Add DeriveKeyPair API (#2070)

* Initial derive keypair commit

Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com>
Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Add pqcrystals-ml_kem_ipd.patch

Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com>
Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Fix encaps key in scheme and revert whitespace changes

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Hopefully corrected patch file

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Corrected missing derand in kem_scheme

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Fix indentation

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Run copy_from_upstream

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

derand testing tentative changes

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Add missing function declarations

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Add template for avx2 derand functions

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Run copy_from_upstream

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

WIP: Add changes for coin length

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>

Update patch to include coin lengths

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Bootstrap

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Conditional copy

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Run copy_from_upstream

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Separate coins variable into two distinct variables

Signed-off-by: Eddy Kim <Eddy.M.Kim@outlook.com>
Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Add derand fixes

- Add support for BIKE, FrodoKEM, sntrup
- Add hooks for testing
- Add missing kem comment to documentation
- Don't run decaps() in test_kem_derand if encaps_derand() fails
- Add markdown documentation changes

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

WIP trying to fix build errors

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Fix remaining build issues

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Resolve unused parameter issues for BIKE

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Resolve unused paramter issues for FrodoKEM

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Fix whitespace inconsistency

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Fix whitepace issue

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Insert unused attributes

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Void all unused parameters

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Use tab instead of spaces in kem_scheme

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Run copy_from_upstream

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Fix kem_derand python tests

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

Initialize coins in test_kem_derand

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Update patch to work with mlkem-native

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Update docs generation and templating

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Run copy_from_upstream [full tests] [extended tests]

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Don't call randombytes on zero-length arrays

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Run format script

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Remove encaps_derand support

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Run copy_from_upstream

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Skip encaps/decaps in test_kem_derand

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Refactor test code

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* s/coins/seed/g

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Improve output

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

* Improve formatting [full tests] [extended tests]

Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>

---------

Signed-off-by: Eddy Kim <e84kim@uwaterloo.ca>
Signed-off-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
Co-authored-by: Eddy Kim <Eddy.M.Kim@outlook.com>

docs/algorithms/kem/bike.md

@@ -13,11 +13,11 @@
 
 ## Parameter set summary
 
-|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) |
-|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|
-|     BIKE-L1     | NA                    | IND-CPA          |                    1 |                      1541 |                      5223 |                      1573 |                           32 |
-|     BIKE-L3     | NA                    | IND-CPA          |                    3 |                      3083 |                     10105 |                      3115 |                           32 |
-|     BIKE-L5     | NA                    | IND-CPA          |                    5 |                      5122 |                     16494 |                      5154 |                           32 |
+|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) | Keypair seed size (bytes)   |
+|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|:----------------------------|
+|     BIKE-L1     | NA                    | IND-CPA          |                    1 |                      1541 |                      5223 |                      1573 |                           32 | NA                          |
+|     BIKE-L3     | NA                    | IND-CPA          |                    3 |                      3083 |                     10105 |                      3115 |                           32 | NA                          |
+|     BIKE-L5     | NA                    | IND-CPA          |                    5 |                      5122 |                     16494 |                      5154 |                           32 | NA                          |
 
 ## BIKE-L1 implementation characteristics
 

docs/algorithms/kem/classic_mceliece.md

@@ -18,18 +18,18 @@
 
 ## Parameter set summary
 
-|       Parameter set       | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) |
-|:-------------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|
-|  Classic-McEliece-348864  | NA                    | IND-CCA2         |                    1 |                    261120 |                      6492 |                        96 |                           32 |
-| Classic-McEliece-348864f  | NA                    | IND-CCA2         |                    1 |                    261120 |                      6492 |                        96 |                           32 |
-|  Classic-McEliece-460896  | NA                    | IND-CCA2         |                    3 |                    524160 |                     13608 |                       156 |                           32 |
-| Classic-McEliece-460896f  | NA                    | IND-CCA2         |                    3 |                    524160 |                     13608 |                       156 |                           32 |
-| Classic-McEliece-6688128  | NA                    | IND-CCA2         |                    5 |                   1044992 |                     13932 |                       208 |                           32 |
-| Classic-McEliece-6688128f | NA                    | IND-CCA2         |                    5 |                   1044992 |                     13932 |                       208 |                           32 |
-| Classic-McEliece-6960119  | NA                    | IND-CCA2         |                    5 |                   1047319 |                     13948 |                       194 |                           32 |
-| Classic-McEliece-6960119f | NA                    | IND-CCA2         |                    5 |                   1047319 |                     13948 |                       194 |                           32 |
-| Classic-McEliece-8192128  | NA                    | IND-CCA2         |                    5 |                   1357824 |                     14120 |                       208 |                           32 |
-| Classic-McEliece-8192128f | NA                    | IND-CCA2         |                    5 |                   1357824 |                     14120 |                       208 |                           32 |
+|       Parameter set       | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) | Keypair seed size (bytes)   |
+|:-------------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|:----------------------------|
+|  Classic-McEliece-348864  | NA                    | IND-CCA2         |                    1 |                    261120 |                      6492 |                        96 |                           32 | NA                          |
+| Classic-McEliece-348864f  | NA                    | IND-CCA2         |                    1 |                    261120 |                      6492 |                        96 |                           32 | NA                          |
+|  Classic-McEliece-460896  | NA                    | IND-CCA2         |                    3 |                    524160 |                     13608 |                       156 |                           32 | NA                          |
+| Classic-McEliece-460896f  | NA                    | IND-CCA2         |                    3 |                    524160 |                     13608 |                       156 |                           32 | NA                          |
+| Classic-McEliece-6688128  | NA                    | IND-CCA2         |                    5 |                   1044992 |                     13932 |                       208 |                           32 | NA                          |
+| Classic-McEliece-6688128f | NA                    | IND-CCA2         |                    5 |                   1044992 |                     13932 |                       208 |                           32 | NA                          |
+| Classic-McEliece-6960119  | NA                    | IND-CCA2         |                    5 |                   1047319 |                     13948 |                       194 |                           32 | NA                          |
+| Classic-McEliece-6960119f | NA                    | IND-CCA2         |                    5 |                   1047319 |                     13948 |                       194 |                           32 | NA                          |
+| Classic-McEliece-8192128  | NA                    | IND-CCA2         |                    5 |                   1357824 |                     14120 |                       208 |                           32 | NA                          |
+| Classic-McEliece-8192128f | NA                    | IND-CCA2         |                    5 |                   1357824 |                     14120 |                       208 |                           32 | NA                          |
 
 ## Classic-McEliece-348864 implementation characteristics
 

docs/algorithms/kem/frodokem.md

@@ -12,14 +12,14 @@
 
 ## Parameter set summary
 
-|    Parameter set    | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) |
-|:-------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|
-|  FrodoKEM-640-AES   | NA                    | IND-CCA2         |                    1 |                      9616 |                     19888 |                      9720 |                           16 |
-| FrodoKEM-640-SHAKE  | NA                    | IND-CCA2         |                    1 |                      9616 |                     19888 |                      9720 |                           16 |
-|  FrodoKEM-976-AES   | NA                    | IND-CCA2         |                    3 |                     15632 |                     31296 |                     15744 |                           24 |
-| FrodoKEM-976-SHAKE  | NA                    | IND-CCA2         |                    3 |                     15632 |                     31296 |                     15744 |                           24 |
-|  FrodoKEM-1344-AES  | NA                    | IND-CCA2         |                    5 |                     21520 |                     43088 |                     21632 |                           32 |
-| FrodoKEM-1344-SHAKE | NA                    | IND-CCA2         |                    5 |                     21520 |                     43088 |                     21632 |                           32 |
+|    Parameter set    | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) | Keypair seed size (bytes)   |
+|:-------------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|:----------------------------|
+|  FrodoKEM-640-AES   | NA                    | IND-CCA2         |                    1 |                      9616 |                     19888 |                      9720 |                           16 | NA                          |
+| FrodoKEM-640-SHAKE  | NA                    | IND-CCA2         |                    1 |                      9616 |                     19888 |                      9720 |                           16 | NA                          |
+|  FrodoKEM-976-AES   | NA                    | IND-CCA2         |                    3 |                     15632 |                     31296 |                     15744 |                           24 | NA                          |
+| FrodoKEM-976-SHAKE  | NA                    | IND-CCA2         |                    3 |                     15632 |                     31296 |                     15744 |                           24 | NA                          |
+|  FrodoKEM-1344-AES  | NA                    | IND-CCA2         |                    5 |                     21520 |                     43088 |                     21632 |                           32 | NA                          |
+| FrodoKEM-1344-SHAKE | NA                    | IND-CCA2         |                    5 |                     21520 |                     43088 |                     21632 |                           32 | NA                          |
 
 ## FrodoKEM-640-AES implementation characteristics
 

docs/algorithms/kem/hqc.md

@@ -14,11 +14,11 @@
 
 ## Parameter set summary
 
-|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) |
-|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|
-|     HQC-128     | NA                    | IND-CCA2         |                    1 |                      2249 |                      2305 |                      4433 |                           64 |
-|     HQC-192     | NA                    | IND-CCA2         |                    3 |                      4522 |                      4586 |                      8978 |                           64 |
-|     HQC-256     | NA                    | IND-CCA2         |                    5 |                      7245 |                      7317 |                     14421 |                           64 |
+|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) | Keypair seed size (bytes)   |
+|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|:----------------------------|
+|     HQC-128     | NA                    | IND-CCA2         |                    1 |                      2249 |                      2305 |                      4433 |                           64 | NA                          |
+|     HQC-192     | NA                    | IND-CCA2         |                    3 |                      4522 |                      4586 |                      8978 |                           64 | NA                          |
+|     HQC-256     | NA                    | IND-CCA2         |                    5 |                      7245 |                      7317 |                     14421 |                           64 | NA                          |
 
 ## HQC-128 implementation characteristics
 

docs/algorithms/kem/kyber.md

@@ -21,11 +21,11 @@
 
 ## Parameter set summary
 
-|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) |
-|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|
-|    Kyber512     | NA                    | IND-CCA2         |                    1 |                       800 |                      1632 |                       768 |                           32 |
-|    Kyber768     | NA                    | IND-CCA2         |                    3 |                      1184 |                      2400 |                      1088 |                           32 |
-|    Kyber1024    | NA                    | IND-CCA2         |                    5 |                      1568 |                      3168 |                      1568 |                           32 |
+|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) | Keypair seed size (bytes)   |
+|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|:----------------------------|
+|    Kyber512     | NA                    | IND-CCA2         |                    1 |                       800 |                      1632 |                       768 |                           32 | NA                          |
+|    Kyber768     | NA                    | IND-CCA2         |                    3 |                      1184 |                      2400 |                      1088 |                           32 | NA                          |
+|    Kyber1024    | NA                    | IND-CCA2         |                    5 |                      1568 |                      3168 |                      1568 |                           32 | NA                          |
 
 ## Kyber512 implementation characteristics
 

docs/algorithms/kem/ml_kem.md

@@ -7,9 +7,9 @@
 - **Authors' website**: https://pq-crystals.org/kyber/ and https://csrc.nist.gov/pubs/fips/203
 - **Specification version**: ML-KEM.
 - **Primary Source**<a name="primary-source"></a>:
-  - **Source**: https://github.com/pq-code-package/mlkem-native/commit/09bb1790bf9d38e1714f39af789306f28cdd395d
+  - **Source**: https://github.com/pq-code-package/mlkem-native/commit/09bb1790bf9d38e1714f39af789306f28cdd395d with copy_from_upstream patches
   - **Implementation license (SPDX-Identifier)**: CC0-1.0 or Apache-2.0
-- **Optimized Implementation sources**: https://github.com/pq-code-package/mlkem-native/commit/09bb1790bf9d38e1714f39af789306f28cdd395d
+- **Optimized Implementation sources**: https://github.com/pq-code-package/mlkem-native/commit/09bb1790bf9d38e1714f39af789306f28cdd395d with copy_from_upstream patches
   - **cupqc-cuda**:<a name="cupqc-cuda"></a>
       - **Source**: https://github.com/praveksharma/cupqc-mlkem/commit/b026f4e5475cd9c20c2082c7d9bad80e5b0ba89e
       - **Implementation license (SPDX-Identifier)**: Apache-2.0
@@ -17,11 +17,11 @@
 
 ## Parameter set summary
 
-|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) |
-|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|
-|   ML-KEM-512    | NA                    | IND-CCA2         |                    1 |                       800 |                      1632 |                       768 |                           32 |
-|   ML-KEM-768    | NA                    | IND-CCA2         |                    3 |                      1184 |                      2400 |                      1088 |                           32 |
-|   ML-KEM-1024   | NA                    | IND-CCA2         |                    5 |                      1568 |                      3168 |                      1568 |                           32 |
+|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) |   Keypair seed size (bytes) |
+|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|----------------------------:|
+|   ML-KEM-512    | NA                    | IND-CCA2         |                    1 |                       800 |                      1632 |                       768 |                           32 |                          64 |
+|   ML-KEM-768    | NA                    | IND-CCA2         |                    3 |                      1184 |                      2400 |                      1088 |                           32 |                          64 |
+|   ML-KEM-1024   | NA                    | IND-CCA2         |                    5 |                      1568 |                      3168 |                      1568 |                           32 |                          64 |
 
 ## ML-KEM-512 implementation characteristics
 

docs/algorithms/kem/ml_kem.yml

@@ -18,6 +18,7 @@ nist-round: FIPS203
 spec-version: ML-KEM
 primary-upstream:
   source: https://github.com/pq-code-package/mlkem-native/commit/09bb1790bf9d38e1714f39af789306f28cdd395d
+    with copy_from_upstream patches
   spdx-license-identifier: CC0-1.0 or Apache-2.0
 optimized-upstreams:
   cupqc-cuda:
@@ -31,6 +32,7 @@ parameter-sets:
   length-ciphertext: 768
   length-secret-key: 1632
   length-shared-secret: 32
+  length-keypair-seed: 64
   implementations-switch-on-runtime-cpu-features: true
   implementations:
   - upstream: primary-upstream
@@ -86,6 +88,7 @@ parameter-sets:
   length-ciphertext: 1088
   length-secret-key: 2400
   length-shared-secret: 32
+  length-keypair-seed: 64
   implementations-switch-on-runtime-cpu-features: true
   implementations:
   - upstream: primary-upstream
@@ -141,6 +144,7 @@ parameter-sets:
   length-ciphertext: 1568
   length-secret-key: 3168
   length-shared-secret: 32
+  length-keypair-seed: 64
   implementations-switch-on-runtime-cpu-features: true
   implementations:
   - upstream: primary-upstream

docs/algorithms/kem/ntruprime.md

@@ -14,9 +14,9 @@
 
 ## Parameter set summary
 
-|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) |
-|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|
-|    sntrup761    | NA                    | IND-CCA2         |                    2 |                      1158 |                      1763 |                      1039 |                           32 |
+|  Parameter set  | Parameter set alias   | Security model   |   Claimed NIST Level |   Public key size (bytes) |   Secret key size (bytes) |   Ciphertext size (bytes) |   Shared secret size (bytes) | Keypair seed size (bytes)   |
+|:---------------:|:----------------------|:-----------------|---------------------:|--------------------------:|--------------------------:|--------------------------:|-----------------------------:|:----------------------------|
+|    sntrup761    | NA                    | IND-CCA2         |                    2 |                      1158 |                      1763 |                      1039 |                           32 | NA                          |
 
 ## sntrup761 implementation characteristics
 

scripts/copy_from_upstream/copy_from_upstream.py

@@ -200,6 +200,8 @@ def load_instructions(file='copy_from_upstream.yml'):
                 scheme['upstream_location'] = family['upstream_location']
             if (not 'arch_specific_upstream_locations' in scheme) and 'arch_specific_upstream_locations' in family:
                 scheme['arch_specific_upstream_locations'] = family['arch_specific_upstream_locations']
+            if (not 'derandomized_keypair' in scheme) and 'derandomized_keypair' in family:
+                scheme['derandomized_keypair'] = family['derandomized_keypair']
             if not 'git_commit' in scheme:
                 scheme['git_commit'] = upstreams[scheme['upstream_location']]['git_commit']
             if not 'git_branch' in scheme:

scripts/copy_from_upstream/copy_from_upstream.yml

@@ -37,6 +37,7 @@ upstreams:
     git_commit: 09bb1790bf9d38e1714f39af789306f28cdd395d
     kem_meta_path: 'integration/liboqs/{pretty_name_full}_META.yml'
     kem_scheme_path: '.'
+    patches: [mlkem-native-ml_kem-derand.patch]
     preserve_folder_structure: True
   -
     name: cupqc
@@ -186,6 +187,7 @@ kems:
     arch_specific_upstream_locations:
                                       cuda: cupqc
     upstream_location: mlkem-native
+    derandomized_keypair: true
     schemes:
       -
         scheme: "512"
@@ -518,4 +520,4 @@ sigs:
         scheme: "ov_V_pkc_skc"
         pqclean_scheme: ov_V_pkc_skc
         pretty_name_full: OV-V-pkc-skc
-        signed_msg_order: msg_then_sig
+        signed_msg_order: msg_then_sig

scripts/copy_from_upstream/patches/mlkem-native-ml_kem-derand.patch

@@ -0,0 +1,109 @@
+3acace6f68987471679c8ff5611191cf4daef82f
+diff --git a/integration/liboqs/ML-KEM-1024_META.yml b/integration/liboqs/ML-KEM-1024_META.yml
+index d70c893..e09122b 100644
+--- a/integration/liboqs/ML-KEM-1024_META.yml
++++ b/integration/liboqs/ML-KEM-1024_META.yml
+@@ -8,6 +8,7 @@ length-public-key: 1568
+ length-ciphertext: 1568
+ length-secret-key: 3168
+ length-shared-secret: 32
++length-keypair-seed: 64
+ nistkat-sha256: f580d851e5fb27e6876e5e203fa18be4cdbfd49e05d48fec3d3992c8f43a13e6
+ testvectors-sha256: ff1a854b9b6761a70c65ccae85246fe0596a949e72eae0866a8a2a2d4ea54b10
+ principal-submitters:
+@@ -27,6 +28,7 @@ implementations:
+     version: FIPS203
+     folder_name: .
+     compile_opts: -DMLKEM_K=4 -DMLK_CONFIG_FILE="../integration/liboqs/config_c.h"
++    signature_keypair_derand: PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair_derand
+     signature_keypair: PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair
+     signature_enc: PQCP_MLKEM_NATIVE_MLKEM1024_C_enc
+     signature_dec: PQCP_MLKEM_NATIVE_MLKEM1024_C_dec
+@@ -35,6 +37,7 @@ implementations:
+     version: FIPS203
+     folder_name: .
+     compile_opts: -DMLKEM_K=4 -DMLK_CONFIG_FILE="../integration/liboqs/config_x86_64.h"
++    signature_keypair_derand: PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_keypair_derand
+     signature_keypair: PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_keypair
+     signature_enc: PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_enc
+     signature_dec: PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_dec
+@@ -52,6 +55,7 @@ implementations:
+     version: FIPS203
+     folder_name: .
+     compile_opts: -DMLKEM_K=4 -DMLK_CONFIG_FILE="../integration/liboqs/config_aarch64.h"
++    signature_keypair_derand: PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_keypair_derand
+     signature_keypair: PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_keypair
+     signature_enc: PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_enc
+     signature_dec: PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_dec
+diff --git a/integration/liboqs/ML-KEM-512_META.yml b/integration/liboqs/ML-KEM-512_META.yml
+index 3d730b5..d682df9 100644
+--- a/integration/liboqs/ML-KEM-512_META.yml
++++ b/integration/liboqs/ML-KEM-512_META.yml
+@@ -8,6 +8,7 @@ length-public-key: 800
+ length-ciphertext: 768
+ length-secret-key: 1632
+ length-shared-secret: 32
++length-keypair-seed: 64
+ nistkat-sha256: c70041a761e01cd6426fa60e9fd6a4412c2be817386c8d0f3334898082512782
+ testvectors-sha256: 6730bb552c22d9d2176ffb5568e48eb30952cf1f065073ec5f9724f6a3c6ea85
+ principal-submitters:
+@@ -27,6 +28,7 @@ implementations:
+     version: FIPS203
+     folder_name: .
+     compile_opts: -DMLKEM_K=2 -DMLK_CONFIG_FILE="../integration/liboqs/config_c.h"
++    signature_keypair_derand: PQCP_MLKEM_NATIVE_MLKEM512_C_keypair_derand
+     signature_keypair: PQCP_MLKEM_NATIVE_MLKEM512_C_keypair
+     signature_enc: PQCP_MLKEM_NATIVE_MLKEM512_C_enc
+     signature_dec: PQCP_MLKEM_NATIVE_MLKEM512_C_dec
+@@ -35,6 +37,7 @@ implementations:
+     version: FIPS203
+     folder_name: .
+     compile_opts: -DMLKEM_K=2 -DMLK_CONFIG_FILE="../integration/liboqs/config_x86_64.h"
++    signature_keypair_derand: PQCP_MLKEM_NATIVE_MLKEM512_X86_64_keypair_derand
+     signature_keypair: PQCP_MLKEM_NATIVE_MLKEM512_X86_64_keypair
+     signature_enc: PQCP_MLKEM_NATIVE_MLKEM512_X86_64_enc
+     signature_dec: PQCP_MLKEM_NATIVE_MLKEM512_X86_64_dec
+@@ -52,6 +55,7 @@ implementations:
+     version: FIPS203
+     folder_name: .
+     compile_opts: -DMLKEM_K=2 -DMLK_CONFIG_FILE="../integration/liboqs/config_aarch64.h"
++    signature_keypair_derand: PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_keypair_derand
+     signature_keypair: PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_keypair
+     signature_enc: PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_enc
+     signature_dec: PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_dec
+diff --git a/integration/liboqs/ML-KEM-768_META.yml b/integration/liboqs/ML-KEM-768_META.yml
+index da9554d..306068c 100644
+--- a/integration/liboqs/ML-KEM-768_META.yml
++++ b/integration/liboqs/ML-KEM-768_META.yml
+@@ -8,6 +8,7 @@ length-public-key: 1184
+ length-ciphertext: 1088
+ length-secret-key: 2400
+ length-shared-secret: 32
++length-keypair-seed: 64
+ nistkat-sha256: 5352539586b6c3df58be6158a6250aeff402bd73060b0a3de68850ac074c17c3
+ testvectors-sha256: 667c8ca2ca93729c0df6ff24588460bad1bbdbfb64ece0fe8563852a7ff348c6
+ principal-submitters:
+@@ -27,6 +28,7 @@ implementations:
+     version: FIPS203
+     folder_name: .
+     compile_opts: -DMLKEM_K=3 -DMLK_CONFIG_FILE="../integration/liboqs/config_c.h"
++    signature_keypair_derand: PQCP_MLKEM_NATIVE_MLKEM768_C_keypair_derand
+     signature_keypair: PQCP_MLKEM_NATIVE_MLKEM768_C_keypair
+     signature_enc: PQCP_MLKEM_NATIVE_MLKEM768_C_enc
+     signature_dec: PQCP_MLKEM_NATIVE_MLKEM768_C_dec
+@@ -35,6 +37,7 @@ implementations:
+     version: FIPS203
+     folder_name: .
+     compile_opts: -DMLKEM_K=3 -DMLK_CONFIG_FILE="../integration/liboqs/config_x86_64.h"
++    signature_keypair_derand: PQCP_MLKEM_NATIVE_MLKEM768_X86_64_keypair_derand
+     signature_keypair: PQCP_MLKEM_NATIVE_MLKEM768_X86_64_keypair
+     signature_enc: PQCP_MLKEM_NATIVE_MLKEM768_X86_64_enc
+     signature_dec: PQCP_MLKEM_NATIVE_MLKEM768_X86_64_dec
+@@ -52,6 +55,7 @@ implementations:
+     version: FIPS203
+     folder_name: .
+     compile_opts: -DMLKEM_K=3 -DMLK_CONFIG_FILE="../integration/liboqs/config_aarch64.h"
++    signature_keypair_derand: PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_keypair_derand
+     signature_keypair: PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_keypair
+     signature_enc: PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_enc
+     signature_dec: PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_dec

scripts/copy_from_upstream/src/kem/family/kem_family.h

@@ -11,8 +11,14 @@
 #define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_secret_key {{ scheme['metadata']['length-secret-key'] }}
 #define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_ciphertext {{ scheme['metadata']['length-ciphertext'] }}
 #define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_shared_secret {{ scheme['metadata']['length-shared-secret'] }}
+{%- if scheme['metadata']['length-keypair-seed'] is defined %}
+#define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_seed {{ scheme['metadata']['length-keypair-seed'] }}
+{%- else %}
+#define OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_seed 0
+{%- endif %}
 OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_new(void);
 OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 {% if 'alias_scheme' in scheme %}
@@ -20,7 +26,9 @@ OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps(uint8_t *s
 #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_secret_key OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_secret_key
 #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_ciphertext OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_ciphertext
 #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_shared_secret OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_shared_secret
+#define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_keypair_seed OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_seed
 OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_new(void);
+#define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_keypair_derand OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand
 #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_keypair OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair
 #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_encaps OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps
 #define OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_decaps OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps

scripts/copy_from_upstream/src/kem/family/kem_scheme.c

@@ -25,8 +25,10 @@ OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_new(void) {
 	kem->length_secret_key = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair;
+	kem->keypair_derand = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand;
 	kem->encaps = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_encaps;
 	kem->decaps = OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_decaps;
 
@@ -56,8 +58,10 @@ OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_new(void) {
 	kem->length_secret_key = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_keypair;
+	kem->keypair_derand = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_keypair_derand;
 	kem->encaps = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_encaps;
 	kem->decaps = OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_decaps;
 
@@ -76,6 +80,11 @@ OQS_KEM *OQS_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_new(void) {
 
 extern int {{ scheme['metadata']['default_keypair_signature'] }}(uint8_t *pk, uint8_t *sk);
 
+        {%- if impl['signature_keypair_derand'] %}
+           {%- set cleankeypairderand = scheme['metadata'].update({'default_keypair_derand_signature': impl['signature_keypair_derand']}) %}
+extern int {{ scheme['metadata']['default_keypair_derand_signature'] }}(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
+        {%- endif %}
+
         {%- if impl['signature_enc'] %}
            {%- set cleanenc = scheme['metadata'].update({'default_enc_signature': impl['signature_enc']}) -%}
         {%- else %}
@@ -103,6 +112,10 @@ extern int {{ impl['signature_keypair'] }}(uint8_t *pk, uint8_t *sk);
 extern int PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
         {%- endif %}
 
+        {%- if impl['signature_keypair_derand'] %}
+extern int {{ impl['signature_keypair_derand'] }}(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
+        {%- endif %}
+
         {%- if impl['signature_enc'] %}
 extern int {{ impl['signature_enc'] }}(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
         {%- else %}
@@ -133,6 +146,47 @@ extern int libjade_{{ scheme['pqclean_scheme_c'] }}_{{ impl['name'] }}_dec(uint8
 {% endfor -%}
 {% endif %}
 
+OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+{%- if scheme['derandomized_keypair'] %}
+    {%- for impl in scheme['metadata']['implementations'] if impl['name'] != scheme['default_implementation'] %}
+    {%- if loop.first %}
+#if defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) {%- if 'alias_scheme' in scheme %} || defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_{{ impl['name'] }}){%- endif %}
+    {%- else %}
+#elif defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['scheme'] }}_{{ impl['name'] }}) {%- if 'alias_scheme' in scheme %} || defined(OQS_ENABLE_KEM_{{ family }}_{{ scheme['alias_scheme'] }}_{{ impl['name'] }}){%- endif %}
+    {%- endif %}
+    {%- if 'required_flags' in impl and impl['required_flags'] %}
+#if defined(OQS_DIST_BUILD)
+	if ({%- for flag in impl['required_flags'] -%}OQS_CPU_has_extension(OQS_CPU_EXT_{{ flag|upper }}){%- if not loop.last %} && {% endif -%}{%- endfor -%}) {
+#endif /* OQS_DIST_BUILD */
+    {%- endif -%}
+        {%- if impl['signature_keypair_derand'] %}
+	{% if 'required_flags' in impl and impl['required_flags'] %}	{% endif -%}return (OQS_STATUS) {{ impl['signature_keypair_derand'] }}(public_key, secret_key, seed);
+        {%- else %}
+	{% if 'required_flags' in impl and impl['required_flags'] %}	{% endif -%}return (OQS_STATUS) PQCLEAN_{{ scheme['pqclean_scheme_c']|upper }}_{{ impl['name']|upper }}_crypto_kem_keypair_derand(public_key, secret_key, seed);
+        {%- endif %}
+    {%- if 'required_flags' in impl and impl['required_flags'] %}
+#if defined(OQS_DIST_BUILD)
+	} else {
+		return (OQS_STATUS) {{ scheme['metadata']['default_keypair_derand_signature'] }}(public_key, secret_key, seed);
+	}
+#endif /* OQS_DIST_BUILD */
+    {%- endif -%}
+    {%- endfor %}
+    {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %}
+#else
+    {%- endif %}
+	return (OQS_STATUS) {{ scheme['metadata']['default_keypair_derand_signature'] }}(public_key, secret_key, seed);
+    {%- if scheme['metadata']['implementations']|rejectattr('name', 'equalto', scheme['default_implementation'])|list %}
+#endif
+    {%- endif %}
+    {%- else %}
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+    {%- endif %}
+}
+
 OQS_API OQS_STATUS OQS_KEM_{{ family }}_{{ scheme['scheme'] }}_keypair(uint8_t *public_key, uint8_t *secret_key) {
 {%- if libjade_implementation is defined and scheme['libjade_implementation'] %}
 #if defined(OQS_LIBJADE_BUILD) && (defined(OQS_ENABLE_LIBJADE_KEM_{{ family }}_{{ scheme['scheme'] }}) {%- if 'alias_scheme' in scheme %} || defined(OQS_ENABLE_LIBJADE_KEM_{{ family }}_{{ scheme['alias_scheme'] }}){%- endif %})

scripts/copy_from_upstream/update_upstream_alg_docs.py

@@ -165,6 +165,9 @@ def update_upstream_kem_alg_docs(liboqs_root, kems, upstream_info, write_changes
                 oqs_scheme_yaml['length-secret-key'] = rhs_if_not_equal(oqs_scheme_yaml['length-secret-key'], upstream_yaml['length-secret-key'], "legnth-secret-key")
                 oqs_scheme_yaml['length-shared-secret'] = rhs_if_not_equal(oqs_scheme_yaml['length-shared-secret'], upstream_yaml['length-shared-secret'], "length-shared-secret")
 
+                if "length-keypair-seed" in oqs_scheme_yaml:
+                    oqs_scheme_yaml['length-keypair-seed'] = rhs_if_not_equal(oqs_scheme_yaml['length-keypair-seed'], upstream_yaml['length-keypair-seed'], "length-keypair-seed")
+
                 _upstream_yaml = upstream_yaml
                 for impl_index, impl in enumerate(oqs_scheme_yaml['implementations']):
                     if impl['upstream'] != 'libjade':

scripts/update_docs_from_yaml.py

@@ -75,7 +75,8 @@ def do_it(liboqs_root):
                       'Public key size (bytes)',
                       'Secret key size (bytes)',
                       'Ciphertext size (bytes)',
-                      'Shared secret size (bytes)']]
+                      'Shared secret size (bytes)',
+                      'Keypair seed size (bytes)']]
             for parameter_set in kem_yaml['parameter-sets']:
                 table.append([parameter_set['name'],
                               parameter_set['alias'] if 'alias' in parameter_set else "NA",
@@ -84,7 +85,8 @@ def do_it(liboqs_root):
                               parameter_set['length-public-key'],
                               parameter_set['length-secret-key'],
                               parameter_set['length-ciphertext'],
-                              parameter_set['length-shared-secret']])
+                              parameter_set['length-shared-secret'],
+                              parameter_set['length-keypair-seed'] if 'length-keypair-seed' in parameter_set else "NA"])
             out_md.write(tabulate.tabulate(table, tablefmt="pipe", headers="firstrow", colalign=("center",)))
             out_md.write('\n')
 

src/kem/bike/additional_r4/kem.c

@@ -270,3 +270,13 @@ OQS_API int decaps(OUT unsigned char *     ss,
 
   return SUCCESS;
 }
+
+OQS_API int keypair_derand(OUT unsigned char *     pk,
+                           OUT unsigned char *     sk,
+                           IN const unsigned char *seed)
+{
+  (void)pk;
+  (void)sk;
+  (void)seed;
+  return OQS_ERROR;
+}

src/kem/bike/functions_renaming.h

@@ -44,6 +44,7 @@
 #define RENAME_FUNC_NAME(fname) EVALUATOR(FUNC_PREFIX, fname)
 
 #define keypair RENAME_FUNC_NAME(keypair)
+#define keypair_derand RENAME_FUNC_NAME(keypair_derand)
 #define decaps RENAME_FUNC_NAME(decaps)
 #define encaps RENAME_FUNC_NAME(encaps)
 

src/kem/bike/kem_bike.c

@@ -20,8 +20,10 @@ OQS_KEM *OQS_KEM_bike_l1_new(void) {
 	kem->length_secret_key = OQS_KEM_bike_l1_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_bike_l1_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_bike_l1_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_bike_l1_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_bike_l1_keypair;
+	kem->keypair_derand = OQS_KEM_bike_l1_keypair_derand;
 	kem->encaps = OQS_KEM_bike_l1_encaps;
 	kem->decaps = OQS_KEM_bike_l1_decaps;
 
@@ -45,8 +47,10 @@ OQS_KEM *OQS_KEM_bike_l3_new(void) {
 	kem->length_secret_key = OQS_KEM_bike_l3_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_bike_l3_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_bike_l3_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_bike_l3_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_bike_l3_keypair;
+	kem->keypair_derand = OQS_KEM_bike_l3_keypair_derand;
 	kem->encaps = OQS_KEM_bike_l3_encaps;
 	kem->decaps = OQS_KEM_bike_l3_decaps;
 
@@ -70,8 +74,10 @@ OQS_KEM *OQS_KEM_bike_l5_new(void) {
 	kem->length_secret_key = OQS_KEM_bike_l5_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_bike_l5_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_bike_l5_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_bike_l5_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_bike_l5_keypair;
+	kem->keypair_derand = OQS_KEM_bike_l5_keypair_derand;
 	kem->encaps = OQS_KEM_bike_l5_encaps;
 	kem->decaps = OQS_KEM_bike_l5_decaps;
 

src/kem/bike/kem_bike.h

@@ -11,8 +11,10 @@
 #define OQS_KEM_bike_l1_length_public_key 1541
 #define OQS_KEM_bike_l1_length_ciphertext 1573
 #define OQS_KEM_bike_l1_length_shared_secret 32
+#define OQS_KEM_bike_l1_length_keypair_seed 0
 OQS_KEM *OQS_KEM_bike_l1_new(void);
 OQS_API OQS_STATUS OQS_KEM_bike_l1_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_bike_l1_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_bike_l1_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_bike_l1_decaps(uint8_t *shared_secret, const unsigned char *ciphertext, const uint8_t *secret_key);
 #endif
@@ -22,8 +24,10 @@ OQS_API OQS_STATUS OQS_KEM_bike_l1_decaps(uint8_t *shared_secret, const unsigned
 #define OQS_KEM_bike_l3_length_public_key 3083
 #define OQS_KEM_bike_l3_length_ciphertext 3115
 #define OQS_KEM_bike_l3_length_shared_secret 32
+#define OQS_KEM_bike_l3_length_keypair_seed 0
 OQS_KEM *OQS_KEM_bike_l3_new(void);
 OQS_API OQS_STATUS OQS_KEM_bike_l3_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_bike_l3_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_bike_l3_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_bike_l3_decaps(uint8_t *shared_secret, const unsigned char *ciphertext, const uint8_t *secret_key);
 #endif
@@ -33,8 +37,10 @@ OQS_API OQS_STATUS OQS_KEM_bike_l3_decaps(uint8_t *shared_secret, const unsigned
 #define OQS_KEM_bike_l5_length_public_key 5122
 #define OQS_KEM_bike_l5_length_ciphertext 5154
 #define OQS_KEM_bike_l5_length_shared_secret 32
+#define OQS_KEM_bike_l5_length_keypair_seed 0
 OQS_KEM *OQS_KEM_bike_l5_new(void);
 OQS_API OQS_STATUS OQS_KEM_bike_l5_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_bike_l5_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_bike_l5_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_bike_l5_decaps(uint8_t *shared_secret, const unsigned char *ciphertext, const uint8_t *secret_key);
 #endif

src/kem/classic_mceliece/kem_classic_mceliece.h

@@ -10,8 +10,10 @@
 #define OQS_KEM_classic_mceliece_348864_length_secret_key 6492
 #define OQS_KEM_classic_mceliece_348864_length_ciphertext 96
 #define OQS_KEM_classic_mceliece_348864_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_348864_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_348864_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -21,8 +23,10 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_decaps(uint8_t *shared_secret
 #define OQS_KEM_classic_mceliece_348864f_length_secret_key 6492
 #define OQS_KEM_classic_mceliece_348864f_length_ciphertext 96
 #define OQS_KEM_classic_mceliece_348864f_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_348864f_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_348864f_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -32,8 +36,10 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_decaps(uint8_t *shared_secre
 #define OQS_KEM_classic_mceliece_460896_length_secret_key 13608
 #define OQS_KEM_classic_mceliece_460896_length_ciphertext 156
 #define OQS_KEM_classic_mceliece_460896_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_460896_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_460896_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -43,8 +49,10 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_decaps(uint8_t *shared_secret
 #define OQS_KEM_classic_mceliece_460896f_length_secret_key 13608
 #define OQS_KEM_classic_mceliece_460896f_length_ciphertext 156
 #define OQS_KEM_classic_mceliece_460896f_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_460896f_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_460896f_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -54,8 +62,10 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_decaps(uint8_t *shared_secre
 #define OQS_KEM_classic_mceliece_6688128_length_secret_key 13932
 #define OQS_KEM_classic_mceliece_6688128_length_ciphertext 208
 #define OQS_KEM_classic_mceliece_6688128_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_6688128_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_6688128_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -65,8 +75,10 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_decaps(uint8_t *shared_secre
 #define OQS_KEM_classic_mceliece_6688128f_length_secret_key 13932
 #define OQS_KEM_classic_mceliece_6688128f_length_ciphertext 208
 #define OQS_KEM_classic_mceliece_6688128f_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_6688128f_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_6688128f_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -76,8 +88,10 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_decaps(uint8_t *shared_secr
 #define OQS_KEM_classic_mceliece_6960119_length_secret_key 13948
 #define OQS_KEM_classic_mceliece_6960119_length_ciphertext 194
 #define OQS_KEM_classic_mceliece_6960119_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_6960119_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_6960119_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -87,8 +101,10 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_decaps(uint8_t *shared_secre
 #define OQS_KEM_classic_mceliece_6960119f_length_secret_key 13948
 #define OQS_KEM_classic_mceliece_6960119f_length_ciphertext 194
 #define OQS_KEM_classic_mceliece_6960119f_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_6960119f_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_6960119f_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -98,8 +114,10 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_decaps(uint8_t *shared_secr
 #define OQS_KEM_classic_mceliece_8192128_length_secret_key 14120
 #define OQS_KEM_classic_mceliece_8192128_length_ciphertext 208
 #define OQS_KEM_classic_mceliece_8192128_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_8192128_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_8192128_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -109,8 +127,10 @@ OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_decaps(uint8_t *shared_secre
 #define OQS_KEM_classic_mceliece_8192128f_length_secret_key 14120
 #define OQS_KEM_classic_mceliece_8192128f_length_ciphertext 208
 #define OQS_KEM_classic_mceliece_8192128f_length_shared_secret 32
+#define OQS_KEM_classic_mceliece_8192128f_length_keypair_seed 0
 OQS_KEM *OQS_KEM_classic_mceliece_8192128f_new(void);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif

src/kem/classic_mceliece/kem_classic_mceliece_348864.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_348864_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_348864_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_348864_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_348864_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_348864_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_348864_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_348864_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_348864_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_348864_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE348864_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss,
 extern int PQCLEAN_MCELIECE348864_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_348864_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/classic_mceliece/kem_classic_mceliece_348864f.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_348864f_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_348864f_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_348864f_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_348864f_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_348864f_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_348864f_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_348864f_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_348864f_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_348864f_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE348864F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss,
 extern int PQCLEAN_MCELIECE348864F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_348864f_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_348864f_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/classic_mceliece/kem_classic_mceliece_460896.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_460896_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_460896_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_460896_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_460896_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_460896_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_460896_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_460896_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_460896_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_460896_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE460896_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss,
 extern int PQCLEAN_MCELIECE460896_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_460896_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/classic_mceliece/kem_classic_mceliece_460896f.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_460896f_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_460896f_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_460896f_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_460896f_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_460896f_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_460896f_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_460896f_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_460896f_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_460896f_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE460896F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss,
 extern int PQCLEAN_MCELIECE460896F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_460896f_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_460896f_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/classic_mceliece/kem_classic_mceliece_6688128.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_6688128_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_6688128_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_6688128_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_6688128_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_6688128_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_6688128_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_6688128_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_6688128_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_6688128_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE6688128_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss,
 extern int PQCLEAN_MCELIECE6688128_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_6688128_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/classic_mceliece/kem_classic_mceliece_6688128f.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_6688128f_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_6688128f_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_6688128f_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_6688128f_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_6688128f_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_6688128f_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_6688128f_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_6688128f_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_6688128f_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE6688128F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss
 extern int PQCLEAN_MCELIECE6688128F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6688128f_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_6688128f_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/classic_mceliece/kem_classic_mceliece_6960119.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_6960119_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_6960119_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_6960119_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_6960119_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_6960119_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_6960119_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_6960119_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_6960119_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_6960119_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE6960119_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss,
 extern int PQCLEAN_MCELIECE6960119_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_6960119_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/classic_mceliece/kem_classic_mceliece_6960119f.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_6960119f_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_6960119f_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_6960119f_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_6960119f_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_6960119f_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_6960119f_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_6960119f_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_6960119f_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_6960119f_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE6960119F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss
 extern int PQCLEAN_MCELIECE6960119F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_6960119f_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_6960119f_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/classic_mceliece/kem_classic_mceliece_8192128.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_8192128_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_8192128_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_8192128_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_8192128_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_8192128_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_8192128_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_8192128_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_8192128_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_8192128_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE8192128_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss,
 extern int PQCLEAN_MCELIECE8192128_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_8192128_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/classic_mceliece/kem_classic_mceliece_8192128f.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_classic_mceliece_8192128f_new(void) {
 	kem->length_secret_key = OQS_KEM_classic_mceliece_8192128f_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_classic_mceliece_8192128f_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_classic_mceliece_8192128f_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_classic_mceliece_8192128f_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_classic_mceliece_8192128f_keypair;
+	kem->keypair_derand = OQS_KEM_classic_mceliece_8192128f_keypair_derand;
 	kem->encaps = OQS_KEM_classic_mceliece_8192128f_encaps;
 	kem->decaps = OQS_KEM_classic_mceliece_8192128f_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_MCELIECE8192128F_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss
 extern int PQCLEAN_MCELIECE8192128F_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_classic_mceliece_8192128f_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_classic_mceliece_8192128f_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/frodokem/external/frodo1344aes_params.h

@@ -4,6 +4,7 @@
 #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_1344_aes_length_secret_key
 #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_1344_aes_length_ciphertext
 #define CRYPTO_BYTES OQS_KEM_frodokem_1344_aes_length_shared_secret
+#define CRYPTO_SEEDBYTES OQS_KEM_frodokem_1344_aes_length_keypair_seed
 
 // Parameters for "FrodoKEM-1344"
 #define PARAMS_N 1344
@@ -28,6 +29,7 @@
 #define USE_AES128_FOR_A
 
 #define crypto_kem_keypair            OQS_KEM_frodokem_1344_aes_keypair
+#define crypto_kem_keypair_derand     OQS_KEM_frodokem_1344_aes_keypair_derand
 #define crypto_kem_enc                OQS_KEM_frodokem_1344_aes_encaps
 #define crypto_kem_dec                OQS_KEM_frodokem_1344_aes_decaps
 

src/kem/frodokem/external/frodo1344shake_params.h

@@ -4,6 +4,7 @@
 #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_1344_shake_length_secret_key
 #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_1344_shake_length_ciphertext
 #define CRYPTO_BYTES OQS_KEM_frodokem_1344_shake_length_shared_secret
+#define CRYPTO_SEEDBYTES OQS_KEM_frodokem_1344_shake_length_keypair_seed
 
 // Parameters for "FrodoKEM-1344"
 #define PARAMS_N 1344
@@ -28,6 +29,7 @@
 #define USE_SHAKE128_FOR_A
 
 #define crypto_kem_keypair            OQS_KEM_frodokem_1344_shake_keypair
+#define crypto_kem_keypair_derand     OQS_KEM_frodokem_1344_shake_keypair_derand
 #define crypto_kem_enc                OQS_KEM_frodokem_1344_shake_encaps
 #define crypto_kem_dec                OQS_KEM_frodokem_1344_shake_decaps
 

src/kem/frodokem/external/frodo640aes_params.h

@@ -4,6 +4,7 @@
 #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_640_aes_length_secret_key
 #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_640_aes_length_ciphertext
 #define CRYPTO_BYTES OQS_KEM_frodokem_640_aes_length_shared_secret
+#define CRYPTO_SEEDBYTES OQS_KEM_frodokem_640_aes_length_keypair_seed
 
 // Parameters for "FrodoKEM-640"
 #define PARAMS_N 640
@@ -28,6 +29,7 @@
 #define USE_AES128_FOR_A
 
 #define crypto_kem_keypair            OQS_KEM_frodokem_640_aes_keypair
+#define crypto_kem_keypair_derand     OQS_KEM_frodokem_640_aes_keypair_derand
 #define crypto_kem_enc                OQS_KEM_frodokem_640_aes_encaps
 #define crypto_kem_dec                OQS_KEM_frodokem_640_aes_decaps
 

src/kem/frodokem/external/frodo640shake_params.h

@@ -4,6 +4,7 @@
 #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_640_shake_length_secret_key
 #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_640_shake_length_ciphertext
 #define CRYPTO_BYTES OQS_KEM_frodokem_640_shake_length_shared_secret
+#define CRYPTO_SEEDBYTES OQS_KEM_frodokem_640_shake_length_keypair_seed
 
 // Parameters for "FrodoKEM-640"
 #define PARAMS_N 640
@@ -28,6 +29,7 @@
 #define USE_SHAKE128_FOR_A
 
 #define crypto_kem_keypair            OQS_KEM_frodokem_640_shake_keypair
+#define crypto_kem_keypair_derand     OQS_KEM_frodokem_640_shake_keypair_derand
 #define crypto_kem_enc                OQS_KEM_frodokem_640_shake_encaps
 #define crypto_kem_dec                OQS_KEM_frodokem_640_shake_decaps
 

src/kem/frodokem/external/frodo976aes_params.h

@@ -4,6 +4,7 @@
 #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_976_aes_length_secret_key
 #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_976_aes_length_ciphertext
 #define CRYPTO_BYTES OQS_KEM_frodokem_976_aes_length_shared_secret
+#define CRYPTO_SEEDBYTES OQS_KEM_frodokem_976_aes_length_keypair_seed
 
 // Parameters for "FrodoKEM-976"
 #define PARAMS_N 976
@@ -28,6 +29,7 @@
 #define USE_AES128_FOR_A
 
 #define crypto_kem_keypair            OQS_KEM_frodokem_976_aes_keypair
+#define crypto_kem_keypair_derand     OQS_KEM_frodokem_976_aes_keypair_derand
 #define crypto_kem_enc                OQS_KEM_frodokem_976_aes_encaps
 #define crypto_kem_dec                OQS_KEM_frodokem_976_aes_decaps
 

src/kem/frodokem/external/frodo976shake_params.h

@@ -4,6 +4,7 @@
 #define CRYPTO_SECRETKEYBYTES OQS_KEM_frodokem_976_shake_length_secret_key
 #define CRYPTO_CIPHERTEXTBYTES OQS_KEM_frodokem_976_shake_length_ciphertext
 #define CRYPTO_BYTES OQS_KEM_frodokem_976_shake_length_shared_secret
+#define CRYPTO_SEEDBYTES OQS_KEM_frodokem_976_shake_length_keypair_seed
 
 // Parameters for "FrodoKEM-976"
 #define PARAMS_N 976
@@ -28,6 +29,7 @@
 #define USE_SHAKE128_FOR_A
 
 #define crypto_kem_keypair            OQS_KEM_frodokem_976_shake_keypair
+#define crypto_kem_keypair_derand     OQS_KEM_frodokem_976_shake_keypair_derand
 #define crypto_kem_enc                OQS_KEM_frodokem_976_shake_encaps
 #define crypto_kem_dec                OQS_KEM_frodokem_976_shake_decaps
 

src/kem/frodokem/external/kem.c

@@ -6,6 +6,15 @@
 
 #include <string.h>
 
+OQS_STATUS crypto_kem_keypair_derand(unsigned char *pk, unsigned char *sk, const unsigned char *seed)
+{
+    (void)pk;
+    (void)sk;
+    (void)seed;
+    return OQS_ERROR;
+}
+
+
 OQS_STATUS crypto_kem_keypair(unsigned char* pk, unsigned char* sk)
 { // FrodoKEM's key generation
   // Outputs: public key pk (               BYTES_SEED_A + (PARAMS_LOGQ*PARAMS_N*PARAMS_NBAR)/8 bytes)

src/kem/frodokem/kem_frodokem.h

@@ -10,8 +10,10 @@
 #define OQS_KEM_frodokem_640_aes_length_secret_key 19888
 #define OQS_KEM_frodokem_640_aes_length_ciphertext 9720
 #define OQS_KEM_frodokem_640_aes_length_shared_secret 16
+#define OQS_KEM_frodokem_640_aes_length_keypair_seed 0
 OQS_KEM *OQS_KEM_frodokem_640_aes_new(void);
 OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -21,8 +23,10 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_640_aes_decaps(uint8_t *shared_secret, const
 #define OQS_KEM_frodokem_640_shake_length_secret_key 19888
 #define OQS_KEM_frodokem_640_shake_length_ciphertext 9720
 #define OQS_KEM_frodokem_640_shake_length_shared_secret 16
+#define OQS_KEM_frodokem_640_shake_length_keypair_seed 0
 OQS_KEM *OQS_KEM_frodokem_640_shake_new(void);
 OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -32,8 +36,10 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_640_shake_decaps(uint8_t *shared_secret, con
 #define OQS_KEM_frodokem_976_aes_length_secret_key 31296
 #define OQS_KEM_frodokem_976_aes_length_ciphertext 15744
 #define OQS_KEM_frodokem_976_aes_length_shared_secret 24
+#define OQS_KEM_frodokem_976_aes_length_keypair_seed 0
 OQS_KEM *OQS_KEM_frodokem_976_aes_new(void);
 OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -43,8 +49,10 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_976_aes_decaps(uint8_t *shared_secret, const
 #define OQS_KEM_frodokem_976_shake_length_secret_key 31296
 #define OQS_KEM_frodokem_976_shake_length_ciphertext 15744
 #define OQS_KEM_frodokem_976_shake_length_shared_secret 24
+#define OQS_KEM_frodokem_976_shake_length_keypair_seed 0
 OQS_KEM *OQS_KEM_frodokem_976_shake_new(void);
 OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -54,8 +62,10 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_976_shake_decaps(uint8_t *shared_secret, con
 #define OQS_KEM_frodokem_1344_aes_length_secret_key 43088
 #define OQS_KEM_frodokem_1344_aes_length_ciphertext 21632
 #define OQS_KEM_frodokem_1344_aes_length_shared_secret 32
+#define OQS_KEM_frodokem_1344_aes_length_keypair_seed 0
 OQS_KEM *OQS_KEM_frodokem_1344_aes_new(void);
 OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -65,8 +75,10 @@ OQS_API OQS_STATUS OQS_KEM_frodokem_1344_aes_decaps(uint8_t *shared_secret, cons
 #define OQS_KEM_frodokem_1344_shake_length_secret_key 43088
 #define OQS_KEM_frodokem_1344_shake_length_ciphertext 21632
 #define OQS_KEM_frodokem_1344_shake_length_shared_secret 32
+#define OQS_KEM_frodokem_1344_shake_length_keypair_seed 0
 OQS_KEM *OQS_KEM_frodokem_1344_shake_new(void);
 OQS_API OQS_STATUS OQS_KEM_frodokem_1344_shake_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_frodokem_1344_shake_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_frodokem_1344_shake_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_frodokem_1344_shake_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif

src/kem/frodokem/kem_frodokem1344aes.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_frodokem_1344_aes_new(void) {
 	kem->length_secret_key = OQS_KEM_frodokem_1344_aes_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_frodokem_1344_aes_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_frodokem_1344_aes_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_frodokem_1344_aes_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_frodokem_1344_aes_keypair;
+	kem->keypair_derand = OQS_KEM_frodokem_1344_aes_keypair_derand;
 	kem->encaps = OQS_KEM_frodokem_1344_aes_encaps;
 	kem->decaps = OQS_KEM_frodokem_1344_aes_decaps;
 

src/kem/frodokem/kem_frodokem1344shake.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_frodokem_1344_shake_new(void) {
 	kem->length_secret_key = OQS_KEM_frodokem_1344_shake_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_frodokem_1344_shake_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_frodokem_1344_shake_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_frodokem_1344_shake_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_frodokem_1344_shake_keypair;
+	kem->keypair_derand = OQS_KEM_frodokem_1344_shake_keypair_derand;
 	kem->encaps = OQS_KEM_frodokem_1344_shake_encaps;
 	kem->decaps = OQS_KEM_frodokem_1344_shake_decaps;
 

src/kem/frodokem/kem_frodokem640aes.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_frodokem_640_aes_new(void) {
 	kem->length_secret_key = OQS_KEM_frodokem_640_aes_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_frodokem_640_aes_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_frodokem_640_aes_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_frodokem_640_aes_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_frodokem_640_aes_keypair;
+	kem->keypair_derand = OQS_KEM_frodokem_640_aes_keypair_derand;
 	kem->encaps = OQS_KEM_frodokem_640_aes_encaps;
 	kem->decaps = OQS_KEM_frodokem_640_aes_decaps;
 

src/kem/frodokem/kem_frodokem640shake.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_frodokem_640_shake_new(void) {
 	kem->length_secret_key = OQS_KEM_frodokem_640_shake_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_frodokem_640_shake_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_frodokem_640_shake_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_frodokem_640_shake_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_frodokem_640_shake_keypair;
+	kem->keypair_derand = OQS_KEM_frodokem_640_shake_keypair_derand;
 	kem->encaps = OQS_KEM_frodokem_640_shake_encaps;
 	kem->decaps = OQS_KEM_frodokem_640_shake_decaps;
 

src/kem/frodokem/kem_frodokem976aes.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_frodokem_976_aes_new(void) {
 	kem->length_secret_key = OQS_KEM_frodokem_976_aes_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_frodokem_976_aes_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_frodokem_976_aes_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_frodokem_976_aes_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_frodokem_976_aes_keypair;
+	kem->keypair_derand = OQS_KEM_frodokem_976_aes_keypair_derand;
 	kem->encaps = OQS_KEM_frodokem_976_aes_encaps;
 	kem->decaps = OQS_KEM_frodokem_976_aes_decaps;
 

src/kem/frodokem/kem_frodokem976shake.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_frodokem_976_shake_new(void) {
 	kem->length_secret_key = OQS_KEM_frodokem_976_shake_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_frodokem_976_shake_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_frodokem_976_shake_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_frodokem_976_shake_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_frodokem_976_shake_keypair;
+	kem->keypair_derand = OQS_KEM_frodokem_976_shake_keypair_derand;
 	kem->encaps = OQS_KEM_frodokem_976_shake_encaps;
 	kem->decaps = OQS_KEM_frodokem_976_shake_decaps;
 

src/kem/hqc/kem_hqc.h

@@ -10,8 +10,10 @@
 #define OQS_KEM_hqc_128_length_secret_key 2305
 #define OQS_KEM_hqc_128_length_ciphertext 4433
 #define OQS_KEM_hqc_128_length_shared_secret 64
+#define OQS_KEM_hqc_128_length_keypair_seed 0
 OQS_KEM *OQS_KEM_hqc_128_new(void);
 OQS_API OQS_STATUS OQS_KEM_hqc_128_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_hqc_128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_hqc_128_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_hqc_128_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -21,8 +23,10 @@ OQS_API OQS_STATUS OQS_KEM_hqc_128_decaps(uint8_t *shared_secret, const uint8_t
 #define OQS_KEM_hqc_192_length_secret_key 4586
 #define OQS_KEM_hqc_192_length_ciphertext 8978
 #define OQS_KEM_hqc_192_length_shared_secret 64
+#define OQS_KEM_hqc_192_length_keypair_seed 0
 OQS_KEM *OQS_KEM_hqc_192_new(void);
 OQS_API OQS_STATUS OQS_KEM_hqc_192_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_hqc_192_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_hqc_192_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_hqc_192_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -32,8 +36,10 @@ OQS_API OQS_STATUS OQS_KEM_hqc_192_decaps(uint8_t *shared_secret, const uint8_t
 #define OQS_KEM_hqc_256_length_secret_key 7317
 #define OQS_KEM_hqc_256_length_ciphertext 14421
 #define OQS_KEM_hqc_256_length_shared_secret 64
+#define OQS_KEM_hqc_256_length_keypair_seed 0
 OQS_KEM *OQS_KEM_hqc_256_new(void);
 OQS_API OQS_STATUS OQS_KEM_hqc_256_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_hqc_256_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_hqc_256_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_hqc_256_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif

src/kem/hqc/kem_hqc_128.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_hqc_128_new(void) {
 	kem->length_secret_key = OQS_KEM_hqc_128_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_hqc_128_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_hqc_128_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_hqc_128_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_hqc_128_keypair;
+	kem->keypair_derand = OQS_KEM_hqc_128_keypair_derand;
 	kem->encaps = OQS_KEM_hqc_128_encaps;
 	kem->decaps = OQS_KEM_hqc_128_decaps;
 
@@ -34,6 +36,13 @@ extern int PQCLEAN_HQC128_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
 extern int PQCLEAN_HQC128_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCLEAN_HQC128_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 
+OQS_API OQS_STATUS OQS_KEM_hqc_128_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_hqc_128_keypair(uint8_t *public_key, uint8_t *secret_key) {
 	return (OQS_STATUS) PQCLEAN_HQC128_CLEAN_crypto_kem_keypair(public_key, secret_key);
 }

src/kem/hqc/kem_hqc_192.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_hqc_192_new(void) {
 	kem->length_secret_key = OQS_KEM_hqc_192_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_hqc_192_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_hqc_192_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_hqc_192_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_hqc_192_keypair;
+	kem->keypair_derand = OQS_KEM_hqc_192_keypair_derand;
 	kem->encaps = OQS_KEM_hqc_192_encaps;
 	kem->decaps = OQS_KEM_hqc_192_decaps;
 
@@ -34,6 +36,13 @@ extern int PQCLEAN_HQC192_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
 extern int PQCLEAN_HQC192_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCLEAN_HQC192_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 
+OQS_API OQS_STATUS OQS_KEM_hqc_192_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_hqc_192_keypair(uint8_t *public_key, uint8_t *secret_key) {
 	return (OQS_STATUS) PQCLEAN_HQC192_CLEAN_crypto_kem_keypair(public_key, secret_key);
 }

src/kem/hqc/kem_hqc_256.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_hqc_256_new(void) {
 	kem->length_secret_key = OQS_KEM_hqc_256_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_hqc_256_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_hqc_256_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_hqc_256_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_hqc_256_keypair;
+	kem->keypair_derand = OQS_KEM_hqc_256_keypair_derand;
 	kem->encaps = OQS_KEM_hqc_256_encaps;
 	kem->decaps = OQS_KEM_hqc_256_decaps;
 
@@ -34,6 +36,13 @@ extern int PQCLEAN_HQC256_CLEAN_crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
 extern int PQCLEAN_HQC256_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCLEAN_HQC256_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 
+OQS_API OQS_STATUS OQS_KEM_hqc_256_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_hqc_256_keypair(uint8_t *public_key, uint8_t *secret_key) {
 	return (OQS_STATUS) PQCLEAN_HQC256_CLEAN_crypto_kem_keypair(public_key, secret_key);
 }

src/kem/kem.c

@@ -466,6 +466,14 @@ OQS_API OQS_KEM *OQS_KEM_new(const char *method_name) {
 	}
 }
 
+OQS_API OQS_STATUS OQS_KEM_keypair_derand(const OQS_KEM *kem, uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	if (kem == NULL) {
+		return OQS_ERROR;
+	} else {
+		return kem->keypair_derand(public_key, secret_key, seed);
+	}
+}
+
 OQS_API OQS_STATUS OQS_KEM_keypair(const OQS_KEM *kem, uint8_t *public_key, uint8_t *secret_key) {
 	if (kem == NULL) {
 		return OQS_ERROR;

src/kem/kem.h

@@ -157,6 +157,22 @@ typedef struct OQS_KEM {
 	size_t length_ciphertext;
 	/** The length, in bytes, of shared secrets for this KEM. */
 	size_t length_shared_secret;
+	/** The length, in bytes, of seeds for derandomized keypair generation for this KEM. */
+	size_t length_keypair_seed;
+
+	/**
+	 * Derandomized keypair generation algorithm.
+	 *
+	 * Caller is responsible for allocating sufficient memory for `public_key` and
+	 * `secret_key`, based on the `length_*` members in this object or the per-scheme
+	 * compile-time macros `OQS_KEM_*_length_*`.
+	 *
+	 * @param[out] public_key The public key represented as a byte string.
+	 * @param[out] secret_key The secret key represented as a byte string.
+	 * @param[in] seed The input randomness represented as a byte string.
+	 * @return OQS_SUCCESS or OQS_ERROR
+	 */
+	OQS_STATUS (*keypair_derand)(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 
 	/**
 	 * Keypair generation algorithm.
@@ -212,6 +228,21 @@ typedef struct OQS_KEM {
  */
 OQS_API OQS_KEM *OQS_KEM_new(const char *method_name);
 
+/**
+ * Derandomized keypair generation algorithm.
+ *
+ * Caller is responsible for allocating sufficient memory for `public_key` and
+ * `secret_key`, based on the `length_*` members in this object or the per-scheme
+ * compile-time macros `OQS_KEM_*_length_*`.
+ *
+ * @param[in] kem The OQS_KEM object representing the KEM.
+ * @param[out] public_key The public key represented as a byte string.
+ * @param[out] secret_key The secret key represented as a byte string.
+ * @param[in] seed The input randomness represented as a byte string.
+ * @return OQS_SUCCESS or OQS_ERROR
+ */
+OQS_API OQS_STATUS OQS_KEM_keypair_derand(const OQS_KEM *kem, uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
+
 /**
  * Keypair generation algorithm.
  *

src/kem/kyber/kem_kyber.h

@@ -10,8 +10,10 @@
 #define OQS_KEM_kyber_512_length_secret_key 1632
 #define OQS_KEM_kyber_512_length_ciphertext 768
 #define OQS_KEM_kyber_512_length_shared_secret 32
+#define OQS_KEM_kyber_512_length_keypair_seed 0
 OQS_KEM *OQS_KEM_kyber_512_new(void);
 OQS_API OQS_STATUS OQS_KEM_kyber_512_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_kyber_512_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_kyber_512_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_kyber_512_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -21,8 +23,10 @@ OQS_API OQS_STATUS OQS_KEM_kyber_512_decaps(uint8_t *shared_secret, const uint8_
 #define OQS_KEM_kyber_768_length_secret_key 2400
 #define OQS_KEM_kyber_768_length_ciphertext 1088
 #define OQS_KEM_kyber_768_length_shared_secret 32
+#define OQS_KEM_kyber_768_length_keypair_seed 0
 OQS_KEM *OQS_KEM_kyber_768_new(void);
 OQS_API OQS_STATUS OQS_KEM_kyber_768_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_kyber_768_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_kyber_768_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_kyber_768_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -32,8 +36,10 @@ OQS_API OQS_STATUS OQS_KEM_kyber_768_decaps(uint8_t *shared_secret, const uint8_
 #define OQS_KEM_kyber_1024_length_secret_key 3168
 #define OQS_KEM_kyber_1024_length_ciphertext 1568
 #define OQS_KEM_kyber_1024_length_shared_secret 32
+#define OQS_KEM_kyber_1024_length_keypair_seed 0
 OQS_KEM *OQS_KEM_kyber_1024_new(void);
 OQS_API OQS_STATUS OQS_KEM_kyber_1024_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_kyber_1024_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_kyber_1024_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_kyber_1024_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif

src/kem/kyber/kem_kyber_1024.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_kyber_1024_new(void) {
 	kem->length_secret_key = OQS_KEM_kyber_1024_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_kyber_1024_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_kyber_1024_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_kyber_1024_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_kyber_1024_keypair;
+	kem->keypair_derand = OQS_KEM_kyber_1024_keypair_derand;
 	kem->encaps = OQS_KEM_kyber_1024_encaps;
 	kem->decaps = OQS_KEM_kyber_1024_decaps;
 
@@ -46,6 +48,13 @@ extern int PQCLEAN_KYBER1024_AARCH64_crypto_kem_enc(uint8_t *ct, uint8_t *ss, co
 extern int PQCLEAN_KYBER1024_AARCH64_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_kyber_1024_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_kyber_1024_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_kyber_1024_avx2)
 #if defined(OQS_DIST_BUILD)

src/kem/kyber/kem_kyber_512.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_kyber_512_new(void) {
 	kem->length_secret_key = OQS_KEM_kyber_512_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_kyber_512_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_kyber_512_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_kyber_512_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_kyber_512_keypair;
+	kem->keypair_derand = OQS_KEM_kyber_512_keypair_derand;
 	kem->encaps = OQS_KEM_kyber_512_encaps;
 	kem->decaps = OQS_KEM_kyber_512_decaps;
 
@@ -59,6 +61,13 @@ extern int libjade_kyber512_avx2_dec(uint8_t *ss, const uint8_t *ct, const uint8
 #endif
 
 
+OQS_API OQS_STATUS OQS_KEM_kyber_512_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_kyber_512_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_LIBJADE_BUILD) && (defined(OQS_ENABLE_LIBJADE_KEM_kyber_512))
 #if defined(OQS_ENABLE_LIBJADE_KEM_kyber_512_avx2)

src/kem/kyber/kem_kyber_768.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_kyber_768_new(void) {
 	kem->length_secret_key = OQS_KEM_kyber_768_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_kyber_768_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_kyber_768_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_kyber_768_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_kyber_768_keypair;
+	kem->keypair_derand = OQS_KEM_kyber_768_keypair_derand;
 	kem->encaps = OQS_KEM_kyber_768_encaps;
 	kem->decaps = OQS_KEM_kyber_768_decaps;
 
@@ -59,6 +61,13 @@ extern int libjade_kyber768_avx2_dec(uint8_t *ss, const uint8_t *ct, const uint8
 #endif
 
 
+OQS_API OQS_STATUS OQS_KEM_kyber_768_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_kyber_768_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_LIBJADE_BUILD) && (defined(OQS_ENABLE_LIBJADE_KEM_kyber_768))
 #if defined(OQS_ENABLE_LIBJADE_KEM_kyber_768_avx2)

src/kem/ml_kem/kem_ml_kem.h

@@ -10,8 +10,10 @@
 #define OQS_KEM_ml_kem_512_length_secret_key 1632
 #define OQS_KEM_ml_kem_512_length_ciphertext 768
 #define OQS_KEM_ml_kem_512_length_shared_secret 32
+#define OQS_KEM_ml_kem_512_length_keypair_seed 64
 OQS_KEM *OQS_KEM_ml_kem_512_new(void);
 OQS_API OQS_STATUS OQS_KEM_ml_kem_512_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_ml_kem_512_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_ml_kem_512_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_ml_kem_512_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -21,8 +23,10 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_512_decaps(uint8_t *shared_secret, const uint8
 #define OQS_KEM_ml_kem_768_length_secret_key 2400
 #define OQS_KEM_ml_kem_768_length_ciphertext 1088
 #define OQS_KEM_ml_kem_768_length_shared_secret 32
+#define OQS_KEM_ml_kem_768_length_keypair_seed 64
 OQS_KEM *OQS_KEM_ml_kem_768_new(void);
 OQS_API OQS_STATUS OQS_KEM_ml_kem_768_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_ml_kem_768_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_ml_kem_768_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_ml_kem_768_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif
@@ -32,8 +36,10 @@ OQS_API OQS_STATUS OQS_KEM_ml_kem_768_decaps(uint8_t *shared_secret, const uint8
 #define OQS_KEM_ml_kem_1024_length_secret_key 3168
 #define OQS_KEM_ml_kem_1024_length_ciphertext 1568
 #define OQS_KEM_ml_kem_1024_length_shared_secret 32
+#define OQS_KEM_ml_kem_1024_length_keypair_seed 64
 OQS_KEM *OQS_KEM_ml_kem_1024_new(void);
 OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif

src/kem/ml_kem/kem_ml_kem_1024.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_ml_kem_1024_new(void) {
 	kem->length_secret_key = OQS_KEM_ml_kem_1024_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_ml_kem_1024_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_ml_kem_1024_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_ml_kem_1024_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_ml_kem_1024_keypair;
+	kem->keypair_derand = OQS_KEM_ml_kem_1024_keypair_derand;
 	kem->encaps = OQS_KEM_ml_kem_1024_encaps;
 	kem->decaps = OQS_KEM_ml_kem_1024_decaps;
 
@@ -31,17 +33,20 @@ OQS_KEM *OQS_KEM_ml_kem_1024_new(void) {
 }
 
 extern int PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair(uint8_t *pk, uint8_t *sk);
+extern int PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
 extern int PQCP_MLKEM_NATIVE_MLKEM1024_C_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCP_MLKEM_NATIVE_MLKEM1024_C_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 
 #if defined(OQS_ENABLE_KEM_ml_kem_1024_x86_64)
 extern int PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_keypair(uint8_t *pk, uint8_t *sk);
+extern int PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
 extern int PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
 #if defined(OQS_ENABLE_KEM_ml_kem_1024_aarch64)
 extern int PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_keypair(uint8_t *pk, uint8_t *sk);
+extern int PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
 extern int PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
@@ -54,6 +59,34 @@ extern int cupqc_ml_kem_1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *
 #endif
 #endif /* OQS_USE_CUPQC */
 
+OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+#if defined(OQS_ENABLE_KEM_ml_kem_1024_x86_64)
+#if defined(OQS_DIST_BUILD)
+	if (OQS_CPU_has_extension(OQS_CPU_EXT_AVX2) && OQS_CPU_has_extension(OQS_CPU_EXT_BMI2) && OQS_CPU_has_extension(OQS_CPU_EXT_POPCNT)) {
+#endif /* OQS_DIST_BUILD */
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM1024_X86_64_keypair_derand(public_key, secret_key, seed);
+#if defined(OQS_DIST_BUILD)
+	} else {
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair_derand(public_key, secret_key, seed);
+	}
+#endif /* OQS_DIST_BUILD */
+#elif defined(OQS_ENABLE_KEM_ml_kem_1024_aarch64)
+#if defined(OQS_DIST_BUILD)
+	if (OQS_CPU_has_extension(OQS_CPU_EXT_ARM_NEON)) {
+#endif /* OQS_DIST_BUILD */
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM1024_AARCH64_keypair_derand(public_key, secret_key, seed);
+#if defined(OQS_DIST_BUILD)
+	} else {
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair_derand(public_key, secret_key, seed);
+	}
+#endif /* OQS_DIST_BUILD */
+#elif defined(OQS_ENABLE_KEM_ml_kem_1024_cuda)
+	return (OQS_STATUS) PQCLEAN_MLKEM1024_CUDA_crypto_kem_keypair_derand(public_key, secret_key, seed);
+#else
+	return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM1024_C_keypair_derand(public_key, secret_key, seed);
+#endif
+}
+
 OQS_API OQS_STATUS OQS_KEM_ml_kem_1024_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_USE_CUPQC) && defined(OQS_ENABLE_KEM_ml_kem_1024_cuda)
 	return (OQS_STATUS) cupqc_ml_kem_1024_keypair(public_key, secret_key);

src/kem/ml_kem/kem_ml_kem_512.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_ml_kem_512_new(void) {
 	kem->length_secret_key = OQS_KEM_ml_kem_512_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_ml_kem_512_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_ml_kem_512_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_ml_kem_512_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_ml_kem_512_keypair;
+	kem->keypair_derand = OQS_KEM_ml_kem_512_keypair_derand;
 	kem->encaps = OQS_KEM_ml_kem_512_encaps;
 	kem->decaps = OQS_KEM_ml_kem_512_decaps;
 
@@ -31,17 +33,20 @@ OQS_KEM *OQS_KEM_ml_kem_512_new(void) {
 }
 
 extern int PQCP_MLKEM_NATIVE_MLKEM512_C_keypair(uint8_t *pk, uint8_t *sk);
+extern int PQCP_MLKEM_NATIVE_MLKEM512_C_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
 extern int PQCP_MLKEM_NATIVE_MLKEM512_C_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCP_MLKEM_NATIVE_MLKEM512_C_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 
 #if defined(OQS_ENABLE_KEM_ml_kem_512_x86_64)
 extern int PQCP_MLKEM_NATIVE_MLKEM512_X86_64_keypair(uint8_t *pk, uint8_t *sk);
+extern int PQCP_MLKEM_NATIVE_MLKEM512_X86_64_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
 extern int PQCP_MLKEM_NATIVE_MLKEM512_X86_64_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCP_MLKEM_NATIVE_MLKEM512_X86_64_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
 #if defined(OQS_ENABLE_KEM_ml_kem_512_aarch64)
 extern int PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_keypair(uint8_t *pk, uint8_t *sk);
+extern int PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
 extern int PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
@@ -54,6 +59,34 @@ extern int cupqc_ml_kem_512_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *s
 #endif
 #endif /* OQS_USE_CUPQC */
 
+OQS_API OQS_STATUS OQS_KEM_ml_kem_512_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+#if defined(OQS_ENABLE_KEM_ml_kem_512_x86_64)
+#if defined(OQS_DIST_BUILD)
+	if (OQS_CPU_has_extension(OQS_CPU_EXT_AVX2) && OQS_CPU_has_extension(OQS_CPU_EXT_BMI2) && OQS_CPU_has_extension(OQS_CPU_EXT_POPCNT)) {
+#endif /* OQS_DIST_BUILD */
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM512_X86_64_keypair_derand(public_key, secret_key, seed);
+#if defined(OQS_DIST_BUILD)
+	} else {
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM512_C_keypair_derand(public_key, secret_key, seed);
+	}
+#endif /* OQS_DIST_BUILD */
+#elif defined(OQS_ENABLE_KEM_ml_kem_512_aarch64)
+#if defined(OQS_DIST_BUILD)
+	if (OQS_CPU_has_extension(OQS_CPU_EXT_ARM_NEON)) {
+#endif /* OQS_DIST_BUILD */
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_keypair_derand(public_key, secret_key, seed);
+#if defined(OQS_DIST_BUILD)
+	} else {
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM512_C_keypair_derand(public_key, secret_key, seed);
+	}
+#endif /* OQS_DIST_BUILD */
+#elif defined(OQS_ENABLE_KEM_ml_kem_512_cuda)
+	return (OQS_STATUS) PQCLEAN_MLKEM512_CUDA_crypto_kem_keypair_derand(public_key, secret_key, seed);
+#else
+	return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM512_C_keypair_derand(public_key, secret_key, seed);
+#endif
+}
+
 OQS_API OQS_STATUS OQS_KEM_ml_kem_512_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_USE_CUPQC) && defined(OQS_ENABLE_KEM_ml_kem_512_cuda)
 	return (OQS_STATUS) cupqc_ml_kem_512_keypair(public_key, secret_key);

src/kem/ml_kem/kem_ml_kem_768.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_ml_kem_768_new(void) {
 	kem->length_secret_key = OQS_KEM_ml_kem_768_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_ml_kem_768_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_ml_kem_768_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_ml_kem_768_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_ml_kem_768_keypair;
+	kem->keypair_derand = OQS_KEM_ml_kem_768_keypair_derand;
 	kem->encaps = OQS_KEM_ml_kem_768_encaps;
 	kem->decaps = OQS_KEM_ml_kem_768_decaps;
 
@@ -31,17 +33,20 @@ OQS_KEM *OQS_KEM_ml_kem_768_new(void) {
 }
 
 extern int PQCP_MLKEM_NATIVE_MLKEM768_C_keypair(uint8_t *pk, uint8_t *sk);
+extern int PQCP_MLKEM_NATIVE_MLKEM768_C_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
 extern int PQCP_MLKEM_NATIVE_MLKEM768_C_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCP_MLKEM_NATIVE_MLKEM768_C_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 
 #if defined(OQS_ENABLE_KEM_ml_kem_768_x86_64)
 extern int PQCP_MLKEM_NATIVE_MLKEM768_X86_64_keypair(uint8_t *pk, uint8_t *sk);
+extern int PQCP_MLKEM_NATIVE_MLKEM768_X86_64_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
 extern int PQCP_MLKEM_NATIVE_MLKEM768_X86_64_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCP_MLKEM_NATIVE_MLKEM768_X86_64_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
 #if defined(OQS_ENABLE_KEM_ml_kem_768_aarch64)
 extern int PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_keypair(uint8_t *pk, uint8_t *sk);
+extern int PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *seed);
 extern int PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
 extern int PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
@@ -54,6 +59,34 @@ extern int cupqc_ml_kem_768_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *s
 #endif
 #endif /* OQS_USE_CUPQC */
 
+OQS_API OQS_STATUS OQS_KEM_ml_kem_768_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+#if defined(OQS_ENABLE_KEM_ml_kem_768_x86_64)
+#if defined(OQS_DIST_BUILD)
+	if (OQS_CPU_has_extension(OQS_CPU_EXT_AVX2) && OQS_CPU_has_extension(OQS_CPU_EXT_BMI2) && OQS_CPU_has_extension(OQS_CPU_EXT_POPCNT)) {
+#endif /* OQS_DIST_BUILD */
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM768_X86_64_keypair_derand(public_key, secret_key, seed);
+#if defined(OQS_DIST_BUILD)
+	} else {
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM768_C_keypair_derand(public_key, secret_key, seed);
+	}
+#endif /* OQS_DIST_BUILD */
+#elif defined(OQS_ENABLE_KEM_ml_kem_768_aarch64)
+#if defined(OQS_DIST_BUILD)
+	if (OQS_CPU_has_extension(OQS_CPU_EXT_ARM_NEON)) {
+#endif /* OQS_DIST_BUILD */
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM768_AARCH64_keypair_derand(public_key, secret_key, seed);
+#if defined(OQS_DIST_BUILD)
+	} else {
+		return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM768_C_keypair_derand(public_key, secret_key, seed);
+	}
+#endif /* OQS_DIST_BUILD */
+#elif defined(OQS_ENABLE_KEM_ml_kem_768_cuda)
+	return (OQS_STATUS) PQCLEAN_MLKEM768_CUDA_crypto_kem_keypair_derand(public_key, secret_key, seed);
+#else
+	return (OQS_STATUS) PQCP_MLKEM_NATIVE_MLKEM768_C_keypair_derand(public_key, secret_key, seed);
+#endif
+}
+
 OQS_API OQS_STATUS OQS_KEM_ml_kem_768_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_USE_CUPQC) && defined(OQS_ENABLE_KEM_ml_kem_768_cuda)
 	return (OQS_STATUS) cupqc_ml_kem_768_keypair(public_key, secret_key);

src/kem/ntruprime/kem_ntruprime.h

@@ -10,8 +10,10 @@
 #define OQS_KEM_ntruprime_sntrup761_length_secret_key 1763
 #define OQS_KEM_ntruprime_sntrup761_length_ciphertext 1039
 #define OQS_KEM_ntruprime_sntrup761_length_shared_secret 32
+#define OQS_KEM_ntruprime_sntrup761_length_keypair_seed 0
 OQS_KEM *OQS_KEM_ntruprime_sntrup761_new(void);
 OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_keypair(uint8_t *public_key, uint8_t *secret_key);
+OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed);
 OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_encaps(uint8_t *ciphertext, uint8_t *shared_secret, const uint8_t *public_key);
 OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_decaps(uint8_t *shared_secret, const uint8_t *ciphertext, const uint8_t *secret_key);
 #endif

src/kem/ntruprime/kem_ntruprime_sntrup761.c

@@ -22,8 +22,10 @@ OQS_KEM *OQS_KEM_ntruprime_sntrup761_new(void) {
 	kem->length_secret_key = OQS_KEM_ntruprime_sntrup761_length_secret_key;
 	kem->length_ciphertext = OQS_KEM_ntruprime_sntrup761_length_ciphertext;
 	kem->length_shared_secret = OQS_KEM_ntruprime_sntrup761_length_shared_secret;
+	kem->length_keypair_seed = OQS_KEM_ntruprime_sntrup761_length_keypair_seed;
 
 	kem->keypair = OQS_KEM_ntruprime_sntrup761_keypair;
+	kem->keypair_derand = OQS_KEM_ntruprime_sntrup761_keypair_derand;
 	kem->encaps = OQS_KEM_ntruprime_sntrup761_encaps;
 	kem->decaps = OQS_KEM_ntruprime_sntrup761_decaps;
 
@@ -40,6 +42,13 @@ extern int PQCLEAN_SNTRUP761_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const
 extern int PQCLEAN_SNTRUP761_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
 
+OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_keypair_derand(uint8_t *public_key, uint8_t *secret_key, const uint8_t *seed) {
+	(void)public_key;
+	(void)secret_key;
+	(void)seed;
+	return OQS_ERROR;
+}
+
 OQS_API OQS_STATUS OQS_KEM_ntruprime_sntrup761_keypair(uint8_t *public_key, uint8_t *secret_key) {
 #if defined(OQS_ENABLE_KEM_ntruprime_sntrup761_avx2)
 #if defined(OQS_DIST_BUILD)

tests/test_kem.c

@@ -110,7 +110,7 @@ typedef struct magic_s {
 	uint8_t val[31];
 } magic_t;
 
-static OQS_STATUS kem_test_correctness(const char *method_name) {
+static OQS_STATUS kem_test_correctness(const char *method_name, bool derand) {
 
 	OQS_KEM *kem = NULL;
 	uint8_t *public_key = NULL;
@@ -118,6 +118,7 @@ static OQS_STATUS kem_test_correctness(const char *method_name) {
 	uint8_t *ciphertext = NULL;
 	uint8_t *shared_secret_e = NULL;
 	uint8_t *shared_secret_d = NULL;
+	uint8_t *seed = NULL;
 	OQS_STATUS rc, ret = OQS_ERROR;
 	int rv;
 
@@ -132,16 +133,19 @@ static OQS_STATUS kem_test_correctness(const char *method_name) {
 		goto err;
 	}
 
-	printf("================================================================================\n");
-	printf("Sample computation for KEM %s\n", kem->method_name);
-	printf("Version source: %s\n", kem->alg_version);
-	printf("================================================================================\n");
+	if (!derand) {
+		printf("================================================================================\n");
+		printf("sample computation for KEM %s\n", kem->method_name);
+		printf("Version source: %s\n", kem->alg_version);
+		printf("================================================================================\n");
+	}
 
 	public_key = OQS_MEM_malloc(kem->length_public_key + 2 * sizeof(magic_t));
 	secret_key = OQS_MEM_malloc(kem->length_secret_key + 2 * sizeof(magic_t));
 	ciphertext = OQS_MEM_malloc(kem->length_ciphertext + 2 * sizeof(magic_t));
 	shared_secret_e = OQS_MEM_malloc(kem->length_shared_secret + 2 * sizeof(magic_t));
 	shared_secret_d = OQS_MEM_malloc(kem->length_shared_secret + 2 * sizeof(magic_t));
+	seed = malloc(kem->length_keypair_seed + 2 * sizeof(magic_t));
 
 	if ((public_key == NULL) || (secret_key == NULL) || (ciphertext == NULL) || (shared_secret_e == NULL) || (shared_secret_d == NULL)) {
 		fprintf(stderr, "ERROR: OQS_MEM_malloc failed\n");
@@ -154,12 +158,14 @@ static OQS_STATUS kem_test_correctness(const char *method_name) {
 	memcpy(ciphertext, magic.val, sizeof(magic_t));
 	memcpy(shared_secret_e, magic.val, sizeof(magic_t));
 	memcpy(shared_secret_d, magic.val, sizeof(magic_t));
+	memcpy(seed, magic.val, sizeof(magic_t));
 
 	public_key += sizeof(magic_t);
 	secret_key += sizeof(magic_t);
 	ciphertext += sizeof(magic_t);
 	shared_secret_e += sizeof(magic_t);
 	shared_secret_d += sizeof(magic_t);
+	seed += sizeof(magic_t);
 
 	// and after
 	memcpy(public_key + kem->length_public_key, magic.val, sizeof(magic_t));
@@ -167,12 +173,38 @@ static OQS_STATUS kem_test_correctness(const char *method_name) {
 	memcpy(ciphertext + kem->length_ciphertext, magic.val, sizeof(magic_t));
 	memcpy(shared_secret_e + kem->length_shared_secret, magic.val, sizeof(magic_t));
 	memcpy(shared_secret_d + kem->length_shared_secret, magic.val, sizeof(magic_t));
+	memcpy(seed + kem->length_keypair_seed, magic.val, sizeof(magic_t));
 
-	rc = OQS_KEM_keypair(kem, public_key, secret_key);
-	OQS_TEST_CT_DECLASSIFY(&rc, sizeof rc);
-	if (rc != OQS_SUCCESS) {
-		fprintf(stderr, "ERROR: OQS_KEM_keypair failed\n");
-		goto err;
+
+	if (derand) {
+		// On some systems, getentropy fails if given a zero-length array
+		if (kem->length_keypair_seed > 0) {
+			OQS_randombytes(seed, kem->length_keypair_seed);
+		}
+		rc = OQS_KEM_keypair_derand(kem, public_key, secret_key, seed);
+		OQS_TEST_CT_DECLASSIFY(&rc, sizeof rc);
+		if (kem->length_keypair_seed == 0) {
+			// If length_keypair_seed is set to 0 for this KEM scheme, a failure is expected
+			if (rc != OQS_ERROR) {
+				fprintf(stderr, "ERROR: OQS_KEM_keypair_derand succeeded but expected a failure\n");
+				goto err;
+			}
+			printf("OQS_KEM_keypair_derand failed, as expected\n");
+			ret = OQS_SUCCESS;
+			goto cleanup;
+		} else {
+			if (rc != OQS_SUCCESS) {
+				fprintf(stderr, "ERROR: OQS_KEM_keypair_derand failed\n");
+				goto err;
+			}
+		}
+	} else {
+		rc = OQS_KEM_keypair(kem, public_key, secret_key);
+		OQS_TEST_CT_DECLASSIFY(&rc, sizeof rc);
+		if (rc != OQS_SUCCESS) {
+			fprintf(stderr, "ERROR: OQS_KEM_keypair failed\n");
+			goto err;
+		}
 	}
 
 	OQS_TEST_CT_DECLASSIFY(public_key, kem->length_public_key);
@@ -227,11 +259,13 @@ static OQS_STATUS kem_test_correctness(const char *method_name) {
 	rv |= memcmp(ciphertext + kem->length_ciphertext, magic.val, sizeof(magic_t));
 	rv |= memcmp(shared_secret_e + kem->length_shared_secret, magic.val, sizeof(magic_t));
 	rv |= memcmp(shared_secret_d + kem->length_shared_secret, magic.val, sizeof(magic_t));
+	rv |= memcmp(seed + kem->length_keypair_seed, magic.val, sizeof(magic_t));
 	rv |= memcmp(public_key - sizeof(magic_t), magic.val, sizeof(magic_t));
 	rv |= memcmp(secret_key - sizeof(magic_t), magic.val, sizeof(magic_t));
 	rv |= memcmp(ciphertext - sizeof(magic_t), magic.val, sizeof(magic_t));
 	rv |= memcmp(shared_secret_e - sizeof(magic_t), magic.val, sizeof(magic_t));
 	rv |= memcmp(shared_secret_d - sizeof(magic_t), magic.val, sizeof(magic_t));
+	rv |= memcmp(seed - sizeof(magic_t), magic.val, sizeof(magic_t));
 	if (rv != 0) {
 		fprintf(stderr, "ERROR: Magic numbers do not match\n");
 		goto err;
@@ -260,6 +294,9 @@ cleanup:
 	if (ciphertext) {
 		OQS_MEM_insecure_free(ciphertext - sizeof(magic_t));
 	}
+	if (seed) {
+		OQS_MEM_secure_free(seed - sizeof(magic_t), kem->length_keypair_seed + 2 * sizeof(magic_t));
+	}
 	OQS_KEM_free(kem);
 
 	return ret;
@@ -288,7 +325,11 @@ struct thread_data {
 
 void *test_wrapper(void *arg) {
 	struct thread_data *td = arg;
-	td->rc = kem_test_correctness(td->alg_name);
+	td->rc = kem_test_correctness(td->alg_name, false);
+	if (td->rc == OQS_SUCCESS) {
+		// test derandomized operations
+		td->rc = kem_test_correctness(td->alg_name, true);
+	}
 	OQS_thread_stop();
 	return NULL;
 }
@@ -353,10 +394,18 @@ int main(int argc, char **argv) {
 		pthread_join(thread, NULL);
 		rc = td.rc;
 	} else {
-		rc = kem_test_correctness(alg_name);
+		rc = kem_test_correctness(alg_name, false);
+		if (rc == OQS_SUCCESS) {
+			// test with derandomized keygen
+			rc = kem_test_correctness(alg_name, true);
+		}
 	}
 #else
-	rc = kem_test_correctness(alg_name);
+	rc = kem_test_correctness(alg_name, false);
+	if (rc == OQS_SUCCESS) {
+		// test with derandomized keygen
+		rc = kem_test_correctness(alg_name, true);
+	}
 #endif
 	if (rc != OQS_SUCCESS) {
 		OQS_destroy();