Update of Dilithium and Kyber aarch64

[thomwiggers]

Continuation of PR #527 which I accidentally merged and then reverted (#542).

Dear all,

This pull request is an update of the aarch64 implementation of Dilithium and Kyber. Below are the summary of the changes.

(i) An improved version of NTT/iNTT exploiting the parallelism of arithmetic and memory ports (the idea was already applied to other simpler functions) (ii) br lr -> ret, this resolves open-quantum-safe/liboqs#1448. (iii) Constant declaration at proper .c files and remove unused constants (this resolves #516). (iv) Clarify the LICENSE file, this resolves #498. (v) Correct and extend the namespacing, the correction resolves #495.

Related issues that remain: #515. I need to look into this in the future.

Additionally, I have a question for PQClean: Can I assume that there will be something like fips202x2 for parallelized shake and sha3 on Armv8-A and skip the namespacing for this part? Currently, I skipped the namespacing for parallelized shake and sha3 since I assumed this.

Thanks, Vincent

See discussion in #527

[vincentvbh]

I think this can be merged

[thomwiggers]

Thanks Vincent. I'm on vacation until Monday 5/2, when I'm back I'll review.

[thomwiggers]

I created a PR on your fork to add some allowances for namespacing of the shake2x API. Now, the following still need to be namespaced:

Missing namespace literal PQCLEAN_KYBER512_AARCH64_
	type: T, symbol: _asymmetric_const
	type: T, symbol: _constants
	type: T, symbol: _pre_asymmetric_table_Q1_extended
	type: T, symbol: _streamlined_CT_negacyclic_table_Q1_jump_extended
	type: T, symbol: _streamlined_inv_GS_negacyclic_table_Q1_jump_extended

[thomwiggers]

And also

Missing namespace literal PQCLEAN_DILITHIUM5_AARCH64_
	type: T, symbol: _constants
	type: T, symbol: _streamlined_CT_negacyclic_table_Q1_jump_extended
	type: T, symbol: _streamlined_GS_itable_Q1_jump_extended

[thomwiggers]

On my Mac, other tests now seem to pass.

[thomwiggers]

Thanks a lot @vincentvbh!