From 50f3771fd03f9bc42eea7a744af787720115ff44 Mon Sep 17 00:00:00 2001 From: "Ganyu (Bruce) Xu" Date: Tue, 30 Sep 2025 13:05:47 -0400 Subject: [PATCH] can pass slh_dsa schemes to copy_from_upstream Signed-off-by: Ganyu (Bruce) Xu --- .../copy_from_upstream/copy_from_slh_dsa_c.py | 13 ++++++++++ .../copy_from_upstream/copy_from_upstream.py | 25 ++++++++++++++++--- 2 files changed, 35 insertions(+), 3 deletions(-) diff --git a/scripts/copy_from_upstream/copy_from_slh_dsa_c.py b/scripts/copy_from_upstream/copy_from_slh_dsa_c.py index e0c30e33c..d33280274 100644 --- a/scripts/copy_from_upstream/copy_from_slh_dsa_c.py +++ b/scripts/copy_from_upstream/copy_from_slh_dsa_c.py @@ -337,5 +337,18 @@ def main(): # apply patches apply_patches(slh_patch_dir) + # NOTE: from [issue 2203](https://github.com/open-quantum-safe/liboqs/issues/2203) + # SLH-DSA is not described in copy_from_upstream.yml. It is instead described + # here in this separate module. This makes replacing SPHINCS+ with SLH-DSA + # in list_standardized_algs.fragment non-trivial because this Jinja template + # is rendered from copy_from_upstream.yml. + # As a necessary hack, the list of variants (e.g. "pure_sha2_128s") is returned + # so that copy_from_upstream.py can use this list to construct a dictionary + # that resembles the structure of copy_from_upstream.yml. + # In the near future I want to consider refactoring build configuration + # management and upstream integration scripts. The status quo is a mess and + # will make future integrations all the more difficult. + return variants + if __name__ == "__main__": main() diff --git a/scripts/copy_from_upstream/copy_from_upstream.py b/scripts/copy_from_upstream/copy_from_upstream.py index fbf9a1c59..4fe0916d6 100755 --- a/scripts/copy_from_upstream/copy_from_upstream.py +++ b/scripts/copy_from_upstream/copy_from_upstream.py @@ -16,6 +16,7 @@ import json import platform import update_upstream_alg_docs import copy_from_slh_dsa_c +from copy import deepcopy # kats of all algs kats = {} @@ -701,12 +702,20 @@ def process_families(instructions, basedir, with_kat, with_generator, with_libja ) -def copy_from_upstream(): +def copy_from_upstream(slh_dsa_inst: dict): + """Integrate upstreams implementations and algorithms described in + copy_from_upstream.yml. + + :param slh_dsa_inst: instruction for integrating SLH-DSA, only used for + rendering alg_support.cmake + """ for t in ["kem", "sig"]: with open(os.path.join(os.environ['LIBOQS_DIR'], 'tests', 'KATs', t, 'kats.json'), 'r') as fp: kats[t] = json.load(fp) instructions = load_instructions('copy_from_upstream.yml') + patched_inst: dict = deepcopy(instructions) + patched_inst["sigs"].append(slh_dsa_instruction["sigs"][0]) process_families(instructions, os.environ['LIBOQS_DIR'], True, True) replacer('.CMake/alg_support.cmake', instructions, '#####') replacer('CMakeLists.txt', instructions, '#####') @@ -839,9 +848,19 @@ non_upstream_kems = count_non_upstream_kems(['bike', 'frodokem', 'ntruprime', 'n if args.operation == "copy": # copy_from_slh_dsa_c will modify slh_dsa.yml before copy_from_upstream modifies md files - copy_from_slh_dsa_c.main() + slh_dsa_schemes: list[str] = copy_from_slh_dsa_c.main() + slh_dsa_instruction = { + "sigs": [ + { + "name": "slh_dsa", + "schemes": { + "scheme": scheme for scheme in slh_dsa_schemes + } + } + ] + } os.chdir(os.path.join(os.environ['LIBOQS_DIR'],"scripts","copy_from_upstream")) - copy_from_upstream() + copy_from_upstream(slh_dsa_instruction) elif args.operation == "libjade": copy_from_libjade() elif args.operation == "verify":