203 Module-Lattice-Based Key-Encapsulation Mechanism Standard
+ *   National Institute of Standards and Technology
+ *   https://csrc.nist.gov/pubs/fips/203/final
  */
 
 /*
@@ -264,8 +269,9 @@
 /******************************************************************************
  * Name:        MLK_CONFIG_CUSTOM_ZEROIZE
  *
- * Description: In compliance with FIPS 203 Section 3.3, mlkem-native zeroizes
- *              intermediate stack buffers before returning from function calls.
+ * Description: In compliance with @[FIPS203, Section 3.3], mlkem-native
+ *              zeroizes intermediate stack buffers before returning from
+ *              function calls.
  *
  *              Set this option and define `mlk_zeroize` if you want to
  *              use a custom method to zeroize intermediate stack buffers.
@@ -466,6 +472,20 @@
  *****************************************************************************/
 /* #define MLK_CONFIG_NO_ASM */
 
+/******************************************************************************
+ * Name:        MLK_CONFIG_NO_ASM_VALUE_BARRIER
+ *
+ * Description: If this option is set, mlkem-native will be built without
+ *              use of native code or inline assembly for value barriers.
+ *
+ *              By default, inline assembly (if available) is used to implement
+ *              value barriers.
+ *              Without inline assembly, mlkem-native will use a global volatile
+ *              'opt blocker' instead; see verify.h.
+ *
+ *****************************************************************************/
+/* #define MLk_CONFIG_NO_ASM_VALUE_BARRIER */
+
 /******************************************************************************
  * Name:        MLK_CONFIG_NO_RANDOMIZED_API
  *