Minimized and amalgamated build question #5110

nata11 · 2025-10-04T18:26:17Z

nata11
Oct 4, 2025

Hello,
I have been looking over building a minimized and amalgamated build to include it in a minimal app I am working on. For my app (which I am using for crypto learning purposes), I only need to do a minimal build for ML-KEM, X25519, X448, ChaCha20-Poly1305, AES-GCM, SHA256, SHA512, BLAKE2s, BLAKE2b. What would be the most minimal modules I would need to list for the minimized build seeing that there are so many modules which look similar. My target architecture is x86_64 but could be ARM like the Raspberry Pi also.

Also, I see Kyber and Kyber_90s and ml-kem all listed. So which modules I would I need to include for ML-KEM?
If anyone with better insight on this would chime in, that would be great.
Thanks

Answered by randombit

Oct 5, 2025

In general you just need to list your specific dependencies - the module system should always correctly enable internally anything that is required (if any module configuration fails to build or fails to pass all tests, it's a bug and a report would be appreciated). So for example for NIST standard ML-KEM you would just need to enable ml_kem - this will implicitly enable kyber because of how the implementation is currently structured, but you don't need to ask for it if you don't need it. The only really tricky part is that right now, hardware specific modules are not implicitly enabled. So for example for SHA-512 you would enable sha2_64 but this will not enable hardware acceleration. To…

View full answer

randombit · 2025-10-05T13:34:55Z

randombit
Oct 5, 2025
Maintainer

In general you just need to list your specific dependencies - the module system should always correctly enable internally anything that is required (if any module configuration fails to build or fails to pass all tests, it's a bug and a report would be appreciated). So for example for NIST standard ML-KEM you would just need to enable ml_kem - this will implicitly enable kyber because of how the implementation is currently structured, but you don't need to ask for it if you don't need it. The only really tricky part is that right now, hardware specific modules are not implicitly enabled. So for example for SHA-512 you would enable sha2_64 but this will not enable hardware acceleration. To do that you would have to additionally enable extras like sha2_64_x86 or sha2_64_avx2. That said if just for learning purposes the best possible performance is maybe not so critical and you can probably just ignore that part for the time being.

For

ML-KEM, X25519, X448, ChaCha20-Poly1305, AES-GCM, SHA256, SHA512, BLAKE2s, BLAKE2b

You would need

ml_kem,x25519,x448,chacha20poly1305,aes,gcm,sha2_32,sha2_64,blake2s,blake2

But likely you will also need a random number generator (system_rng or auto_rng). Use system_rng unless you have a really specific opinion about how cryptographic random numbers should be generated.

1 reply

nata11 Oct 5, 2025
Author

Thanks for the quick response!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Minimized and amalgamated build question #5110

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment 1 reply

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Minimized and amalgamated build question #5110

Uh oh!

nata11 Oct 4, 2025

Replies: 1 comment · 1 reply

Uh oh!

randombit Oct 5, 2025 Maintainer

Uh oh!

nata11 Oct 5, 2025 Author

nata11
Oct 4, 2025

Replies: 1 comment 1 reply

randombit
Oct 5, 2025
Maintainer

nata11 Oct 5, 2025
Author